RADIOELECTRONIC AND COMPUTER SYSTEMS

Abstract. The increasing number of information security incidents in higher education underscores the urgent need for robust cybersecurity measures. This paper proposes a comprehensive framework designed to analyze the illegal use of internet resources in university networks in Kazakhstan. The subject of this article is the detection and mitigation of cybercriminal activities using university networks in Kazakhstan. The goal is to develop a comprehensive framework that integrates multiple educational organizations to enhance collaborative security efforts by monitoring network activity and categorizing texts using machine learning techniques. The tasks to be solved are: to formalize the procedure of integrating multiple educational organizations into a collaborative cybersecurity framework; developing a log analysis tool tailored for monitoring network activities within university networks; creating a novel dictionary of extremist terms in the Kazakh language for text categorization; to implement advanced machine learning models for network traffic classification. The methods used are: log analysis tools for real-time monitoring and anomaly detection in network activities, Natural language processing (NLP) techniques to develop a specialized dictionary of extremist terms in Kazakh, Machine learning models to classify network traffic and detect potential cyber threats, and collaborative architecture design to integrate network security efforts across multiple institutions. The following results were obtained: a comprehensive log analysis tool was developed and implemented, providing real-time monitoring of network activities in university networks; a dictionary of extremist terms in Kazakh was created, facilitating the categorization and analysis of texts related to potential security threats; advanced machine learning models were successfully applied to classify network traffic, enhancing the detection and mitigation of cyber threats; and an experimental architecture integrating multiple educational organizations was established, fostering collaborative efforts in cybersecurity. Conclusions. The scientific novelty of the results obtained is as follows: 1) a robust framework for collaborative cybersecurity in educational institutions was developed, leveraging log analysis and machine learning techniques; 2) the creation of a specialized dictionary of extremist terms in Kazakh significantly improved the accuracy of text categorization related to cybersecurity; 3) the application of advanced machine learning models to network traffic classification provided a methodological approach to effectively managing and securing network infrastructure effectively; 4) the experimental architecture demonstrated the potential for enhanced security through collaboration among educational organizations, offering strategic recommendations for improving information security in academic environments. The outcomes of this research contribute to the broader cybersecurity field by providing a structured approach to detecting and mitigating cyber threats in educational contexts. The proposed framework has potential applications extending to global security frameworks, aiming to foster a safer internet usage environment and reduce the risks associated with cyber threats and unauthorized data access.

cybersecurity; higher education; network traffic classification; machine learning; Kazakhstan; internet security; log analysis; extremism detection

“What is the Blue Whale suicide challenge, how many deaths has the game been linked to and is it in the UK?” The Sun. Available at: https://www.thesun.co.uk/news/worldnews/3003805/blue-whale-suicide-victims-russia-uk-deaths-latest/. (Accessed: Dec. 5, 2023).

Zhavoronkova, T. V. Usage of the Internet by terrorist and extremist organizations. Orenburg State University Bulletin, 2015, vol. 3, no. 178. 30 p.

Ravndal, J. A. Anders Behring Breivik’s use of the Internet and social media. Journal of Exit-Deutschland: Zeitschrift für Deradikalisierung und demokratische Kultur, 2013, vol. 2, pp. 172-185.

Anzalone, C. Zachary Chesser: An American Grassroots Jihadist Strategist on Raising the Next Generation of Al-Qaeda Supporters. Perspectives on Terrorism, 2010, vol. 4, no. 5.

About 500 Kazakhstanis are fighting in Syria and Iraq on the side of ISIS. Today.kz. Available at: http://today.kz/news/mir/2017-10-31/753466-okolo-500-kazahstantsev-voyuyut-v-sirii-i-irake-na-storone-igil/. [Accessed: Nov. 15, 2023].

«On Countering to Extremism» The Law of the Republic of Kazakhstan dated 18 February 2005, No.31.

«Criminal Code of the Republic of Kazakhstan» Code of the Republic of Kazakhstan dated July 16 1997, No. 167.

«On Mass Media» The Law of the Republic of Kazakhstan dated 23 July 1999, № 451-I.

Liu, D., & Park, Y., Anonymous traffic detection based on feature engineering and reinforcement learning, Sensors, 2024, vol. 24, no. 7, article no. 2295. DOI: 10.3390/s24072295.

Manjunatha, B. A., Shastry, K. A., Naresh, E., Pareek, P. K., & Reddy, K. T. A network intrusion detection framework on sparse deep denoising auto-encoder for dimensionality reduction, Soft Computing, 2024, vol. 28, no. 5, pp. 4503-4517. DOI: 10.1007/s00500-023-09408-x.

