文章基本信息

标题：Development of a system for the detection of cyber attacks based on the clustering and formation of reference deviations of attributes
本地全文：下载
作者：Valeriy Lakhno ; Volodimir Malyukov ; Volodymyr Domrachev 等
期刊名称：Eastern-European Journal of Enterprise Technologies
印刷版ISSN：1729-3774
电子版ISSN：1729-4061
出版年度：2017
卷号：3
期号：9
页码：43-52
DOI：10.15587/1729-4061.2017.102225
语种：English
出版社：PC Technology Center
摘要：Adaptive system of cyber attack detection, which is based on the improved algorithms for splitting the feature space into clusters, was developed. The procedure of recognition was improved by using the simultaneous clustering and formation of verifying admissible deviations for the attributes of anomalies and cyber attacks.The proposed modifications of the algorithm for splitting the feature space into clusters in the process of implementation of the procedure of recognition of anomalies and cyber attacks, in contrast to the existing ones, allow us to form simultaneously the reference tolerances when processing complex attributes of recognition objects (RO). This provides the possibility, at every step of training an adaptive recognition system, to change the verifying admissible deviations for all attributes of anomalies and cyber attacks simultaneously. The proposed algorithms make it possible to prevent possible cases of absorption of one RO class of basic attributes of anomalies and cyber attacks by another class. Predicate expressions for ASR that is capable of self-learning were obtained.Verification of the proposed algorithms was carried out on the simulation models in MatLab and Simulink. It was proved that the proposed algorithms for the clustering of RO attributes make it possible to receive effective learning matrices for ASR as a part of intelligent systems for cyber attack detection.
关键词：system of cyber attack detection;cyber security;clustering of attributes;verifying admissible deviations