网络攻击检测系统的信息极限机器学习

Q3 Computer Science
A. Dovbysh, Volodymyr Liubchak, I. Shelehov, J. Simonovskiy, Alona Tenytska
{"title":"网络攻击检测系统的信息极限机器学习","authors":"A. Dovbysh, Volodymyr Liubchak, I. Shelehov, J. Simonovskiy, Alona Tenytska","doi":"10.32620/reks.2022.3.09","DOIUrl":null,"url":null,"abstract":"The study aims to increase the functional efficiency of a machine learning cyber attack detection system. An information-extreme machine learning method of the cyberattack detection system with optimization of control tolerances for recognition features that reflect the traffic properties of the info-communication system has been developed. The method is developed within the framework of the functional approach to modeling of cognitive processes of natural intelligence at the formation and acceptance of classification decisions. This approach, in contrast to known methods of data mining, including neuron-like structures, allows giving the recognition system adaptability to arbitrary initial conditions of the learning matrix and flexibility in retraining the system by expanding the recognition classes alphabet. The method idea is to maximize the information capacity of the attack detection system in the machine learning process. A modified Kullback information measure is used as a criterion for optimizing machine learning parameters. According to the proposed categorical functional model, algorithmic software for attack detection system in the mode of machine learning with the depth of the second level has been developed and implemented. However, the depth level is determined by the number of machine learning parameters, which were optimized. The geometric parameters of the recognition hyperspherical containers classes and the control tolerances on the recognition features were considered as optimization parameters, which played the role of input data quantization levels in the transformation of the input Euclidean learning matrix of the type \"object-property\" into a working binary learning matrix given in the Hamming space. Admissible transformations of the working training matrix of the offered method allow adapting the input mathematical description of the attacks detection system to the maximum full probability of the correct classification decisions acceptance. Based on the results of information-extreme machine learning within the geometric approach, decisive rules are constructed as practically invariant to the multidimensionality of the recognition features space. The computer simulation results of information-extreme machine learning of the attack detection system to recognize four host traffic of different profiles confirm the developed method's efficiency.","PeriodicalId":36122,"journal":{"name":"Radioelectronic and Computer Systems","volume":" ","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2022-10-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"Information-extreme machine learning of a cyber attack detection system\",\"authors\":\"A. Dovbysh, Volodymyr Liubchak, I. Shelehov, J. Simonovskiy, Alona Tenytska\",\"doi\":\"10.32620/reks.2022.3.09\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The study aims to increase the functional efficiency of a machine learning cyber attack detection system. An information-extreme machine learning method of the cyberattack detection system with optimization of control tolerances for recognition features that reflect the traffic properties of the info-communication system has been developed. The method is developed within the framework of the functional approach to modeling of cognitive processes of natural intelligence at the formation and acceptance of classification decisions. This approach, in contrast to known methods of data mining, including neuron-like structures, allows giving the recognition system adaptability to arbitrary initial conditions of the learning matrix and flexibility in retraining the system by expanding the recognition classes alphabet. The method idea is to maximize the information capacity of the attack detection system in the machine learning process. A modified Kullback information measure is used as a criterion for optimizing machine learning parameters. According to the proposed categorical functional model, algorithmic software for attack detection system in the mode of machine learning with the depth of the second level has been developed and implemented. However, the depth level is determined by the number of machine learning parameters, which were optimized. The geometric parameters of the recognition hyperspherical containers classes and the control tolerances on the recognition features were considered as optimization parameters, which played the role of input data quantization levels in the transformation of the input Euclidean learning matrix of the type \\\"object-property\\\" into a working binary learning matrix given in the Hamming space. Admissible transformations of the working training matrix of the offered method allow adapting the input mathematical description of the attacks detection system to the maximum full probability of the correct classification decisions acceptance. Based on the results of information-extreme machine learning within the geometric approach, decisive rules are constructed as practically invariant to the multidimensionality of the recognition features space. The computer simulation results of information-extreme machine learning of the attack detection system to recognize four host traffic of different profiles confirm the developed method's efficiency.\",\"PeriodicalId\":36122,\"journal\":{\"name\":\"Radioelectronic and Computer Systems\",\"volume\":\" \",\"pages\":\"\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-10-04\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Radioelectronic and Computer Systems\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.32620/reks.2022.3.09\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"Computer Science\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Radioelectronic and Computer Systems","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.32620/reks.2022.3.09","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"Computer Science","Score":null,"Total":0}
引用次数: 3

