Aiming at the issue that the current advanced persistent threat (APT) attack defense technology is mainly based on passive defense and taking the active defense as a starting point, a method of APT attack path prediction based on the hidden Markov model (HMM) is proposed. The method is divided into modeling and prediction. In the aspect of modeling, firstly, a general HMM model for APT attacks according to characteristics of APT attacks is established. Then, an algorithm to generate the HMM model for specific APT attacks based on the current information input is proposed. In another aspect of prediction, it first improves the parameter calculation method of the HMM model for the less APT samples and then proposes an algorithm of path prediction by adding alert information which can giving the start point of prediction. In the experiment, it establish an experimental environment by simulating the attack method of aurora attack and the results shows that the methods of modeling and prediction meet the APT attack method and situation and they can complete the aim of path prediction.