Zhadyra Avkurova; Sergiy Gnatyuk; Bayan Abduraimova; Kaiyrbek Makulov

Targeted Attacks Detection and Security Intruders Identification in the Cyber Space

PDF (730KB), PP.144-153

Views: 0 Downloads: 0

Author(s)

Zhadyra Avkurova ^1,* Sergiy Gnatyuk ² Bayan Abduraimova ³ Kaiyrbek Makulov ⁴

1. Department of AI Technology, NAO Karaganda Industrial University, Temirtau, 101400, Republic Str 30, Kazakhstan

2. Faculty of Computer Science and Technology, National Aviation University, Kyiv, Ukraine

3. Department of Computer Science, L. N. Gumilyov Eurasian National University, Nur-Sultan, Kazakhstan

4. Department of Computer Science, Yessenov Univeristy, Aktau, Kazakhstan

* Corresponding author.

DOI: https://doi.org/10.5815/ijcnis.2024.04.10

Received: 12 May 2023 / Revised: 15 Jul. 2023 / Accepted: 9 Oct. 2023 / Published: 8 Aug. 2024

Index Terms

Targeted Attacks, Cybersecurity, Detection, Information Infrastructure, Fuzzy Logic, APT, Modelling

Abstract

The number of new cybersecurity threats and opportunities is increasing over time, as well as the amount of information that is generated, processed, stored and transmitted using ICTs. Particularly sensitive are the objects of critical infrastructure of the state, which include the mining industry, transport, telecommunications, the banking system, etc. From these positions, the development of systems for detecting attacks and identifying intruders (including the critical infrastructure of the state) is an important and relevant scientific task, which determined the tasks of this article. The paper identifies the main factors influencing the choice of the most effective method for calculating the importance coefficients to increase the objectivity and simplicity of expert assessment of security events in cyberspace. Also, a methodology for conducting an experimental study was developed, in which the goals and objectives of the experiment, input and output parameters, the hypothesis and research criteria, the sufficiency of experimental objects and the sequence of necessary actions were determined. The conducted experimental study confirmed the adequacy of the models proposed in the work, as well as the ability of the method and system created on their basis to detect targeted attacks and identify intruders in cyberspace at an early stage, which is not included in the functionality of modern intrusion detection and prevention systems.

Cite This Paper

Zhadyra Avkurova, Sergiy Gnatyuk, Bayan Abduraimova, Kaiyrbek Makulov, "Targeted Attacks Detection and Security Intruders Identification in the Cyber Space", International Journal of Computer Network and Information Security(IJCNIS), Vol.16, No.4, pp.144-153, 2024. DOI:10.5815/ijcnis.2024.04.10

