<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE article PUBLIC "-//NLM//DTD JATS (Z39.96) Journal Publishing DTD v1.3 20210610//EN" "JATS-journalpublishing1-3.dtd">
<article article-type="research-article" dtd-version="1.3" xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xml:lang="ru"><front><journal-meta><journal-id journal-id-type="publisher-id">kaz44</journal-id><journal-title-group><journal-title xml:lang="ru">Вестник Университета Шакарима. Серия технические науки</journal-title><trans-title-group xml:lang="en"><trans-title>Bulletin of Shakarim University. Technical Sciences</trans-title></trans-title-group></journal-title-group><issn pub-type="ppub">2788-7995</issn><issn pub-type="epub">3006-0524</issn><publisher><publisher-name>«Шәкәрім университеті» КеАҚ</publisher-name></publisher></journal-meta><article-meta><article-id pub-id-type="doi">10.53360/2788-7995-2025-2(18)-2</article-id><article-id custom-type="elpub" pub-id-type="custom">kaz44-1689</article-id><article-categories><subj-group subj-group-type="heading"><subject>Research Article</subject></subj-group><subj-group subj-group-type="section-heading" xml:lang="ru"><subject>АВТОМАТИЗАЦИЯ И ИНФОРМАЦИОННЫЕ ТЕХНОЛОГИИ (ОРИГИНАЛЬНАЯ СТАТЬЯ)</subject></subj-group><subj-group subj-group-type="section-heading" xml:lang="en"><subject>AUTOMATION AND INFORMATION TECHNOLOGY (ORIGINAL ARTICLE)</subject></subj-group></article-categories><title-group><article-title>ПРИМЕНЕНИЕ МАШИННОГО ОБУЧЕНИЯ ДЛЯ АНАЛИЗА КИБЕРАТАК: ИССЛЕДОВАНИЕ НА ОСНОВЕ ДАТАСЕТА RT-IOT 2022</article-title><trans-title-group xml:lang="en"><trans-title>THE USE OF MACHINE LEARNING TO ANALYZE CYBER ATTACKS: A STUDY BASED ON THE RT-IGOR 2022 DATASET</trans-title></trans-title-group></title-group><contrib-group><contrib contrib-type="author" corresp="yes"><contrib-id contrib-id-type="orcid">https://orcid.org/0000-0003-1768-064X</contrib-id><name-alternatives><name name-style="eastern" xml:lang="ru"><surname>Адилжанова</surname><given-names>С.</given-names></name><name name-style="western" xml:lang="en"><surname>Adilzhanova</surname><given-names>S.</given-names></name></name-alternatives><bio xml:lang="ru"><p>Салтанат Альмуханбетовна Адилжанова – доктор технических наук, преподаватель кафедры криптологии и кибербезопасности факультета информационных технологий,</p><p>050040 г. Алматы, пр. аль-Фараби, 71</p></bio><bio xml:lang="en"><p>Saltanat Adilzhanova – doctor of technical sciences, lecturer at the department of Cryptology and Cybersecurity of the Faculty of Information Technology,</p><p>050040 Almaty, al-Farabi Ave., 71</p></bio><email xlink:type="simple">asaltanat81@gmail.com</email><xref ref-type="aff" rid="aff-1"/></contrib><contrib contrib-type="author" corresp="yes"><contrib-id contrib-id-type="orcid">https://orcid.org/0000-0002-5648-4476</contrib-id><name-alternatives><name name-style="eastern" xml:lang="ru"><surname>Кунелбаев</surname><given-names>М.</given-names></name><name name-style="western" xml:lang="en"><surname>Kunelbayev</surname><given-names>M.</given-names></name></name-alternatives><bio xml:lang="ru"><p>Мурат Кунелбаев – старший научный сотрудник Института информационных и вычислительных технологий Министерства науки и высшего образования Республики Казахстан,</p><p>050040 г. Алматы, пр. аль-Фараби, 71</p></bio><bio xml:lang="en"><p>Murat Kunelbayev – senior research fellow at the Institute of Information and Computational Technologies of the Ministry of Science and Higher Education of the Republic of Kazakhstan,</p><p>050040 Almaty, al-Farabi Ave., 71</p></bio><email xlink:type="simple">murat7508@yandex.kz</email><xref ref-type="aff" rid="aff-1"/></contrib><contrib contrib-type="author" corresp="yes"><contrib-id contrib-id-type="orcid">https://orcid.org/0009-0003-4684-5586</contrib-id><name-alternatives><name name-style="eastern" xml:lang="ru"><surname>Сыбанова</surname><given-names>Д.