Cyber attack monitoring

Authors

DOI:

https://doi.org/10.18372/2225-5036.26.15569

Abstract

To date, the detection of cyberattacks is a very important task. Network monitoring is used for this purpose. Moreover, there is a need for rapid analytical processing of information, which requires the use of methods of data mining. Data mining helps to extract knowledge from acquired data. The purpose of applying data mining to solving problems of monitoring cybernetic attacks is to obtain previously unknown, non-trivial, understandable processes of knowledge, patterns in monitoring, i.e., data useful for supporting decision-making. An integral part of the recognition system is training, which has the ultimate goal of forming reference class descriptions, the form of which is determined by the way they are used in decision rules, as well as the choice of information features for recognizing these reference classes. During the writing of this paper, an attempt was made to set out in a certain logical sequence the main analytical methods for recognizing cyberattacks in modern conditions of cyber warfare, taking into account the monitoring of the information environment. The list of factors confirming expediency of application of methods of recognition of images for the analysis of data of monitoring of attacks is given. In addition, similarity measures used in cyberattack ranking and clustering algorithms are examined. It is shown that the expediency of their application depends on specific tasks.

Downloads

Published

2021-07-02

How to Cite

Khoroshko, . V., & Brailovskyi, . M. (2021). Cyber attack monitoring. Ukrainian Scientific Journal of Information Security, 27(1). https://doi.org/10.18372/2225-5036.26.15569

Issue

Vol. 27 No. 1 (2021): vol. 27, issue 1

Section

Cybersecurity & Critical Information Infrastructure Protection (CIIP)

License

The scientific journal "Ukrainian Scientific Journal of Information Security" adheres to the principles of open science and provides free, free and permanent access to all published materials. The goal of the policy is to increase the visibility, citation and impact of the results of scientific research in the field of information security. The journal works according to the principles of Open Access and does not charge a fee for access to published articles.

All articles are published in Open Access under the Creative Commons Attribution 4.0 International (CC BY 4.0) license.

Copyright

Authors who publish their works in the journal Ukrainian Scientific Journal of Information Security:

  • retain the copyright to their publications;

  • grant the journal the right of first publication of the article;

  • agree to the distribution of their materials under the CC BY 4.0 license;

  • have the right to reuse, archive, and distribute their works (including in institutional and subject repositories), provided that proper reference is made to the original publication in the journal.