Интеллектуальный анализ сетевого трафика для идентификации компьютерных вторжений
The article considers the process of building an intrusion detection system using intelligent
network traffic analysis. The requirements for the developed system of intrusion detection are formulated,
as well as its architecture is proposed. As a mechanism for making decisions about the presence
of attacks, it is suggested to use methods of inductive machine learning, namely, artificial neural networks.
The paper proposes the construction of a neural network model based on a multilayer perceptron,
for which the most significant input parameters are determined. The technique of constructing the
intelligent network traffic analysis module, its logic of work are considered. The client-server application
for network traffic analysis on the generated parameters was developed ang the results of testing
are given in the paper. The created module of intelligent network traffic analysis shows high accuracy
of attacks identification. To increase the accuracy of network attack classification, in future studies, it
is planned to supplement the intelligent network traffic analysis module with other methods of machine
learning, in particular, the machine classifier.