Technology of abnormal states for detection of intrusion systems One of the security solutions are detection of intrusion systems based on the anomalous principle.

Authors

  • Б. С. Ахметов K.I. Satpayev Kazakh National Technical Research University, Almaty, Republic of Kazakhstan
  • А. А. Корченко National Aviation University, Kiev, Ukraine
  • Н. К. Жумангалиева K.I. Satpayev Kazakh National Research Technical University, Almaty, Republic of Kazakhstan

Keywords:

cyber attack, detection of intrusion system, detection of anomalies in computer systems, decision rules, model of base units, model of reference values, model of decision rules, construction of decision rules, anomaly detection technology, detection of intrusion technology

Abstract

One of the security solutions are detection of intrusion systems based on the anomalous principle.
Such systems are usually based on mathematical methods that require a lot of time for preparing
statistics. That’s why, a need for more effective methods based on expert approaches. In order
to solve this problem, technology is proposed, based on mathematical models and methods of
fuzzy logic, and contains eight basic steps (selection of fuzzy data processing method, the choice
of method for determining the importance of the factor, the formation of sets of invasions and
values, the formation of standards of size, fuzzification values, forming a plurality of critical rules,
the definition of initialization matrix formation results), revealing the process of identifying an
abnormal condition, generated by a specific type of cyber attacks in the information systems. This
technology can be used to create or enhance existing detect systems of cyber attacks on computer
networks.

References

[1] Korchenko O.G. Postroenie sistem zaschityi informatsii na nechetkih mnozhestvah // Teoriya i prakticheskie resheniya / O.G.Korchenko. – K.: MK-Press, 2006. – 320 s.
[2] Volyanska V.V. Sistema viyavlennya anomaliy na osnovi nechitkih modeley [Tekst] / V. V. Volyanska, A. O. Korchenko, E. V. PatsIra // Zb. nauk. pr. Institutu problem modelyuvannya v energetitsI NAN Ukrayini Im. G. E Puhova. – LvIv : PP "Sistemi, tehnologii, Informatsiyni poslugi 2007. – [Spets. vipusk]. – T.2. – S. 56-60.
[3] Korchenko O.G. Sistemi zahistu Informatsiyi [Tekst] : Monografiya / O. G. Korchenko. – K.: NAU, 2004. – 264 s.
[4] Ahmetov B.S., Korchenko A.A., Zhumangalieva N.K. Model bazovyih velichin dlya kontrolya anomalnosti sostoyaniya sredyi okruzheniya // Vestnik NAN RK. – 2016. – No 1(305) – 26 s.
[5] Ahmetov B.S., Korchenko A.A., Zhumangalieva N.K. Bazovyie modeli etalonnyih velichin dlya sistem obnaruzheniya vtorzheniy / Vestnik MKTU H.A.Yasavi. – 2015. – No 4.
[6] Ahmetov B.S. Ispolzovanie metodov nechetkih mnozhestv v sistemah obnaruzheniya vtorzheniy / B.S. Ahmetov, A.A. Korchenko, N.K. Zhumangalieva // InformatsIyna bezpeka. – 2014. – No 1 (13); No 2 (14). – S. 42-55.
[7] Ispolzovanie metodov ekspertnogo otsenivaniya v sistemah obnaruzheniya vtorzheniy / B.S. Ahmetov, A.A. Korchenko, S.T. Ahmetova, N.K. Zhumangalieva // Informatsiyna bezpeka. – 2014. – No 3 (15); No 4 (16). – S. 34-43.

Downloads

Published

2017-11-16