Basic clustering algorithms used for monitoring the processes of the ATM's OS

Abstract

The number of highly sophisticated software-based attacks on ATMs is growing these days. New types of threats require new ways of system protection. Most secure solutions are based on whitelists and sandboxes, which unlike antivirus solutions are able to protect the system against any new threat. Sadly, they are hard to configure therefore require an expert-level knowledge of operating system mechanisms and software security techniques. The main purpose of this article is to present the possibilities of using clustering algorithms in a configuration process of a sandbox-based security solution. Results of the experimental studies show that even basic clustering algorithms can be used as a part of the configuration process. Achieved results were deemed promising by the control algorithm and thus can be used as a base for future research.