Binary Information Press
Multi-stage cyber attack is one of the most important threats in Internet. Although there are many techniques and algorithms, such as attack graphs, attack trees, HMM algorithms and causal networks etc., to be presented to deal with the issue, attackers can still evade the detection and defense to achieve their malicious goals by multi-stage intrusion or attack. Dynamic attack track goals of different attack stages are still difficult to be described and recognized in real time, lack of dynamic attack track probability calculation and analysis are still problems. In this paper, the authors proposed a novel method based on Abstract Hidden Markov Model and algorithm PI-AHMM to perform multi-stage cyber attack track recognition and prediction.