Construction method of cyber attacks classifier on government information resources

Authors

DOI:

https://doi.org/10.15587/2312-8372.2015.37423

Keywords:

information and telecommunication system, cyber attack, classifier, classification, decision trees, optimization

Abstract

Dynamics of successful realizations of cyber attacks, the object of which are public information resources, demonstrates the need to improve their security. One problem that hinders the implementation of effective information security systems, such as attack detection systems, is their inability to provide reliable and timely event pattern classification of information and telecommunication systems. In research materials it is proposed an approach that enhances the efficiency of attack detection systems for government information resources by the speed criteria for the given parameters of classification accuracy. This is achieved through the introduction of CBA two-step classification scheme, based on binary grouping patterns of the system behavior. The developed construction method of cyber attacks classifier, based on decision trees and optimized flow of incoming data, can reduce the construction and operation of classification models at times and provides the performance of classification accuracy of system behavior patterns.

Author Biographies

Володимир Леонідович Бурячок, State University of Telecommunications Solomenska street, 7, Kyiv, 03110

Doctor of Technical Sciences, Senior Researcher, Head of the Department

Department of Information and cyber security

Руслан Валентинович Грищук, Zhytomyr Military Institute of the State University of Telecommunications, Prospekt Mira, 22, Zhytomyr, 10004

Doctor of Technical Sciences, Senior Researcher, Leading Researcher

ResearchCenter

Віктор Миколайович Мамарєв, State University of Telecommunications Solomenska street, 7, Kyiv, 03110

Graduate student

Department of Information and cyber security

References

  1. Buryachok, V. L., Hryshchuk, R. V., Khoroshko, V. O. (2014). Polityka informaciynoi bezpeky. K.: PVP «Zadruga», 222.
  2. Bankovic, Z., Moya, J., Araujo, Á., Bojanic, S., Nieto-Taladriz, O. (2009). A Genetic Algorithm-based Solution for Intrusion Detection. Journal of Information Assurance and Security, V. 4, 192-199.
  3. Mukkamala, S., Janoski, G., Sung, A. (2002). Intrusion Detection Using Neural Networks and Support Vector Machines. Proceedings of IEEE Intrnational Joint Conference on Neural Networks, 1702-1721. doi:10.1109/ijcnn.2002.1007774
  4. Farid, D. M., Rahman, M. Z. (2010, January 1). Anomaly Network Intrusion Detection Based on Improved Self Adaptive Bayesian Algorithm. Journal of Computers, Vol. 5, № 1, 23-31. doi:10.4304/jcp.5.1.23-31
  5. Wee, Y. Y., Cheah, W. P., Tan, S. C., Wee, K. (2011). Causal Discovery and Reasoning for Intrusion Detectionusing Bayesian Network. International Journal of Machine Learning and Computing, Vol. 1, № 2, 185-192. doi:10.7763/ijmlc.2011.v1.27
  6. Chou, T. (2011). Cyber Security Threats Detection Using Ensemble Architecture International. Journal of Security and Its Applications, Vol. 5, № 2, 17-32. doi:10.14257/ijsia
  7. Lukatskii, A. (2001). Obnaruzhenie atak. SPb.: BHV-Peterburg, 624.
  8. Komar, M. (2012). Method of cumulative traffic classifier development for hierarchical classification of computer attacks in the telecommunication networks. Sistemy obrabotki informacii, Vol. 1, № 3 (101), 134-138.
  9. Panda, M., Patra, M. R. (2009). Ensemble of classifiers for detecting network intrusion. International Conference on Advances in Computing, Communication and Control archive, 510-515. doi:10.1145/1523103.1523204
  10. Hodashinsky, I., Del, V., Anfilofev, A. (2014). Intrusion detection using an ensembles of decision trees. Doklady TUSURa, 2 (32), 202–206.
  11. Hryshchuk, R., Mamarev, V. (2012). Optimizing method of reducing the dimension of the input data flow for information security systems. Systemy obrobky informatsii, Vol 1, № 4 (102), 103-107.
  12. Hryshchuk, R., Mamarev, V. (2012). Method of parameters information content assessment of the input data flow for the network intrusion detection system. Informatsiina bezpeka, № 2 (8), 27-34.
  13. Pіlkevich, I., Molodetska, K., Suhoniako, I., Lobanchikova, N. (2014). Osnovy pobudovy avtomatyzovanykh system upravlinnia. Zhitomir: ZDU im. I. Franka, 226.
  14. Hryshchuk, R., Mamarev, V. (2011). Task specification for developing of the NIDS input data stream reducing methods. Informatsiina bezpeka, 1 (5), 74-78.

Downloads

Published

2015-01-29

How to Cite

Бурячок, В. Л., Грищук, Р. В., & Мамарєв, В. М. (2015). Construction method of cyber attacks classifier on government information resources. Technology Audit and Production Reserves, 1(2(21), 38–43. https://doi.org/10.15587/2312-8372.2015.37423

Issue

Vol. 1 No. 2(21) (2015): Information technology

Section

Information Technologies: Original Research

License

Copyright (c) 2016 Володимир Леонідович Бурячок, Руслан Валентинович Грищук, Віктор Миколайович Мамарєв

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

The consolidation and conditions for the transfer of copyright (identification of authorship) is carried out in the License Agreement. In particular, the authors reserve the right to the authorship of their manuscript and transfer the first publication of this work to the journal under the terms of the Creative Commons CC BY license. At the same time, they have the right to conclude on their own additional agreements concerning the non-exclusive distribution of the work in the form in which it was published by this journal, but provided that the link to the first publication of the article in this journal is preserved.