Construction method of cyber attacks classifier on government information resources
DOI:
https://doi.org/10.15587/2312-8372.2015.37423Keywords:
information and telecommunication system, cyber attack, classifier, classification, decision trees, optimizationAbstract
Dynamics of successful realizations of cyber attacks, the object of which are public information resources, demonstrates the need to improve their security. One problem that hinders the implementation of effective information security systems, such as attack detection systems, is their inability to provide reliable and timely event pattern classification of information and telecommunication systems. In research materials it is proposed an approach that enhances the efficiency of attack detection systems for government information resources by the speed criteria for the given parameters of classification accuracy. This is achieved through the introduction of CBA two-step classification scheme, based on binary grouping patterns of the system behavior. The developed construction method of cyber attacks classifier, based on decision trees and optimized flow of incoming data, can reduce the construction and operation of classification models at times and provides the performance of classification accuracy of system behavior patterns.
References
- Buryachok, V. L., Hryshchuk, R. V., Khoroshko, V. O. (2014). Polityka informaciynoi bezpeky. K.: PVP «Zadruga», 222.
- Bankovic, Z., Moya, J., Araujo, Á., Bojanic, S., Nieto-Taladriz, O. (2009). A Genetic Algorithm-based Solution for Intrusion Detection. Journal of Information Assurance and Security, V. 4, 192-199.
- Mukkamala, S., Janoski, G., Sung, A. (2002). Intrusion Detection Using Neural Networks and Support Vector Machines. Proceedings of IEEE Intrnational Joint Conference on Neural Networks, 1702-1721. doi:10.1109/ijcnn.2002.1007774
- Farid, D. M., Rahman, M. Z. (2010, January 1). Anomaly Network Intrusion Detection Based on Improved Self Adaptive Bayesian Algorithm. Journal of Computers, Vol. 5, № 1, 23-31. doi:10.4304/jcp.5.1.23-31
- Wee, Y. Y., Cheah, W. P., Tan, S. C., Wee, K. (2011). Causal Discovery and Reasoning for Intrusion Detectionusing Bayesian Network. International Journal of Machine Learning and Computing, Vol. 1, № 2, 185-192. doi:10.7763/ijmlc.2011.v1.27
- Chou, T. (2011). Cyber Security Threats Detection Using Ensemble Architecture International. Journal of Security and Its Applications, Vol. 5, № 2, 17-32. doi:10.14257/ijsia
- Lukatskii, A. (2001). Obnaruzhenie atak. SPb.: BHV-Peterburg, 624.
- Komar, M. (2012). Method of cumulative traffic classifier development for hierarchical classification of computer attacks in the telecommunication networks. Sistemy obrabotki informacii, Vol. 1, № 3 (101), 134-138.
- Panda, M., Patra, M. R. (2009). Ensemble of classifiers for detecting network intrusion. International Conference on Advances in Computing, Communication and Control archive, 510-515. doi:10.1145/1523103.1523204
- Hodashinsky, I., Del, V., Anfilofev, A. (2014). Intrusion detection using an ensembles of decision trees. Doklady TUSURa, № 2 (32), 202–206.
- Hryshchuk, R., Mamarev, V. (2012). Optimizing method of reducing the dimension of the input data flow for information security systems. Systemy obrobky informatsii, Vol 1, № 4 (102), 103-107.
- Hryshchuk, R., Mamarev, V. (2012). Method of parameters information content assessment of the input data flow for the network intrusion detection system. Informatsiina bezpeka, № 2 (8), 27-34.
- Pіlkevich, I., Molodetska, K., Suhoniako, I., Lobanchikova, N. (2014). Osnovy pobudovy avtomatyzovanykh system upravlinnia. Zhitomir: ZDU im. I. Franka, 226.
- Hryshchuk, R., Mamarev, V. (2011). Task specification for developing of the NIDS input data stream reducing methods. Informatsiina bezpeka, №1 (5), 74-78.
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2016 Володимир Леонідович Бурячок, Руслан Валентинович Грищук, Віктор Миколайович Мамарєв
This work is licensed under a Creative Commons Attribution 4.0 International License.
The consolidation and conditions for the transfer of copyright (identification of authorship) is carried out in the License Agreement. In particular, the authors reserve the right to the authorship of their manuscript and transfer the first publication of this work to the journal under the terms of the Creative Commons CC BY license. At the same time, they have the right to conclude on their own additional agreements concerning the non-exclusive distribution of the work in the form in which it was published by this journal, but provided that the link to the first publication of the article in this journal is preserved.