INVESTIGATION OF A CONTEXT-SENSITIVE CYBER SECURITY MONITORING ALGORITHM BASED ON RECURRENT NEURAL NETWORKS-Reference-Cited by-同舟云学术

INVESTIGATION OF A CONTEXT-SENSITIVE CYBER SECURITY MONITORING ALGORITHM BASED ON RECURRENT NEURAL NETWORKS

Published:2024-05-12 Issue:1 Volume:4 Page:1-9
ISSN:2786-4553
Container-title:Information and communication technologies, electronic engineering
language:
Short-container-title:ICTEE

Author:

,Klymash M.^ORCID,Senyk A.,Pyrih Yu.^ORCID

Abstract

The most common problems faced by modern information and communication systems (ICS) in the context of combating cyber threats were examined in the paper. The importance of ensuring the reliable operation of ICS, and protecting their users' private data from unauthorized interception or destruction was emphasized. The main principles of effective protection of ICS systems against possible interference in their work were defined. The classification of cyber threats and their impact on the functioning of information systems was presented. Features of the use of modern information technologies were determined, such as machine learning (ML), and recurrent neural networks (RNN) for increasing the effectiveness of detecting and preventing such threats, speeding up the process of calculating large volumes of information about various aspects of the work of information and communication systems. The parameters of the analysis of ICS behavior, which indicate the presence of problems in cyber security, were studied. The features and advantages of deploying RNN in ICS were analyzed, which makes it possible to simplify the tasks of cyber defense. A modified context-sensitive algorithm for cyber security monitoring (CCM-RNN) was proposed, which is based on RNN and allows taking into account the dynamics of system changes in the established context, for example, the type or volume of traffic from users, etc. The method of selecting the most effective parameters and properties of ICS for detecting cyber threats was improved. The results of the study of the effectiveness of the use of the modified CCM-RNN algorithm demonstrated its broad capabilities for fast and accurate detection of anomalies in the operation of ICs that may threaten their cyber security. By changing the number of properties of the CCM-RNN algorithm, which correspond to the characteristics of various aspects of the IC, it is possible to achieve the maximum accuracy of cyber threat detection. The modified algorithm also allows for the reduction of the duration of calculations during analysis. Based on the research results, a conclusion was made about the feasibility of using the proposed modified CCM-RNN algorithm for the ability to detect cyber security threats in ICS by flexibly adjusting the number and type of learning parameters of neural networks. In this way, the accuracy and duration of calculations were optimized, as well as the peculiarities and contexts of information and communication systems were taken into account.

Publisher

Lviv Polytechnic National University

Reference11 articles.

1. [1] Y. Fang, Y. Zhang and C. Huang, "CyberEyes: Cybersecurity Entity Recognition Model Based on Graph Convolutional Network," in The Computer Journal, vol. 64, no. 8, pp. 1215-1225, Oct. 2020, doi: 10.1093/comjnl/bxaa141.

2. [2] R. Sabillon, J. Serra-Ruiz, V. Cavaller and J. Cano, "A Comprehensive Cybersecurity Audit Model to Improve Cybersecurity Assurance: The CyberSecurity Audit Model (CSAM)," 2017 International Conference on Information Systems and Computer Science (INCISCOS), Quito, Ecuador, 2017, pp. 253-259, doi: 10.1109/INCISCOS.2017.20.

3. [3] A. Atapour-Abarghouei, A. S. McGough and D. S. Wall, "Resolving the cybersecurity Data Sharing Paradox to scale up cybersecurity via a co-production approach towards data sharing," 2020 IEEE International Conference on Big Data (Big Data), Atlanta, GA, USA, 2020, pp. 3867-3876, doi: 10.1109/BigData50022.2020.9378014.

4. [4] N. Shingari, S. Verma, B. Mago and M. S. Javeid, "A review of cybersecurity challenges and recommendations in the healthcare sector," 2023 International Conference on Business Analytics for Technology and Security (ICBATS), Dubai, United Arab Emirates, 2023, pp. 1-8, doi: 10.1109/ICBATS57792.2023.10111096.

5. [5] C. Easttom, "SecML: A Proposed Modeling Language for CyberSecurity," 2019 IEEE 10th Annual Ubiquitous Computing, Electronics & Mobile Communication Conference (UEMCON), New York, NY, USA, 2019, pp. 1015-1021, doi: 10.1109/UEMCON47517.2019.8993105.