CONCEPT OF THE SYSTEM OF DETECTION AND PREVENTION OF NETWORKS

Authors

  • O. Makarenko
  • A. Yanko

DOI:

https://doi.org/10.26906/SUNZ.2022.2.059

Keywords:

active network sensor, information security, computer network, network intrusion detection systems, unauthorized access, intrusion prevention system

Abstract

Detecting and preventing network attacks is one of the most important tasks of a network security system. It is now difficult to find a network that does not have such active attack prevention tools as antivirus, firewall, intrusion prevention and detection systems. Unfortunately, active means of repelling attacks alone are not enough. Therefore, in addition, passive means of combating attacks are used - network intrusion detection systems. Therefore, this article is devoted to protecting computer networks from attacks, intrusions and unauthorized access. Particular attention is paid to the principle of operation of network systems for detection and prevention of intrusions. This article discusses the different types of intrusion detection mechanisms and the benefits of their use. Intrusion prevention systems that operate on the basis of rules and anomalies are also analyzed in detail. Behavioral analytics of UEBA users and objects for detection of security breaches are considered. As an example, we used Microsoft ATA and Azure Security Center, which was used as a hybrid solution for behavioral analysis of computer network users. The example of the Azure Security Center explores intelligent security tools and the expansion of analytics to more quickly detect threats and reduce the number of false alarms. Based on the considered concept of detection and prevention of intrusions, it is possible to build an effective notification system for network protection.

Downloads

Download data is not yet available.

References

Широчин В. П., Мухін В. Є., Кулик А. В. Питання проектування засобів захисту інформації в комп'ютерних системах та мережах. Київ; «СТОЛІТТЯ+». 2000. – 111 с.

Ганієв С. К., Карімов М. М. «Питання оптимального сегментування топології локальних комп'ютерних мереж».- Ташкент, Проблеми інформатики та енергетики, 2001 № 2.-С.20-25.

Stephen Northcutt, Judy Novak. Network Intrusion Detection: An Analysts Handbook Third Edition,2001. – 384 p.

Michael Collins. Network Security Through Data Analysis: From Data to Action 2nd Edition, 2017. – 428 р.

Yuri Diogenes, Erdal Ozkaya. Cybersecurity – Attack and Defense Strategies, 2020. – 326 р.

Journal Cover Image

Downloads

Published

2022-06-07

Issue

Vol. 2 No. 68 (2022): Control, Navigation and Communication Systems

Section

Information Technology

Most read articles by the same author(s)