Anomaly-based detection system in computer networks
DOI:
https://doi.org/10.18372/2225-5036.18.3458Keywords:
attacks, cyber-attacks, intrusion detection system, Anomaly-Based Detection Systems, computer networks attacks, anomaly-based detection in computer networksAbstract
Effective detection of new types of cyber-attacks, such as 'zero-day', as well as attacks which have no signatures associated with the widespread use of appropriate means of protection. The existing intrusion detection systems use the mathematical models for security solution, which require a lot of resources and expenses of different nature, for example, connected with sample of statistical data, training systems, its adaptation, etc. More effective in this regard are peer-based approaches and knowledge of the subject area specialists. To meet this challenge, based on the anomaly detection technique based on fuzzy logic it was suggested the structural solution of anomaly-based detection system in computer networks, created by the unsignature attacks. The system is composed of primary processing subsystems, generation of fuzzy standards and heuristic rules, as well as Fuzzy Modular Arithmetic, linguistic corollary and visualization, that make possible to identify the abnormal condition in the network traffic, generated by a specific type of cyber-attacks. The result of the system is represented in linguistic and graphic forms.References
Корченко О. Г. Построение систем защиты информации на нечетких множествах [Текст] : Теория и практические решения / О. Г. Корченко. — К. : МК-Пресс, 2006. — 320 с.
Стасюк А.И. Базовая модель параметров для построения систем выявления атак / А.И. Стасюк, А.А. Корченко // Захист інформації. — 2012. — №2 (55). — С. 47-51.
Модели эталонов лингвистических переменных для систем выявления атак / М.Г. Луцкий, А.А. Корченко, А.В. Гавриленко, А.А Охрименко // Захист інформації. — 2012. — №2 (55). — С. 71-78.
Корченко А.А. Модель эвристических правил на логико-лингвистических связках для обнаружения аномалий в компьютерных системах / А.А. Корченко // Захист інформації. — 2012. — №4 (57). — С. 109-115.
Стасюк А.И. Метод выявления аномалий порожденных кибератаками в компьютерных сетях / А.И. Стасюк, А.А. Корченко // Захист інформації. — 2012. — №4 (57). — С. 129-134.
Downloads
How to Cite
Issue
Section
License
The scientific journal "Ukrainian Scientific Journal of Information Security" adheres to the principles of open science and provides free, free and permanent access to all published materials. The goal of the policy is to increase the visibility, citation and impact of the results of scientific research in the field of information security. The journal works according to the principles of Open Access and does not charge a fee for access to published articles.
All articles are published in Open Access under the Creative Commons Attribution 4.0 International (CC BY 4.0) license.
Copyright
Authors who publish their works in the journal “Ukrainian Scientific Journal of Information Security”:
-
retain the copyright to their publications;
-
grant the journal the right of first publication of the article;
-
agree to the distribution of their materials under the CC BY 4.0 license;
-
have the right to reuse, archive, and distribute their works (including in institutional and subject repositories), provided that proper reference is made to the original publication in the journal.
