{"id":"https://openalex.org/W2755588949","doi":"https://doi.org/10.1109/tdsc.2017.2751478","title":"Real-Time Multistep Attack Prediction Based on Hidden Markov Models","display_name":"Real-Time Multistep Attack Prediction Based on Hidden Markov Models","publication_year":2017,"publication_date":"2017-09-12","ids":{"openalex":"https://openalex.org/W2755588949","doi":"https://doi.org/10.1109/tdsc.2017.2751478","mag":"2755588949"},"language":"en","primary_location":{"id":"doi:10.1109/tdsc.2017.2751478","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tdsc.2017.2751478","pdf_url":null,"source":{"id":"https://openalex.org/S133795288","display_name":"IEEE Transactions on Dependable and Secure Computing","issn_l":"1545-5971","issn":["1545-5971","1941-0018","2160-9209"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Dependable and Secure Computing","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5069772740","display_name":"Pilar Holgado","orcid":"https://orcid.org/0000-0003-4458-1700"},"institutions":[{"id":"https://openalex.org/I88060688","display_name":"Universidad Polit\u00e9cnica de Madrid","ror":"https://ror.org/03n6nwv02","country_code":"ES","type":"education","lineage":["https://openalex.org/I88060688"]}],"countries":["ES"],"is_corresponding":true,"raw_author_name":"Pilar Holgado","raw_affiliation_strings":["Departamento de Ingenier\u00eda y Sistemas Telem\u00e1ticos, Universidad Polit\u00e9cnica de Madrid Avenida Complutense, 30, Madrid, Spain"],"affiliations":[{"raw_affiliation_string":"Departamento de Ingenier\u00eda y Sistemas Telem\u00e1ticos, Universidad Polit\u00e9cnica de Madrid Avenida Complutense, 30, Madrid, Spain","institution_ids":["https://openalex.org/I88060688"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5077775930","display_name":"V\u00edctor A. Villagr\u00e1","orcid":"https://orcid.org/0000-0002-7067-6968"},"institutions":[{"id":"https://openalex.org/I88060688","display_name":"Universidad Polit\u00e9cnica de Madrid","ror":"https://ror.org/03n6nwv02","country_code":"ES","type":"education","lineage":["https://openalex.org/I88060688"]}],"countries":["ES"],"is_corresponding":false,"raw_author_name":"Victor A. Villagra","raw_affiliation_strings":["Departamento de Ingenier\u00eda y Sistemas Telem\u00e1ticos, Universidad Polit\u00e9cnica de Madrid, Madrid, Spain"],"affiliations":[{"raw_affiliation_string":"Departamento de Ingenier\u00eda y Sistemas Telem\u00e1ticos, Universidad Polit\u00e9cnica de Madrid, Madrid, Spain","institution_ids":["https://openalex.org/I88060688"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5009324749","display_name":"Luis\u2010Bernardo V\u00e1zquez","orcid":"https://orcid.org/0000-0002-1673-2455"},"institutions":[{"id":"https://openalex.org/I88060688","display_name":"Universidad Polit\u00e9cnica de Madrid","ror":"https://ror.org/03n6nwv02","country_code":"ES","type":"education","lineage":["https://openalex.org/I88060688"]}],"countries":["ES"],"is_corresponding":false,"raw_author_name":"Luis Vazquez","raw_affiliation_strings":["Departamento de Ingenier\u00eda y Sistemas Telem\u00e1ticos, Universidad Polit\u00e9cnica de Madrid, Madrid, Spain"],"affiliations":[{"raw_affiliation_string":"Departamento de Ingenier\u00eda y Sistemas Telem\u00e1ticos, Universidad Polit\u00e9cnica de Madrid, Madrid, Spain","institution_ids":["https://openalex.org/I88060688"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5069772740"],"corresponding_institution_ids":["https://openalex.org/I88060688"],"apc_list":null,"apc_paid":null,"fwci":8.3199,"has_fulltext":false,"cited_by_count":119,"citation_normalized_percentile":{"value":0.97867716,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":96,"max":100},"biblio":{"volume":"17","issue":"1","first_page":"134","last_page":"147"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9962999820709229,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9948999881744385,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8720687627792358},{"id":"https://openalex.org/keywords/overfitting","display_name":"Overfitting","score":0.8049031496047974},{"id":"https://openalex.org/keywords/hidden-markov-model","display_name":"Hidden Markov model","score":0.6912810206413269},{"id":"https://openalex.org/keywords/viterbi-algorithm","display_name":"Viterbi algorithm","score":0.6358376145362854},{"id":"https://openalex.org/keywords/denial-of-service-attack","display_name":"Denial-of-service attack","score":0.46293726563453674},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.4432019591331482},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.44310900568962097},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.3932769298553467},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.2547493577003479},{"id":"https://openalex.org/keywords/artificial-neural-network","display_name":"Artificial neural network","score":0.1883191466331482}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8720687627792358},{"id":"https://openalex.org/C22019652","wikidata":"https://www.wikidata.org/wiki/Q331309","display_name":"Overfitting","level":3,"score":0.8049031496047974},{"id":"https://openalex.org/C23224414","wikidata":"https://www.wikidata.org/wiki/Q176769","display_name":"Hidden Markov model","level":2,"score":0.6912810206413269},{"id":"https://openalex.org/C60582962","wikidata":"https://www.wikidata.org/wiki/Q83886","display_name":"Viterbi