Development of anomalous computer behavior detection method based on probabilistic automaton
Вантажиться...
Дата
2019
DOI
Науковий ступінь
Рівень дисертації
Шифр та назва спеціальності
Рада захисту
Установа захисту
Науковий керівник
Члени комітету
Видавець
National University of Civil Protection of Ukraine
Анотація
This work proposes anomalous computer system behavior detection method based on probabilistic automaton. Main components of the method are automaton structure generation model and its modification procedure. The distinctive feature of the method is the adaptation of the automaton structure generation procedure for detecting attack scenarios of the same type, by restructuring the automaton upon a match and by recalculating the probability of state changes. Proposed method allows to speed up the detection of anomalous computer behavior, as well as to detect anomalies in computer systems, scenario profiles of which only partially match the instances used to generate automaton structure. The obtained results allow us to conclude that the developed meth-od can be used in heuristic analyzers of anomaly detection systems.
Опис
Ключові слова
anomalous computer system behavior, probabilistic automaton, automaton state graph, heuristic analyzer, anomaly detection systems
Бібліографічний опис
Development of anomalous computer behavior detection method based on probabilistic automaton / V. Chelak [et al.] // Bezpieczeństwo w cyberprzestrzeni społeczna przestrzeń internetu w kontekście wartości i zagrożeń = Security in cervatury, the social internet space in context values and hazards : redakcja naukowa / ed. M. Koziński [et al.]. – Slupsk ; Charkov, 2019. – P. 237-258.