The paper deals with the problem of classification of current models of cyber threats to infocommunication systems according to various modern factors in combination with the classical methodology. In accordance with this task of determining the current model of cyber-threats of digital data processing is considered as adaptive correction of modern cyber-threats according to current DARPA R&D. While for IT developers, threat modeling is a complex process with a bunch of pitfalls, for Internet users it's a fairly straightforward set of rules that can greatly en-hance your individual security on the Internet. Practice shows that most of the protected area flows from technical data chan-nels. The signal is distributed in a particular physical environment, it can be acoustic or electromagnetic, its interception is by means of mortgage devices and other ways. Devices can intercept electromagnetic radiation data, acoustic and visual in-formation. This method of interception is protected by restricting access to the pro-tected object Many try to hide behind technology, ignoring people and procedures. Sufficient attention should be paid to the entire security triad: people, procedures, technology. Cyber hygiene has long been widely used in effectively operating companies around the world. Knowing your risks requires working with people, implementing technolo-gy, and managing policies and procedures. When investigating different types of cyber threats, the main and often overrid-ing component is the victim's communication channel and the attacker's or insider's management system with its curators. Often, this link is hidden. Therefore, exploring these communication channels is the most important step in the cyber-threat inves-tigation process as a whole.
This paper provides with the description, comparative analysis of multiple commonly used approaches of the analysis of system logs, and streaming data massively generated by company IT infrastructure with an unattended anomaly detection feature. An importance of the anomaly detection is dictated by the growing costs of system downtime due to the events that would have been predicted based on the log entries with the abnormal data reported. Anomaly detection systems are built using standard workflow of the data collection, parsing, information extraction and detection steps. Most of the document is related to the anomaly detection step and algorithms like regression, decision tree, SVM, clustering, principal components analysis, invariants mining and hierarchical temporal memory model. Model-based anomaly algorithms and hierarchical temporary memory algorithms were used to process HDFS, BGL and NAB datasets with ~16m log messages and 365k data points of the streaming data. The data was manually labeled to enable the training of the models and accuracy calculation. According to the results, supervised anomaly detection systems achieve high precision but require significant training effort, while HTM-based algorithm shows the highest detection precision with zero training. Detection of the abnormal system behavior plays an important role in large-scale incident management systems. Timely detection allows IT administrators to quickly identify issues and resolve them immediately. This approach reduces the system downtime dramatically.Most of the IT systems generate logs with the detailed information of the operations. Therefore, the logs become an ideal data source of the anomaly detection solutions. The volume of the logs makes it impossible to analyze them manually and requires automated approaches.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.