{"id":"https://openalex.org/W4224218212","doi":"https://doi.org/10.3390/s22082874","title":"Multi-Step Attack Detection Based on Pre-Trained Hidden Markov Models","display_name":"Multi-Step Attack Detection Based on Pre-Trained Hidden Markov Models","publication_year":2022,"publication_date":"2022-04-08","ids":{"openalex":"https://openalex.org/W4224218212","doi":"https://doi.org/10.3390/s22082874","pmid":"https://pubmed.ncbi.nlm.nih.gov/35458857"},"language":"en","primary_location":{"id":"doi:10.3390/s22082874","is_oa":true,"landing_page_url":"https://doi.org/10.3390/s22082874","pdf_url":"https://www.mdpi.com/1424-8220/22/8/2874/pdf?version=1649640794","source":{"id":"https://openalex.org/S101949793","display_name":"Sensors","issn_l":"1424-8220","issn":["1424-8220"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Sensors","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj","pubmed"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://www.mdpi.com/1424-8220/22/8/2874/pdf?version=1649640794","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5100437208","display_name":"Xu Zhang","orcid":"https://orcid.org/0000-0002-1882-736X"},"institutions":[{"id":"https://openalex.org/I50760025","display_name":"Hangzhou Dianzi University","ror":"https://ror.org/0576gt767","country_code":"CN","type":"education","lineage":["https://openalex.org/I50760025"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Xu Zhang","raw_affiliation_strings":["School of Cyberspace Security, Hangzhou Dianzi University, Hangzhou 310018, China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"School of Cyberspace Security, Hangzhou Dianzi University, Hangzhou 310018, China","institution_ids":["https://openalex.org/I50760025"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5058850746","display_name":"Ting Wu","orcid":"https://orcid.org/0000-0001-5102-1934"},"institutions":[{"id":"https://openalex.org/I50760025","display_name":"Hangzhou Dianzi University","ror":"https://ror.org/0576gt767","country_code":"CN","type":"education","lineage":["https://openalex.org/I50760025"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Ting Wu","raw_affiliation_strings":["School of Cyberspace Security, Hangzhou Dianzi University, Hangzhou 310018, China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"School of Cyberspace Security, Hangzhou Dianzi University, Hangzhou 310018, China","institution_ids":["https://openalex.org/I50760025"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5014011551","display_name":"Qiuhua Zheng","orcid":null},"institutions":[{"id":"https://openalex.org/I50760025","display_name":"Hangzhou Dianzi University","ror":"https://ror.org/0576gt767","country_code":"CN","type":"education","lineage":["https://openalex.org/I50760025"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Qiuhua Zheng","raw_affiliation_strings":["School of Cyberspace Security, Hangzhou Dianzi University, Hangzhou 310018, China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"School of Cyberspace Security, Hangzhou Dianzi University, Hangzhou 310018, China","institution_ids":["https://openalex.org/I50760025"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5108368394","display_name":"Liang Zhai","orcid":null},"institutions":[{"id":"https://openalex.org/I50760025","display_name":"Hangzhou Dianzi University","ror":"https://ror.org/0576gt767","country_code":"CN","type":"education","lineage":["https://openalex.org/I50760025"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Liang Zhai","raw_affiliation_strings":["School of Cyberspace Security, Hangzhou Dianzi University, Hangzhou 310018, China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"School of Cyberspace Security, Hangzhou Dianzi University, Hangzhou 310018, China","institution_ids":["https://openalex.org/I50760025"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5081007229","display_name":"Haizhong Hu","orcid":null},"institutions":[{"id":"https://openalex.org/I50760025","display_name":"Hangzhou Dianzi University","ror":"https://ror.org/0576gt767","country_code":"CN","type":"education","lineage":["https://openalex.org/I50760025"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Haizhong Hu","raw_affiliation_strings":["School of Cyberspace Security, Hangzhou Dianzi University, Hangzhou 310018, China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"School of