algorithm","level":3,"score":0.6358376145362854},{"id":"https://openalex.org/C38822068","wikidata":"https://www.wikidata.org/wiki/Q131406","display_name":"Denial-of-service attack","level":3,"score":0.46293726563453674},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.4432019591331482},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.44310900568962097},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.3932769298553467},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.2547493577003479},{"id":"https://openalex.org/C50644808","wikidata":"https://www.wikidata.org/wiki/Q192776","display_name":"Artificial neural network","level":2,"score":0.1883191466331482},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/tdsc.2017.2751478","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tdsc.2017.2751478","pdf_url":null,"source":{"id":"https://openalex.org/S133795288","display_name":"IEEE Transactions on Dependable and Secure Computing","issn_l":"1545-5971","issn":["1545-5971","1941-0018","2160-9209"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Dependable and Secure Computing","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.4699999988079071,"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[{"id":"https://openalex.org/F4320320300","display_name":"European Commission","ror":"https://ror.org/00k4n6c32"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":32,"referenced_works":["https://openalex.org/W1488572689","https://openalex.org/W1495304983","https://openalex.org/W1577117059","https://openalex.org/W1594026167","https://openalex.org/W1973240709","https://openalex.org/W1983631181","https://openalex.org/W2010685537","https://openalex.org/W2028698981","https://openalex.org/W2049633694","https://openalex.org/W2058685147","https://openalex.org/W2058711915","https://openalex.org/W2075978670","https://openalex.org/W2084289603","https://openalex.org/W2109766389","https://openalex.org/W2113656103","https://openalex.org/W2120839938","https://openalex.org/W2125838338","https://openalex.org/W2131875370","https://openalex.org/W2140140369","https://openalex.org/W2142384583","https://openalex.org/W2152668193","https://openalex.org/W2153331007","https://openalex.org/W2163277533","https://openalex.org/W2166657964","https://openalex.org/W2171924504","https://openalex.org/W2281977972","https://openalex.org/W2379726672","https://openalex.org/W4282975758","https://openalex.org/W6634531175","https://openalex.org/W6646396277","https://openalex.org/W6684679328","https://openalex.org/W6695260004"],"related_works":["https://openalex.org/W2136652457","https://openalex.org/W2169849734","https://openalex.org/W2116722627","https://openalex.org/W2129150969","https://openalex.org/W2236912844","https://openalex.org/W1975869217","https://openalex.org/W2401728283","https://openalex.org/W2383829109","https://openalex.org/W2379938888","https://openalex.org/W2386035178"],"abstract_inverted_index":{"A":[0],"novel":[1],"method":[2,87,188],"based":[3,60,125],"on":[4,61,126],"the":[5,20,45,72,89,108,117,121,127,134,140,149,155,165,202],"Hidden":[6],"Markov":[7],"Model":[8],"is":[9,99,110,171,178,189],"proposed":[10,187],"to":[11,40,93,161,205],"predict":[12],"multistep":[13,41,135],"attacks":[14,42],"using":[15,84,101,139,196],"IDS":[16,73],"alerts.":[17],"We":[18],"consider":[19],"hidden":[21],"states":[22],"as":[23],"similar":[24],"phases":[25,175],"of":[26,30,48,133,152,157],"a":[27,33,55,77,85,179,192],"particular":[28],"type":[29],"attack.":[31],"As":[32],"result,":[34],"it":[35,177],"can":[36],"be":[37,64],"easily":[38],"adapted":[39],"and":[43,104,112,142,154],"foresee":[44],"next":[46],"steps":[47],"an":[49],"attacker.":[50],"To":[51],"achieve":[52],"this":[53,82],"goal,":[54],"preliminary":[56],"off-line":[57],"training":[58,97,109,146],"phase":[59],"observations":[62,67],"will":[63],"required.":[65],"These":[66],"are":[68,115],"obtained":[69],"by":[70],"matching":[71],"alert":[74],"information":[75],"with":[76],"database":[78,92],"previously":[79],"built":[80],"for":[81,130,173],"purpose":[83],"clusterization":[86],"from":[88],"CVE":[90],"global":[91],"avoid":[94],"overfitting.":[95],"The":[96,145,169,186,199],"model":[98,147,170],"performed":[100],"both":[102],"unsupervised":[103],"supervised":[105],"algorithms.":[106,144],"Once":[107],"completed":[111],"probability":[113,129],"matrices":[114],"computed,":[116],"prediction":[118],"module":[119],"compute":[120],"best":[122],"state":[123,128],"sequence":[124],"each":[131],"step":[132],"attack":[136,167],"in":[137,159,163,182],"progress":[138,160],"Viterbi":[141],"forward-backward":[143],"includes":[148],"mean":[150],"number":[151,156],"alerts":[153,158],"assist":[162],"obtaining":[164],"final":[166],"probability.":[168],"analyzed":[172],"DDoS":[174,194],"because":[176],"great":[180],"problem":[181],"all":[183],"Internet":[184],"services.":[185],"validated":[190],"into":[191],"virtual":[193],"scenario":[195],"current":[197],"vulnerabilities.":[198],"results":[200],"proving":[201],"system's":[203],"ability":[204],"perform":[206],"real-time":[207],"prediction.":[208]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":9},{"year":2024,"cited_by_count":15},{"year":2023,"cited_by_count":16},{"year":2022,"cited_by_count":23},{"year":2021,"cited_by_count":17},{"year":2020,"cited_by_count":20},{"year":2019,"cited_by_count":8},{"year":2018,"cited_by_count":10}],"updated_date":"2026-03-27T14:29:43.386196","created_date":"2025-10-10T00:00:00"}