DEVELOPMENT OF A METHOD FOR IDENTIFYING ABNORMAL COMPUTER SYSTEM BASED ON FUZZY LOGIC
DOI:
https://doi.org/10.26906/SUNZ.2019.1.107Keywords:
malware, PE file structure, abnormal state, computer system, Mamdani fuzzy logicAbstract
The subject matter of the article is investigation the methods for identifying the anomalous state of computer systems. The goal of the article is to develop a method for identifying the anomalous state of a computer system based on the fuzzy logic. Tasks: to investigate methods for identifying the anomalous state of computer systems; to analyze the RE-structure of harmful and safe software for selecting input data and select signs; to estimate these signs using a linear programming apparatus; to develop a method for identifying the state of a computer system using fuzzy logic; to investigate and chose the type of the membership function; to minimize the number of rules, to test this method. The methods used are: a linear programming apparatus and a fuzzy logic apparatus. The results were as follows. A method for identifying the state of a computer system based on fuzzy logic was developed. The signs of harmful and safe software was selected and evaluated using a linear programming device. The choice of the type of the membership function was well founded and the number of rules was minimized. The proposed method was tested. Conclusion. The scientific novelty of the obtaining results is as follows. The investigation for the selection of input data for analysis was conducted. The method of identifying the state of a computer system based on Mamdani fuzzy logic was developed. The choice of the type of membership function was founded, the number of rules using the partial description method by pairwise taking into account fuzzy sets of input variables was minimized. It increase 5 times the speed of the identification method.Downloads
References
Маккафри Дж. Кластеризация данных с использованием наивного байесовского вывода. [Електронний ресурс], – Режим доступу: http://msdn.microsoft.com/ru-ru/magazine/jj991980.aspx.
Лифшиц Ю. Метод опорных векторов. [Електронний ресурс], – Режим доступу: http://yury.name/internet/07ianote.pdf.
Хайкин С. Нейронные сети: полный курс. М.: Издательский дом "Вильямс", 2006.– 1104 c.
Семенов С.Г. Защита данных в компьютеризированных управляющих системах (монография). / С.Г. Семенов, В.В. Давыдов, С.Ю. Гавриленко // «LAP LAMBERT ACADEMIC PUBLISHING»: Germany, 2014. – 236 с. Рутковская Д., Пилиньский М., Рутковский Л. Нейронные сети, генетические алгоритмы и нечеткие системы. М.: Горячая линия – Телеком, 2006. – 452 c.
Энгельгардт В. В. Генетический алгоритм структурно-параметрической идентификации линейных динамических систем с помехами на входе и выходе /В. В. Энгельгардт // Известия высших учебных заведений. Поволжский регион. Технические науки. – 2013. - № 4 (28). С. 5-18.
Sen A Regression Analysis.Theory, Methods, and Applications / A. Sen, M. Srivastava, // Springer-Verlag, Berlin, 2011, – 264 p.
Weedmark David. "The Advantages & Disadvantages of a Multiple Regression Model." Sciencing, 2018, [Електронний ресурс] – Режим доступу: https://sciencing.com/advantages-disadvantages-multiple-regression-model-12070171.html.
Flom Peter. "The Disadvantages of Linear Regression." Sciencing, 2018, [Електронний ресурс], – Режим доступу https://sciencing.com/disadvantages-linear-regression-8562780.html. (дата звернення: 04.12.2018)
Everitt, Brian Cluster analysis. / Everitt, Brian //Chichester, West Sussex, U.K: Wiley, 2011, – 330 p., ISBN 9780470749913, (дата звернення: 04.12.2018).).
Суслов С.А. "Кластерный анализ: сущность, преимущества и недостатки"/ С.А. Суслов// Вестник НГИЭИ// Н. Новгрод: 2010.– T. 1, N. 1, С. 51-57.
Barbara Illowsky Introductory Statistics / Barbara Illowsky, Susan Dean // OpenStax CNX, 2014, – 905 p.
Касперский К. Играй, как «Лаборатория Касперского»: компания открывает доступ к своей базе знаний о киберугрозах в рамках нового бизнес-сервиса – Режим доступу: https://www.kaspersky.ru/about/press-releases/2017_kompaniyaotkryvayet-dostup-k-svoyey-baze-znaniy-o-kiberugrozakh-v-ramkakh-novogo-biznes-servisa.
Kumar S.V.A. Anomaly based Intrusion Detection using Modified Fuzzy Clustering. International Journal of Interactive Multimedia and Artificial Intelligence. 2017.– № 4(6), рр.54-59. DOI 10.9781/ijimai.2017.469
Ghosh S. “Network anomaly detection using a fuzzy rule-based classifier”/ S. Ghosh, A. Pal, A. Nag, S. Sadhu and R. Pati, //Computer Communication and Electrical Technology, 2017 , pp. 61 -65.
Ali Feizollah. Anomaly Detection Using Cooperative Fuzzy Logic Controller/Conference Paper in Communications in Computer and Information Science · August 2013, pp 220-231, DOI: 10.1007/978-3-642-40409-2_19
Корченко А.А. Система выявления аномального состояния в компьютерных сетях / А.А. Корченко // Безпека інформації. –К.: 2012. – № 2 (18). С. 80-84.
Kuchuk G.A. An Approach To Development Of Complex Metric For Multiservice Network Security Assessment / G.A. Kuchuk, A.A. Kovalenko, A.A. Mozhaev // Statistical Methods Of Signal and Data Processing (SMSDP – 2010): Proc. Int. Conf., October 13-14, 2010.– Kiev: NAU, RED, IEEE Ukraine section joint SP, 2010. – P. 158 – 160.
V. Manikandan, V. Porkodi, Amin Salih Mohammed and M. Sivaram (2018), “Privacy preserving data mining using threshold based fuzzy cmeans clustering”, ICTACT Journal On Soft Computing, 2018, Vol. 09, Issue 01, pp. 1813-1816.
Amin Salih Mohammed, D Yuvaraj, M. Sivaram Murugan, V. Porkodi, “Detection and removal of black hole attack in mobile ad hoc networks using GRP protocol”, International Journal of Advanced Computer Research, vol. 9, no. 6, pp. 1-6, 2018, DOI: http://doi.org/10.26483/ijarcs.v9i6.6335
Saravana Balaji B., Amin Salih Mohammed, Chiai Al-Atroshi, “Adaptability of SOA in IoT Services – An Empirical Survey”, International Journal of Computer Applications, vol. 182(31), pp. 25-28, 2018, DOI: http://doi.org/10.5120/ijca2018918249
Корченко А.А. Система формирования нечетких эталонов сетевых параметров / А.А. Корченко // Захист інформації. – К.: 2013. – Т.15, №3. С. 240-246.
Штовба С.Д. Проектирование нечетких систем средствами MATLAB. - М.: Горячая линия-Телеком, 2007. – 288 c.
Леоненков А.В. Нечеткое моделирование в среде MATLAB и fuzzyTECH. - СПб: БХВ-Петербург, 2005. - 736 c.
Gavrylenko S. Development of a heuristic antivirus scanner based on the file's PE-structure analysis / S.Yu. Gavrylenko, М.S. Melnyk, V. V. Chelak// Інформаційні технології та комп’ютерна інженерія.– Вінниця: ВНТУ, 2017.– №3 (40), С. 23-29.
