关键词: 入侵检测 攻击意图识别 隐马尔可夫模型 解码算法

Abstract:

Intention recognition is one of the most important approaches in handling the huge number of alerts, Althougn the Hidden Markov Models（HMM） describes complex Internet attacks well, it can not be applied directly in intention recognition because of its weak ability in distinguishing the disturbing alerts. The paper proposes a scheme to overcome the flaw. We redefine the decode problem of HMM according to the characteristics of intention recognition,and implement the decode algorithm too.

Key words: intrusion detection, intention recognition, HMM, decode algorithm