</given-names></name><name name-style="western" xml:lang="en"><surname>Sybanova</surname><given-names>D.</given-names></name></name-alternatives><bio xml:lang="ru"><p>Дана Даулетовна Сыбанова – аналитик в сфере информационной безопасности, магистрантка кафедры криптологии и кибербезопасности факультета информационных технологий,</p><p>050040 г. Алматы, пр. аль-Фараби, 71</p></bio><bio xml:lang="en"><p>Dana Sybanova – cybersecurity analyst, master's student at the department of Cryptology and Cybersecurity of the Faculty of Information Technology,</p><p>050040 Almaty, al-Farabi Ave., 71</p></bio><email xlink:type="simple">dsybanovaa@gmail.com</email><xref ref-type="aff" rid="aff-1"/></contrib></contrib-group><aff-alternatives id="aff-1"><aff xml:lang="ru">Казахский национальный университет имени аль-Фараби<country>Казахстан</country></aff><aff xml:lang="en">Al-Farabi Kazakh National University<country>Kazakhstan</country></aff></aff-alternatives><pub-date pub-type="collection"><year>2025</year></pub-date><pub-date pub-type="epub"><day>08</day><month>07</month><year>2025</year></pub-date><volume>0</volume><issue>2(18)</issue><fpage>13</fpage><lpage>23</lpage><permissions><copyright-statement>Copyright &amp;#x00A9; Адилжанова С., Кунелбаев М., Сыбанова Д., 2025</copyright-statement><copyright-year>2025</copyright-year><copyright-holder xml:lang="ru">Адилжанова С., Кунелбаев М., Сыбанова Д.</copyright-holder><copyright-holder xml:lang="en">Adilzhanova S., Kunelbayev M., Sybanova D.</copyright-holder><license xml:lang="ru" license-type="creative-commons-attribution" xlink:href="https://creativecommons.org/licenses/by/4.0/" xlink:type="simple"><license-p>Данная работа распространяется под лицензией Creative Commons Attribution 4.0.</license-p></license><license xml:lang="en" license-type="creative-commons-attribution" xlink:href="https://creativecommons.org/licenses/by/4.0/" xlink:type="simple"><license-p>This work is licensed under a Creative Commons Attribution 4.0 License.</license-p></license></permissions><self-uri xlink:href="https://tech.vestnik.shakarim.kz/jour/article/view/1689">https://tech.vestnik.shakarim.kz/jour/article/view/1689</self-uri><abstract><p>Статья посвящена исследованию применения машинного обучения для анализа кибератак. В исследовании рассматриваются алгоритмы Random Forest, SVM и Logistic Regression, которые успешно справляются с задачами выявления аномалий и минимизации ложных срабатываний. Адаптация моделей к работе с несбалансированными данными, таких как использование LabelEncoder для категориальных признаков и StandardScaler для стандартизации данных, позволила значительно улучшить их производительность. На основе анализа данных из набора «Real-Time Internet of Things (RT-IoT 2022)» представлены результаты точности и устойчивости моделей. Основное внимание уделяется защите от киберугроз, включая утечки информации, DDoS-атаки и другие виды угроз. Анализ различных алгоритмов машинного обучения для исследования кибератак показал значимые результаты. Random Forest продемонстрировала наивысшую точность – 99,86%, обеспечивая высокую стабильность и эффективность в классификации различных видов угроз. SVM показала точность 99,29%, справляясь с большинством сложных классов. Logistic Regression продемонстрировала удовлетворительные результаты с точностью 97,71%, хотя в некоторых редких случаях точность была ниже. Таким образом, Random Forest и SVM продемонстрировали наилучшую эффективность для задач безопасности и анализа кибератак в цифровых системах, обеспечивая высокую точность и надежность. В дальнейшем планируется внедрение более сложных методов, таких как глубокое обучение, для более точного определения и анализа угроз.