期刊名称:Eastern-European Journal of Enterprise Technologies
印刷版ISSN:1729-3774
电子版ISSN:1729-4061
出版年度:2016
卷号:2
期号:9
页码:18-25
DOI:10.15587/1729-4061.2016.66015
语种:English
出版社:PC Technology Center
摘要:The results of studies aimed at further development of methods and algorithms for detection of cyber threats and the most common classes of anomalies and cyber attacks in critical information systems (CIS) are presented. The problems of enhancing the CIS resistance in conditions of introduction of new and modernization of existing information and automated control systems, with the increased number of destabilizing effects on the information availability, confidentiality and integrity are considered.It is shown that the cyber defense of CIS is monitored and analyzed by several parameters of the features of anomalies or cyber attacks. This, in turn, allows carrying out a preliminary information security evaluation via clustering of a feature set of anomalies or attempted cyber attacks.A categorical model for building the adaptive intelligent cyber threat detection system (ICTDS) is proposed. Using the fuzzy clustering procedure, the training algorithm of ICTDS with the ability of hyper ellipsoidal correction of decision rules is developed. This allows creating adaptive ICTDS self-training mechanisms.The efficiency of the algorithm of the ICTDS information-extreme training is checked. To evaluate the partitioning quality of the feature space of anomalies, vulnerabilities and cyber attacks, the choice of the rational number of clusters and the fuzziness index of clusters in the feature space is made.It is proved that the proposed approach allows solving complex problems of the CIS cyber defense control and can be used in the development of software solutions for cyber defense systems.
关键词:critical information systems;cyber security;information security;threat detection;anomalies;feature clustering;information-extreme algorithm
