ПОДДЕРЖКА РЕШЕНИЙ В ЗАДАЧАХ КИБЕРБЕЗОПАСНОСТИ НА ОСНОВЕ МАТРИЦ ПРИЗНАКОВ КИБЕРУГРОЗ

   В связи с глобализацией масштабов применения информационных технологий и систем, главной проблемой обеспечения их бесперебойного функционирования является кибербезопасность электронных ресурсов и информационная безопасность от деструктивных и несанкционированных вторжений. Системы обнаружения или распознавания различных сетевых вторжений, а также определения качества атак и аномалий имеют свою нишу на рынке. В данной работе описаны метод и алгоритмы формирования признакового пространства для базы знаний интеллектуализированной системы поддержки решений в задачах кибербезопасности. Интеллектуализированная система поддержки решений может использоваться совместно с комплексными системами защиты информации. Описанные алгоритмы, позволяют динамически пополнять базу знаний при появлении новых угроз, что позволит сократить время их выявления и анализа, в то же время для случаев труднообъяснимых признаков, и уменьшить количество ложных срабатываний в системах обнаружения угроз, аномалий и атак на объекты информатизации.

1. Petit J., Shladover S.E. Potential Cyberattacks on Automated Vehicles, IEEE Transactions on Intelligent Transportation Systems. − 2015. − Vol. 16, Iss. 2. − P. 546-556.

2. Miao F., Zhu Q., Pajic M. G., Pappas J. Coding Schemes for Securing Cyber-Physical Systems Against Stealthy Data Injection Attacks, IEEE Transactions on Control of Network Systems. – 2016. − Vol. PP, Iss. 99. − P. 1.

3. Petrov B., Borowik M., Karpinskyy Immune and defensive corporate systems with intellectual identification of threats // Pszczyna: Śląska Oficyna Drukarska. – 2016. − P. 222

4. Sawik T. Selection of optimal countermeasure portfolio in it security planning, Decision Support Systems. – 2013. − Vol. 55, Iss. 1. − P. 156–164.

5. Fielder A., Panaousis E., Malacaria P., Hankin C., Smeraldi F. Decision support approaches for cyber security investment // Decision Support Systems. – 2016. − Vol. 86. − P. 13-23.

6. Atymtayeva L., Kozhakhmet K., Bortsova G. Building a Knowledge Base for Expert System in Information Security // Chapter Soft Computing in Artificial Intelligence of the series Advances in Intelligent Systems and Computing. – 2014. − Vol. 270. − P. 57-76.

7. Gamal M. M., Hasan B., Hegazy A. F. A Security Analysis Framework Powered by an Expert System // International Journal of Computer Science and Security (IJCSS), 2011, − Vol. 4, − No. 6, P. 505-527.

8. Dua S., Du X. Data Mining and Machine Learning in Cybersecurity // UK, CRC press. – 2016. − P. 225.

9. Buczak A. L., Guven, E. A Survey of Data Mining and Machine Learning Methods for Cyber Security Intrusion Detection // IEEE Communications Surveys & Tutorials. – 2016. − Vol. 18, − Iss. 2. – P. 1153-1176.

10. Al-Jarrah, O., Arafat, A. Network Intrusion Detection System using attack behavior classification // 5th International Conference on Information and Communication Systems (ICICS). − 2014.

11. Ben–Asher, Gonzalez, N. C. Effects of cyber security knowledge on attack detection // Computers in Human Behavior. – 2015. − Vol. 48. − P. 51-61.

12. Nishanov A. Kh, Kerimov K. F. Methods of Counteraction from Attacks Carried out Against Users in a Network the Internet // ICEIC-Electronics, news and communications, IX-the conference. − Tashkent, 2008. − P. 298-299.

13. Gamal M. M., Hasan B., Hegazy A. F. A Security Analysis Framework Powered by an Expert System // International Journal of Computer Science and Security (IJCSS). – 2011. − Vol. 4, No. 6. − P. 505-527.

14. Chang Li-Yun, Lee Zne-Jung Applying fuzzy expert system to information security risk Assessment – A case study on an attendance system // International Conference on Fuzzy Theory and Its Applications. – 2013. − Р. 346-351.

15. Kanatov M. Atymtayeva L., Yagaliyeva B. Expert systems for information security management and audit, Implementation phase issues, Soft Computing and Intelligent Systems (SCIS) // Joint 7th International Conference on and Advanced Intelligent Systems (ISIS). – 2014. − P. 896-900.

16. Lee Kuo-Chan, Hsieh C.-H., Wei L.-J., Mao C.-H., Dai J.-H., Kuang Y.-T Sec-Buzzer: cyber security emerging topic mining with open threat intelligence retrieval and timeline event annotation // Soft Computing. – 2016. − P. 1-14.

17. Pan S., Morris T., Adhikari U. Developing a Hybrid Intrusion Detection System Using Data Mining for Power Systems // IEEE Transactions on Smart Grid. – 2015. − Vol. 6, Iss. 6. − P. 3104-3113.

18. Lakhno V., Kazmirchuk S., Kovalenko Y., Myrutenko L., Zhmurko T. Design of adaptive system of detection of cyber-attacks, based on the model of logical procedures and the coverage matrices of features // Eastern-European Journal of Enterprise Technologies. – 2016. − No 3/9(81). − P. 30-38.

19. Louvieris P., Clewley N., Liu X. Effects-based feature identification for network intrusion detection // Neurocomputing. – 2013. − Vol. 121, Iss. 9. − P. 265-273.

20. Wang Z., Zhou X., Yu Z., He Y., Zhang D. Inferring User Search Intention Based on Situation Analysis of the Physical World // Chapter Ubiquitous Intelligence and Computing. – 2010. − Vol. 6406. − P. 35-51.

21. Lakhno V. Zaitsev S., Tkach Y., Petrenko T. Adaptive Expert Systems Development for Cyber Attacks Recognition in Information Educational Systems on the Basis of Signs‘ Clustering // Part of the Advances in Intelligent Systems and Computing book series (AISC). – 2018. − Vol. 754. − P. 673-682.

22. Akhmetov B., Lakhno V., Boiko Y., Mishchenko A. Designing a decision support system for the weakly formalized problems in the provision of cybersecurity // Eastern-European Journal of Enterprise Technologies. – 2017. − Vol. 1, Issue 2 (85). − P. 4-15.

23. Lakhno V., Akhmetov B., Korchenko A., Alimseitova Z., Grebenuk V. Development of a decision support system Based on expert evaluation for the situation center of transport cybersecurity // Journal of theoretical and applied information technology. – 2018. − Vol.96. No 14. − P. 4530-4540.

24. Al Hadidi M., Ibrahim Y. K., Lakhno V., Korchenko A., Tereshchuk A., Pereverzev A. // Intelligent systems for monitoring and recognition of cyber attacks on information and communication systems of transport. International Review on Computers and Software. – 2016. − Vol. 11, No 12. − P. 1167-1177.

25. Beketova G., Akhmetov B., Korchenko A., Lakhno A. Simulation modeling of cyber security systems in MATLAB and SIMULINK // Bulletin of the national academy of sciences of the republic of Kazakhstan. – 2017. − Vol. 3. − P. 54-64.