3rd International ICST Symposium on Information Assurance and Security

Research Article

Cyber Threat Trend Analysis Model Using HMM

  • @INPROCEEDINGS{10.1109/IAS.2007.19,
        author={ Do  Hoon Kim and Taek  Lee and Sung-Oh David Jung and Hoh  Peter In and Hee  Jo Lee},
        title={Cyber Threat Trend Analysis Model Using HMM},
        proceedings={3rd International ICST Symposium on  Information Assurance and Security},
        keywords={Data analysis  Data security  Economic forecasting  Hidden Markov models  Information analysis  Information security  Internet  Pattern analysis  Predictive models  Time series analysis},
  • Do Hoon Kim
    Taek Lee
    Sung-Oh David Jung
    Hoh Peter In
    Hee Jo Lee
    Year: 2007
    Cyber Threat Trend Analysis Model Using HMM
    DOI: 10.1109/IAS.2007.19
Do Hoon Kim1,*, Taek Lee1,*, Sung-Oh David Jung1,*, Hoh Peter In1,*, Hee Jo Lee1,*
  • 1: Department of Computer Science and Engineering Korea University, Seoul, 136-701, Korea
*Contact email: karmy01@korea.ac.kr, comtaek@korea.ac.kr, sungoh@korea.ac.k, hoh_in@korea.ac.kr, heejo@korea.ac.kr


Prevention is normally recognized as one of the best defense strategy against malicious hackers or attackers. The desire of deploying better prevention mechanisms has motivated many security researchers and practitioners, who are studies threat trend analysis models. However, threat trend is not directly revealed from the time-series data because the trend is implicit in its nature. Besides, traditional time-series analysis, which predicts the future trend pattern by relying exclusively on the past trend pattern, is not appropriate for predicting a trend pattern in dynamic network environments (e.g., the Internet). Thus, supplemental environmental information is required to uncover a trend pattern from the implicit (or hidden) raw data. In this paper, we propose cyber threat trend analysis model using hidden Markov model (HMM) by incorporating the supplemental environmental information into the trend analysis.