USING SUPPORT VECTORS TO BUILD A RULE-BASED SYSTEM FOR DETECTING MALICIOUS PROCESSES IN AN ORGANISATION'S NETWORK TRAFFIC
The growing complexity and sophistication of cyberattacks on organisational information resources and the variety of malware processes in unprotected networks necessitate the development of advanced methods for detecting malicious processes in network traffic. Systems for detecting malicious proces...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Lublin University of Technology
2024-12-01
|
| Series: | Informatyka, Automatyka, Pomiary w Gospodarce i Ochronie Środowiska |
| Subjects: | |
| Online Access: | https://ph.pollub.pl/index.php/iapgos/article/view/6366 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1846113017856524288 |
|---|---|
| author | Halyna Haidur Sergii Gakhov Dmytro Hamza |
| author_facet | Halyna Haidur Sergii Gakhov Dmytro Hamza |
| author_sort | Halyna Haidur |
| collection | DOAJ |
| description |
The growing complexity and sophistication of cyberattacks on organisational information resources and the variety of malware processes in unprotected networks necessitate the development of advanced methods for detecting malicious processes in network traffic. Systems for detecting malicious processes based on machine learning and rule-based methods have their advantages and disadvantages. We have investigated the possibility of using support vectors to create a rule-based system for detecting malicious processes in an organisation's network traffic. We propose a method for building a rule-based system for detecting malicious processes in an organisation's network traffic using the distribution data of the relevant features of support vectors. The application of this method on real CSE-CIC-IDS2018 network traffic data containing characteristics of malicious processes has shown acceptable accuracy, high clarity and computational efficiency in detecting malicious processes in network traffic. In our opinion, the results of this study will be useful in creating automatic systems for detecting malicious processes in the network traffic of organisations and in creating and using synthetic data in such systems.
|
| format | Article |
| id | doaj-art-b279b314abc1489e9ca585faffb8377f |
| institution | Kabale University |
| issn | 2083-0157 2391-6761 |
| language | English |
| publishDate | 2024-12-01 |
| publisher | Lublin University of Technology |
| record_format | Article |
| series | Informatyka, Automatyka, Pomiary w Gospodarce i Ochronie Środowiska |
| spelling | doaj-art-b279b314abc1489e9ca585faffb8377f2024-12-22T09:02:19ZengLublin University of TechnologyInformatyka, Automatyka, Pomiary w Gospodarce i Ochronie Środowiska2083-01572391-67612024-12-0114410.35784/iapgos.6366USING SUPPORT VECTORS TO BUILD A RULE-BASED SYSTEM FOR DETECTING MALICIOUS PROCESSES IN AN ORGANISATION'S NETWORK TRAFFICHalyna Haidur0https://orcid.org/0000-0003-0591-3290Sergii Gakhov1https://orcid.org/0000-0001-9011-8210Dmytro Hamza2https://orcid.org/0009-0005-0947-2420State University of Information and Communication Technologies, Department of Information and Cyber SecurityState University of Information and Communication Technologies, Department of Information and Cyber SecurityState University of Information and Communication Technologies, Department of Information and Cyber Security The growing complexity and sophistication of cyberattacks on organisational information resources and the variety of malware processes in unprotected networks necessitate the development of advanced methods for detecting malicious processes in network traffic. Systems for detecting malicious processes based on machine learning and rule-based methods have their advantages and disadvantages. We have investigated the possibility of using support vectors to create a rule-based system for detecting malicious processes in an organisation's network traffic. We propose a method for building a rule-based system for detecting malicious processes in an organisation's network traffic using the distribution data of the relevant features of support vectors. The application of this method on real CSE-CIC-IDS2018 network traffic data containing characteristics of malicious processes has shown acceptable accuracy, high clarity and computational efficiency in detecting malicious processes in network traffic. In our opinion, the results of this study will be useful in creating automatic systems for detecting malicious processes in the network traffic of organisations and in creating and using synthetic data in such systems. https://ph.pollub.pl/index.php/iapgos/article/view/6366network securityclassification of network trafficsupervised learningsupport vector machine classificationrule-based systems |
| spellingShingle | Halyna Haidur Sergii Gakhov Dmytro Hamza USING SUPPORT VECTORS TO BUILD A RULE-BASED SYSTEM FOR DETECTING MALICIOUS PROCESSES IN AN ORGANISATION'S NETWORK TRAFFIC Informatyka, Automatyka, Pomiary w Gospodarce i Ochronie Środowiska network security classification of network traffic supervised learning support vector machine classification rule-based systems |
| title | USING SUPPORT VECTORS TO BUILD A RULE-BASED SYSTEM FOR DETECTING MALICIOUS PROCESSES IN AN ORGANISATION'S NETWORK TRAFFIC |
| title_full | USING SUPPORT VECTORS TO BUILD A RULE-BASED SYSTEM FOR DETECTING MALICIOUS PROCESSES IN AN ORGANISATION'S NETWORK TRAFFIC |
| title_fullStr | USING SUPPORT VECTORS TO BUILD A RULE-BASED SYSTEM FOR DETECTING MALICIOUS PROCESSES IN AN ORGANISATION'S NETWORK TRAFFIC |
| title_full_unstemmed | USING SUPPORT VECTORS TO BUILD A RULE-BASED SYSTEM FOR DETECTING MALICIOUS PROCESSES IN AN ORGANISATION'S NETWORK TRAFFIC |
| title_short | USING SUPPORT VECTORS TO BUILD A RULE-BASED SYSTEM FOR DETECTING MALICIOUS PROCESSES IN AN ORGANISATION'S NETWORK TRAFFIC |
| title_sort | using support vectors to build a rule based system for detecting malicious processes in an organisation s network traffic |
| topic | network security classification of network traffic supervised learning support vector machine classification rule-based systems |
| url | https://ph.pollub.pl/index.php/iapgos/article/view/6366 |
| work_keys_str_mv | AT halynahaidur usingsupportvectorstobuildarulebasedsystemfordetectingmaliciousprocessesinanorganisationsnetworktraffic AT sergiigakhov usingsupportvectorstobuildarulebasedsystemfordetectingmaliciousprocessesinanorganisationsnetworktraffic AT dmytrohamza usingsupportvectorstobuildarulebasedsystemfordetectingmaliciousprocessesinanorganisationsnetworktraffic |