Elmaghraby, R. T., Aziem, N. M. A., Sobh, M. A., & Bahaa-Eldin, A. M. Encrypted network traffic classification based on machine learning, Ain Shams Engineering Journal, 2024, vol. 15, no. 2, article no. 102361. DOI: 10.1016/j.asej.2023.102361.

Baklizi, M. K., Atoum, I., Alkhazaleh, M., Kanaker, H., Abdullah, N., Al-Wesabi, O. A., & Otoom, A. A. Web Attack Intrusion Detection System Using Machine Learning Techniques. International Journal of Online & Biomedical Engineering, 2024, vol. 20, no. 3. DOI: 10.3991/ijoe.v20i03.45249.

Govers, J., Feldman, P., Dant, A., & Patros, P. Down the rabbit hole: Detecting online extremism, radicalisation, and politicised hate speech. ACM Computing Surveys, 2023, vol. 55, no. 14s, pp. 1-35. DOI: 10.1145/3583067.

Mahmood, S., Chadhar, M., & Firmin, S. Digital resilience framework for managing crisis: A qualitative study in the higher education and research sector. Journal of Contingencies and Crisis Management, 2024, vol. 32, no. 1, article no. e12549. DOI: 10.1111/1468-5973.12549.

Piazza, A., Vasudevan, S., & Carr, M. Cybersecurity in UK Universities: mapping (or managing) threat intelligence sharing within the higher education sector. Journal of Cybersecurity, 2023, vol. 9, no. 1, article no. tyad019. DOI: 10.1093/cybsec/tyad019.

Cheng, E. C., & Wang, T. Institutional strategies for cybersecurity in higher education institutions. Information, 2022, vol. 13, no. 4, article no. 192. DOI: 10.3390/info13040192.

Ibrahim, M. M., Omar, M. H., Habbal, A. M. M., & Zaini, K. M. Analysis of internet traffic in educational network based on users’ preferences. Journal of Computer Science, 2014, vol. 10, no. 1, pp. 99-105. DOI: 10.3844/jcssp.2014.99.105.

8 Considerations When Establishing Cybersecurity in Higher Education. ER.educause, 2023. Available at: https://er.educause.edu/articles/sponsored/2023/10/8-considerations-when-establishing-cybersecurity-in-higher-education. (Accessed: Jan. 17, 2024).

Higher Ed Redefines Fraud Strategies for the Connected Campus. PYMNTS, 2024. Available at: https://www.pymnts.com/safety-and-security/2024/higher-eds-redefine-cybersecurity-strategies-for-the-connected-campus/. (Accessed: Jan. 17, 2024).

Cybersecurity in Higher Education: Protecting Student Data and Campus Networks. Apporto, 2023. Available at: https://www.apporto.com/cybersecurity-in-higher-education-protecting-student-data-and-campus-networks/. (Accessed: Jan. 17, 2024).

Network Security. University of Twente. Available at: https://www.utwente.nl/en/digital-society/research/Cybersecurity_tuccr/activities/network-security/. (Accessed: Jan. 17, 2024).

Riggs, H., Tufail, S., Parvez, I., Tariq, M., Khan, M. A., Amir, A., Vuda, K. V., & Sarwat, A. I. Impact, Vulnerabilities, and Mitigation Strategies for Cyber-Secure Critical Infrastructure. Sensors, 2023, vol. 23, iss. 8, article no. 4060. DOI: 10.3390/s23084060.

Djenna, A., Bouridane, A., Rubab, S., & Marou, I. M. Artificial Intelligence-Based Malware Detection, Analysis, and Mitigation. Symmetry, 2023, vol. 15, iss. 3, article no. 677. DOI: 10.3390/sym15030677.

Markin, Y. V., & Sanarov, A. S. The modern network traffic analyzers overview. Preprinty ISP RAN (Preprints of ISP RAS), No. 27, 2014.

Tufail, S. et al. A survey on cybersecurity challenges, detection, and mitigation techniques for the smart grid. Energies, 2021, vol. 14, no. 18, article no. 5894. DOI: 10.3390/en14185894

Olowu, T. O., Dharmasena, S., Hernandez, A., & Sarwat, A. Impact Analysis of Cyber Attacks on Smart Grid: A Review and Case Study. In: Tyagi, H., Chakraborty, P.R., Powar, S., Agarwal, A.K. (eds) New Research Directions in Solar Energy Technologies, 2021, Energy, Environment, and Sustainability. Springer, Singapore, pp. 31-51. DOI: 10.1007/978-981-16-0594-9_3.

