Development detection cyberatacs methods in the critical infrastructure objects information systems overview and prospects
DOI:
https://doi.org/10.20535/2411-1031.2021.9.1.249821Keywords:
cybersecurity, cyberattack, intrusion detection systems, anomaly detection, artificial intelligence, grid networkAbstract
With the rapid development of information technology and its implementation in our lives, the problem of information protection is becoming increasingly important. During the hybrid war, the large-scale transition of private and public organizations to remote work during the COVID-19 pandemic, the era of digital transformation of the state, this problem urgently requires a constant search for effective solutions. Critical infrastructure, public and private sector information systems suffer significant damage from cyberattacks. The magnitude of these losses directly depends on the timely detection of unauthorized interference in their work. The purpose of this article is to establish the advantages and disadvantages of known methods for their further effective implementation within the construction of information security systems. To achieve this goal, the most common methods of detecting cyberattacks are analyzed, their advantages and disadvantages are identified. In particular, systems based on signature analysis are more stable and have fewer false positives. However, they are ineffective in detecting new cyberattacks. Expert methods based on fuzzy logic are characterized by the subjectivity of the results and time spent in implementation. Based on the analysis, the prospects for the development of methods for detecting cyberattacks using artificial intelligence technologies are identified, in particular, the use of grid networks to increase computing power when working with large amounts of data and implementation of in-depth information analysis algorithms is proposed. The results obtained can be used in the construction of integrated information security systems and/or information security management systems. In addition, they can contribute to the indexing (rating) of objects for assessing the level of cybersecurity, the development of cyber insurance as an alternative approach to information protection and increase Ukraine's potential in the field of cybersecurity and cyber defence. Building active cyber defence systems using artificial intelligence technologies will provide a safer environment for the further development of new technologies and the sustainable existence of society in it. In addition, it can have a positive economic effect by minimizing anticipated losses and centralized implementation of technical means of protection using dynamic allocation of resources.
References
Digital Transformation of Communities: How It Happens in Ukraine, Decentralization, 2021. [Online]. Available: https://decentralization.gov.ua/news/13294. Accessed on: Mah 02, 2021.
Analysis of the regulatory impact of the draft resolution of the Cabinet of Ministers of Ukraine “On Amendments to the Rules for Ensuring Information Protection in Information, Telecommunication and Information-Telecommunication Systems”. [Online]. Available: http://195.78.68.84/dsszzi/control/uk/publish/article?showHidden=1&art_id=288142. Accessed on: Jan 11, 2021.
Verkhovna Rada of Ukraine. VI convocation, 11th session. (1994, Jul. 05). Zakon № 31, On Information Protection in Information and Telecommunication Systems. [Online]. Available: https://zakon.rada.gov.ua/laws/show/80/94-%D0%B2%D1%80#Text. Accessed on: Jan 11, 2021.
A. I. Stasiuk, and A. A. Korchenko, “The method of abnormality detection caused by cyber attacks in computer networks”, Ukrainian Information Security Research Journal, vol. 14, no. 4 (57), pp. 127-132, 2012, doi: https://doi.org/10.18372/2410-7840.14.3503.
A. H. Korchenko, Construction of information protection systems on fuzzy sets. Moscow, Russia: MK-Press, 2006.
V. V. Volianska, О. О. Korchenko, and E. V. Patsira, “Anomaly detection system based on fuzzy models”, Collection of scientific works of the Pukhov Institute for Modeling in Energy Engineering of the National Academy of Sciences of Ukraine, vol. 2, Kyiv, pp. 56-60, 2007.
O. H. Korchenko, Information protection systems. Kyiv, Ukraine: NAU, 2004.
I. Yu. Subach, and V. V. Fesokha, “Analysis of existing intrusion prevention solutions in information and telecommunication networks, opened on the basis of public licenses”, Information Technology and Security, vol. 5, iss. 2 (9), pp. 145-152, July – December 2017, doi: https://doi.org/10.20535/2411-1031.2017.5.2.136984.
I. Yu. Subach, Yu. M. Zdorenko, and V. V. Fesokha, “Method of detecting cyberattacks of the type js (html)/scrinject based on the application of the mathematical apparatus of fuzzy set theory”, Collection of scientific works of VITI, no. 4, pp. 125-131, 2018.
I. Yu. Subach, and V. V. Fesokha, “Model of detection of anomalies in information and telecommunication networks of military administration bodies on the basis of fuzzy sets and fuzzy inference”, Collection of scientific works of VITI, no. 3, pp. 158-164, 2017.
S. V. Kazmirchuk, A. O. Korchenko, and T. I. Paraschuk, “Analysis of intrusion detection systems”, Ukrainian Information Security Research Journal, vol. 20, no. 4, pp. 259-276, 2018. doi: https://doi.org/10.18372/2410-7840.20.13425.
