Research on Prediction of Attack Behavior Based on HMM

Compound attacks have become the most threatening form of network attacks. Intrusion detection systems can detect attacks but cannot predict attacks. In order to more accurately reflect the network security situation, this paper analyzes the shortcomings of traditional attack prediction algorithms, and proposes to establish a hidden Markov model based on the change of the host's security status with the change of the observation sequence. The Baum-Welch algorithm is used to optimize the configuration parameters of the evaluation model. Quantitative analysis is used to obtain the security situation of the entire network, and the parameters of the HMM model are optimized to make the calculation of the predicted attack probability more accurate and reduce the frequency of false alarms. In the experimental test based on real data, the feasibility of this method is verified.