Development of decision support system based on feature matrix for cyber threat assessment

• Autorzy: Kartbayev Timur , Akhmetov Bakhytzhan , Doszhanova Aliya , Lakhno Valery , Malikova Feruza , Tolybayev Sharapatdin

Identyfikatory

DOI

10.24425/ijet.2019.129811

• Języki publikacji: EN

Abstrakty

EN

The article herein presents the method and algorithms for forming the feature space for the base of intellectualized system knowledge for the support system in the cyber threats and anomalies tasks. The system being elaborated might be used both autonomously by cyber threat services analysts and jointly with information protection complex systems. It is shown, that advised algorithms allow supplementing dynamically the knowledge base upon appearing the new threats, which permits to cut the time of their recognition and analysis, in particular, for cases of hard-to-explain features and reduce the false responses in threat recognizing systems, anomalies and attacks at informatization objects. It is stated herein, that collectively with the outcomes of previous authors investigations, the offered algorithms of forming the feature space for identifying cyber threats within decisions making support system are more effective. It is reached at the expense of the fact, that, comparing to existing decisions, the described decisions in the article, allow separate considering the task of threat recognition in the frame of the known classes, and if necessary supplementing feature space for the new threat types. It is demonstrated, that new threats features often initially are not identified within the frame of existing base of threat classes knowledge in the decision support system. As well the methods and advised algorithms allow fulfilling the time-efficient cyber threats classification for a definite informatization object.

Słowa kluczowe

EN

decision support system; cyber threat; intellectualized system; detecting the cyber threats; critically needed; computer systems

• Wydawca: Polish Academy of Sciences, Committee of Electronics and Telecommunication
• Czasopismo: International Journal of Electronics and Telecommunications
• Rocznik: 2019
• Tom: Vol. 65, No. 4
• Strony: 545--550
• Opis fizyczny: Bibliogr. 25 poz., tab.

Twórcy

autor

Kartbayev Timur

• Institute of the Control systems and Information Technologies, Almaty University of Power Engineering and Telecommunications , Almaty, Republic of Kazakhstan

autor

Akhmetov Bakhytzhan

• Abai Kazakh National Pedagogical University, Almaty, Republic of Kazakhstan

autor

Doszhanova Aliya

• Department IT-engineering, Almaty University of Power Engineering and Telecommunications, Almaty, Republic of Kazakhstan

autor

Lakhno Valery

• Department of Computer systems and networks, National University of Life and Environmental Sciences of Ukraine, Kyiv, Ukraine

autor

Malikova Feruza

• Department IT-engineering, Almaty University of Power Engineering and Telecommunications, Almaty, Republic of Kazakhstan

autor

Tolybayev Sharapatdin

• Department IT-engineering, Almaty University of Power Engineering and Telecommunications , Almaty, Republic of Kazakhstan