Djenna, A., Harous, S., & Saidouni, D. E. Internet of things meet internet of threats: New concern cyber security issues of critical cyber infrastructure. Applied Sciences, 2021, vol. 11, no. 10, article no. 4580. DOI: 10.3390/app11104580.

Joshi, M., & Hadi, T. H. A review of network traffic analysis and prediction techniques. arXiv. Computer Science. Networking and Internet Architecture, 2015. DOI: 10.48550/arXiv.1507.05722.

Getman, A. I., Markin, Y. V., Evstropov, E. F., & Obydenkov, D. O. Review of problems and methods for solving them in the field of network traffic classification. Proceedings of ISP RAS, 2017, vol. 29, iss. 3, pp. 117-150. DOI: 10.15514/ISPRAS-2017-29(3)-8.

Getman, A. I., & Ikonnikova, M. K. A Survey of Network Traffic Classification Methods Using Machine Learning. Program Comput Soft, 2022, vol. 48, pp. 413–423. DOI: 10.1134/S0361768822070052.

Parati, N., Amdani, S. Y., & Asole, S. S. Network Traffic Classification: Analysis and Applications. International Journal of Scientific Research in Science and Technology (IJSRST), 2022, vol. 9, no. 2, pp. 218-225. Available at: https://ijsrst.com/IJSRST229243. (Accessed: Jan. 17, 2024).

Miller, S., Curran, K., & Lunney, T. Detection of virtual private network traffic using machine learning. International Journal of Wireless Networks and Broadband Technologies (IJWNBT), 2020, vol. 9, no. 2, pp. 60-80. DOI: 10.4018/IJWNBT.2020070104.

Aswad, S. A., & Sonuç, E. Classification of VPN network traffic flow using time related features on Apache Spark. Proc. 4th Int. Symp. on Multidisciplinary Studies and Innovative Technologies (ISMSIT), Istanbul, Turkey, 2020, pp. 1–8. DOI: 10.1109/ISMSIT50672.2020.9254893

Izadi, S., Ahmadi, M., & Nikbazm, R. Network traffic classification using convolutional neural network and ant-lion optimization. Computers and Electrical Engineering, 2022, vol. 101, article no. 108024. DOI: 10.1016/j.compeleceng.2022.108024.

Ikonnikova, M. K., & Getman, A. I. A survey of Network Traffic Classification Methods Using Machine Learning,” Trudy ISP RAN/Proc. ISP RAS, vol. 32, issue 6, 2020. DOI: 10.15514/ISPRAS–2020–32(6)–11

Bujlow, T. Classification and Analysis of Computer Network Traffic. Networking & Security Department of Electronic Systems, Aalborg University, June 3, 2014.

Alisha, C. A Summary of Network Traffic Monitoring and Analysis Techniques. Available at: http://www.cse.wustl.edu/~jain/cse567-06/ftp/net_monitoring/index.html. (Accessed: Jan. 17, 2024).

Daadoo, M. Network Traffic Monitoring Analysis System with Built-in Monitoring Data Gathering. European Journal of Social Sciences, 2017, vol. 54, no. 1, pp. 79-91. Available at: http://www.europeanjournalofsocialsciences.com/. (Accessed: Jan. 17, 2024).

Hu, F., Zhang, S., Lin, X., Wu, L., Liao, N., & & Song, Y. Network traffic classification model based on attention mechanism and spatiotemporal features. EURASIP Journal on Information Security, 2023, article no. 6. DOI: 10.1186/s13635-023-00141-4.

Gupta, S., & Singh, B. An intelligent multi-layer framework with SHAP integration for botnet detection and classification. Computers & Security, 2024, vol. 140, article no. 103783. DOI: 10.2139/ssrn.4592818.

Vadhil, F. A., Salihi, M. L., & Nanne, M. F. Machine learning-based intrusion detection system for detecting web attacks. IAES International Journal of Artificial Intelligence, 2024, vol. 13, no. 1, pp. 711-721. DOI: 10.11591/ijai.v13.i1.pp711-721.

Liao, N., & Guan, J. Multi-scale Convolutional Feature Fusion Network Based on Attention Mechanism for IoT Traffic Classification. International Journal of Computational Intelligence Systems, 2024, vol. 17, article no. 36. DOI: 10.1007/s44196-024-00421-y.

Coscia, A., Dentamaro, V., Galantucci, S., Maci, A., & Pirlo, G. Automatic decision tree-based NIDPS ruleset generation for DoS/DDoS attacks. Journal of Information Security and Applications, 2024, vol. 82, article no. 103736. DOI: 10.1016/j.jisa.2024.103736.

