The software for the formation of parameters etalons for cyber-attacks detection systems
DOI:
https://doi.org/10.18372/2410-7840.20.13070Keywords:
attacks, cyber attacks, anomalies, intrusion detection systems, attack detection systems, cyberattack detection systems, detection of anomalies in information systemsAbstract
The overwhelming majority of intrusion detection systems become an integral part of the protection of any network security, they are used to monitor suspicious activity in the system and detect an attack by an unauthorized party. Ac-tivating of cyberattacks initiates the creation of special technical solutions that can remain effective when new or modified types of cyber threats appear with unidentified or unclearly defined properties. The majority of such systems are aimed to detect suspicious activity or interfering in the network to take adequate measures to prevent cyber at-tacks. Current systems for detecting intrusions are those that are aimed to identify abnormal states, but they have a number of disadvantages. More effective in this regard are expert approaches based on the use of knowledge and experience of specialists in the relevant subject field. The construction of technical solutions and the creation of special tools (for example, software for detection systems that allow detection of previously unknown cyber attacks by controlling the current state of unclear parameters in a poorly formalized environment, based on expert approaches, is a promising area of research. Based on the well-known cyberattack detection system which is based on the methodology for detecting anomalies generated by cyber attacks and the set of appropriate methods and models, software provided by the basic algorithm and a number of developed procedures (grid construction, initialization of values based on a set of databases and modules; graphic forming of parameters, search of common points in ac-cordance with the basic rules and graphic interpretation of the result) allows to automate the process of forming parameters etalons for modern attack detection systems and display the results of detecting abnormal states at a given time interval.References
Газета.ru. Вымогатели терроризируют интернет [Електронний ресурс]. Режим доступу: https://www. gazeta.ru/tech/2017/08/23/10839932/cyberthreats_2017.shtml?updated (дата звернення 20.08.2018).
А.Г. Корченко, Построение систем защиты информа-ции на нечетких множествах [Текст]: Теория и практи-ческие решения. К. : МК-Пресс, 2006, 320 с.
И. Терейковский, А. Корченко, "Система выявления кибератак", Безпека інформації, Т. 23, № 3., С. 176-180, 2017.
А. Корченко, В. Щербина, Н. Вишневская, "Методология построения систем выявления анома-лий порожденных кибератаками", Захист інфор-мації, Т. 18, №1, С. 30-38, 2016.
А. Корченко, "Кортежная модель формирования набора базовых компонент для выявления кибератак", Правове, нормативне та метрологічне забезпечення системи захисту інформації в Україні, вып. 2 (28), С. 29-36, 2014.
A. Korchenko, K. Warwas, A. Kłos-Witkowska, "The Tupel Model of Basic Components' Set Formation for Cyberattacks", Proceedings of the 2015 IEEE 8th Interna-tional Conference on «Intelligent Data Acquisition and Ad-vanced Computing Systems: Technology and Applications» (IDAACS’2015), Warsaw, Poland, September 24-26, 2015, vol. 1, pp. 478-483.
А. Корченко, "Метод формирования лингвистических эталонов для систем выявления вторжений", Захист інформації, Т. 16, №1, С. 5-12, 2014.
D. Wijayasekara, O. Linda., M. Manic, C.G Rieger, "Mining Building Energy Management System Data Using Fuzzy Anomaly Detection and Linguistic Descriptions", IEEE Trans. Industrial Informatics, vol. 10, no. 3, pp 1829-1840, 2014.
Терейковский, А. Корченко, П. Викулов, А. Шаховал, "Модели эталонов лингвистических переменных для обнаружения сниффинг-атак", Захист
інформації, Т. 19, №3, С. 228-242, 2017.
І. Терейковський, А. Корченко, П. Вікулов, І. Ірей- фідж, "Моделі еталонів лінгвістичних
змінних для систем виявлення email-спуфінг-атак", Безпека ін- формації, Т. 24, № 2, С. 99-109,
А. Корченко, "Метод фаззификации параметров на лингвистических эталонах для систем выявления кибератак", Безпека інформації, № 1 (20), С. 21-
, 2014.
А. Корченко, "Метод α-уровневой номинализации нечетких чисел для систем обнаружения вторжений", Захист інформації, Т. 16, №4, С. 292-304, 2014.
А. Корченко, "Метод определения идентифицирующих термов для систем обнаружения вторжений", Безпека інформації, Т. 20, № 3, С. 217-223, 2014.
Н. Карпинский, А. Корченко, С. Ахметова, "Метод формирования базовых детекционных правил
ения вторжений", Захист інформації, Т. 17, №4, С. 312-324, 2015.
Downloads
Published
Issue
Section
License
Authors who publish with this journal agree to the following terms:- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).