Cyberspace Security, Hangzhou Dianzi University, Hangzhou 310018, China","institution_ids":["https://openalex.org/I50760025"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100562796","display_name":"Weihao Yin","orcid":"https://orcid.org/0009-0000-7412-2025"},"institutions":[{"id":"https://openalex.org/I50760025","display_name":"Hangzhou Dianzi University","ror":"https://ror.org/0576gt767","country_code":"CN","type":"education","lineage":["https://openalex.org/I50760025"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Weihao Yin","raw_affiliation_strings":["School of Cyberspace Security, Hangzhou Dianzi University, Hangzhou 310018, China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"School of Cyberspace Security, Hangzhou Dianzi University, Hangzhou 310018, China","institution_ids":["https://openalex.org/I50760025"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5072745218","display_name":"Yingpei Zeng","orcid":"https://orcid.org/0000-0002-6294-4889"},"institutions":[{"id":"https://openalex.org/I50760025","display_name":"Hangzhou Dianzi University","ror":"https://ror.org/0576gt767","country_code":"CN","type":"education","lineage":["https://openalex.org/I50760025"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yingpei Zeng","raw_affiliation_strings":["School of Cyberspace Security, Hangzhou Dianzi University, Hangzhou 310018, China"],"raw_orcid":"https://orcid.org/0000-0002-6294-4889","affiliations":[{"raw_affiliation_string":"School of Cyberspace Security, Hangzhou Dianzi University, Hangzhou 310018, China","institution_ids":["https://openalex.org/I50760025"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5006073604","display_name":"Cheng Chuanhui","orcid":null},"institutions":[{"id":"https://openalex.org/I158934434","display_name":"Zhongnan University of Economics and Law","ror":"https://ror.org/04yqxxq63","country_code":"CN","type":"education","lineage":["https://openalex.org/I158934434"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Chuanhui Cheng","raw_affiliation_strings":["School of Information and Safety Engineering, Zhongnan University of Economics and Law, Wuhan 545001, China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"School of Information and Safety Engineering, Zhongnan University of Economics and Law, Wuhan 545001, China","institution_ids":["https://openalex.org/I158934434"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":8,"corresponding_author_ids":["https://openalex.org/A5014011551"],"corresponding_institution_ids":["https://openalex.org/I50760025"],"apc_list":{"value":2400,"currency":"CHF","value_usd":2598},"apc_paid":{"value":2400,"currency":"CHF","value_usd":2598},"fwci":2.1384,"has_fulltext":true,"cited_by_count":16,"citation_normalized_percentile":{"value":0.87410057,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":96,"max":98},"biblio":{"volume":"22","issue":"8","first_page":"2874","last_page":"2874"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9959999918937683,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9901000261306763,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/hidden-markov-model","display_name":"Hidden Markov model","score":0.6987012028694153},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.5513720512390137},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.4760018289089203},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.431309312582016},{"id":"https://openalex.org/keywords/markov-model","display_name":"Markov model","score":0.415321409702301},{"id":"https://openalex.org/keywords/pattern-recognition","display_name":"Pattern recognition (psychology)","score":0.39989107847213745},{"id":"https://openalex.org/keywords/markov-chain","display_name":"Markov chain","score":0.3692660331726074},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.33290570974349976}],"concepts":[{"id":"https://openalex.org/C23224414","wikidata":"https://www.wikidata.org/wiki/Q176769","display_name":"Hidden Markov model","level":2,"score":0.6987012028694153},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5513720512390137},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.4760018289089203},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.431309312582016},{"id":"https://openalex.org/C163836022","wikidata":"https://www.wikidata.org/wiki/Q6771326","display_name":"Markov