Исследование алгоритмов адаптивных нейро-нечетких сетей ANFIS для решения задачи идентификации сетевых атак

Abstract

At the moment, the pace of change in the nature of cybersecurity incidents necessitates the modification of existing algorithms for identifying attacks in intrusion detection systems in such a way that a quick response to new types of attacks is carried out. Modern algorithms for data mining allow building solutions to such problems, however, the result, as a rule, depends both on the tools and learning algorithms used, and on the quality of the data on which the model is built. To improve the quality of data due to objective uncertainty, there is a complex of methods and algorithms for processing and filtering, while the influence of the subjectivity of experts is the most difficult task, the effectiveness of which was shown by the systems of neuro-fuzzy inference. In this regard, this work is aimed at studying the algorithms of adaptive neuro-fuzzy networks ANFIS based on various representations of fuzzy rules that allow the classification of incoming network traffic to identify various cybersecurity incidents. The obtained results of a general assessment of the effectiveness of identifying network attacks using various measures of accuracy showed that the most optimal neuro-fuzzy classifier is the ANFIS network using fuzzy Takagi-Sugeno-Kanga inference. At the same time, the least effective results of identifying various types of network attacks were shown by the use of Wang-Mendel's fuzzy inference. The developed modules can be used to process data received from sensors of the security information and event management system.