</p></abstract><trans-abstract xml:lang="en"><p>The article is devoted to the study of the use of machine learning for the analysis of cyber attacks. The study examines Random Forest, SVM and Logistic Regression algorithms, which successfully cope with the tasks of detecting anomalies and minimizing false positives. Adapting models to work with unbalanced data, such as using LabelEncoder for categorical features and StandardScaler for data standardization, has significantly improved their performance. Based on the analysis of data from the «Real-Time Internet of Things (RT-IoT 2022)» set, the results of the accuracy and stability of the models are presented. The main focus is on protecting against cyber threats, including information leaks, DDoS attacks, and other types of threats. An analysis of various machine learning algorithms for cyberattack research has shown significant results. Random Forest has demonstrated the highest accuracy – 99,86%, providing high stability and efficiency in classifying various types of threats. SVM showed an accuracy of 99,29%, coping with most complex classes. Logistic Regression showed satisfactory results with an accuracy of 97,71%, although in some rare cases the accuracy was lower. Thus, Random Forest and SVM have demonstrated the best performance for security and cyberattack analysis tasks in digital systems, providing high accuracy and reliability. In the future, it is planned to introduce more sophisticated methods, such as deep learning, to more accurately identify and analyze threats.</p></trans-abstract><kwd-group xml:lang="ru"><kwd>кибератака</kwd><kwd>алгоритмы машинного обучения</kwd><kwd>Random Forest</kwd><kwd>SVM</kwd><kwd>Logistic Regression</kwd><kwd>RT-IoT 2022</kwd><kwd>обнаружение атак</kwd></kwd-group><kwd-group xml:lang="en"><kwd>Cyberattack</kwd><kwd>machine learning algorithms</kwd><kwd>Random Forest</kwd><kwd>SVM</kwd><kwd>Logistic Regression</kwd><kwd>RT-IoT 2022</kwd><kwd>аttack detection</kwd></kwd-group></article-meta></front><back><ref-list><title>References</title><ref id="cit1"><label>1</label><citation-alternatives><mixed-citation xml:lang="ru">Rule-Based With Machine Learning IDS for DDoS Attack Detection in Cyber-Physical Production Systems (CPPS) / A. Hussain et al // IEEE Access. – 2024. – vol. 12. – Р. 3445261. https://doi.org/10.1109/ACCESS.2024.3445261.</mixed-citation><mixed-citation xml:lang="en">Rule-Based With Machine Learning IDS for DDoS Attack Detection in Cyber-Physical Production Systems (CPPS) / A. Hussain et al // IEEE Access. – 2024. – vol. 12. – Р. 3445261. https://doi.org/10.1109/ACCESS.2024.3445261.</mixed-citation></citation-alternatives></ref><ref id="cit2"><label>2</label><citation-alternatives><mixed-citation xml:lang="ru">An Efficient Hybrid-DNN for DDoS Detection and Classification in Software-Defined IIoT Networks / A. Zainudin et al // IEEE Internet of Things Journal. – 2023. – vol. 10, № 10.</mixed-citation><mixed-citation xml:lang="en">An Efficient Hybrid-DNN for DDoS Detection and Classification in Software-Defined IIoT Networks / A. Zainudin et al // IEEE Internet of Things Journal. – 2023. – vol. 10, № 10.</mixed-citation></citation-alternatives></ref><ref id="cit3"><label>3</label><citation-alternatives><mixed-citation xml:lang="ru">A Hybrid Machine-Learning Ensemble for Anomaly Detection in Real-Time Industry 4.0 Systems / D. Velásquez et al // IEEE Access. – 2022. – vol. 10. – Р. 3188102. https://doi.org/10.1109/ACCESS.2022.3188102.