The system of heuristic rules formation for network activity assessment
DOI:
https://doi.org/10.18372/2410-7840.15.5728Keywords:
cyber attacks, anomalies, intrusion detection systems, anomaly detection systems, attack detection systems, anomaly detection in computer networks, heuristic rules, network activity assessmentAbstract
Based on the known method for anomalies detection caused by the cyberattacks the corresponding system has been developed. The implementation of this system requires the realization phase of multiple set of heuristic rules formation. They are intended to create the appropriating critical rules directed on truth verification of reference and current parameters interrelations when the network activity is being assessed in a specific environment. This paper suggests a new structural solution of the corresponding system based on the critical rules and containing switching units, the formation of linguistic variables, rules ranking and initialization, as well as registers of standards, current values, linguistic identifiers and rules. The proposed solution can be implemented through software or hardware and to be used as the basis of systems for anomalies detection.References
Стасюк А.И. Базовая модель параметров для построения систем выявления атак / А.И. Стасюк, А.А. Корченко // Захист інформації. — 2012. — № 2 (55). - С. 47-51.
Модели эталонов лингвистических переменных для систем выявления атак / М.Г. Луцкий, А.А. Корченко, А.В. Гавриленко, А.А Охрименко // Захист інформації. — 2012. — № 2 (55). — С. 71-78.
Корченко А.А. Модель эвристических правил на логико-лингвистических связках для обнаружения аномалий в компьютерных системах / А.А. Корченко // Захист інформації. — 2012. — № 4 (57). - С. 112-118.
Стасюк А.И. Метод выявления аномалий порожденных кибератаками в компьютерных сетях / А.И. Стасюк, А.А. Корченко // Захист інформації. — 2012. — №4 (57). — С. 129-134.
Корченко А.А. Модели систем выявления аномалий, порожденных кибератаками / А.А. Корченко / / Эвристические алгоритмы и распределенные вычисления в прикладных задачах : Коллективная монография / Под ред. Б.Ф. Мельникова. — Ульяновск, 2013. — Выпуск 2. — С. 56-86.
Корченко А.А. Система выявления аномального состояния в компьютерных сетях / А.А. Корченко / / Безпека інформації. — 2012. — № 2 (18). — С. 80-84.
Корченко А.А. Система формирования нечетких эталонов сетевых параметров / А.А. Корченко // Захист інформації. — Т.15, №3. — 2013. — С. 240-246.
Корченко А.Г. Построение систем защиты информации на нечетких множествах [Текст] : Теория и практические решения /
А.Г. Корченко. — К. : МК-Пресс, 2006. — 320 с.
Downloads
Issue
Section
License
Authors who publish with this journal agree to the following terms:- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).