摘要

本研究旨在提高机器学习网络攻击检测系统的功能效率。开发了一种网络攻击检测系统的信息极端机器学习方法,该方法具有对反映信息通信系统流量特性的识别特征的控制容差的优化。该方法是在分类决策形成和接受时自然智能认知过程建模的功能方法框架内开发的。与包括神经元样结构在内的已知数据挖掘方法相比,这种方法允许识别系统对学习矩阵的任意初始条件具有适应性,并通过扩展识别类字母表来灵活地重新训练系统。该方法的思想是在机器学习过程中最大限度地提高攻击检测系统的信息容量。使用改进的Kullback信息测度作为优化机器学习参数的标准。根据所提出的分类函数模型,开发并实现了深度为二级的机器学习模式下的攻击检测系统算法软件。然而,深度水平是由经过优化的机器学习参数的数量决定的。将识别超球容器类的几何参数和识别特征的控制容差视为优化参数,在将输入的“对象属性”类型的欧几里得学习矩阵转换为Hamming空间中给定的工作二进制学习矩阵的过程中,这些参数起到了输入数据量化级别的作用。所提供的方法的工作训练矩阵的可容许变换允许将攻击检测系统的输入数学描述调整为正确分类决策被接受的最大全概率。基于几何方法中的信息极限机器学习结果,将决定性规则构造为对识别特征空间的多维性实际上不变。攻击检测系统的信息极限机器学习识别不同配置文件的四个主机流量的计算机仿真结果证实了所开发方法的有效性。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
Information-extreme machine learning of a cyber attack detection system
The study aims to increase the functional efficiency of a machine learning cyber attack detection system. An information-extreme machine learning method of the cyberattack detection system with optimization of control tolerances for recognition features that reflect the traffic properties of the info-communication system has been developed. The method is developed within the framework of the functional approach to modeling of cognitive processes of natural intelligence at the formation and acceptance of classification decisions. This approach, in contrast to known methods of data mining, including neuron-like structures, allows giving the recognition system adaptability to arbitrary initial conditions of the learning matrix and flexibility in retraining the system by expanding the recognition classes alphabet. The method idea is to maximize the information capacity of the attack detection system in the machine learning process. A modified Kullback information measure is used as a criterion for optimizing machine learning parameters. According to the proposed categorical functional model, algorithmic software for attack detection system in the mode of machine learning with the depth of the second level has been developed and implemented. However, the depth level is determined by the number of machine learning parameters, which were optimized. The geometric parameters of the recognition hyperspherical containers classes and the control tolerances on the recognition features were considered as optimization parameters, which played the role of input data quantization levels in the transformation of the input Euclidean learning matrix of the type "object-property" into a working binary learning matrix given in the Hamming space. Admissible transformations of the working training matrix of the offered method allow adapting the input mathematical description of the attacks detection system to the maximum full probability of the correct classification decisions acceptance. Based on the results of information-extreme machine learning within the geometric approach, decisive rules are constructed as practically invariant to the multidimensionality of the recognition features space. The computer simulation results of information-extreme machine learning of the attack detection system to recognize four host traffic of different profiles confirm the developed method's efficiency.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
Radioelectronic and Computer Systems
Radioelectronic and Computer Systems Computer Science-Computer Graphics and Computer-Aided Design
CiteScore
3.60
自引率
0.00%
发文量
50
审稿时长
2 weeks
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信