Modeling of adaptive recognition of cyberattacks in a non-uniform flow of requests in e-business modules
DOI:
https://doi.org/10.18372/2225-5036.22.10706Keywords:
recognition adaptive systems of cyber attacks, information security, e - business systems, non-uniform flow of requestsAbstract
The rapid development of modern information society, in particular, distribution systems, e-business and e-commerce (CEB) in vari-ous sectors of the economy, has caused some problems with the provision of cyber security, and accordingly, the development of the market anomaly detection systems, cyberattacks and threats that identify illegitimate action attacking side. Existing classic intrusion detection systems, suffer from a number of significant deficiencies, which imposes restrictions on their practical use. Now there is a trend of growth in demand for intelligent security technology of cyberspace, capable of simulating cognitive processes and are based on machine learning and pattern recognition theory. Hence, we need further research to develop the methodological and theoretical foundations of information synthesis cyber defense systems capable of self-learning. A mathematical model of adaptive functioning of cyberattacks recognition system (AСRS) at a non-uniform flow of network requests and cyber classes in CEB. It was found that the Markov process models are widely used in the analysis and synthesis of AСRS, the Markov property is a certain limitation on the real signals, but it is sufficient for the development of methods of content analysis and synthesis AСRS complexes. It was determined that the mathematical models using Markov chain device is an effective tool for quantitative assessment and recognition of complex cyberattacks with non-uniform flow of requests in AСRS.References
Jyothsna V., Prasad Rama V.V. A review of anomaly based intrusion detection systems. International Journal of Computer Applications, Vol. 28, No. 7. P. 26–35. DOI: 10.5120/3399-4730.
Baddar S.A.-H., Merlo A., Migliardi M. Anomaly detection in computer networks: a state-of-the-art review. Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications, Vol. 5, No. 4. P. 29-64.
Gyanchandani M., Rana J.L., Yadav R.N. Taxonomy of anomaly based intrusion detection system: a review. International Journal of Scientific and Research Publications, Vol. 2, Iss. 12. P. 1-13.
Vinchurkar D.P., Reshamwala A. A review of intrusion detection system using neural network and machine learning technique. International Journal of Engineering Science and Innovative Technology (IJESIT), Vol. 1, Iss. 2. P. 54-63.
Tsai C.-F., Hsub Y.-F., Linc C.-Y., Lin W.-Y. (2009). Intrusion detection by machine learning: a review. Expert Systems with Applications, Vol. 36, Iss. 10. P. 11994-12000. DOI: 10.1016/j.eswa.2009.05.029.
Omar S., Ngadi A., Jebur H.H. Machine learning techniques for anomaly detection: an overview. International Journal of Computer Applications, 2013. Vol. 79, No. 2. P. 33-41. DOI:10.5120/13715-1478.
Ilgun K., Kemmerer R.A., Porras P.A. State transition analysis: a rule-based intrusion detection approach. IEEE Transactions on Software Engineering, 1995. Vol. 21, Iss. 3. P. 181-199.
Khan L., Awad M., Thuraisingham B. A new intrusion detection system using support vector machines and hierarchical clustering. The International Journal on Very Large Data Bases, Vol. 16, Iss. 4, P. 507-521. DOI: 10.1007/s00778-006-0002-5.
Wu S.X., Banzhaf W. The use of computational intelligence in intrusion detection systems: a review. Applied Soft Computing, Vol. 10, Iss. 1. P. 1–35. DOI: 10.1016/j.asoc.2009.06.019.
Kabiri P., Ghorbani A.A. Research on intrusion detection and response: a survey. International Journal of Network Security, 2005. Vol. 1, No. 2. P. 84-102.
Ameziane El Hassani, A., Abou El Kalam, A., Bouhoula, A., Abassi, R., Ait Ouahman, A. Integrity-OrBAC: a new model to preserve Critical Infrastructures integrity. International Journal of Information Security, 14 (4), 367-385.
Al-Jarrah O., Arafat A. Network Intrusion Detection System using attack behavior classification. Information and Communication Systems (ICICS), 2014 5th International Conference, p.1-6. DOI: 10.1109/IACS.2014.6841978.
Selim S., Hashem M., Nazmy T. M. Detection using multistage neural network. International Journal of Computer Science and Information Security, 2010. Vol. 8, No. 4. P. 14-20.
Pawar S.N. Intrusion detection in computer network using genetic algorithm approach: a survey. International Journal of Advances in Engineering Technology, 2013. Vol. 6, Iss. 2. P. 730–736.
Zhou Y.P. Hybrid Model Based on Artificial Immune System and PCA Neural Networks for Intrusion Detection. Asia-Pacific Conference on
Infosecurity Information Processing, 2009, Vol. 1, P. 21-24. DOI:10.1109/APCIP.2009.13.
Komar M., Golovko V., Sachenko A., Bezobrazov S. Development of Neural Network Immune Detectors for Computer Attacks Recognition and Classification. IEEE 7th Intern. Conf. on Intelligent Data Acquisition and Advanced Computing Systems (IDAACS), 2013. Vol. 2. P. 665-668. DOI: 10.1109/ IDAACS.2013.6663008.
Heckerman D. A tutorial on learning with bayesian networks. Innovations in Bayesian Networks: Theory and Applications, 2008. Vol. 156. P. 33-82. DOI:10.1007/978-3-540-85066-3_3.
Zhan Z., Xu M., Xu S. Characterizing Honeypot-Captured Cyber Attacks: Statistical Framework and Case Study. IEEE Transactions on Information Forensics and Security, Vol. 8, Iss. 11, P. 1775 – 1789. DOI: 10.1109/TIFS.2013.2279800.
Raiyn J. A survey of Cyber Attack Detection Strategies. International Journal of Security and Its Applications, Vol.8, No.1, P. 247-256. DOI:/10.14257/ijsia.2014.8.1.23.
Bartosz Jasiul, Marcin Szpyrka, Joanna Śliwa. Detection and Modeling of Cyber Attacks with Petri Nets. Entropy, 16(12), pp. 6602-6623; DOI:10.3390/e16126602.
Attacks Statistics 2015 [Electronic resource]. –Available at:http://www.hackmageddon.com/2016/ 01/11/2015-cyber-attacks-statistics/.
Харин, Ю. С. Алгоритмы статистического анализа цепей Маркова с условной глубиной памяти / Ю. С. Харин, М. В. Мальцев // Информатика. – 2011. – №1. – С.34-43.
Щерба М.В. Методика разработки системы защиты информации комплекса муниципальных информационных систем [Текст] / М.В. Щерба // Информационные технологии моделирования и управления. – 2009. – Вып. 6(58). – С. 850-854.
Евсютин О.О. Моделирование в информационной безопасности и обработке данных с использованием математического аппарата дискретных динамических систем [Текст] / О.О. Евсютин, В.Г. Миронова // Ползуновский вестник. – 2012. – № 3/2. – C. 222-226.
Lakhno V. Design of adaptive system of detection of cyber-attacks, based on the model of logical procedures and the coverage matrices of features [Text] / V. Lakhno, S. Kazmirchuk, Y. Kovalenko, L. Myrutenko, T. Zhmurko // Eastern-European Journal of Enterprise Tech. – 2016. – № 3/9 (81). – P. 30-38.