Bibliografia

• [1] J.Petit, S.E.Shladover, ”Potential Cyberattacks on Automated Vehicles”, IEEE Transactions on Intelligent Transportation Systems,Vol. 16 Iss. 2, 546–556 (2015) DOI: 10.1109/TITS.2014.2342271.
• [2] F. Miao, Q. Zhu, M.G.Pajic, J. Pappas, ”Coding Schemes for Securing Cyber-Physical Systems Against Stealthy Data Injection Attacks”, IEEE Transactions on Control of Network Systems, Vol. PP,Iss. 99, 1 (2016) DOI: 10.1109/TCNS.2016.2573039.
• [3] O. Petrov, B. Borowik, M. Karpinskyy, ”Immune and defensive corporate systems with intellectual identification of threats, Pszczyna : Slaska Oficyna Drukarska”, 222 p. ISBN: 978–83–62674–68–8 (2016).
• [4] T. Sawik, ”Selection of optimal countermeasure portfolio in it security planning”,Decision Support Systems, 2013, Vol. 55, Iss. 1, P. 156164. http://dx.doi.org/10.1016/j.dss.2013.01.001
• [5] A. Fielder, E. Panaousis, P. Malacaria, C. Hankin, F. Smeraldi, ”Decision support approaches for cyber security investment”, Decision Support Systems,2016, Vol. 86, P. 1323. http://dx.doi.org/10.1016/j.dss.2016.02.012
• [6] L. Atymtayeva, K. Kozhakhmet, G. Bortsova, ”Building a Knowledge Base for Expert System in Information Security”, Chapter Soft Computing in Artificial Intelligence of the series Advances in Intelligent Systems and Computing,2014, Vol. 270, P. 5776. DOI:10.1007/978-3-319-05515-27
• [7] M.M. Gamal, B. Hasan, A.F. Hegazy, ”A Security Analysis Framework Powered by an Expert System”, International Journal of Computer Science and Security (IJCSS),2011, Vol. 4, No. 6, P. 505527.
• [8] S. Dua, X. Du, ”Data Mining and Machine Learning in Cybersecurity”, UK, CRC press, 2016, p. 225.
• [9] A.L. Buczak, E. Guven, ”A Survey of Data Mining and Machine Learning Methods for Cyber Security Intrusion Detection”, IEEE Communications Surveys and Tutorials, 2016, Vol. 18, Iss. 2. P. 1153-1176. DOI: 10.1109/COMST.2015.2494502
• [10] O. Al-Jarrah, A. Arafat, ”Network Intrusion Detection System using attack behavior classification”, 2014 5th International Conference on Information and Communication Systems (ICICS), 2014,. DOI: 10.1109/iacs.2014.6841978
• [11] N. BenAsher, C. Gonzalez, ”Effects of cyber security knowledge on attack detection”,Computers in Human Behavior, (48), 51-61, (2015).
• [12] A.Kh. Nishanov, K.F.Kerimov, ”Methods of Counteraction from Attacks Carried out Against Users in a Network the Internet”,ICEIC-Electronics, news and communications,IX-the conference, Tashkent, 2008, P. 298299.
• [13] M.M. Gamal, B.Hasan, A.F.Hegazy ”A Security Analysis Framework Powered by an Expert System”,International Journal of Computer Science and Security (IJCSS), 2011, Vol. 4, No. 6, P. 505527.
• [14] Li-Yun. Chang, Zne-Jung. Lee, ”Applying fuzzy expert system to information security risk Assessment”, A case study on an attendance system, International Conference on Fuzzy Theory and Its Applications (iFUZZY), 2013,346 – 351. DOI: 10.1109/iFuzzy.2013.6825462
• [15] M.Kanatov, L.Atymtayeva, B.Yagaliyeva ”Expert systems for information security management and audit”,Implementation phase issues, Soft Computing and Intelligent Systems (SCIS), Joint 7th International Conference on and Advanced Intelligent Systems (ISIS), 2014, P. 896 900. DOI:10.1109/SCIS-ISIS.2014.7044702
• [16] Kuo-Chan.Lee, C.-H. Hsieh, L.-J. Wei, C.-H. Mao, J.-H. Dai, Y.-T. Kuang, ”Sec-Buzzer: cyber security emerging topic mining with open threat intelligence retrieval and timeline event annotation”, Soft Computing, 2016, P. 114. DOI:10.1007/s00500-016-2265-0
• [17] S. Pan, T.Morris, U.Adhikari ”Developing a Hybrid Intrusion Detection System Using Data Mining for Power Systems”,IEEE Transactions on Smart Grid, 2015, Vol. 6, Iss. 6, P. 3104 3113. DOI: 10.1109/TSG.2015.2409775
• [18] V. Lakhno, S. Kazmirchuk, Y. Kovalenko, L. Myrutenko,T. Zhmurko, ”Design of adaptive system of detection of cyber-attacks, based on the model of logical procedures and the coverage matrices of features”,Eastern-European Journal of Enterprise Technologies, 2016, No 3/9(81), P. 3038. DOI: 10.15587/1729-4061.2016.71769
• [19] P. Louvieris, N. Clewley, X.Liu ”Effects-based feature identification for network intrusion detection”,Neurocomputing, 2013, Vol. 121, Iss. 9, P. 265273. DOI:10.1016/j.neucom.2013.04.038
• [20] Z. Wang, X. Zhou, Z. Yu, Y. Zhang, D. Zhang,”Inferring User Search Intention Based on Situation Analysis of the Physical World”,Chapter Ubiquitous Intelligence and Computing, 2010, Vol. 6406, P. 3551. DOI: 10.1007/978-3-642-16355-56
• [21] V. Lakhno, S. Zaitsev, Y. Tkach, T. Petrenko, ”Adaptive Expert Systems Development for Cyber Attacks Recognition in Information Educational Systems on the Basis of Signs Clustering”,Part of the Advances in Intelligent Systems and Computing book series (AISC), 2018, Vol. 754, P. 673682.
• [22] B. Akhmetov, V. Lakhno, Y. Boiko, A. Mishchenko, ”Designing a decision support system for the weakly formalized problems in the provision of cybersecurity”, Eastern-European Journal of Enterprise Technologies, 1(2(85)), 4-15 (2017).
• [23] V. Lakhno, B. Akhmetov, A. Korchenko, Z. Alimseitova, V. Grebenuk, ”Development of a decision support system Based on expert evaluation for the situation center of transport cybersecurity”, Journal of theoretical and applied information technology, 2018, Vol.96. No 14, P. 45304540.
• [24] M. Al Hadidi, Y.K.Ibrahim, V. Lakhno, A. Korchenko, A. Tereshchuk, A. Pereverzev ”Intelligent systems for monitoring and recognition of cyber attacks on information and communication systems of transport”, International Review on Computers and Software, 2016, Vol. 11, No 12, P. 11671177.
• [25] G. Beketova, B. Akhmetov, A. Korchenko, A. Lakhno, ”Simulation modeling of cyber security systems in MATLAB and SIMULINK”,Bulletin of the national academy of sciences of the republic of Kazakhstan, 2017, Vol. 3, P. 5464.

Uwagi

The work is performed within grant financing of the AP05132723 project ”Development of Adaptive Expert Systems in the field of Cyber Security of Crucial Objects of Informatization” (Republic of Kazakhstan).