Robustness of the Markov-chain model for cyber-attack detection

  title={Robustness of the Markov-chain model for cyber-attack detection},
  author={Nong Ye and Yebin Zhang and Connie M. Borror},
  journal={IEEE Transactions on Reliability},
Cyber-attack detection is used to identify cyber-attacks while they are acting on a computer and network system to compromise the security (e.g., availability, integrity, and confidentiality) of the system. This paper presents a cyber-attack detection technique through anomaly-detection, and discusses the robustness of the modeling technique employed. In this technique, a Markov-chain model represents a profile of computer-event transitions in a normal/usual operating condition of a computer… CONTINUE READING
Highly Cited
This paper has 203 citations. REVIEW CITATIONS

From This Paper

Figures, tables, and topics from this paper.


Publications citing this paper.
Showing 1-10 of 82 extracted citations

A multi-module anomaly detection scheme based on system call prediction

2013 IEEE 8th Conference on Industrial Electronics and Applications (ICIEA) • 2013
View 5 Excerpts
Method Support
Highly Influenced

Top-k future system call prediction based multi-module anomaly detection system

2013 6th International Congress on Image and Signal Processing (CISP) • 2013
View 3 Excerpts
Method Support
Highly Influenced

Attack-norm separation for detecting attack-induced quality problems on computers and networks

Quality and Reliability Eng. Int. • 2007
View 5 Excerpts
Highly Influenced

An introduction to cyber peacekeeping

J. Network and Computer Applications • 2018
View 1 Excerpt

One Intrusion Detection Method Based On Uniformed Conditional Dynamic Mutual Information

2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE) • 2018
View 1 Excerpt

203 Citations

Citations per Year
Semantic Scholar estimates that this publication has 203 citations based on the available data.

See our FAQ for additional information.


Publications referenced by this paper.
Showing 1-10 of 48 references

Probabilistic networks with undirected links for anomaly detection

N. Ye, Q. Zhong, M. Xu
Proc. 2000 IEEE SMC Information Assurance and Security Workshop. • 2000
View 4 Excerpts
Highly Influenced

Detecting Intrusions using System Calls: Alternative Data Models

IEEE Symposium on Security and Privacy • 1999
View 4 Excerpts
Highly Influenced

Learning Program Behavior Profiles for Intrusion Detection

Workshop on Intrusion Detection and Network Monitoring • 1999
View 4 Excerpts
Highly Influenced

EWMA techniques for detecting computer intrusions through anomalous changes in event intensity

N. Ye, Q. Chen
IEEE Trans. Rel., vol. 52, no. 1, Mar. 2004. • 2004

Decision trees for signature recognition and state classification

N. Ye, X. Li, S. M. Emran
Proc. 2000 IEEE SMC Information Assurance and Security Workshop. • 2000
View 3 Excerpts

Design and implementation of a scalable intrusion detection system for the protection of network infrastructure

Y. Jou
Proc. 2000 DARPA Information Survivability Conf. Exposition, pp. 69–83. • 2000