REDUCING THE OBSERVABLE STATES SPACE OF HIDDEN MARKOV MODEL FOR DISTRIBUTED DENIAL OF SERVICE ATTACK PREDICTION USING KULLBACK-LIEBLER DIVERGENCE
Abstract
Distributed Denial of Service (DDoS) attack floods the network with loads of unwanted packets and requests that weigh down the system resources such as memory and processors. Hidden Markov model (HMM) is one of the models that can be used to predict and detect such attacks. A problem to be solved was determining the observable states and subsequently, the model parameters since the performance of the model depends on the accurate selection of these parameters. In this work, the concept of entropy was used to determine the observable states, which characterise the HMM. In order to improve computational efficiency of the algorithm for estimating the parameters of the model, Kullback-Liebler Divergence (KLD) method was employed for reducing and selecting appropriate observable states to achieve a good prediction model. The experimental results justified the suitability of KLD in reducing the entropy-based observable states of HMM for predicting DDoS attack.