model","level":3,"score":0.415321409702301},{"id":"https://openalex.org/C153180895","wikidata":"https://www.wikidata.org/wiki/Q7148389","display_name":"Pattern recognition (psychology)","level":2,"score":0.39989107847213745},{"id":"https://openalex.org/C98763669","wikidata":"https://www.wikidata.org/wiki/Q176645","display_name":"Markov chain","level":2,"score":0.3692660331726074},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.33290570974349976}],"mesh":[{"descriptor_ui":"D000465","descriptor_name":"Algorithms","qualifier_ui":null,"qualifier_name":null,"is_major_topic":true},{"descriptor_ui":"D000465","descriptor_name":"Algorithms","qualifier_ui":null,"qualifier_name":null,"is_major_topic":true},{"descriptor_ui":"D000465","descriptor_name":"Algorithms","qualifier_ui":null,"qualifier_name":null,"is_major_topic":true},{"descriptor_ui":"D008390","descriptor_name":"Markov Chains","qualifier_ui":null,"qualifier_name":null,"is_major_topic":false},{"descriptor_ui":"D008390","descriptor_name":"Markov Chains","qualifier_ui":null,"qualifier_name":null,"is_major_topic":false},{"descriptor_ui":"D008390","descriptor_name":"Markov Chains","qualifier_ui":null,"qualifier_name":null,"is_major_topic":false},{"descriptor_ui":"D011336","descriptor_name":"Probability","qualifier_ui":null,"qualifier_name":null,"is_major_topic":false},{"descriptor_ui":"D011336","descriptor_name":"Probability","qualifier_ui":null,"qualifier_name":null,"is_major_topic":false},{"descriptor_ui":"D011336","descriptor_name":"Probability","qualifier_ui":null,"qualifier_name":null,"is_major_topic":false}],"locations_count":5,"locations":[{"id":"doi:10.3390/s22082874","is_oa":true,"landing_page_url":"https://doi.org/10.3390/s22082874","pdf_url":"https://www.mdpi.com/1424-8220/22/8/2874/pdf?version=1649640794","source":{"id":"https://openalex.org/S101949793","display_name":"Sensors","issn_l":"1424-8220","issn":["1424-8220"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Sensors","raw_type":"journal-article"},{"id":"pmid:35458857","is_oa":false,"landing_page_url":"https://pubmed.ncbi.nlm.nih.gov/35458857","pdf_url":null,"source":{"id":"https://openalex.org/S4306525036","display_name":"PubMed","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I1299303238","host_organization_name":"National Institutes of Health","host_organization_lineage":["https://openalex.org/I1299303238"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Sensors (Basel, Switzerland)","raw_type":null},{"id":"pmh:oai:doaj.org/article:6dfd8662623946ab8dc29c415be4ae1a","is_oa":true,"landing_page_url":"https://doaj.org/article/6dfd8662623946ab8dc29c415be4ae1a","pdf_url":null,"source":{"id":"https://openalex.org/S4306401280","display_name":"DOAJ (DOAJ: Directory of Open Access Journals)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Sensors, Vol 22, Iss 8, p 2874 (2022)","raw_type":"article"},{"id":"pmh:oai:mdpi.com:/1424-8220/22/8/2874/","is_oa":true,"landing_page_url":"https://dx.doi.org/10.3390/s22082874","pdf_url":null,"source":{"id":"https://openalex.org/S4306400947","display_name":"MDPI (MDPI AG)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4210097602","host_organization_name":"Multidisciplinary Digital Publishing Institute (Switzerland)","host_organization_lineage":["https://openalex.org/I4210097602"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Sensors; Volume 22; Issue 8; Pages: 2874","raw_type":"Text"},{"id":"pmh:oai:pubmedcentral.nih.gov:9026394","is_oa":true,"landing_page_url":"https://www.ncbi.nlm.nih.gov/pmc/articles/9026394","pdf_url":null,"source":{"id":"https://openalex.org/S2764455111","display_name":"PubMed Central","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I1299303238","host_organization_name":"National Institutes of Health","host_organization_lineage":["https://openalex.org/I1299303238"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Sensors (Basel)","raw_type":"Text"}],"best_oa_location":{"id":"doi:10.3390/s22082874","is_oa":true,"landing_page_url":"https://doi.org/10.3390/s22082874","pdf_url":"https://www.mdpi.com/1424-8220/22/8/2874/pdf?version=1649640794","source":{"id":"https://openalex.org/S101949793","display_name":"Sensors","issn_l":"1424-8220","issn":["1424-8220"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Sensors","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G5584456185","display_name":null,"funder_award_id":"2020C01078","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G6570456789","display_name":null,"funder_award_id":"2019C01012","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G813987706","display_name":null,"funder_award_id":"61902098","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"}],"funders":[{"id":"https://openalex.org/F4320321001","display_name":"National