Using a neural network instead of the knowledge base in the expert system of web resources malicious traffic detector.
Abstract
The modern world of information technology provides us with a wide range of web applications. Indeed, there is a constant need for solid protection of web resources and their confidential information. As the number of cyber-attacks increases, so do their critical consequences for organizations and individuals. This work developed the elements of the expert system and evaluated their effectiveness. The main purpose of using an expert system is to increase the protection of web resources against cyberattacks (such as SQLi, XSS, SSI, BufferOverflow, etc.) by ensuring that information security specialists are quickly aware of the attack presence. The neural network is capable of detecting and classifying malicious web server traffic. The advantages of using a neural network include: effective construction of non-linear dependencies, adaptation to changes and evaluation of “zero-day" attacks, fault tolerance, relative simplicity of implementation, calculation speed after training. The result of the work is a developed element of the expert system – a trained and verified neural network model that guarantees 98% success in detecting cyberattacks on web resources, as well as errors types I and II in the neural model do not exceed 5%.
Downloads
References
Корченко, О. Г., Терейковський, І. А., Дзюбаненко, А. В. (2014). Сучасні нейромережеві методи та моделі оцінки па-раметрів безпеки ресурсів інформаційної системи. Вилучено із https://doi.org/10.18372/2410-7840.16.7539
Batista, L. O., de Silva, G. A., Araujo, V. S., Araujo, V. J. S., Rezende, T. S., Guimarães, A. J., Souza, P. V. D. C. (2019). Fuzzy neural networks to create an expert system for detecting attacks by sql injection. Вилучено із https://doi.org/10.48550/arXiv.1901.02868
Mahdavifar, S., Ghorbani, A. A. (2020). DeNNeS: deep embedded neural network expert system for detecting cyber attacks. Neural Computing and Applications. Вилучено із https://doi.org/10.1007/s00521-020-04830-w
OWASP Top 10 Application Security Risks. (2021). Вилучено із https://owasp.org/Top10/
Common Weakness Enumeration (CWЕ) Top 25 Most Dangerous Software Weaknesses. (2022). Вилучено із https://cwe.mitre.org/top25/archive/2022/2022_cwe_top25.html
Дунець, Р. Б., Рак, Ю. П., & Зачко, О. Б. (2008). Класифікація територій засобами нейронних мереж для управління проектами в забезпеченні екологічної безпеки. https://sci.ldubgd.edu.ua/jspui/handle/123456789/2505
Torrano C., Perez A., Alvarez G. (2022). What is Torpeda. Вилучено із https://www.tic.itefi.csic.es/torpeda/default.html
Соснин А. С., Суслова И. А. (2019). Функции активации нейросети: сигмоида, линейная, ступенчатая, RELU, TAHN. Екатеринбург: РГППУ.
Гафаров Ф. М., Галимьянов А. Ф. (2018). Искусственные нейронные сети и их приложения. Уч. руководство. Казань: Издательство Казанского университета.
Brownlee J. (2017). Gentle Introduction to the Adam Optimization Algorithm for Deep Learning: Deep Learning Performance. Вилучено із https://machinelearningmastery.com/adam-optimization-algorithm-for-deep-learning/