Talukder, M. A., Islam, M. M., Uddin, M. A., et al. Machine learning-based network intrusion detection for big and imbalanced data using oversampling, stacking feature embedding and feature extraction. Journal of Big Data, 2024, vol. 11, article no. 33. DOI: 10.1186/s40537-024-00886-w.

Kostin, D. V., & Shelukhin, O. I. Sravnitel'nyy analiz algoritmov mashinnogo obucheniya dlya klassifikatsii setevogo zashifrovannogo trafika [Comparative analysis of machine learning algorithms for classification of network encrypted traffic). T-Comm-Telecommunications and Transport, 2016, vol. 10, no. 9, pp. 43-52. (In Russian).

Devyatkin, D., Smirnov, I., Ananyeva, M., Kobozeva, M., Chepovskiy, A., & Solovyev, F. Exploring linguistic features for extremist texts detection (on the material of Russian-speaking illegal texts). 2017 IEEE International Conference on Intelligence and Security Informatics (ISI), Beijing, China, 2017, pp. 188-190. DOI: 10.1109/ISI.2017.8004907.

Zhang, J., Xiang, Y., Wang, Y., Zhou, W., & Xiang, Y. Network traffic classification using correlation information. IEEE Transactions on Parallel and Distributed Systems, 2012, vol. 24, no. 1, pp. 104-117. DOI: 10.1109/TPDS.2012.98.

Mosyan, D. REST Design Principals for API Development. Medium. Available at: https://medium.com/@dmosyan/rest-design-principals-for-api-development-0d62d9948b7d. (accessed Feb 5, 2024)

Chandrasekaran, B. Survey of network traffic models. Washington University in St. Louis CSE, 567, 2009.

Gessert, F., Friedrich, S., Wingerath, W., Schaarschmidt, M., & Ritter, N. Towards a Scalable and Unified REST API for Cloud Data Stores. Available at: https://www.baqend.com/paper/dmc.pdf. (Accessed: Jan. 17, 2024).

Bolatbek, M., & Mussiraliyeva, S. Detection of extremist messages in web resources in the Kazakh language. Lodz Papers in Pragmatics, 2023, vol. 19, no. 2, pp. 415-425. DOI: 10.1515/lpp-2023-0020.

Mussiraliyeva, S., Bolatbek, M., Omarov, B., Bagitova, K., & Alimzhanova, Zh. Bigram based Deep Neural Network for Extremism Detection in Online User Generated Contents in the Kazakh Language. Int. Conf. on Computational Collective Intelligence (ICCCI), Greece, 2021, pp. 559-570. DOI: 10.1007/978-3-030-88113-9_45.

Targeir, A., & Perera, S. Mapping Extremist Forums using Text Mining. Master thesis, University of Agder, 2013. Available at; https://core.ac.uk/download/pdf/225888029.pdf. (Accessed: Feb. 12, 2024).

“tf–idf,” Wikipedia. Available at: https://en.wikipedia.org/wiki/Tf%E2%80%93idf. (Accessed: Feb. 12, 2024).

Integrated development environment Visual C. Available at: https://www.visualstudio.com. [Accessed: Jan. 17, 2024].

Mussiraliyeva, S., Bolatbek, M., Sagynay, M., Zhumakhanova, A., Yeltay, Z., & Medetbek, Z. Identifying Cyber-Threatening Texts in the Kazakh Segment of Web Resources. Proc. 2023 7th Int. Conf. on Advances in Artificial Intelligence (ICAAI '23), Association for Computing Machinery, New York, NY, USA, pp. 68–72, 2024. DOI: 10.1145/3633598.3633610.

Mussiraliyeva, S., Bolatbek, M., Zhumakhanova, A., Sagynay, M., & Bagitova, K. Development of a Software Module for Collecting and Analyzing Web Content to Determine Extremist Direction in the Text," In: Ullah, A., Anwar, S., Calandra, D., & Di Fuccio, R. (eds) Proc. Int. Conf. on Information Technology and Applications (ICITA), Lecture Notes in Networks and Systems, Springer, Singapore, 2024, vol. 839. DOI: 10.1007/978-981-99-8324-7_10.

Psiphon3. Available at: https://www.psiphon3.com/. (Accessed: Feb. 5, 2024).

Hotspot Shield – Free VPN for Secure, Private, and Unrestricted Internet Access. Available at: https://www.hotspotshield.com/. (Accessed: Feb. 5, 2024).

Bulgurcu, B., Cavusoglu, H., & Benbasat, I. Information security policy compliance: an empirical study of rationality-based beliefs and information security awareness. MIS Quarterly, 2010, vol. 34, no. 3, pp. 523-548. DOI: 10.2307/25750690.