Analysis of Methods and Systems of Computer Attacks Detection and Probabilistic Representation of Conditions to Respond

摘要

Currently, the trend of detection, identification, elimination of cyber-attacks is due to development and usage of informational technologies. For detecting and identifying computer attacks relevant Intrusion Detection Systems (hereinafter - IDS) are applied. Modern IDS typically are founded operate to detect one of two classes of intrusion detection. The first class of attacks is detected by methods, in which existing attacks developing according to a certain scenario of attack, are described. The second class of methods of anomalies detection attacks is detected by methods anomaly detection - deviation from normal behavior of a protectable system and processes in it. Therefore, on that basis development of comprehensive method of detecting computer attacks (impacts) to detect the attacks of first and second classes for a certain time interval is considered in order to increase probability of detecting are attack to a computer system under protection.