Abstract
Patterns of Bayesian networks have been developed for the computing core of the decision support system in the course of threats prediction and stages of intrusion into information and communication networks of informatization objects. The proposed Bayesian networks templates allow one to operate with a variety of random variables and determine the probability of a cyber threat or a specific stage of an invasion under given conditions. Probabilistic models for detecting network intrusions based on the use of dynamic Bayesian networks have been added. The training of Bayesian networks parameters based on the EM-algorithm was carried out. In contrast to existing solutions, the proposed approach makes it possible not only to take into account the main stages of intrusions but also to make more reasonable decisions based on the use of both typical intrusion patterns and newly synthesized patterns. All templates and models make up the decision support system computing core for intrusion detection. The effectiveness of the developed models was tested on test samples that were not previously used in training.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Elshoush, H.T., Osman, I.M.: Alert correlation in collaborative intelligent intrusion detection systems–a survey. Appl. Soft Comput. 11(7), 4349–4365 (2011)
Shenfield, A., Day, D., Ayesh, A.: Intelligent intrusion detection systems using artificial neural networks. ICT Express 4(2), 95–99 (2018)
Rees, L.P., Deane, J.K., Rakes, T.R., Baker, W.H.: Decision support for Cybersecurity risk planning. Decis. Support Syst. 51(3), 493–505 (2011)
Akhmetov, B., Lakhno, V., Boiko, Y., & Mishchenko, A.: Designing a decision support system for the weakly formalized problems in the provision of cybersecurity. Eastern-Eur. J. Enterp. Technol. (1(2)), 4–15 (2017)
Fielder, A., Panaousis, E., Malacaria, P., Hankin, C., Smeraldi, F.: Decision support approaches for cybersecurity investment. Decis. Support Syst. 86, 13–23 (2016)
Atymtayeva, L., Kozhakhmet, K., Bortsova, G.: Building a knowledge base for expert system in information security. In: Chapter Soft Computing in Artificial Intelligence of the series Advances in Intelligent Systems and Computing, vol. 270, pp. 57–76 (2014)
Dua S., Du, X.: Data Mining and Machine Learning in Cybersecurity, p. 225. CRC Press (2016)
Buczak, A.L., Guven, E.: A Survey of data mining and machine learning methods for cyber security intrusion detection. IEEE Commun. Surv. Tutor. 18(2), 1153–1176 (2016)
Zhang, L., Yao, Y., Peng, J., Chen, H., Du, Y.: Intelligent information security risk assessment based on a decision tree algorithm. J. Tsinghua Univ. Sci. Technol. 51(10), 1236–1239 (2011)
Ben-Asher, N., Gonzalez, C.: Effects of cybersecurity knowledge on attack detection. Comput. Hum. Behav. 48, 51–61 (2015)
Goztepe, K.: Designing fuzzy rule based expert system for cyber security. Int. J. Inf. Secur. Sci. 1(1), 13–19 (2012)
Gamal, M.M., Hasan, B., Hegazy, A.F.: A Security analysis framework powered by an expert system. Int. J. Comput. Sci. Secur. (IJCSS) 4(6), 505–527 (2011)
Chang, L.-Y., Lee, Z.-J.: Applying fuzzy expert system to information security risk Assessment – a case study on an attendance system. In: International Conference on Fuzzy Theory and Its Applications (iFUZZY), pp. 346–351 (2013)
Kanatov, M., Atymtayeva, L., Yagaliyeva, B.: Expert systems for information security management and audit, Implementation phase issues, Soft Computing and Intelligent Systems (SCIS). In: Joint 7th International Conference on and Advanced Intelligent Systems (ISIS), pp. 896–900 (2014)
Lakhno, V.A., Lakhno, M.V., Sauanova, K.T., Sagyndykova, S.N., Adilzhanova, S.A.: Decision support system on optimization of information protection tools placement. Int. J. Adv. Trends Comput. Sci. Eng. 9(4), 4457–4464 (2020)
Xie, P., Li, J. H., Ou, X., Liu, P., Levy, R.: Using Bayesian networks for cybersecurity analysis. In: 2010 IEEE/IFIP International Conference on Dependable Systems & Networks (DSN), pp. 211–220. IEEE, June 2010
Shin, J., Son, H., Heo, G.: Development of a cybersecurity risk model using Bayesian networks. Reliab. Eng. Syst. Saf. 134, 208–217 (2015)
Özgür, A., Erdem, H.: A review of KDD99 dataset usage in intrusion detection and machine learning between 2010 and 2015. PeerJ Preprints, 4, e1954v1 (2016)
Elkan, C.: Results of the KDD’99 classifier learning. ACM SIGKDD Explorat. Newsl. 1(2), 63–64 (2000)
Lakhno, V.A., Kravchuk, P.U., Malyukov, V.P., Domrachev, V.N., Myrutenko, L.V., Piven, O.S.: Developing of the cybersecurity system based on clustering and formation of control deviation signs. J. Theor. Appl. Inf. Technol. 95(21), 5778–5786 (2017)
Lakhno, V.A., Hrabariev, A.V., Petrov, O.S., Ivanchenko, Y.V., Beketova, G.S.: Improving of information transport security under the conditions of destructive influence on the information-communication system. J. Theort. Appl. Inf. Technol. 89(2), 352–361 (2016)
Heckerman, D.: A tutorial on learning with bayesian networks, Tecnical report, Redmond: Microsoft Research (1995). 58 p.
Raileanu, L.E., Stoffel, K.: Theoretical comparison between the gini index and information gain criteria. Ann. Math. Artif. Intell. 41(1), 77–93 (2004)
Alhendawi, K.M., Al-Janabi, A.A.: An intelligent expert system for management information system failure diagnosis. In: Vasant, P., Zelinka, I., Weber, G.W. (eds.) Intelligent Computing & Optimization. ICO 2018. Advances in Intelligent Systems and Computing, vol. 866. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-00979-3_26
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Lakhno, V., Akhmetov, B., Ydyryshbayeva, M., Bebeshko, B., Desiatko, A., Khorolska, K. (2021). Models for Forming Knowledge Databases for Decision Support Systems for Recognizing Cyberattacks. In: Vasant, P., Zelinka, I., Weber, GW. (eds) Intelligent Computing and Optimization. ICO 2020. Advances in Intelligent Systems and Computing, vol 1324. Springer, Cham. https://doi.org/10.1007/978-3-030-68154-8_42
Download citation
DOI: https://doi.org/10.1007/978-3-030-68154-8_42
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-68153-1
Online ISBN: 978-3-030-68154-8
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)