</mixed-citation><mixed-citation xml:lang="en">A Hybrid Machine-Learning Ensemble for Anomaly Detection in Real-Time Industry 4.0 Systems / D. Velásquez et al // IEEE Access. – 2022. – vol. 10. – Р. 3188102. https://doi.org/10.1109/ACCESS.2022.3188102.</mixed-citation></citation-alternatives></ref><ref id="cit4"><label>4</label><citation-alternatives><mixed-citation xml:lang="ru">Toward a Human-Cyber-Physical System for Real-Time Anomaly Detection / B. Bajic et al // IEEE Systems Journal. – 2024. – vol. 18, № 2.</mixed-citation><mixed-citation xml:lang="en">Toward a Human-Cyber-Physical System for Real-Time Anomaly Detection / B. Bajic et al // IEEE Systems Journal. – 2024. – vol. 18, № 2.</mixed-citation></citation-alternatives></ref><ref id="cit5"><label>5</label><citation-alternatives><mixed-citation xml:lang="ru">Mienye I.D. Deep Learning for Credit Card Fraud Detection: A Review of Algorithms, Challenges, and Solutions / I.D. Mienye, N. Jere // IEEE Access. – 2024. – vol. 12. – Р. 3426955. https://doi.org/10.1109/ACCESS.2024.3426955.</mixed-citation><mixed-citation xml:lang="en">Mienye I.D. Deep Learning for Credit Card Fraud Detection: A Review of Algorithms, Challenges, and Solutions / I.D. Mienye, N. Jere // IEEE Access. – 2024. – vol. 12. – Р. 3426955. https://doi.org/10.1109/ACCESS.2024.3426955.</mixed-citation></citation-alternatives></ref><ref id="cit6"><label>6</label><citation-alternatives><mixed-citation xml:lang="ru">Machine and Deep Learning for Digital Twin Networks: A Survey / B. Qin et al // IEEE Internet of Things Journal. – 2024. – vol. 11, № 21.</mixed-citation><mixed-citation xml:lang="en">Machine and Deep Learning for Digital Twin Networks: A Survey / B. Qin et al // IEEE Internet of Things Journal. – 2024. – vol. 11, № 21.</mixed-citation></citation-alternatives></ref><ref id="cit7"><label>7</label><citation-alternatives><mixed-citation xml:lang="ru">Cybersecurity Threats and Mitigation Measures in Agriculture 4.0 and 5.0 / C. Maraveas et al // Smart Agricultural Technology. – 2024. – vol. 9. https://doi.org/10.1016/j.atech.2024.100616.</mixed-citation><mixed-citation xml:lang="en">Cybersecurity Threats and Mitigation Measures in Agriculture 4.0 and 5.0 / C. Maraveas et al // Smart Agricultural Technology. – 2024. – vol. 9. https://doi.org/10.1016/j.atech.2024.100616.</mixed-citation></citation-alternatives></ref><ref id="cit8"><label>8</label><citation-alternatives><mixed-citation xml:lang="ru">Credit Card Fraud Detection Using State-of-the-Art Machine Learning and Deep Learning Algorithms / F.K. Alarfaj et al // IEEE Access. – 2022. – vol. 10. – Р. 3166891. https://doi.org/10.1109/ACCESS.2022.3166891.</mixed-citation><mixed-citation xml:lang="en">Credit Card Fraud Detection Using State-of-the-Art Machine Learning and Deep Learning Algorithms / F.K. Alarfaj et al // IEEE Access. – 2022. – vol. 10. – Р. 3166891. https://doi.org/10.1109/ACCESS.2022.3166891.</mixed-citation></citation-alternatives></ref><ref id="cit9"><label>9</label><citation-alternatives><mixed-citation xml:lang="ru">A Fraud Detection System in Financial Networks Using AntiBenford Subgraphs and Machine Learning Algorithms / R.K. Somkunwar et al // in 2023 International Conference on Ambient Intelligence, Knowledge Informatics and Industrial Electronics (AIKIIE). – 2023. https://doi.org/10.1109/AIKIIE60097.2023.1039032.</mixed-citation><mixed-citation xml:lang="en">A Fraud Detection System in Financial Networks Using AntiBenford Subgraphs and Machine Learning Algorithms / R.K. Somkunwar et al // in 2023 International Conference on Ambient Intelligence, Knowledge Informatics and Industrial Electronics (AIKIIE). – 2023. https://doi.org/10.1109/AIKIIE60097.2023.1039032.