Özet:

Adaptive system of cyber attack detection, which is based on the improved algorithms for splitting the feature space into clusters, was developed. The procedure of recognition was improved by using the simultaneous clustering and formation of verifying admissible deviations for the attributes of anomalies and cyber attacks. The proposed modifications of the algorithm for splitting the feature space into clusters in the process of implementation of the procedure of recognition of anomalies and cyber attacks, in contrast to the existing ones, allow us to form simultaneously the reference tolerances when processing complex attributes of recognition objects (RO). This provides the possibility, at every step of training an adaptive recognition system, to change the verifying admissible deviations for all attributes of anomalies and cyber attacks simultaneously. The proposed algorithms make it possible to prevent possible cases of absorption of one RO class of basic attributes of anomalies and cyber attacks by another class. Predicate expressions for ASR that is capable of self-learning were obtained. Verification of the proposed algorithms was carried out on the simulation models in MatLab and Simulink. It was proved that the proposed algorithms for the clustering of RO attributes make it possible to receive effective learning matrices for ASR as a part of intelligent systems for cyber attack detection.  Author Biographies Valeriy Lakhno, European University Akademika Vernads'koho blvd., 16 V, Kyiv, Ukraine, 03115 Doctor of Technical Sciences, Associate Professor Department of Managing Information Security

Anahtar Kelimeler: