Abstract
The issues of the formation of bases of precedents related to the one of “big data” in the field of information security are considered. That manifests itself in the lack of opportunities for using classical methods of the data analysis in order to make informed decisions. As a rule, among the basic requirements for the mathematical and software information security include minimizing the cost of computing resources and high rates of generalizing ability based on the results of machine learning. To record those requirements, it is proposed to use several criteria. The application of criteria is associated with the formation of a latent feature space with a smaller dimension than the original one and the study of the structure of object relations in it. The analysis of the structure diversity of objects relations is carried out in the spaces formed by pairs of classes (type of DDOS attacks, normal traffic). A rule is proposed for including an object in the database of precedents. The effectiveness of using the precedent base is demonstrated (based on a test sample) using the k nearest neighbor recognition algorithms, Random Forest, and SVM. One of the types of DDOS attacks of the test sample is not presented in the training. Descriptions of objects are given without selection and with selection of informative features, according to the results of data normalization and without it.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
