Attack Prediction using Hidden Markov Model
Shuvalaxmi Dass, Prerit Datta, Akbar Siami Namin
TL;DR
This paper introduces an HMM-based approach to predict attack types from log data, enabling proactive cybersecurity defenses by modeling attack stages with the Viterbi algorithm.
Contribution
It presents a novel application of Hidden Markov Models for attack prediction, specifically modeling attack stages from log files, which improves detection accuracy.
Findings
Successfully predicted attack stages using HMM
Demonstrated effectiveness on Action Spoofing case study
Enhanced attack detection from log data
Abstract
It is important to predict any adversarial attacks and their types to enable effective defense systems. Often it is hard to label such activities as malicious ones without adequate analytical reasoning. We propose the use of Hidden Markov Model (HMM) to predict the family of related attacks. Our proposed model is based on the observations often agglomerated in the form of log files and from the target or the victim's perspective. We have built an HMM-based prediction model and implemented our proposed approach using Viterbi algorithm, which generates a sequence of states corresponding to stages of a particular attack. As a proof of concept and also to demonstrate the performance of the model, we have conducted a case study on predicting a family of attacks called Action Spoofing.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.