Natural Science Foundation of China","ror":"https://ror.org/01h0zpd94"}],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4224218212.pdf","grobid_xml":"https://content.openalex.org/works/W4224218212.grobid-xml"},"referenced_works_count":29,"referenced_works":["https://openalex.org/W109441098","https://openalex.org/W1486632395","https://openalex.org/W1917220963","https://openalex.org/W1975869217","https://openalex.org/W2031163547","https://openalex.org/W2068518386","https://openalex.org/W2102941975","https://openalex.org/W2125838338","https://openalex.org/W2167285541","https://openalex.org/W2171797753","https://openalex.org/W2246402135","https://openalex.org/W2755588949","https://openalex.org/W2792581684","https://openalex.org/W2807228625","https://openalex.org/W2818789173","https://openalex.org/W2956765062","https://openalex.org/W2959653735","https://openalex.org/W2982379385","https://openalex.org/W3044356985","https://openalex.org/W3044462962","https://openalex.org/W3102394524","https://openalex.org/W3119101352","https://openalex.org/W3133138345","https://openalex.org/W3188912055","https://openalex.org/W4246495001","https://openalex.org/W6604511647","https://openalex.org/W6628849183","https://openalex.org/W6644007889","https://openalex.org/W6769671350"],"related_works":["https://openalex.org/W1510894296","https://openalex.org/W2134386692","https://openalex.org/W2082284720","https://openalex.org/W2084326697","https://openalex.org/W2194396582","https://openalex.org/W2027903142","https://openalex.org/W2116722627","https://openalex.org/W2354322608","https://openalex.org/W2379938888","https://openalex.org/W2804608325"],"abstract_inverted_index":{"Currently,":[0],"hidden":[1,171,198],"Markov-based":[2],"multi-step":[3,78,173,200],"attack":[4,79,93,109,125,137,174,201],"detection":[5,63,80,175,187,202],"models":[6,81],"are":[7],"mainly":[8],"trained":[9],"using":[10,153],"the":[11,21,41,50,55,62,66,84,91,99,108,117,120,130,140,148,154,170,181,190],"unsupervised":[12],"Baum-Welch":[13,16],"algorithm.":[14],"The":[15,95,145,165],"algorithm":[17],"is":[18,127,151],"sensitive":[19],"to":[20,53,111,123],"initial":[22,141],"values":[23],"of":[24,65,88,119,132,143,147,180],"model":[25,42,51,183],"parameters.":[26],"However,":[27],"its":[28],"training":[29,43],"uses":[30],"random":[31],"or":[32],"average":[33],"parameter":[34],"initialization":[35],"methods,":[36],"which":[37,112],"frequently":[38],"results":[39,167],"in":[40,90,135],"into":[44,129],"a":[45,74],"local":[46],"optimum,":[47],"thus,":[48],"making":[49],"unable":[52],"fit":[54],"alert":[56,114,121],"logs":[57],"well":[58],"and":[59,106,161,193],"thereby":[60],"reducing":[61],"effectiveness":[64,146],"model.":[67],"To":[68],"solve":[69],"this":[70],"issue,":[71],"we":[72],"propose":[73],"pre-training":[75,179],"method":[76,96,150,176],"for":[77],"based":[82,101,177],"on":[83,102,178],"high":[85],"semantic":[86,104],"similarity":[87],"alerts":[89,100,134],"same":[92],"phase.":[94],"first":[97],"clusters":[98],"their":[103],"information":[105],"pre-classifies":[107],"phase":[110],"each":[113,124,136],"belongs.":[115],"Then,":[116],"distance":[118],"vector":[122],"stage":[126],"converted":[128],"probability":[131],"generating":[133],"stage,":[138],"replacing":[139],"value":[142],"Baum-Welch.":[144],"proposed":[149,182],"evaluated":[152],"DARPA":[155],"2000":[156],"dataset,":[157,160],"DEFCON21":[158],"CTF":[159],"ISCXIDS":[162],"2012":[163],"dataset.":[164],"experimental":[166],"show":[168],"that":[169],"Markov":[172,199],"parameters":[184],"had":[185],"higher":[186],"accuracy":[188],"than":[189],"Baum-Welch-based,":[191],"K-means-based,":[192],"transfer":[194],"learning":[195],"differential":[196],"evolution-based":[197],"methods.":[203]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":5},{"year":2024,"cited_by_count":3},{"year":2023,"cited_by_count":4},{"year":2022,"cited_by_count":3}],"updated_date":"2026-05-06T08:25:59.206177","created_date":"2025-10-10T00:00:00"}