The method of abnormality detection caused by cyber attacks in computer networks
DOI:
https://doi.org/10.18372/2410-7840.14.3503Keywords:
cyber attack, intrusion detection systems, attacks in computer networks, abnormality detection in computer networks, heuristic rules, basic parameters model, versatile model of standards, model of heuristic rules, method of a abnormality detection, methodAbstract
One of the security solutions are intrusion detection systems, constructed on the principles of abnormality. Such systems are usually based on mathematical methods that require a lot of time to produce statistics. There is therefore a need for more effective methods based on peer-based approaches. For this task solution it is proposed the method based on mathematical models and methods of fuzzy logic, and containing eight basic steps (method selection of fuzzy data processing; selection of how to define the importance factor, formation of sets of attacks and parameters, formation of standards parameters, formation of multiple heuristic rules, definition of matrix initialization, formation of result) that show the process of abnormal condition detection, generated by a specific type of cyber-attacks in the IS. This method can be used to create or improve existing systems of cyber attacks detection in computer networks.References
Корченко О. Г. Построение систем защиты информации на нечетких множествах [Текст] : Теория и практические решения / О. Г. Корченко. — К. : МК-Пресс, 2006. — 320 с.
Волянська В. В. Система виявлення аномалій на основі нечітких моделей [Текст] / В. В. Волянська, А. О. Корченко, Є. В. Паціра // Зб. наук. пр. Інституту проблем моделювання в енергетиці НАН України ім. Г. Є Пухова. — Львів : ПП «Системи, технології, інформаційні послуги», 2007. — [Спец. випуск]. — Т.2. — С. 56–60.
Корченко О. Г. Системи захисту інформації [Текст] : Монографія / О. Г. Корченко. — К. : НАУ, 2004. — 264 с.
Горніцька Д.А. Визначення коефіцієнтів важливості для експертного оцінювання у галузі інформаційної безпеки / Д.А. Горніцька, В.В. Волянська, А.О. Корченко // Захист інформації. — 2012. — №1 (54) . — С. 108-121.
Стасюк А.И. Базовая модель параметров для построения систем выявления атак / А.И. Стасюк, А.А.
Корченко // Захист інформації. — 2012. — №2 (55). — С. 47-51.
Модели эталонов лингвистических переменных для систем выявления атак / М.Г. Луцкий, А.А. Корченко, А.В. Гавриленко, А.А Охрименко // Захист інформації. — 2012. — №2 (55). — С. 71-78
Корченко А.А. Модель эвристических правил на логико-лингвистических связках для обнаружения аномалий в компьютерных системах / А.А. Корченко // Захист інформації. — 2012. — №4 (57). — С. 109 -115 .
Downloads
Published
Issue
Section
License
Authors who publish with this journal agree to the following terms:- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).