Yu.V. Vinogradov – Head of Department, LLC «SSEC-Service» (Moscow)
A.N. Nazarov – Dr.Sc.(Eng.), Professor, FRC «Computer Science and Control» of RAS (Moscow)
A.K. Sychev – Leading Mathematic Engineer, LLC «SSEC-Service» (Moscow)
The article studies the use of machine learning algorithms in solving information security problems, namely, in the construction of next-generation intrusion detection systems (IDS). The main drawbacks of traditional IDS (based on signature rules) are considered and methods for their solution are proposed using the algorithms of machine learning. The article presents new methods of applying machine learning algorithms, with the help of which it is possible to detect both already known threats and previously not seen variations of known threats. They can also speed up the process of investigating cybercrime by processing a large number of source data, and in the future, carry out this process automatically.
- Machine learning in cybersecurity will boost big data, intelligence, and analytics spending. URL = https://www.helpnetsecurity.com/ 2017/01/31/machine-learning-cybersecurity/. Data obrashheniya: 10.05.2018.
- Cisco 2018. Godovoj otchet po informaczionnoj bezopasnosti. URL = https://www.cisco.com/c/dam/global/ru_ru/assets/offers/assets/ cisco_2018_acr_ru.pdf. Data obrashheniya: 11.05.2018.
- Christian Callegari, Stefano Giordano, Michele Pagano Entropy-based network anomaly Detection // 2017 International Conference on Computing, Networking and Communications (ICNC). 2017.
- Idhammad M., Afdel K. & Belouch M., Semi-supervised machine learning approach for DDoS detection // Appl. Intell. 2018. URL = https://doi.org/10.1007/s10489-018-1141-2.
- Kwon D., Kim H., Kim J. et al. A survey of deep learning-based network anomaly detection // Cluster Comput. 2017. URL = https://doi.org/10.1007/s10586-017-1117-8.
- Eric M. Hutchins, Michael J. Cloppert, Rohan M. Amin Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains. Lockheed Martin Corporation. 2010.
- Jan Kohout, Tomasÿ Komarek, Prÿemysl Cÿech, Jan Bodnar, Jakub Lokocÿ Learning communication patterns for malware discovery in HTTPs data // Expert Systems With Applications. 2018.