共查询到20条相似文献,搜索用时 0 毫秒
1.
2.
In this paper, we consider the problem of masquerade detection, based on user-issued UNIX commands. We present a novel detection technique based on profile hidden Markov models (PHMMs). For comparison purposes, we implement an existing modeling technique based on hidden Markov models (HMMs). We compare these approaches and show that, in general, our PHMM technique is competitive with HMMs. However, the standard test data set lacks positional information. We conjecture that such positional information would give our PHMM a significant advantage over HMM-based detection. To lend credence to this conjecture, we generate a simulated data set that includes positional information. Based on this simulated data, experimental results show that our PHMM-based approach outperforms other techniques when limited training data is available. 相似文献
3.
提出了一种基于隐马尔可夫模型的入侵场景构建方法,实现自动地从大量低级的入侵检测告警信息中构建出更高层次的入侵场景的目的。为了简化处理过程,对数据流采用两次抽象描述和一次回溯处理过程完成对入侵场景的构建,在DARPA2000测试数据集上的实验表明该方法是有效的。 相似文献
4.
《Expert systems with applications》2007,32(1):97-102
The potentials of hidden Markov models (HMM) in mining free-structured information are investigated in this study. The samples under test are relating to C4ISR information derived from the contents of ‘Forecast International’, which is a web-based database containing free-structured archive of forecast reports about aerospace systems, weapon systems, and military industries. This study focuses on three C4ISR relating target terms, namely, ‘Company’, ‘System types’, and ‘cost’, for information mining analysis. The experiments are performed in two stages. In the first stage, each HMM being built is exclusively serving for one target term information extraction so as to test the HMM fundamental information extraction capability. While in the second stage, the experiment is then extended to resolve a more complex, multiple term extraction issue. The results reveal that, by using HMMs as a basis, the accuracies can all achieve more than 80% for single target term extraction, and 76% in average for multi-term extraction case. 相似文献
5.
Metamorphic computer viruses “mutate” by changing their internal structure and, consequently, different instances of the same
virus may not exhibit a common signature. With the advent of construction kits, it is easy to generate metamorphic strains
of a given virus. In contrast to standard hidden Markov models (HMMs), profile hidden Markov models (PHMMs) explicitly account
for positional information. In principle, this positional information could yield stronger models for virus detection. However,
there are many practical difficulties that arise when using PHMMs, as compared to standard HMMs. PHMMs are widely used in
bioinformatics. For example, PHMMs are the most effective tool yet developed for finding family related DNA sequences. In
this paper, we consider the utility of PHMMs for detecting metamorphic virus variants generated from virus construction kits.
PHMMs are generated for each construction kit under consideration and the resulting models are used to score virus and non-virus
files. Our results are encouraging, but several problems must be resolved for the technique to be truly practical. 相似文献
6.
7.
在基于隐马尔可夫模型的网络安全实时风险评估中,状态转移概率矩阵的确定是关键一步,目前基本上都是依据经验给出,具有很大主观性,不能客观反映网络安全的风险状况.为此,引入了攻击难度系数的概念,通过对数据集的统计学习,给出了状态转移概率矩阵.此外,通过对威胁进行分类,根据各类威胁的影响,给出了相应的权重.实验结果表明,该方法使得网络安全实时风险评估更加客观,为网络安全的风险管理提供了决策支持. 相似文献
8.
9.
Michał Cholewa Piotr Gawron Przemysław Głomb Dariusz Kurzyk 《Quantum Information Processing》2017,16(4):101
In this work, we extend the idea of quantum Markov chains (Gudder in J Math Phys 49(7):072105 [3]) in order to propose quantum hidden Markov models (QHMMs). For that, we use the notions of transition operation matrices and vector states, which are an extension of classical stochastic matrices and probability distributions. Our main result is the Mealy QHMM formulation and proofs of algorithms needed for application of this model: Forward for general case and Vitterbi for a restricted class of QHMMs. We show the relations of the proposed model to other quantum HMM propositions and present an example of application. 相似文献
10.
11.
针对现有基于隐马尔可夫模型(HMM)的语音激活检测(VAD)算法对噪声的跟踪性能不佳的问题,提出采用Baum-Welch算法对具有不同特性的噪声进行训练,并生成相应噪声模型,建立噪声库的方法。在语音激活检测时,根据待测语音背景噪声的不同,动态地匹配噪声库中的噪声模型;同时,为了适应语音信号的实时处理,降低了语音参数提取的复杂度,并对判决阈值提出改进,以保证语音信号帧间的相关性。在不同噪声环境下对改进算法进行性能测试并与自适应多速率编码(AMR)标准、国际电信联盟电信标准分局(ITU-T)的G.729B标准比较,测试结果表明,改进算法在实时语音信号处理中能够有效提高检测的准确率及噪声跟踪能力。 相似文献
12.
视频技术的广泛应用带来海量的视频数据,仅依靠人力对监控视频中的异常进行检测是不太可能的。异常行为的自动化检测在公共安全等领域的地位极其重要。提出一种综合考虑目标特性和时空上下文的异常检测方法,该方法利用光流纹理图描述移动物体的刚性特征,建立基于隐马尔可夫模型HMM的时间上下文异常检测模型。在此基础上,提取异常目标的Radon特征,以支持向量机SVM的异常预分类结果为基础,通过HMM建立异常场景的空间上下文分类模型。该模型在公共数据集UCSD PED2上进行了实验验证,结果表明,本算法不仅在异常检测方面优于已有算法,而且还能给出异常分类。 相似文献
13.