N. S. Kozak, P. V. Tsymbal, and Ya. L. Varshavets, “Some aspects of detecting and preventing cybersecurity incidents”, in Proc. Scientific and Practical Conference Cybersecurity in Ukraine: legal and organizational issues, Odessa, 2017, p. 98-99.
O. Yu. Cherednychenko, Yu. О. Protsyuk, O. V. Shemendyuk, and I. R. Maltseva, “Ways to improve protection schemes against cyberattacks in information and telecommunication systems”, Collection of scientific works of VITI, no. 3, pp. 103-109, 2019.
V. Yu. Zubok, O. I. Zakharchenko, and Yu. O. Bielanov, “Recognition of anomalous states in information and telecommunication systems with a vague description of events”, in Proc. XVII International Scientific and Practical Conference on Information Technologies and Security, Kyiv, 2017, pp. 41-45.
O. Korchenko, V. Hnatiuk, E. Ivanchenko, S. Hnatiuk, and N. Seilova, “Method of network-centric monitoring of cyber incidents in modern information and telecommunication systems”, Ukrainian Information Security Research Journal, vol. 18, no. 3, pp. 229-247, 2016, doi: https://doi.org/10.18372/2410-7840.18.10852.
L. Leenen, and T. Meyer, “Artificial Intelligence and Big Data Analytics in Support of Cyber Defense”, in Proc. Research Anthology on Artificial Intelligence Applications in Security, 2021, doi: https://doi.org/10.4018/978-1-7998-7705-9.ch076.
A. A. Babkin, and O. V. Kudin, “Review of Neural Network Models of Intrusion Detection Systems”, Informatics, Computing and Automation, vol. 31 (70), no. 3, pp. 77-82, 2020, doi: https://doi.org/10.32838/TNU-2663-5941/2020.3-1/12.
J. DamianSegrelles Quilis, G. Moltó, I. Blanquer, “A cloud framework for problem-based learning on grid computing”, Journal of Parallel and Distributed Computing , vol. 155, pp. 24-37, 2021, doi: https://doi.org/10.1016/j.jpdc.2021.04.012.
Сybersecurity ecosystem, 2014. [Online]. Available: https://www.sentar.com/cybersecurity-ecosystem/. Accessed on: Jan 11, 2021.
A. V. Strizhkova, “Historical development of Grid-technologies on the Internet”, Information and law, no. 1 (16), pp.151-159, 2016.
D. V. Dubov, Cyberspace as a New Dimension of Geopolitical Rivalry, Kyiv, Ukraine: National Institute for Strategic Studies, 2014.
O. H. Trofymenko, Yu. V. Prokop, N. I. Loginova, and O. V. Zadereiko, “Monitoring the level of cybersecurity of Ukraine in world ratings”. [Online]. Available: http://www.academy.ssu.gov.ua/ua/page/page_1581429315.htm. Accessed on: Jan 11, 2021.
M. Komarov, A. Davydiuk, А. Onyskova, V. Tkachenko, and S. Honchar, “Requirements for a taxonomy of cyber threats of critical infrastructure facilities and an analysis of existing approaches”, Studies in Systems, Decision and Control, pp. 189-205, 2021, doi: https://doi.org/10.1007/978-3-030-69189-9_11.
L. S. Seliverstova, and D. A. Trukhan, “Approaches to the development of cyber insurance as a segment of the global insurance market”, Economics and state, no. 1, pp. 23-26, 2020, doi: https://doi.org/10.32702/2306-6806.2020.1.23.
Cabinet of Ministers of Ukraine (2020, Dec. 02). Order № 1556-r, On approval of the Concept of development of artificial intelligence in Ukraine. [Online]. Available: https://www.kmu.gov.ua/npas/pro-shvalennya-koncepciyi-rozvitku-shtuchnogo-intelektu-v-ukrayini-s21220. Accessed on: Jan 11, 2021.
AI-powered Cyber Attacks. [Online]. https://www.f5.com/labs/articles/cisotociso/ai-powered-cyber-attacks. Accessed on: Jan 11, 2021.
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2021 Information Technology and Security
This work is licensed under a Creative Commons Attribution 4.0 International License.
The authors that are published in this collection, agree to the following terms:
- The authors reserve the right to authorship of their work and pass the collection right of first publication this work is licensed under the Creative Commons Attribution License, which allows others to freely distribute the published work with the obligatory reference to the authors of the original work and the first publication of the work in this collection.
- The authors have the right to conclude an agreement on exclusive distribution of the work in the form in which it was published this anthology (for example, to place the work in a digital repository institution or to publish in the structure of the monograph), provided that references to the first publication of the work in this collection.
- Policy of the journal allows and encourages the placement of authors on the Internet (for example, in storage facilities or on personal web sites) the manuscript of the work, prior to the submission of the manuscript to the editor, and during its editorial processing, as it contributes to productive scientific discussion and positive effect on the efficiency and dynamics of citations of published work (see The Effect of Open Access).