Problem formulation and synthesis of statistical algorithms for recognising Web resources and their vulnerabilities by signatures of statistical and fuzzy linguistic features in cyberintelligence complexes

Authors

  • Oleksandr Iliashov Military Intelligence Research Institute, Kyiv, Ukraine https://orcid.org/0000-0002-8099-5057
  • Serhii Sholokhov Institute of special communications and information protection of National technical university of Ukraine “Igor Sikorsky Kyiv Polytechnic Institute”, Kyiv, Ukraine https://orcid.org/0000-0003-2222-8842
  • Oleksii Khakhliuk Institute of special communications and information protection of National technical university of Ukraine “Igor Sikorsky Kyiv Polytechnic Institute”, Kyiv, Ukraine https://orcid.org/0000-0003-1749-0109
  • Pavlo Ryzhuk Institute of special communications and information protection of National technical university of Ukraine “Igor Sikorsky Kyiv Polytechnic Institute”, Kyiv, Ukraine https://orcid.org/0009-0008-7465-3502

DOI:

https://doi.org/10.20535/2411-1031.2024.12.2.315739

Keywords:

statistical recognition, vulnerabilities of web resources, minimax rule, automated recognition, Bayesian criterion, cyber intelligence, automated complexes

Abstract

This study addresses the challenge of automating vulnerability recognition in web resources using statistical and fuzzy linguistic features. It presents a formalized approach for the fuzzy recognition of web resource vulnerabilities based on complex reference descriptions defined by signature intervals of statistical and fuzzy feature values. The research introduces algorithms for both single- and multi-alternative recognition of web resources, utilizing decision-making methods such as the minimax rule, Bayesian risk, maximum a posteriori probability, and maximum likelihood. The primary objective is to enhance the accuracy of vulnerability detection in web resources, especially under conditions of limited training data and fuzzy feature descriptions. The proposed algorithms aim to minimize decision errors and effectively classify vulnerabilities despite uncertain prior probabilities. This is particularly relevant in cybersecurity, where accurate threat detection and classification are critical. The research also highlights the practical value of these algorithms in improving the efficiency of cyber intelligence systems (CIs) for detecting security breaches and classifying web resource vulnerabilities. The proposed algorithms are designed to adapt to the complex and uncertain nature of web resource security, enabling better analysis of attack scenarios and the development of targeted protection strategies. In addition, the study identifies several challenges, including the complexity of formalizing reference descriptions for fuzzy features and the difficulties in applying traditional statistical recognition methods to web resources with fuzzy linguistic variables. The paper suggests future research directions, including developing new methodologies for processing large volumes of data and integrating these algorithms into modern cybersecurity systems. Overall, this research contributes to the field of cyber intelligence by offering novel solutions for automating the detection of web resource vulnerabilities, thus enhancing the security of online systems.

Author Biographies

Oleksandr Iliashov, Military Intelligence Research Institute, Kyiv

doctor of military sciences, full professor, chief researcher

Serhii Sholokhov, Institute of special communications and information protection of National technical university of Ukraine “Igor Sikorsky Kyiv Polytechnic Institute”, Kyiv

candidate of technical sciences, associate professor, associate professor of the еlectronic communications academic department

Oleksii Khakhliuk, Institute of special communications and information protection of National technical university of Ukraine “Igor Sikorsky Kyiv Polytechnic Institute”, Kyiv

candidate of technical sciences, associate professor of the cybersecurity and information security academic department

Pavlo Ryzhuk, Institute of special communications and information protection of National technical university of Ukraine “Igor Sikorsky Kyiv Polytechnic Institute”, Kyiv

cadet

References

S. Tarannum, S.M.M. Hossain, and T. Sayeed, “Cyber Security Issues: Web Attack Investigation” in Hybrid Intelligent Systems, vol. 647, Lecture Notes in Networks and Systems, A. Abraham, T.-P. Hong, K. Kotecha, K. Ma, P.M. Mishra, and N. Gandhi, Eds. Cham: Springer, 2023, pp. 1254–1269. doi: https://doi.org/10.1007/978-3-031-27409-1_115.

S. Calzavara, M. Conti, R. Focardi, A. Rabitti, and G. Tolomei, “Machine learning for web vulnerability detection: The case of cross-site request forgery”, IEEE Security & Privacy, vol. 18, no. 3, pp. 8-16, May – June 2020, doi: https://doi.org/10.1109/MSEC.2019.2961649.

F.G. Veshki, and S.A. Vorobyov, “An efficient approximate method for online convolutional dictionary learning”, arXiv preprint, Jan. 2023, doi: https://doi.org/10.48550/arXiv.2301.10583.

G.V. Pevtsov, “Synthesis of algorithms for recognizing radio emissions based on the Bayesian rule for testing complex hypotheses”, Radioelectronics and Communications Systems, vol. 41, no. 4, pp. 49-57, 1998.

G.V. Pevtsov, “Synthesis of algorithms for pattern recognition given complex reference descriptions in the azimuth metric for radio emission sources”, Radioelectronics and Communications Systems, vol. 43, no. 4, pp. 38-45, 2000.

G.V. Pevtsov, and V.A. Lupandin, “Synthesis of multi-alternative pattern recognition algorithms based on testing complex statistical hypotheses using the maximum a posteriori probability criterion”, Radioelectronics and Communications Systems, vol. 44, no. 11, pp. 77-80, 2001.

Downloads

Published

2024-12-26

How to Cite

Iliashov, O., Sholokhov, S., Khakhliuk, O., & Ryzhuk, P. (2024). Problem formulation and synthesis of statistical algorithms for recognising Web resources and their vulnerabilities by signatures of statistical and fuzzy linguistic features in cyberintelligence complexes. Collection "Information Technology and Security", 12(2), 199–209. https://doi.org/10.20535/2411-1031.2024.12.2.315739

Issue

Vol. 12 No. 2 (2024)

Section

NETWORK AND APPLICATION SECURITY

License

Copyright (c) 2024 Collection "Information Technology and Security"

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

The authors that are published in this collection, agree to the following terms:

  1. The authors reserve the right to authorship of their work and pass the collection right of first publication this work is licensed under the Creative Commons Attribution License, which allows others to freely distribute the published work with the obligatory reference to the authors of the original work and the first publication of the work in this collection.
     
  2. The authors have the right to conclude an agreement on exclusive distribution of the work in the form in which it was published this anthology (for example, to place the work in a digital repository institution or to publish in the structure of the monograph), provided that references to the first publication of the work in this collection.
     
  3. Policy of the journal allows and encourages the placement of authors on the Internet (for example, in storage facilities or on personal web sites) the manuscript of the work, prior to the submission of the manuscript to the editor, and during its editorial processing, as it contributes to productive scientific discussion and positive effect on the efficiency and dynamics of citations of published work (see The Effect of Open Access).