Visible to the public Biblio

Filters: Author is Saenko, Igor  [Clear All Filters]
2022-03-02
Kotenko, Igor, Saenko, Igor, Lauta, Oleg, Karpov, Mikhail.  2021.  Situational Control of a Computer Network Security System in Conditions of Cyber Attacks. 2021 14th International Conference on Security of Information and Networks (SIN). 1:1–8.
Modern cyberattacks are the most powerful disturbance factor for computer networks, as they have a complex and devastating impact. The impact of cyberattacks is primarily aimed at disrupting the performance of computer network protection means. Therefore, managing this defense system in the face of cyberattacks is an important task. The paper examines a technique for constructing an effective control system for a computer network security system operating in real time in the context of cyber attacks. It is supposed that it is built on the basis of constructing a system state space and a stack of control decisions. The probability of finding the security system in certain state at each control step is calculated using a finite Markov chain. The technique makes it possible to predict the number of iterations for managing the security system when exposed to cyber attacks, depending on the segment of the space of its states and the selected number of transitions, as well as automatically generate control decisions. An algorithm has been developed for situational control of a computer network security system in conditions of cyber attacks. The experimental results obtained using the generated dataset demonstrated the high efficiency of the developed technique and the ability to use it to determine the parameters that are most susceptible to abnormal deviations during the impact of cyber attacks.
2019-05-01
Kotenko, Igor, Ageev, Sergey, Saenko, Igor.  2018.  Implementation of Intelligent Agents for Network Traffic and Security Risk Analysis in Cyber-Physical Systems. Proceedings of the 11th International Conference on Security of Information and Networks. :22:1-22:4.

The paper offers an approach for implementation of intelligent agents intended for network traffic and security risk analysis in cyber-physical systems. The agents are based on the algorithm of pseudo-gradient adaptive anomaly detection and fuzzy logical inference. The suggested algorithm operates in real time. The fuzzy logical inference is used for regulation of algorithm parameters. The variants of the implementation are proposed. The experimental assessment of the approach confirms its high speed and adequate accuracy for network traffic analysis.