14.
Private predictions on hidden Markov models 总被引:1,自引:0,他引:1
Huseyin Polat Wenliang Du Sahin Renckes Yusuf Oysal 《Artificial Intelligence Review》2010,34(1):53-72
Hidden Markov models (HMMs) are widely used in practice to make predictions. They are becoming increasingly popular models as part of prediction systems in finance, marketing, bio-informatics, speech recognition, signal processing, and so on. However, traditional HMMs do not allow people and model owners to generate predictions without disclosing their private information to each other. To address the increasing needs for privacy, this work identifies and studies the private prediction problem; it is demonstrated with the following scenario: Bob has a private HMM, while Alice has a private input; and she wants to use Bob’s model to make a prediction based on her input. However, Alice does not want to disclose her private input to Bob, while Bob wants to prevent Alice from deriving information about his model. How can Alice and Bob perform HMMs-based predictions without violating their privacy? We propose privacy-preserving protocols to produce predictions on HMMs without greatly exposing Bob’s and Alice’s privacy. We then analyze our schemes in terms of accuracy, privacy, and performance. Since they are conflicting goals, due to privacy concerns, it is expected that accuracy or performance might degrade. However, our schemes make it possible for Bob and Alice to produce the same predictions efficiently while preserving their privacy. 相似文献
15.
Accurate detection of the boundaries of a speech utterance during a recording interval has been shown to be crucial for reliable and robust automatic speech recognition. The endpoint detection problem is fairly straightforward for high-level speech signals spoken in low-level stationary noise environments (e.g. signal-to-noise ratios greater than 30 dB). However, these ideal conditions do not always exist. One example, where reliable word detection is difficult, is speech spoken in a mobile environment. Because of road, tire, fan noises, etc. detection of speech often becomes problematic.Currently, most endpoint detection algorithms use only signal energy and duration information to perform the endpoint detection task. These algorithms perform quite well with reasonable signal-to-noise ratios. However, under the harshest of conditions (e.g. in a car travelling at 60 mph with the fan on high) these algorithms begin to fail.In this paper, an endpoint detection algorithm is presented which is based on hidden Markov model (HMM) technology. The algorithm explicitly determines a set of speech endpoints based on the output of a Viterbi decoding algorithm. This algorithm was tested using a template-based speech recognition system and also using an HMM based system.Based on a speaker dependent speech database from four talkers, recorded in a mobile environment under five different driving conditions (including traveling at 60 mph with the fan on), we tested several endpoint detection schemes. The results showed that, under some conditions, the HMM-based approach to endpoint detection performed significantly better than the energy-based system. The overall accuracy of the system using the HMM endpoint detector, when trained with clean inputs and when tested on the 11 word digits vocabulary (zero through nine and oh) with speech recorded in various mobile environments, was 99.7%. The equivalent accuracy of the energy based endpoint detector was 95.2% in a template based recognizer. 相似文献
16.
The task of using Markov chains to develop a statistical behavioral model of a DS user to detect abnormal activity is described.
In order to verify the assumption about the possibility of using this method in electronic health records, a program system
was developed. The experiments with the system showed that the approach in question could be efficiently applied in abnormal
action detection, for example, in data systems handling sensitive information. 相似文献
17.
提出了一种基于隐马尔可夫模型的内部威胁检测方法.针对隐马尔可夫模型评估问题的解法在实际应用中存在利用滑动窗口将观测事件序列经过放大处理导致误报率偏高的缺陷,在Windows平台上设计并实现了一个基于系统调用的内部威胁检测原型系统,利用截获Windows Native API的方法,通过程序行为的正常轮廓库来检测程序异常行为模式.实验结果表明,新方法以程序的内在运行状态作为处理对象,正常轮廓库较小,克服了传统评估方法因P(O|λ)值太小而无法有效区分正常与异常的问题,检测性能更好. 相似文献
18.
针对社区结构发现问题,提出了一种基于隐马尔可夫随机场社区发现算法.该方法将网络中的顶点度数映射为顶点信息值,用马尔可夫随机场模型描述网络中上下文信息并构造系统能量函数,使用迭代条件模式算法对能量方程进行优化.该方法在Zachary空手道俱乐部网络、海豚关系网络以及美国大学足球联赛网络上进行验证,实验结果表明,该算法的准确率较高. 相似文献
19.
In this paper we study ergodic properties of hidden Markov models with a generalized observation structure. In particular
sufficient conditions for the existence of a unique invariant measure for the pair filter-observation are given. Furthermore,
necessary and sufficient conditions for the existence of a unique invariant measure of the triple state-observation-filter
are provided in terms of asymptotic stability in probability of incorrectly initialized filters. We also study the asymptotic
properties of the filter and of the state estimator based on the observations as well as on the knowledge of the initial state.
Their connection with minimal and maximal invariant measures is also studied.
Work partially supported by grants MIUR-PRIN 2001, PBZ KBN 016/P03/99 and IMPAN-BC Centre of Excellence 相似文献