Detection of information security threats using deep neural networks in computer networks in real time

Currently, the issue of detecting information security threats in computer networks is becoming a problem when it comes to preventing such threats in real time. The number of subscribers of almost any computer network is growing and so does the number of threats that can create a potential danger to the functioning of the network. In this regard, modern mechanisms that will help to respond to emerging information security threats in a timely manner are required. In this paper, the analysis of possible mechanisms of protection against security threats in computer networks is carried out and a methodology for implementing such protection using neural networks is proposed. In addition, a control example is implemented with a trained deep neural network which is able to detect information security threats with high accuracy and minimal delays. The materials of the article are of practical value when incorporating such a neural network into an intrusion detection system. By means of the method proposed in the article, it is possible to achieve a near-real-time response to information security threats and, as a result, prevent possible information security accidents.

1. Information protection. Basic terms and definitions: GOST R 50922-2006, instead of GOST R 50922-96. 2008. 5 p. Available by: http://www.consultant.ru (accessed on 10.03.2022). (In Russ.).

2. Demidov R.A. Identification of threats to information security violations in networks with dynamic topology using deep learning methods. Dissertation for the degree of Candidate of Technical Sciences. 2018. 143 p. (In Russ.).

3. Neural network. Online modeling. Available by: http://primat.org/demo/network/network.html#1 (accessed on 11.03.2022). (In Russ.).

4. Neural networks and Deep Learning, Chapter 1: Using neural networks to recognize handwritten digits. Available by: https://habr.com/ru/post/456738 (accessed on 13.03.2022). (In Russ.).

5. Vorobyev L.V. Information transmission systems and networks: a textbook for students of higher educational institutions. M.: Izdatel'skiy tsentr «Akademiya»; 2009. 336 p. (In Russ.).

6. Goldstein B.S. Communication networks: a textbook for students of higher educational institutions. SPb.: BKHV Sankt-Peterburg; 2010. 400 p. (In Russ.).

7. Information protection. Ensuring the security of telecommunication networks. General provisions: GOST R 52488-2005. 2007. 7 p. Available at: http://www.consultant.ru (accessed on 20.03.2022). (In Russ.).

8. Information protection. Vulnerabilities of information systems. Classification of information system vulnerabilities: GOST R 56546-2015. 2016:1-17. Available by: http://www.consultant.ru (accessed on 20.03.2022). (In Russ.).

9. Information technology. Methods and means of ensuring security. Criteria for assessing the security of information technologies. Part 1. Introduction and general model: GOST R ISO IEC 15408-1-2012 instead of GOST R ISO IEC 15408-2008. 2013. 56 p. Available by: http://www.consultant.ru (accessed on 20.03.2022). (In Russ.).

10. Krukhmalev V.V., Gordienko V.N. Fundamentals of building telecommunication systems and networks: a textbook for students of higher educational institutions. 2004. 510 p. (In Russ.).

11. Sokolov A.V. Information protection in distributed corporate networks and systems. 2002. 656 p. (In Russ.).

12. Neural network for detecting security threats. Available by: https://github.com/NikolaCloud/Neural.git (accessed on 17.05.2022). (In Russ.).