Etalons models of linguistic variables for email-spoofing-attack detection systems

Abstract

The development of information systems in the modern world is inextricably linked with the improvement of destructive software, which is aimed at the various resources of information systems. Among the various ways to influence the user, the most dangerous are those that masking by under the really existing software or web service and are trying to access the personal data of the user, or use its resources or software for fraudulent purposes. The activation of such attacks requires the creation of specialized means of detection and counteraction, which will be equally effective against both present and future cyber threats with unidentified or unclearly defined properties. That is, similar means can function in a fuzzy, poorly formalized environment. Modern methods, models and systems based on fuzzy sets can be used to construct and improve existing tools for detecting intrusions and anomalies in information systems that arise as a result of the implementation of cyber threats. There are a number of developments that are used when they are detected, one of which is the method of forming linguistic etalons for intrusion detection systems. In the described method, the mechanism of the process of forming parameters etalons for email spoofing attacks is not disclosed. With this in mind, a model of linguistic variables etalons was developed for detecting email spoofing attacks, which would formalize the process of obtaining parameter benchmarks. (the number of detected IP addresses in spam bases, the number of spam words in the topic, the number of spam messages in the message) for given linguistic variables of the selected environment when solving problems, in relation to detection of attacks. Similar models can be used to increase the effectiveness of information security measures aimed at countering email spoofing attacks in information systems.