OPTIMISATION OF HIDDEN MARKOV MODEL FOR DISTRIBUTED DENIAL OF SERVICE ATTACK PREDICTION USING VARIATI ONAL BAYESIAN
Abstract
Distributed Denial of Service (DDoS), is a coordinated attack that is majorly carried out on a massive scale against the availability of services property of a target system or network resources. Due to the continuous evolution of new attacks and ever-increasing number of vulnerable hosts on the Internet, several DDoS attack detection, prevention or prediction techniques have been proposed. Some of these techniques have shortcomings such as high false positive rate, high computational time, low prediction precision and so on. In order to overcome these shortcomings, researches are being carried out to improve on the existing systems. This paper, which is one of such efforts to improve on the performance of existing DDoS attack prediction methods, presents a novel learning method based on Variational Bayesian (VB) algorithms to obtain an Hidden Markov Model (HMM) with optimized number of states in the HMMs and its model parameters for DDoS attack prediction. This method not only overcomes the shortcomings of the slow convergence speed of the HMM approach, but it also avoids the problem of overfitting the model structure by removing excess transition and emission processes. From the experiments with the DARPA 2000 intrusion specific datasets, this method is able to find the optimal topology in every case. The experiments show that the VB-HMM approach has a better average precision rate than the HMM trained by the Baum-Welch method. This shows that the VB-HMM method is better optimized than the HMM trained by the Baum-Welch method.