Skip to main content
SpringerLink
Log in

Models for Forming Knowledge Databases for Decision Support Systems for Recognizing Cyberattacks

  • Conference paper
  • First Online:
Intelligent Computing and Optimization (ICO 2020)

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 1324))

Included in the following conference series:

Abstract

Patterns of Bayesian networks have been developed for the computing core of the decision support system in the course of threats prediction and stages of intrusion into information and communication networks of informatization objects. The proposed Bayesian networks templates allow one to operate with a variety of random variables and determine the probability of a cyber threat or a specific stage of an invasion under given conditions. Probabilistic models for detecting network intrusions based on the use of dynamic Bayesian networks have been added. The training of Bayesian networks parameters based on the EM-algorithm was carried out. In contrast to existing solutions, the proposed approach makes it possible not only to take into account the main stages of intrusions but also to make more reasonable decisions based on the use of both typical intrusion patterns and newly synthesized patterns. All templates and models make up the decision support system computing core for intrusion detection. The effectiveness of the developed models was tested on test samples that were not previously used in training.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 129.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 169.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Elshoush, H.T., Osman, I.M.: Alert correlation in collaborative intelligent intrusion detection systems–a survey. Appl. Soft Comput. 11(7), 4349–4365 (2011)

    Article  Google Scholar 

  2. Shenfield, A., Day, D., Ayesh, A.: Intelligent intrusion detection systems using artificial neural networks. ICT Express 4(2), 95–99 (2018)

    Article  Google Scholar 

  3. Rees, L.P., Deane, J.K., Rakes, T.R., Baker, W.H.: Decision support for Cybersecurity risk planning. Decis. Support Syst. 51(3), 493–505 (2011)

    Article  Google Scholar 

  4. Akhmetov, B., Lakhno, V., Boiko, Y., & Mishchenko, A.: Designing a decision support system for the weakly formalized problems in the provision of cybersecurity. Eastern-Eur. J. Enterp. Technol. (1(2)), 4–15 (2017)

    Google Scholar 

  5. Fielder, A., Panaousis, E., Malacaria, P., Hankin, C., Smeraldi, F.: Decision support approaches for cybersecurity investment. Decis. Support Syst. 86, 13–23 (2016)

    Article  Google Scholar 

  6. Atymtayeva, L., Kozhakhmet, K., Bortsova, G.: Building a knowledge base for expert system in information security. In: Chapter Soft Computing in Artificial Intelligence of the series Advances in Intelligent Systems and Computing, vol. 270, pp. 57–76 (2014)

    Google Scholar 

  7. Dua S., Du, X.: Data Mining and Machine Learning in Cybersecurity, p. 225. CRC Press (2016)

    Google Scholar 

  8. Buczak, A.L., Guven, E.: A Survey of data mining and machine learning methods for cyber security intrusion detection. IEEE Commun. Surv. Tutor. 18(2), 1153–1176 (2016)

    Article  Google Scholar 

  9. Zhang, L., Yao, Y., Peng, J., Chen, H., Du, Y.: Intelligent information security risk assessment based on a decision tree algorithm. J. Tsinghua Univ. Sci. Technol. 51(10), 1236–1239 (2011)

    Google Scholar 

  10. Ben-Asher, N., Gonzalez, C.: Effects of cybersecurity knowledge on attack detection. Comput. Hum. Behav. 48, 51–61 (2015)

    Article  Google Scholar 

  11. Goztepe, K.: Designing fuzzy rule based expert system for cyber security. Int. J. Inf. Secur. Sci. 1(1), 13–19 (2012)

    Google Scholar 

  12. Gamal, M.M., Hasan, B., Hegazy, A.F.: A Security analysis framework powered by an expert system. Int. J. Comput. Sci. Secur. (IJCSS) 4(6), 505–527 (2011)

    Google Scholar 

  13. Chang, L.-Y., Lee, Z.-J.: Applying fuzzy expert system to information security risk Assessment – a case study on an attendance system. In: International Conference on Fuzzy Theory and Its Applications (iFUZZY), pp. 346–351 (2013)

    Google Scholar 

  14. Kanatov, M., Atymtayeva, L., Yagaliyeva, B.: Expert systems for information security management and audit, Implementation phase issues, Soft Computing and Intelligent Systems (SCIS). In: Joint 7th International Conference on and Advanced Intelligent Systems (ISIS), pp. 896–900 (2014)

