Abstract
The aim of the work is to develop a way to identify complex computer incidents carried out by attackers by exploiting vulnerabilities of information systems. The research method is the analysis of entries in the system logs of the Microsoft Windows operating system using the Random Forest machine learning algorithm. The result obtained: despite the wide variety of different types of malicious software used by attackers in conducting computer attacks, they all leave traces of their functioning to the network infrastructure that has been exposed to unauthorized effects. One of the ways to identify computer incidents is to examine the log files of various information systems, including the system logs of the operating system for the identification of hidden patterns and various anomalies. The functioning of any computer program can be represented as a unique set of records in the system logs of the operating system, which can be considered as features of an object. The paper analyzes the Security log of the operating system after exploiting various vulnerabilities that are popular in the hacker environment. On the data set formed in this way using a machine learning algorithm, a model is built that allows you to further identify objects that have been exposed to unauthorized effect. The scientific novelty consists in creating a way to identify complex computer incidents based on the results of studying the logs of the operating system using a machine learning algorithm.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
