Anotation. Aseeva L.A. Management of information security of the enterprise using methods of machine learning and fuzzy logic. - Qualifying scientific work on manuscript rights.
Dissertation for obtaining the scientific degree of Doctor of Philosophy in the field of knowledge 12 - Information technologies in the specialty 125 - Cybersecurity. - State University of Information and Communication Technologies, Kyiv, 2023.
Modern enterprises actively use information systems and technologies in their activities, they have become an integral part of business and everyday life, therefore ensuring the reliability and security of these systems is a very important task. One of the main components of the construction and use of cyber protection systems is the assessment of information security risks and the detection of network intrusions. The dissertation work is devoted to the solution of the actual scientific task of developing models, methods and algorithms of the information security management system as part of the information system of the enterprise based on the approaches of machine learning and fuzzy logic.
The purpose of the dissertation is to increase the speed and accuracy of the analytical unit of the information security management system as part of the company's information system due to the development of appropriate models, methods and algorithms based on machine learning approaches and fuzzy logic. To achieve the specified goal, the following partial tasks were performed: review of existing approaches to managing information security of the enterprise and ensuring cyber security; creation of a risk assessment model for information security of enterprise documents based on fuzzy logic and the method of analyzing hierarchies; development of a hybrid intrusion detection method based on an ensemble learning model using fuzzy logic algorithms; development of a method for selecting a set of features for training intrusion classification models using machine learning algorithms and fuzzy logic; study of the effectiveness of proposed intrusion detection methods and development of recommendations for their application in the information security management system of the enterprise.
The scientific novelty of the research results is as follows.
For the first time, a hybrid method of detecting intrusions into the corporate network was developed, the novelty of which is the use of an ensemble approach based on fuzzy logic algorithms to combine the results of data classification by separate machine learning models, which ensured higher accuracy compared to existing methods.
The method of selecting a set of features for training intrusion classifiers received further development, which, unlike others, is based on an ensemble approach using fuzzy logic to evaluate the importance of a feature, which made it possible to increase reliability and reduce the dimensionality of the set of features.
The information security risk assessment model of the company's documents received further development due to the formalization of their structure, operations on them and factors of violation of their integrity, confidentiality and availability based on fuzzy logic and the method of analysis of hierarchies, which made it possible to take into account the uncertainty and blurring of information about the components of danger.
The practical significance of the obtained results lies in increasing the speed and accuracy of the analytical unit of the information security management system as part of the company's information system. The application of the proposed method of selecting a set of features for training intrusion classification models made it possible to reduce the training time by 50-60% and reduce the time to detect a possible intrusion by 30-40% due to increasing reliability and reducing the dimensionality of the set of features. The use of research results allows to increase the accuracy of detection of intrusions into the company's corporate network by 3-5% compared to existing methods. The results of the dissertation work have been accepted for implementation in Huawei Ukraine LLC, in RENTSOFT LLC, in the educational process of the State University of Information and Communication Technologies.
The scientific task solved in this dissertation study is of significant importance for the theoretical and applied foundations of information security risk assessment and the construction of intrusion detection systems in the management of information security of enterprises. Keywords: information security, information technology, machine learning, fuzzy logic, attack detection system, reliability of event recognition, network security flaws, cyber security, cyber security risk management, model, vulnerabilities of information systems, ensemble learning, information, possibility of correct detection, feature selection.