</mixed-citation></citation-alternatives></ref><ref id="cit10"><label>10</label><citation-alternatives><mixed-citation xml:lang="ru">Monamo P. Unsupervised Learning for Robust Bitcoin Fraud Detection / P. Monamo, V. Marivate, B. Twala // in 2016 IEEE Conference. – 2016. https://doi.org/10.1109/XXXX.2016.XXXXXXX.</mixed-citation><mixed-citation xml:lang="en">Monamo P. Unsupervised Learning for Robust Bitcoin Fraud Detection / P. Monamo, V. Marivate, B. Twala // in 2016 IEEE Conference. – 2016. https://doi.org/10.1109/XXXX.2016.XXXXXXX.</mixed-citation></citation-alternatives></ref><ref id="cit11"><label>11</label><citation-alternatives><mixed-citation xml:lang="ru">Chatterjee J. Digital Trust in Industry 4.0 &amp; 5.0: Impact of Frauds / J. Chatterjee, M. Damle, A. Aslekar // in Proceedings of the 7th International Conference on Intelligent Computing and Control Systems (ICICCS-2023). – 2023. https://doi.org/10.1109/ICICCS56967.2023.10142925.</mixed-citation><mixed-citation xml:lang="en">Chatterjee J. Digital Trust in Industry 4.0 &amp; 5.0: Impact of Frauds / J. Chatterjee, M. Damle, A. Aslekar // in Proceedings of the 7th International Conference on Intelligent Computing and Control Systems (ICICCS-2023). – 2023. https://doi.org/10.1109/ICICCS56967.2023.10142925.</mixed-citation></citation-alternatives></ref><ref id="cit12"><label>12</label><citation-alternatives><mixed-citation xml:lang="ru">DIAVA: A Traffic-Based Framework for Detection of SQL Injection Attacks and Vulnerability Analysis of Leaked Data / H. Gu et al // IEEE Transactions on Reliability. – 2020. – vol. 69, № 1.</mixed-citation><mixed-citation xml:lang="en">DIAVA: A Traffic-Based Framework for Detection of SQL Injection Attacks and Vulnerability Analysis of Leaked Data / H. Gu et al // IEEE Transactions on Reliability. – 2020. – vol. 69, № 1.</mixed-citation></citation-alternatives></ref><ref id="cit13"><label>13</label><citation-alternatives><mixed-citation xml:lang="ru">Mienye I.D. A Deep Learning Ensemble With Data Resampling for Credit Card Fraud Detection / I.D. Mienye, Y. Sun, // IEEE Access. – 2023. – vol. 11. – Р. 3262020. https://doi.org/10.1109/ACCESS.2023.3262020.</mixed-citation><mixed-citation xml:lang="en">Mienye I.D. A Deep Learning Ensemble With Data Resampling for Credit Card Fraud Detection / I.D. Mienye, Y. Sun, // IEEE Access. – 2023. – vol. 11. – Р. 3262020. https://doi.org/10.1109/ACCESS.2023.3262020.</mixed-citation></citation-alternatives></ref><ref id="cit14"><label>14</label><citation-alternatives><mixed-citation xml:lang="ru">Cyber Threat Predictive Analytics for Improving Cyber Supply Chain Security / Yeboah-Ofori A.Y.O.F.et al // IEEE Access. – 2021. – vol. 9. – Р. 3087109. https://doi.org/10.1109/ACCESS.2021.3087109.</mixed-citation><mixed-citation xml:lang="en">Cyber Threat Predictive Analytics for Improving Cyber Supply Chain Security / Yeboah-Ofori A.Y.O.F.et al // IEEE Access. – 2021. – vol. 9. – Р. 3087109. https://doi.org/10.1109/ACCESS.2021.3087109.</mixed-citation></citation-alternatives></ref><ref id="cit15"><label>15</label><citation-alternatives><mixed-citation xml:lang="ru">Enhancing DDoS Attack Detection and Mitigation in SDN Using an Ensemble Online Machine Learning Model / A.A. Alashhab et al // IEEE Access. – 2024. – vol. 12. Р. 3384398. https://doi.org/10.1109/ACCESS.2024.3384398.</mixed-citation><mixed-citation xml:lang="en">Enhancing DDoS Attack Detection and Mitigation in SDN Using an Ensemble Online Machine Learning Model / A.A. Alashhab et al // IEEE Access. – 2024. – vol. 12. Р. 3384398. https://doi.org/10.1109/ACCESS.2024.3384398.</mixed-citation></citation-alternatives></ref></ref-list><fn-group><fn fn-type="conflict"><p>The authors declare that there are no conflicts of interest present.</p></fn></fn-group></back></article>
