Журнал «Современная Наука»

Russian (CIS)English (United Kingdom)
MOSCOW +7(495)-142-86-81

ATTRIBUTIVE METHODS FOR DETECTING COMPLEX ATTACKS FROM INTRUSION DETECTION SYSTEM DATA

Pavlov Artem Valeryevich  (Postgraduate student, ITMO University)

This article proposes two methods for detecting complex attacks based on data obtained from intrusion detection systems. The first method is based on a combination of rules and allows to identify complex attacks and combine events into meta-events to reduce the sample size. The second method allows to identify complex attacks from meta-events using the DBSCAN clustering method based on the weighted Gower distance. Method metrics are evaluated for the CPTC-2018 dataset. The resulting assessment indicates the practical applicability of the proposed methods in the task of detecting complex attacks and countering advanced threats.

Keywords:information security, cybersecurity, complex attacks, attacker groups, intrusion detection

 

Read the full article …



Citation link:
Pavlov A. V. ATTRIBUTIVE METHODS FOR DETECTING COMPLEX ATTACKS FROM INTRUSION DETECTION SYSTEM DATA // Современная наука: актуальные проблемы теории и практики. Серия: Естественные и Технические Науки. -2023. -№08/2. -С. 108-110 DOI 10.37882/2223-2966.2023.8-2.25
LEGAL INFORMATION:
Reproduction of materials is permitted only for non-commercial purposes with reference to the original publication. Protected by the laws of the Russian Federation. Any violations of the law are prosecuted.
© ООО "Научные технологии"