Определение параметров скрытых угроз раннего обнаружения в информационных системах для задач машинного обучения
The purpose of the analysis is to identify new signs in which there is a probability of the presence of components of hidden threats in the system or a forecast of possible states of inactivity of system modules. The diversity of the software used and the problems that arise at the same time are described. The study is carried out under the conditions of creating a simulation model in Anylogic used to determine fault criteria. The detected dependencies are confirmed by output data in the form of graphs. Certain dependencies and features are a contribution for future research and publications, and the data are also applicable to the knowledge base being developed. The created query processing model showed the dependence of the characteristics of the input parameters on the time and noise of the data stream. The analysis also confirms the presence of a malfunction in the data processing flow. The existing solutions for detecting attacks are based on the introduction of software and hardware and on measures of a general nature of protection. In order to establish a hidden threat, such schemes may and will work effectively, but in conditions of longterm hidden threats, an assessment of the situation at different levels is needed, an analysis of signs of all stages of the malfunction state, the use of a predictive model and it is not enough to use disparate means of protection in the form of software, antiviruses, etc. Research in the field of finding dependencies and parameters for predicting cyberattacks on information systems is relevant due to the increasing complexity and frequency of cyberattacks. This allows you to promptly warn about possible threats, take measures to protect information systems, minimize economic losses and develop analytical capabilities in the field of cybersecurity. This direction retains its stability and uniqueness in the field of process research, namely the ability to learn and carry out in-depth analysis of parametric data. implementation of anomaly search within the intrusion detection system.