Reference

[1]Yu. Danik, R. Hryschuk, S. Gnatyuk, Synergistic effects of information and cybernetic interaction in civil aviation, Aviation, Vol. 20, №3, рр. 137-144, 2016.
[2]Avkurova Z., Gnatyuk S., Abduraimova B., Fedushko S., Syerov Y., Trach O. Models for early web-attacks detection and intruders identification based on fuzzy logic, Procedia Computer Science, 2021, Vol. 198, pp. 694-699.
[3]Avkurova Z., Gnatyuk S., Abduraimova B. Structural and Analytical Models for Early APT-Attacks Detection in Critical Infrastructure, Communications in Computer and Information Science, 2022, Vol. 1635, pp. 455-468.
[4]Gnatyuk S., Berdibayev R., Avkurova Z., Verkhovets O., Bauyrzhan M. Studies on cloud-based cyber incidents detection and identification in critical infrastructure, CEUR Workshop Proceedings, 2021, Vol. 2923, pp. 68-80.
[5]E. A. Burkov, P. I. Paderno, O. E. Siryk, E. A. Lavrov and N. B. Pasko, "Analysis of Impact of Marginal Expert Assessments on Integrated Expert Assessment," 2020 XXIII International Conference on Soft Computing and Measurements (SCM), 2020, pp. 14-17, doi: 10.1109/SCM50615.2020.9198772.
[6]P. D. Reddy and A. Mahajan, "Expert System for Generating Teaching Plan Based on Measurable Learning Objectives and Assessment," 2016 IEEE 16th International Conference on Advanced Learning Technologies (ICALT), Austin, TX, USA, 2016, pp. 207-208, doi: 10.1109/ICALT.2016.61.
[7]E. Szafranko, "Methodology of an Assessment of Building Construction Variants with the Use of Expert Systems," 2017 Baltic Geodetic Congress (BGC Geomatics), Gdansk, Poland, 2017, pp. 252-256, doi: 10.1109/BGC.Geomatics.2017.13.
[8]Iashvili G., Avkurova Z., Iavich M., Bauyrzhan M., Gagnidze A., Gnatyuk S. Content-Based Machine Learning Approach for Hardware Vulnerabilities Identification System, Lecture Notes on Data Engineering and Communications Technologies, Vol. 83, pp. 117-126, 2021.
[9]Gnatyuk S., Berdibayev R., Smirnova T., Avkurova Z., Iavich M. Cloud-Based Cyber Incidents Response System and Software Tools, Communications in Computer and Information Science, Vol. 1486, pp. 169-184, 2021.
[10]Z. Ni and B. Huang, "Gait-Based Person Identification and Intruder Detection Using mm-Wave Sensing in Multi-Person Scenario," in IEEE Sensors Journal, vol. 22, no. 10, pp. 9713-9723, 15 May15, 2022, doi: 10.1109/JSEN.2022.3165207.
[11]M. Poorani, V. Vaidehi, M. Rajesh, Bharghavi, Balamuralidhar and G. Chandra, "Semantic Intruder Detection System in WSN," ICoAC 2010, Chennai, India, 2010, pp. 26-32, doi: 10.1109/ICOAC.2010.5725357.
[12]K. Rajesh, V. Shaguftha, A. Deepika, S. Rajendran and A. Ramukumar, "Intruder Detection and Adaptive Irrigation System Using IOT," 2021 Second International Conference on Electronics and Sustainable Communication Systems (ICESC), Coimbatore, India, 2021, pp. 712-716, doi: 10.1109/ICESC51422.2021.9532778.
[13]Du Chunlai,hang Jianshun,Ma Li,"Defense on Split-Network Attack in Wireless Sensor Network", International Journal of Wireless and Microwave Technologies, vol.2, no.1, pp.38-44, 2012.
[14]Syed Golam Abid, Muntezar Rabbani, Arpita Sarker, Tasfiq Ahmed Rafi, Dip Nandi, "Comparative Analysis of Threat Detection Techniques in Drone Networks", International Journal of Mathematical Sciences and Computing(IJMSC), Vol.10, No.2, pp. 32-48, 2024.
[15]Savenko, O., Sachenko, A., Lysenko, S., Markowsky, G., & Vasylkiv, N. (2020). Botnet Detection Approach Based on the Distributed Systems. International Journal of Computing, 19(2), 190-198. https://doi.org/10.47839/ijc.19.2.1761
[16]J. Li, T. Li, R. Zhang, D. Wu, H. Yue and Z. Yang, "APM: An Attack Path-based Method for APT Attack Detection on Few-Shot Learning," 2023 IEEE 22nd International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), Exeter, United Kingdom, 2023, pp. 10-19, doi: 10.1109/TrustCom60117.2023.00025.
[17]C. Sheng and C. Gang, "APT Attack and Detection Technology," 2024 IEEE 6th Advanced Information Management, Communicates, Electronic and Automation Control Conference (IMCEC), Chongqing, China, 2024, pp. 795-801, doi: 10.1109/IMCEC59810.2024.10575432.

International Journal of Computer Network and Information Security (IJCNIS)