WORKLOAD HIDDEN MARKOV MODEL FOR ANOMALY DETECTION | Zendy

Juan Manuel García-Samaniego | Zendy; Tomás Navarrete | Zendy; Carlos Ismael Orozco | Zendy

AI Assistant Blog Pricing

Home ZAIA Blog

Open Access

WORKLOAD HIDDEN MARKOV MODEL FOR ANOMALY DETECTION

Author(s) -

Juan Manuel García-Samaniego,

Tomás Navarrete,

Carlos Ismael Orozco

Publication year - 2006

Language(s) - English

Resource type - Conference proceedings

DOI - 10.5220/0002099700560060

Subject(s) - hidden markov model , workload , computer science , anomaly detection , construct (python library) , anomaly (physics) , sequence (biology) , markov model , data mining , artificial intelligence , markov chain , real time computing , machine learning , operating system , computer network , physics , condensed matter physics , genetics , biology

We present an approach to anomaly detection based on the construction of a Hidden Markov Model trained on processor workload data. Based on processor load measurements, a HMM is constructed as a model of the system normal behavior. Any observed sequence of processor load measurements that is unlikely generated by the HMM is then considered as an anomaly. We test our approach taking real data of a mail server processor load to construct a HMM and then we test it under several experimental conditions including a simulated DoS attacks. We show some evidence suggesting that this method could be successful to detect attacks or misuse that directly affects processor performance.

The content you want is available to Zendy users.

Already have an account? Click here to sign in.

Having issues? You can contact us here

Accelerating Research