期刊名称:Journal of Theoretical and Applied Information Technology
印刷版ISSN:1992-8645
电子版ISSN:1817-3195
出版年度:2019
卷号:97
期号:16
页码:4239-4250
出版社:Journal of Theoretical and Applied
摘要:Due to the intensive development of the digital business, malicious software and other cyber threats are becoming more common. In order to increase the level of security there are needed appropriate special countermeasures, which are able to remain effective when new types of threats occur and which allow to detect cyber attacks targeting on a set of information system resources in fuzzy conditions. Different attacking effects on the corresponding resources generate various sets of anomalies in a heterogeneous parametric environment. There is known a tuple model of the formation of a set of basic components that allow to identify cyber attacks. For its effective application a formal implementation of the approach to the formation of sets of basic detection rules is necessary. For this purpose, there has been developed a method that focuses on solving problems of cyber attacks detection in computer systems, which is implemented through three basic steps: formation of anomaly identifiers subsets; formation of decisive functions; formation of conditional detection expressions. Using this method, it is possible to form the necessary set of detection rules, which determine the level of anomalous state of values in a heterogeneous parametric environment, characteristic for the impact of a certain type of attack. The use of this method at the creation intrusion detection systems will expand their functionality regarding the cyber attacks detection in a weakly formalized fuzzy environment.
