Research on Information Security Evaluation Based on Artificial Neural Network

In this paper we can see that identified computer incidents are subject for diagnostics, during which the characteristics of information security violations are clarified (purpose, causes, consequences, etc.). To diagnose computer incidents, we can use methods of automation while collection and processing the events that occur as a result of the implementation of scenarios for information security violations. Artificial neural networks can be used to solve the classification problem of assigning diagnostic data set (information image of a computer incident) to one of the possible values of the violation characteristic. The purpose of this work is to adapt the structure of an artificial neural network that allows the accuracy diagnostics of computer incidents when new training examples appear.

Download Full-text

Model and method for diagnosing computer incidents in information and communication systems based on deep machine learning

Information and Control Systems ◽

10.31799/1684-8853-2019-6-32-42 ◽

2019 ◽

pp. 32-42

Author(s):

Albert Malikov ◽

Vladimir Avramenko ◽

Igor Saenko

Keyword(s):

Neural Network ◽

Artificial Neural Network ◽

Information Security ◽

Communication System ◽

Communication Systems ◽

Security Breach ◽

Main Requirement ◽

Information And Communication ◽

Artificial Neural ◽

Hidden Layer

Introduction: Models and methods for diagnosing computer incidents recorded in information and communication systems are the most important components in mathematical support of information security systems. The main requirement for the diagnostics is prompt identification of security violation characteristics. This problem is complicated due to the amount and variability of the initial data on information security violation. Purpose: Development of a model for diagnosing a computer incident, along with a method which would allow you to quickly determine the characteristics of a security violation. Results: Security breach characteristics important for making a decision about responding to an identified computer incident can be determined via deep artificial neural networks. A structural feature of the proposed deep artificial neural network is combining the coding part of the autoencoder and a multilayer perceptron. In addition, the method implements a parallel mode of processing information events which have occurred in the information and communication system before the incident was detected, by using a separate proposed artificial neural network for each secondary characteristic of the security breach. The method of determining the values of these secondary characteristics allows you to greatly improve the diagnostics efficiency, having acceptable values of precision and recall for the security violation characteristics to determine. The dependence has been studied of the completeness and classification accuracy on the number of neurons in the hidden layer. A sufficient number of neurons in the hidden layer for achieving the required training efficiency is experimentally determined. Practical relevance: The developed model and method can be implemented using standard software and hardware (servers) of an information and communication system. Their combined use with the existing models and methods of monitoring and diagnostics can significantly improve the efficiency of an information security system.

Download Full-text

Method of protection of personal data in its processing in information system based on the artificial neural network

Informatization and communication ◽

10.34219/2078-8320-2021-12-4-54-59 ◽

2021 ◽

Vol 4 ◽

pp. 54-59

Author(s):

I. S. Kozin ◽

Keyword(s):

Neural Network ◽

Artificial Neural Network ◽

Information System ◽

Information Security ◽

User Behavior ◽

Personal Data ◽

Access Time ◽

User Characteristics ◽

Time Duration ◽

Artificial Neural

One of the most actively developing areas of information security is the User Behavior Analytics. This paper presents a method of detecting anomalies in the behavior of an information system user has been developed, based on the use of an artificial neural network that signals the commission of illegal actions. Users behavior characteristics had been offered to use sample input values: access time; duration of work performed; place of access; a set of data with which the user works; list of actions taken. An approach to assigning numeric values to user characteristics is proposed, based on the fuzzy set theory and One-Hot Encoding method. Method provides more effective detecting abnormalities in user behavior than analyze by information security specialist without using the special automation tools.

Download Full-text