CASPIAN JOURNAL
MANAGEMENT AND HIGH TECHNOLOGIES
Tracking status of information system based on analysis of event data
 |
Read | Umnitsyn M.Yu., Mikhalchenko S.V. Tracking status of information system based on analysis of event data // Caspian journal : management and high technologies. — 2017. — №4. — pp. 165-173. |
/165-173.jpg)
Umnitsyn M.Yu. - Senior Lecturer, Volgograd State University, 100 Universitetskiy Ave., Volgograd, 400062, Russian Federation, umnitsyn@volsu.ru
Mikhalchenko S.V. - student, Volgograd State University, 100 Universitetskiy Ave., Volgograd, 400062, Russian Federation, infsec@volsu.ru
In order to ensure full protection of information system (IS), it is necessary to systematically analyze events taking place in it. The results of such an analysis allow, in particular, to detect IS transition from a protected state to a state when protection is breached. Data Mining (DM) of IS events (ISE) using neural networks allows to detect such transitions. Functional capabilities and computational efficiency of programs allowing ISE DM are analyzed; criteria for evaluating effectiveness of use of such programs are formulated. The original software tool allowing automated assessing ISE DM programs for multiple weights of evaluation criteria is developed. With the help of this software there were made calculations for a number of ISE DM programs using neural network technologies: STATISTICA Automated Neural Networks, Deductor Studio, Neural network toolbox, Membrane Neural Network, Neuro Solutions have been carried out. To perform calculations, all the programs trained and made their analysis using the most widely used neural network - multilayer perceptron. According to the results of calculations, the most appropriate ISE DM program is STATISTICA Automated Neural Networks. Applying this program will allow to improve effectiveness of tracking possible transitions from protected IS states to the state when protection is breached as well as to take measures to improve IS protection.
Key words: информационная система, состояние информационной системы, событие информационной системы, информационная безопасность, интеллектуальный анализ, нейронная сеть, программа для интеллектуального анализа, алгоритм оценки, information system, information syste