    Google Scholar 

  15. Lakhno, V.A., Lakhno, M.V., Sauanova, K.T., Sagyndykova, S.N., Adilzhanova, S.A.: Decision support system on optimization of information protection tools placement. Int. J. Adv. Trends Comput. Sci. Eng. 9(4), 4457–4464 (2020)

    Article  Google Scholar 

  16. Xie, P., Li, J. H., Ou, X., Liu, P., Levy, R.: Using Bayesian networks for cybersecurity analysis. In: 2010 IEEE/IFIP International Conference on Dependable Systems & Networks (DSN), pp. 211–220. IEEE, June 2010

    Google Scholar 

  17. Shin, J., Son, H., Heo, G.: Development of a cybersecurity risk model using Bayesian networks. Reliab. Eng. Syst. Saf. 134, 208–217 (2015)

    Article  Google Scholar 

  18. Özgür, A., Erdem, H.: A review of KDD99 dataset usage in intrusion detection and machine learning between 2010 and 2015. PeerJ Preprints, 4, e1954v1 (2016)

    Google Scholar 

  19. Elkan, C.: Results of the KDD’99 classifier learning. ACM SIGKDD Explorat. Newsl. 1(2), 63–64 (2000)

    Article  Google Scholar 

  20. Lakhno, V.A., Kravchuk, P.U., Malyukov, V.P., Domrachev, V.N., Myrutenko, L.V., Piven, O.S.: Developing of the cybersecurity system based on clustering and formation of control deviation signs. J. Theor. Appl. Inf. Technol. 95(21), 5778–5786 (2017)

    Google Scholar 

  21. Lakhno, V.A., Hrabariev, A.V., Petrov, O.S., Ivanchenko, Y.V., Beketova, G.S.: Improving of information transport security under the conditions of destructive influence on the information-communication system. J. Theort. Appl. Inf. Technol. 89(2), 352–361 (2016)

    Google Scholar 

  22. Heckerman, D.: A tutorial on learning with bayesian networks, Tecnical report, Redmond: Microsoft Research (1995). 58 p.

    Google Scholar 

  23. Raileanu, L.E., Stoffel, K.: Theoretical comparison between the gini index and information gain criteria. Ann. Math. Artif. Intell. 41(1), 77–93 (2004)

    Article  MathSciNet  Google Scholar 

  24. Alhendawi, K.M., Al-Janabi, A.A.: An intelligent expert system for management information system failure diagnosis. In: Vasant, P., Zelinka, I., Weber, G.W. (eds.) Intelligent Computing & Optimization. ICO 2018. Advances in Intelligent Systems and Computing, vol. 866. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-00979-3_26

Download references

Author information

Authors and Affiliations

  1. National University of Life and Environmental Sciences of Ukraine, Kiev, Ukraine

    Valery Lakhno

  2. Abai Kazakh National Pedagogical University, Almaty, Kazakhstan

    Bakhytzhan Akhmetov

  3. Al Farabi Kazakh National University, Almaty, Kazakhstan

    Moldyr Ydyryshbayeva

  4. Kyiv National University of Trade and Economics, Kioto Street 19, Kyiv, Ukraine

    Bohdan Bebeshko, Alona Desiatko & Karyna Khorolska

Authors
  1. Valery Lakhno
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Bakhytzhan Akhmetov
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Moldyr Ydyryshbayeva
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Bohdan Bebeshko
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Alona Desiatko
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Karyna Khorolska
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Karyna Khorolska .

Editor information

Editors and Affiliations

  1. Department of Fundamental and Applied Sciences, Universiti Teknologi Petronas, Tronoh, Perak, Malaysia

    Pandian Vasant

  2. Faculty of Electrical Engineering and Computer Science, VÅ B TU Ostrava, Ostrava, Czech Republic

    Ivan Zelinka

  3. Faculty of Engineering Management, Poznan University of Technology, Poznan, Poland

    Gerhard-Wilhelm Weber

Rights and permissions

Reprints and permissions

Copyright information

© 2021 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Lakhno, V., Akhmetov, B., Ydyryshbayeva, M., Bebeshko, B., Desiatko, A., Khorolska, K. (2021). Models for Forming Knowledge Databases for Decision Support Systems for Recognizing Cyberattacks. In: Vasant, P., Zelinka, I., Weber, GW. (eds) Intelligent Computing and Optimization. ICO 2020. Advances in Intelligent Systems and Computing, vol 1324. Springer, Cham. https://doi.org/10.1007/978-3-030-68154-8_42

Download citation

Publish with us

Policies and ethics

Search

Navigation