Model of detecting cybernetic attacks on information-telecommunication systems based on description of anomalies in their work by weighed fuzzy rules

Authors

  • Ihor Subach Institute of special communication and information protection of National technical university of Ukraine “Igor Sikorsky Kyiv polytechnic institute”, Kyiv,, Ukraine
  • Vitalii Fesokha Military institute of telecommunications and informatization, Kyiv,, Ukraine

DOI:

https://doi.org/10.20535/2411-1031.2017.5.2.136984

Keywords:

Anomaly detection, information and telecommunication systems and networks, weighting factors, weighted fuzzy linguistic rules, knowledge base, fuzzy logic conclusion, intrusion detection system.

Abstract

The article is devoted to the actual task of protecting information-telecommunication systems and networks from cyber attacks in the conditions of their constant development and polymorphizm of malicious software. The analysis is carried out and a conclusion is made about the expediency of using models of anomaly identification that simultaneously operate with qualitative and quantitative data and are based on the mathematical theory of fuzzy sets and fuzzy logical inference. Specifically, an improved model for the detection of anomalies in the work of information and telecommunication systems and networks is presented, which is a further development of the previously proposed anomaly detection model based on fuzzy sets and fuzzy logic inference. The essence of the improvement is the introduction of weight coefficients for fuzzy rules that describe the anomalies that may arise during the operation of information and telecommunication systems and networks as a result of unauthorized cybernetic interference in their work and, after introduction of which, the problem of fuzzy anomaly identification in the work of the information and telecommunication system reduces to finding a solution of an analytic expression connecting a set of parameters of the state of the system on the basis of Its anomalous behavior is determined by the expert decision corresponding to them, taking into account the introduced weight coefficients for the rules. This improvement ensures that the importance of rules is displayed in a fuzzy inference system, which is based on the expert's confidence in each decision taken to identify anomalies. The expediency of using the proposed model is confirmed by the results of her studies on the adequacy of her process of identifying anomalies in the work of information and telecommunication systems and networks, as well as the accuracy of the results that she demonstrates.

Author Biographies

Ihor Subach, Institute of special communication and information protection of National technical university of Ukraine “Igor Sikorsky Kyiv polytechnic institute”, Kyiv,

doctor of technical science,
associate professor, head
at the cybersecurity and
application of information
systems academic department

Vitalii Fesokha, Military institute of telecommunications and informatization, Kyiv,

postgraduate student

References

I. Subach, V. Fesokha, and N. Fesokha, “An analysis of existing decisions to prevent intrusion in information and telecommunication networks open on the basis of public licenses”, Information technology and security, vol. 5, no. 1, pp. 29-41, 2017.

I. Subach, and V. Fesokha, “Model of detection of anomalies in information and telecommunication networks of military management bodies on the basis of fuzzy sets and fuzzy logic output”, Collection of scientific works of VITI, no. 3, p. 158-164, 2017.

R. Shanmugavadivu, and N. Nagarajan, “Network intrusion detection system using fuzzy logic”, Indian Journal of Computer Science and Engineering (IJCSE), vol. 2, no. 1, pp. 101-111, 2011.

O. Rothstein, Intelligent Identification Technologies. Vinnytsya, Uraine: Universum-Vinnitsa, 1999.

I. Mityushkin, B. Mokin, and O. Rothstein. Soft Computing: identification of laws with fuzzy knowledge bases. Vinnytsya, Uraine: Universum-Vinnitsa, 2002.

О. Sova, D. Minochkin, P. Zhuk, and V. Oshurko, “Method for constructing rules for fuzzy knowledge bases of intelligent control systems for radio network nodes in the MANET class”, Modern information protection, no. 1, pp. 74-85, 2015.

“DoS attacks. Network filtration: Reflects DoS attacks that use the substitution of the sender's IP address (RFC-2827)”, [Online]. Available: http://www.warning.dp.ua/comp13.htm. Accessed on: Aug., 01, 2017.

Published

2017-12-31

How to Cite

Subach, I., & Fesokha, V. (2017). Model of detecting cybernetic attacks on information-telecommunication systems based on description of anomalies in their work by weighed fuzzy rules. Collection "Information Technology and Security", 5(2), 145–152. https://doi.org/10.20535/2411-1031.2017.5.2.136984

Issue

Section

ELECTRONIC COMMUNICATION SYSTEMS AND NETWORKS