USING SUPPORT VECTORS TO BUILD A RULE-BASED SYSTEM FOR DETECTING MALICIOUS PROCESSES IN AN ORGANISATION'S NETWORK TRAFFIC

Main Article Content

DOI

Halyna Haidur

gaydurg@gmail.com

https://orcid.org/0000-0003-0591-3290
Sergii Gakhov

gakhovsa@gmail.com

https://orcid.org/0000-0001-9011-8210
Dmytro Hamza

supprius@gmail.com

https://orcid.org/0009-0005-0947-2420

Abstract

The growing complexity and sophistication of cyberattacks on organisational information resources and the variety of malware processes in unprotected networks necessitate the development of advanced methods for detecting malicious processes in network traffic. Systems for detecting malicious processes based on machine learning and rule-based methods have their advantages and disadvantages. We have investigated the possibility of using support vectors to create a rule-based system for detecting malicious processes in an organisation's network traffic. We propose a method for building a rule-based system for detecting malicious processes in an organisation's network traffic using the distribution data of the relevant features of support vectors. The application of this method on real CSE-CIC-IDS2018 network traffic data containing characteristics of malicious processes has shown acceptable accuracy, high clarity and computational efficiency in detecting malicious processes in network traffic. In our opinion, the results of this study will be useful in creating automatic systems for detecting malicious processes in the network traffic of organisations and in creating and using synthetic data in such systems.


 

Keywords:

network security, classification of network traffic, supervised learning, support vector machine classification, rule-based systems

References

Article Details

Haidur, H., Gakhov, S., & Hamza, D. (2024). USING SUPPORT VECTORS TO BUILD A RULE-BASED SYSTEM FOR DETECTING MALICIOUS PROCESSES IN AN ORGANISATION’S NETWORK TRAFFIC. Informatyka, Automatyka, Pomiary W Gospodarce I Ochronie Środowiska, 14(4), 90–96. https://doi.org/10.35784/iapgos.6366