Abstract
To diagnose computer incidents based on a neural network model, it is necessary to determine the optimal number of neurons of both the hidden and the input layer. An increase in the frequency of feature collection entails an increase in the dimension of the input layer, which, with a limited set of training examples, leads to a deterioration in the quality indicators of the artificial neural network. In addition, the training time of the neural network increases. The paper discusses a combined artificial neural network as the basis of the neural network system for diagnosing computer incidents. Through the use of deep learning, the disadvantage of the multilayer perceptron, associated with the need to form a massive base of training examples for a specific structure of the neural network, is eliminated. In the experiments, the dependences of the dimension of the neural network input layer on the diagnosis result was revealed. This made it possible to minimize the time for collecting features while maintaining the quality of the neural network at the required level.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Alkasassbeh, M.: An empirical evaluation for the intrusion detection features based on machine learning and feature selection methods (2017). arXiv:1712.09623
Avramenko, V., Malikov, A., Kotenko, I., Saenko, I.: Combined neural network model for diagnosing computer incidents. In: 2020 CEUR Workshop Proceedings, pp. 280–294. CEUR (2020)
Baldi, P.: Autoencoders, unsupervised learning, and deep architectures. In: Proceedings of ICML Workshop on Unsupervised and Transfer Learning, pp. 37–49. JMLR Workshop and Conference Proceedings (2012)
Bose, R.J.C., Mans, R.S., van der Aalst, W.M.: Wanna improve process mining results? In: 2013 IEEE Symposium on Computational Intelligence and Data Mining (CIDM), pp. 127–134. IEEE (2013)
Cheng, H.-J., Kumar, A.: Process mining on noisy logs—can log sanitization help to improve performance? Decis. Support Syst. 79, 138–149 (2015)
Fu, Q., Lou, J.-G., Wang, Y., Li, J.: Execution anomaly detection in distributed systems through unstructured log analysis. In: 2009 Ninth IEEE International Conference on Data Mining, pp. 149–158. IEEE (2009)
Hecht-Nielsen, R.: Kolmogorov’s mapping neural network existence theorem. In: Proceedings of the International Conference on Neural Networks, vol. 3, pp. 11–14. IEEE Press, New York (1987)
Khaikin, S.: Neural networks: full course. M.: Williams, 1104 (2006)
Kotenko, I.: Multi-agent modelling and simulation of cyber-attacks and cyber-defense for homeland security. In: 2007 4th IEEE Workshop on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications, pp. 614–619. IEEE (2007)
Kotenko, I., Polubelova, O., Saenko, I.: The ontological approach for siem data repository implementation. In: 2012 IEEE International Conference on Green Computing and Communications, pp. 761–766. IEEE (2012)
Kotenko, I., Saenko, I.: Creating new-generation cybersecurity monitoring and management systems. Herald Russ. Acad. Sci. 84(6), 424–431 (2014)
Kurd, Z.: Artificial neural networks in safety-critical applications. PhD thesis, Citeseer (2005)
Larochelle, H., Erhan, D., Courville, A., Bergstra, J., Bengio, Y.: An empirical evaluation of deep architectures on problems with many factors of variation. In: Proceedings of the 24th International Conference on Machine Learning, pp. 473–480 (2007)
Lee, J., Kim, J., Kim, I., Han, K.: Cyber threat detection based on artificial neural networks using event profiles. IEEE Access 7, 165607–165626 (2019)
Lv, F., Wen, C., Bao, Z., Liu, M.: Fault diagnosis based on deep learning. In: 2016 American Control Conference (ACC), pp. 6851–6856. IEEE (2016)
Nolle, T., Seeliger, A., Mühlhäuser, M.: Unsupervised anomaly detection in noisy business process event logs using denoising autoencoders. In: International Conference on Discovery Science, pp. 442–456. Springer (2016)
Sakurada, M., Yairi, T.: Anomaly detection using autoencoders with nonlinear dimensionality reduction. In: Proceedings of the MLSDA 2014 2nd Workshop on Machine Learning for Sensory Data Analysis, pp. 4–11 (2014)
Shone, N., Ngoc, T.N., Phai, V.D., Shi, Q.: A deep learning approach to network intrusion detection. IEEE Trans. Emerg. Top. Comput. Intell. 2(1), 41–50 (2018)
Vaarandi, R.: A data clustering algorithm for mining patterns from event logs. In: Proceedings of the 3rd IEEE Workshop on IP Operations & Management (IPOM 2003)(IEEE Cat. No. 03EX764), pp. 119–126. IEEE (2003)
Zou, D.-Q., Qin, H., Jin, H.: Uilog: Improving log-based fault diagnosis by log analysis. J. Comput. Sci. Technol. 31(5), 1038–1052 (2016)
Acknowledgements
This research is being supported by the grant of RSF No. 21-71-20078.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Kotenko, I., Avramenko, V., Malikov, A., Saenko, I. (2022). An Approach to the Synthesis of a Neural Network System for Diagnosing Computer Incidents. In: Camacho, D., Rosaci, D., Sarné, G.M.L., Versaci, M. (eds) Intelligent Distributed Computing XIV. IDC 2021. Studies in Computational Intelligence, vol 1026. Springer, Cham. https://doi.org/10.1007/978-3-030-96627-0_37
Download citation
DOI: https://doi.org/10.1007/978-3-030-96627-0_37
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-96626-3
Online ISBN: 978-3-030-96627-0
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)