BUILDING INTRUSION DETECTION SYSTEMS BASED ON THE BASIS OF METHODS OF INTELLECTUAL ANALYSIS OF DATA
Serhii Toliupa
tolupa@i.uaTaras Shevchenko Kyiv National University, Faculty of Infirmation Security (Ukraine)
http://orcid.org/0000-0002-1919-9174
Mykola Brailovskyi
Taras Shevchenko Kyiv National University, Faculty of Infirmation Security (Ukraine)
http://orcid.org/0000-0002-3031-4049
Ivan Parkhomenko
Taras Shevchenko Kyiv National University, Faculty of Infirmation Security (Ukraine)
http://orcid.org/0000-0002-9197-2600
Abstract
Nowadays, with the rapid development of network technologies and with global informatization of society problems come to the fore ensuring a high level of information system security. With the increase in the number of computer security incidents, intrusion detection systems (IDS) started to be developed rapidly.Nowadays the intrusion detection systems usually represent software or hardware-software solutions, that automate the event control process, occurring in an information system or network, as well as independently analyze these events in search of signs of security problems. A modern approach to building intrusion detection systems is full of flaws and vulnerabilities, which allows, unfortunately, harmful influences successfully overcome information security systems. The application of methods for analyzing data makes it possible identification of previously unknown, non-trivial, practically useful and accessible interpretations of knowledge necessary for making decisions in various spheres of human activity. The combination of these methods along with an integrated decision support system makes it possible to build an effective system for detecting and counteracting attacks, which is confirmed by the results of imitation modeling.
Keywords:
intrusion detection systems, attacks, fuzzy logic, neural networksReferences
Bankovic Z., Stepanovich D., Bojanic S., Nieto-Taladris O.: Improving network security using genetic algorithm approach, Computers and Electrical Engineering, 33(5-6)/2007, 438–451.
Google Scholar
Barsegyan A. A., Kupriyanov M. S., Stepanenko V. V., Kholod I. I.: Technologies of data analysis: Data Mining, Visual Mining, Text Mining, OLAP, SPb. BHV, Petersburg 2007.
Google Scholar
Bhattacharyya D. K., Kalita J. K.: Network Anomaly Detection. A Machine Learning Perspective, CRC Press, 2014.
Google Scholar
Brailovskyi M. M., Pogrebna T. V., Ptakhok O. V.: Essential requirements for the construction and safety of next-generation networks. Telecommunication and Information Technologies 2/2014, 41–49.
Google Scholar
Brailovskyi N. N., Ivanchenko E. V., Khoroshko V. A.: Diagnostics of information space protection systems" Information protection. Special issue 2014, 59–67.
Google Scholar
Ghahramani Z.: An Introduction to hidden Markov models and Bayesian networks. International Journal of Pattern Recognition and Artificial Intelligence 15/2001, 9–42.
Google Scholar
Koboseva A. A., Machalin I. O., Khoroshko V. O.: Analysis of the security of information systems. DUIKT, Kiev 2010.
Google Scholar
Pavlov I. M., Toliupa S. V., Nishchenko V. I.: Analysis of Taxonomy of Attack Detection Systems in the Context of the Current Level of Information Systems Development. Modern Protection of Information 4/2014, 44–52.
Google Scholar
Tajbakhsh A., Rahmati M., Mirzaei A.: Intrusion detection using fuzzy association rules. Applied Soft Computing 9(2)/2009, 462–469.
Google Scholar
Tereikovskiy I., Toliupa S., Parkhomenko I., Tereikovska L.: Markov Model of Normal Conduct Template of Computer Systems Network Objects. 14th International Conference on Advanced Trends in Radioelectronics, Telecommunications and Computer Engineering TCSET-2018.
Google Scholar
Toliupa S. V, Borisov I. V.: Methodology of evaluation of the complex system of information security at the object of information activity. Scientific and Technical Journal "Modern Information Protection" 2/2013, 43–49.
Google Scholar
Toliupa S. V, Parkhomenko І. І., Konovalenko А. D.: Analysis of vulnerabilities of local wireless networks and ways to protect them from possible attacks. Journal of the Engineering Academy of Ukraine 3/2017, 72–76.
Google Scholar
Toliupa S. V., Parkhomenko І. І.: Multilevel hierarchical models of information security systems. Proceedings of the II International scientific and practical conference Trends in the development of corvergent networks: decision of the post: NGN, 4G, 5G. Kyiv 2016, 111–114.
Google Scholar
Valdes A., Skinner K.: Adaptive model-based monitoring for cyber attack detection. Proc. of the Recent Advances in Intrusion Detection, Toulouse, France, 2000, 80–92.
Google Scholar
Valdes A., Skinner K.: Adaptive model-based monitoring for cyber attack detection. Proc. of the Recent Advances in Intrusion Detection. Toulouse 2000, 80–92.
Google Scholar
Yang H., Xie F., Lu Y.: Clustering and classification based anomaly detection. Fuzzy Systems and Knowledge Discovery 4223/2006, 1082–1091.
Google Scholar
Authors
Serhii Toliupatolupa@i.ua
Taras Shevchenko Kyiv National University, Faculty of Infirmation Security Ukraine
http://orcid.org/0000-0002-1919-9174
Authors
Mykola BrailovskyiTaras Shevchenko Kyiv National University, Faculty of Infirmation Security Ukraine
http://orcid.org/0000-0002-3031-4049
Authors
Ivan ParkhomenkoTaras Shevchenko Kyiv National University, Faculty of Infirmation Security Ukraine
http://orcid.org/0000-0002-9197-2600
Statistics
Abstract views: 254PDF downloads: 139
License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.