Abstract: First,the anomaly detection method based on hidden Markov model(HMM) is described and its drawbacks are pointed out.Then,a method,which uses multilayer perceptron(MLP) as the probability estimator of hidden Markov model,is proposed to overcome the drawbacks of the HMM-based method.Finally,a new hybrid HMM/MLP anomaly detection model based on system calls is established,and its training and detection algorithms are presented.Experimental results show that the false negative rate and the false positive rate of the hybrid system are both lower than those of the HMM-based method.