A methodology for building cyberattack-generated anomaly detection systems

Abstract: Развитие информационных технологий трансформируется настолько быстро, что классические механизмы защиты не могут оставаться эффективными, а вредоносное программное обеспечение и другие киберугрозы становятся все более распространенными. Поэтому необходимы системы обнаружения вторжений, позволяющие оперативно обнаруживать и предотвращать нарушения безопасности (особенно ранее неизвестных кибератак), характеризующихся нечетко определенными критериями. Известны кортежная модель формирования набора базовых компоне… Show more

“…The analysis of the complex of technical information protection is considered in [9], the risks of the identifiers tree of state information resources in [10]. In [11], a methodology for constructing systems for detecting anomalies generated by cyber attacks was considered. In [12], there is a methodology for analyzing and assessing the risk of loss of information resources.…”

“…The methodology of adaptive risk assessment systems for the security of information system resources is considered in [14]. The analysis of the proposed methodologies in [8][9][10][11][12][13][14] showed that the authors use only individual components of information resource security, information security, as a rule, do not take into account the relationship between information assets, elements of the information infrastructure of the corresponding computer networks/systems, the possibility of integration and properties of hybridity of threats to security components [15][16][17]. Therefore, the reviewed methodologies will require a radical revision in terms of the creation of a methodological basis for building an information security system in CRES both of the world as a whole and of Ukraine in particular.…”

Development of a methodology for building an information security system in the corporate research and education system in the context of university autonomy

“…The analysis of the complex of technical information protection is considered in [9], the risks of the identifiers tree of state information resources in [10]. In [11], a methodology for constructing systems for detecting anomalies generated by cyber attacks was considered. In [12], there is a methodology for analyzing and assessing the risk of loss of information resources.…”

“…The methodology of adaptive risk assessment systems for the security of information system resources is considered in [14]. The analysis of the proposed methodologies in [8][9][10][11][12][13][14] showed that the authors use only individual components of information resource security, information security, as a rule, do not take into account the relationship between information assets, elements of the information infrastructure of the corresponding computer networks/systems, the possibility of integration and properties of hybridity of threats to security components [15][16][17]. Therefore, the reviewed methodologies will require a radical revision in terms of the creation of a methodological basis for building an information security system in CRES both of the world as a whole and of Ukraine in particular.…”

Development of a methodology for building an information security system in the corporate research and education system in the context of university autonomy