Methodology for detecting network intrusions and signs of computer attacks based on an empirical approach

Abstract

The article analyzes the characteristics of detection of network intrusions into the information system and detection of signs of computer attacks at the enterprise; analysis of possible actions by attackers, methods and principles of establishing an optimal network intrusion detection system were investigated; considered the possibilities of developing and using systems for detecting network intrusions and detecting signs of computer attacks at the enterprise in modern conditions; researched and developed recommendations for the implementation of intrusion detection systems and detection of signs of computer attacks for possible further installation in the information protection system of any organization.