Методика формування вхідного вектора спостережуваних змінних мережевої активності

Наталія Сергіївна ВИШНЕВСЬКА; Степан Іванович КУБІВ

doi:10.18372/2225-5036.31.20699

Methodology for forming the input vector of observed network activity variables

Authors

Наталія Сергіївна ВИШНЕВСЬКА Державний університет "Київський авіаційний інститут" https://orcid.org/0000-0002-1358-467X
Степан Іванович КУБІВ Державний університет "Київський авіаційний інститут" https://orcid.org/0000-0002-2606-4550

DOI:

https://doi.org/10.18372/2225-5036.31.20699

Keywords:

probabilistic modeling, cybersecurity, input vector, network traffic, feature aggregation, cyberattack detection

Abstract

This paper presents a methodology for constructing the input vector of observed network activity variables for cyberattack detection and prediction systems. The proposed approach involves a step-by-step formation of the vector, beginning with the collection of raw traffic parameters, followed by their normalization, smoothing within sliding time windows, and temporal alignment. The methodology includes the integration of parameters from all functional feature blocks, enabling model adaptation to various types of attacks. As a result, the input vector is fully compatible with probabilistic models exhibiting Markov properties and is capable of capturing both instantaneous fluctuations and long-term behavioral trends in network traffic. The proposed approach enhances anomaly detection accuracy and reduces false positives by enabling flexible adjustment of the vector’s structure in accordance with the threat profile dynamics

Downloads

pdf (Українська)

Published

2025-08-22

How to Cite

ВИШНЕВСЬКА , Н. С., & КУБІВ , С. І. (2025). Methodology for forming the input vector of observed network activity variables. Ukrainian Scientific Journal of Information Security, 31(2), 80–86. https://doi.org/10.18372/2225-5036.31.20699

Download Citation

Issue

Vol. 31 No. 2 (2025): Ukrainian Scientific Journal of Information Security

Section

Cybersecurity & Critical Information Infrastructure Protection (CIIP)

License

The scientific journal "Information Security" adheres to the principles of open science and provides free, free and permanent access to all published materials. The goal of the policy is to increase the visibility, citation and impact of the results of scientific research in the field of information security. The journal works according to the principles of Open Access and does not charge a fee for access to published articles.

All articles are published in Open Access under the Creative Commons Attribution 4.0 International (CC BY 4.0) license.

Copyright

Authors who publish their works in the journal “Information Security”:

retain the copyright to their publications;
grant the journal the right of first publication of the article;
agree to the distribution of their materials under the CC BY 4.0 license;
have the right to reuse, archive, and distribute their works (including in institutional and subject repositories), provided that proper reference is made to the original publication in the journal.