JOURNAL OF SOFTWARE (JSW)
ISSN : 1796-217X
Volume : 2    Issue : 6    Date : December 2007

Learning Problem and BCJR Decoding Algorithm in Anomaly-based Intrusion Detection Systems
Veselina G. Jecheva and  Evgeniya P. Nikolova
Page(s): 42-52
Full Text:
PDF (580 KB)


Abstract
The anomaly-based intrusion detection systems examine current system activity do find deviations
from normal system activity. The present paper proposes a method for normal activity description
using the Hidden Markov Models (HMM), which is tuned up using the gradient based method. The
obtained model is utilized as a baseline, depicting the normal system activity. The main purpose is
to distinguish the normal traces of user activity from abnormal ones using the BCJR decoding
algorithm. Some results from the conducted simulation experiments are introduced as well.

Index Terms
intrusion detection, anomaly-based intrusion detection, learning problem, Hidden Markov Model,
BCJR decoding algorithm.