METHOD OF FORMING A REFERENCE SUBENVIRONMENT FOR DETECTING PHISHING URLS
DOI:
https://doi.org/10.18372/2410-7840.25.17757Keywords:
attacks, cyberattacks, anomalies, intrusion detection systems, anomaly detection systems, cyberattack detection systems, anomaly detection in computer networks.Abstract
Increasing and improving the effectiveness of cyber-attacks to detect disease detection systems annually, and the use of modern intrusion detection systems allows you to quickly respond to new types of cyber-attacks and detect cases of infection with protective equipment. Such systems are quite advanced, but their significant operation requires real-time information, which can be used to determine the suspicious activity of an unauthorized party. Such information can be determined using expert approaches. Expert methods can help detect new cyber-attacks. The use of methods, models and systems based on the theory of fuzzy sets in the construction of anomaly detection tools generated by the implementation of new cyber threats is likely to have a trial and detection of an intrusion detection system. The development of computational solutions, calculations in fuzzy conditions, are likely to be identified by previously improbable and modified types of cyber-attacks. There are also enough developments that are used to solve cyber-attack detection problems, for example, a number of methods for creating a reference subenvironment for an intrusion detection system, but they are not focused on phishing approaches. However, as practice shows, when new symptoms and anomalies appear, generated by attacking actions with unspecified or unclearly targeted actions, in relation to media that do not always require effective work, therefore, methods that allow obtaining results in the process of a new reference subsystem for an intrusion detection system are relevant tasks. Phishing is one of the standard means aimed at collecting confidential information, such as logins, passwords, financial details and other personal data. For this developed model of the formation of a reference subenvironment for determining phishing URLs due to the generated set: the number of country parameters by IP address, the age of the domain and expert assessment of the state of the subenvironment of the disclosed system, the formalization of the process of generating the parameters of the reference subenvironment for solving the problems of determining phishing URLs is determined.
References
Анна Корченко, Методи ідентифікації аномальних станів для систем виявлення вторгнень. Монографія, Київ, ЦП «Компринт», 2019. 361 с.
Корченко О.Г. Побудова систем захисту інформації на нечітких множинах: теорія та практичні рішення / О.Г. Корченко. К.: МК-Прес, 2006. 320 с.
Akhemetov Bakhytzhan, Korchenko Anna, Akhmetova Sanzira, Zhumangalieva Nazym / Improved method for the formation of linguistic standards for of intrusion detection systems // Journal of Theoretical and Applied Information Technology, 2016. Vol.87. №.2. pp. 221-232.
Nazym Zhumangaliyeva, Anna Korchenko, Aliya Doszhanova, Aigul Shaikhanova, Shangytbayeva Gulmira Avkurova Zhadyra / Detection environment formation method for anomaly detection systems // Journal of Theoretical and Applied Information Technology, 2019. Vol.97. №.16. pp. 4239-4250.
А. Korchenko, V. Breslavskyi, S. Yevseiev, N Zhumangalieva, A. Zvarych, S. Kazmirchuk, O. Kurchenko, О. Laptiev, О. Sievierinov, S. Tkachuk / Development of a method for constructing linguistic standards for multi-criterial assessment of honeypot efficiency // Eastern-European Journal of Enterprise Technologies, 2021. Vol.109. №.1/2. pp. 14-23.
А. Корченко, «Метод формирования лингвисти-ческих эталонов для систем выявления вторжений», Захист інформації, Т.16, №1, С. 5-12, 2014.
И. Терейковский, А. Корченко, П. Викулов, А. Шаховал, «Модели эталонов лингвистических переменных для обнаружения сниффинг-атак», Захист інформації, Т.19, №3, С. 228-242, 2017.
M. Karpinski, A. Korchenko, P. Vikulov, R. Kochan, «The Etalon Models of Linguistic Variables for Sniffing-Attack Detection», in Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications (IDAACS), 2017 IEEE 9th International Conference on, 2017. pp. 258-264.
І. Терейковський, А. Корченко, П. Вікулов, І. Ірейфідж, «Моделі еталонів лінгвістичних змінних для систем виявлення email спуфінг-атак», Безпека інформації. Т.24, №2, С. 99-109, 2018.
Zawoad, S., Hasan, R., & Hasan, M.A. The evolution of phishing attacks: patterns, trends, and future directions. ACM Computing Surveys (CSUR), 2019. Vol. 52(6), pp. 1-40.
Anna Korchenko, «Formation of linguistic standards for of intrusion detection systems», Безопасность в авиации и космические технологии: VIII Всемирный конгресс «Авиация в XXI столетии», Киев, 2018. С. 3.2.1.-3.2.6.
А. Корченко, «Кортежная модель формирования набора базовых компонент для выявления кибер-атак», Правове, нормативне та метрологічне забезпечення системи захисту інформації в Україні, В.2 (28), С. 29-36. 2014.
A. Korchenko, K. Warwas, A. Kłos-Witkowska, «The Tupel Model of Basic Components' Set Formation for Cyberattacks», in Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications (IDAACS), 2015 IEEE 8th International Conference on, 2015. pp. 478-483.
А. Корченко, «Модель базових компонент для виявлення кібератак на ресурси інформаційних систем», Актуальні проблеми управління інформаційною безпекою держави: VI наук.-практ. конф., Київ, 2015. С. 274-275.
Downloads
Published
Issue
Section
License
Authors who publish with this journal agree to the following terms:- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).
