RADIOELECTRONIC AND COMPUTER SYSTEMS

The study aims to increase the functional efficiency of a machine learning cyber attack detection system. An information-extreme machine learning method of the cyberattack detection system with optimization of control tolerances for recognition features that reflect the traffic properties of the info-communication system has been developed. The method is developed within the framework of the functional approach to modeling of cognitive processes of natural intelligence at the formation and acceptance of classification decisions. This approach, in contrast to known methods of data mining, including neuron-like structures, allows giving the recognition system adaptability to arbitrary initial conditions of the learning matrix and flexibility in retraining the system by expanding the recognition classes alphabet. The method idea is to maximize the information capacity of the attack detection system in the machine learning process. A modified Kullback information measure is used as a criterion for optimizing machine learning parameters. According to the proposed categorical functional model, algorithmic software for attack detection system in the mode of machine learning with the depth of the second level has been developed and implemented. However, the depth level is determined by the number of machine learning parameters, which were optimized. The geometric parameters of the recognition hyperspherical containers classes and the control tolerances on the recognition features were considered as optimization parameters, which played the role of input data quantization levels in the transformation of the input Euclidean learning matrix of the type "object-property" into a working binary learning matrix given in the Hamming space. Admissible transformations of the working training matrix of the offered method allow adapting the input mathematical description of the attacks detection system to the maximum full probability of the correct classification decisions acceptance. Based on the results of information-extreme machine learning within the geometric approach, decisive rules are constructed as practically invariant to the multidimensionality of the recognition features space. The computer simulation results of information-extreme machine learning of the attack detection system to recognize four host traffic of different profiles confirm the developed method's efficiency.

information-extreme machine learning; information optimization criterion; machine learning parameter; cyberattack; attack detection system; traffic

Iavich, M., Kuchukhidze, T., Lashvili, G., Gnatyuk, S. Hibrid quantum random number generator for cryptographic algorithms. Radioeleсtronic and computer systems, 2021, no. 4, pp. 103-118. DOI:10.32620/reks.2021.4.09.

Bhardwaj, A., Sapra, V. Security Incidents & Response Against Cyber Attacks. Springer, 2021. 250 p.

Intrusion Detection Systems Explained: 13 Best IDS Software Tools Reviewed. Available at: https://www.comparitech.com/net-admin/network-intrusion-detection-tools/ (accessed 21.05.2022).

Top 10 BEST Intrusion Detection Systems (IDS) [2021 Rankings]. Available at: https://www.softwaretestinghelp.com/intrusion-detection-systems/ (accessed 21.05.2022).

Best FREE Intrusion Detection Software in 2021. Available at: https://www.addictivetips.com/net-admin/intrusion-detection-tools/ (accessed 21.05.2022).

Toliupa, S., Nakonechnyi, V., Uspenskyi, O. Signature and statistical analyzers in the cyber attack detection system. Information Technology and Security, 2019, vol. 7, iss. 1(12), pp. 69-79.

Snehi, J. Diverse Methods for Signature based Intrusion Detection Schemes Adopted. International Journal of Recent Technology and Engineering, 2020, vol. 9, iss. 2, pp. 44-49.

Ananin, E., Kozhevnikova, I., Lysenko, A., Nikishova, A. Anomalies and intrusions detection methods. Problems of Sciense, 2016. no. 34 (76), pp. 48-50.

Manasi, G. Taxonomy of Anomaly Based Intrusion Detection System: A Review. International Journal of Scientific and Research Publications, 2012. vol. 2, iss. 12. Available at: http://www.ijsrp.org/research-paper-1212.php?rp=P12460. (accessed 21.05.2022).

Dua, S., Du, X. Data Mining and Machine Learning in Cybersecurity. 1st Edition. Auerbach Publications, 2011. 256 p.

Honglin, H. A Network Traffic Classification Method Using Support Vector Machine with Feature Weighted-degree. Journal of Digital Information Management, 2017, vol. 15(2), pp. 76-83.

Zimovets, V. I., Kalashnykova, N. I., Olada, D. E., Shamatrin, S. V. Functional diagnostic system for multichannel mine lifting machine working in factor cluster analysis mode. Journal of Engineering Sciences, 2020, vol. 7, no. 1, pp. E20–E27. DOI: 10.21272/jes.2020.7(1).e4.

Xu, G., Zong, Y., Yang, Z. Applied Data Mining. CRC Press, 2013. 284 p.

Bai, J., Chen, Y. A Deep Neural Network Based on Classification of Traffic Volume for Short-Term Forecasting. Mathematical Problems in Engineering, 2019, аrticle id 6318094. DOI: 10.1155/2019/6318094.

Abbasi, M., Shahraki, A., Taherkordi, A. Deep Learning for Network Traffic Monitoring and Analysis (NTMA): A Survey. Computer Communications, 2021, vol. 170, pp. 19-41.

Kotecha, K., Verma, R. et al. Enhanced Network Intrusion Detection System. Sensors, 2021, vol. 21, iss. 23, article id 7835. DOI: 10.3390/s21237835.

Moskalenko, V. V., Korobov, A. G. Extreme algorithm of the system for recognition of objects on the terrain with optimization parameter feature extraction. Radio Electronics, Computer Science, Control, 2017, no 2, pp. 38-45.

Balyk, A., Karpinski, M., Naglik, A., Shangytbayeva, G., Romanets, I. Using graphic network simulator for ddos attacks simulation. International Journal of Computing, 2017, vol. 16, iss. 4, pp. 219-225. DOI: 10.47839/ijc.16.4.910.

Dovbysh, A. S., Moskalenko, V. V., Rizhova, A. S. Information-Extreme Method for Classification of Observations with Categorical Attributes. Cybernetics and Systems Analysis, 2016, vol. 52, iss. 2, pp. 45-52. DOI: 10.1007/s10559-016-9818-1.

Dovbysh, A. S., Budnyk, M. M., Piatachenko, V. Yu., Myronenko, M. I. Information-Extreme Machine Learning of On-Board Vehicle Recognition System. Cybernetics and Systems Analysis, 2020, vol. 56, iss. 4, pp. 534-543. DOI: 10.1007/s10559-020-00269-y.

Dovbysh, A. S., Rudenko, M. S. Information-extreme learning algorithm for a system of recognition of morphological images in diagnosing oncological pathologies. Cybernetics and Systems Analysis, 2014, vol. 50, iss. 1, pp. 157-163. DOI 10.1007/s10559-014-9603-y.

Machine Learning Repository. Available at: https://archive.ics.uci.edu/ml/datasets/detection_of_IoT_botnet_attacks_N_BaIoT (accessed 21.05.2022).