A Hidden Markov Model Combined With Markov Games for Intrusion Detection in Cloud

Abstract

Cloud computing has evolved as a new paradigm for management of an infrastructure and gained ample consideration in both industrial and academic area of research. A hidden Markov model (HMM) combined with Markov games can give a solution that may act as a countermeasure for many cyber security threats and malicious intrusions in a network or in a cloud. A HMM can be trained by using training sequences that may be obtained by analyzing the file traces of packet analyzer like Wireshark network analyzer. In this article, the authors have proposed a model in which HMM can be build using a set of training examples that are obtained by using a network analyzer (i.e., Wireshark). As it is not an intrusion detection system, the obtained file traces may be used as training examples to test a HMM model. It also predicts a probability value for each tested sequence and states if sequence is anomalous or not. A numerical example is also shown in this article that calculates the most optimal sequence of observations for both HMM and state sequence probabilities in case a HMM model is already given.