Abstract
Intelligent data analysis is extensively applied in various fields of technology, including information security. The development of decision support systems (DSSs) for penetration tests is more complicated due to incomplete, undefined, and expandable unstructured data. This article suggests an approach to formalizing information from subject domains, quantitative relevance estimates of object characteristics, and estimates of object similarity.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Xu, D., Tu, M., Sanford, M., Thomas, L., Woodraska, D., and Xu, W., Automated security test generation with formal threat models, IEEE Trans. Dependable Secure Comput., 2012, no. 4, pp. 526–540.
Zegzhda, P.D. and Kalinin, M.O., Automatic security management of computer systems, Autom. Control Comput. Sci., 2015, vol. 8, pp. 665–672.
Lee, W., Stolfo, S.J., and Mok, K.W., Adaptive intrusion detection: A data mining approach, Artif. Intell. Rev., 2000, vol. 14, no. 6, pp 533–567. doi 10.1023/A:1006624031083
Miller, S.T. and Busby-Earle, C., Multi-perspective machine learning a classifier ensemble method for intrusion detection (conference paper), ACM International Conference on Machine Learning and Soft Computing, ICMLSC 2017, Ho Chi Minh City, 2017, pp. 7–12.
Alsadhan, T. and Park, J.S., Enhancing risk-based decisions by leveraging cyber security automation (Conference Paper), 7th European Intelligence and Security Informatics Conference, EISIC 2016, Uppsala, 2016, pp. 164–167.
Lavrova, D., Pechenkin, A., and Gluhov, V., Applying correlation analysis methods to control flow violation detection in the internet of things, Autom. Control Comput. Sci., 2015, vol. 8, pp. 735–740.
Dua, S. and Du, X., Data Mining and Machine Learning in Cybersecurity, Taylor and Francis Group, LLC, 2011.
Dasgupta, D. and Gonzalez, F.A., An intelligent decision support system for intrusion detection and response, in Information Assurance in Computer Networks. MMM-ACNS 2001, Gorodetski, V.I., Skormin, V.A., and Popyack, L.J., Eds., Springer, Berlin, Heidelberg, 2011; Lect. Notes Comput. Sci., vol 2052, 2011.
Beresnevichiene, Y., Pym, D., and Shiu, S., Decision support for systems security investment, 2010 IEEE/IFIP Network Operations and Management Symposium Workshops, 2010, pp. 118–125.
Eremenko, N.N. and Kokoulin, A.N., Investigation of testing methods for penetration in information systems, Master’s J., 2016, no. 2, pp. 181–186.
Dalalana Bertoglio, D. and Zorzo, A.F., Overview and open issues on penetration test, J. Braz. Comput. Soc., 2017, vol. 1.
Tumanov, S.A., Means of testing the information system for penetration, Dokl. Tomsk. Gos. Univ. Sist. Upr. Radioelektron., 2015, no. 2 (36), pp. 73–79.
Umnitsyn, M.Yu. and Sadovnikova, N.P., Formalization of the construction of scenarios of malicious influences on the information system, Izv. Volgograd. Gos. Tekh. Univ., 2016, no. 11, pp. 72–75.
Kosenko, M.Yu., Collection of information when testing for penetration, Vestn. UrFO, Bezop. Inf. Sfere, 2013, no. 3, pp. 11–15.
Stepanova, T., Pechenkin, A., and Lavrova, D., Ontology-based big data approach to automated penetration testing of large-scale heterogeneous systems, ACM International Conference Proceeding Series 8th International Conference on Security of Information and Networks, 2015.
Kravchuk, A.V., A model of the process of remote analysis of the security of information systems and methods for increasing its effectiveness, Tr. SPIIRAN, 2015, vol. 38, pp. 75–93.
Zegzhda, P.D., Zegzhda, D.P., Pechenkin, A.I., and Poltavtseva, A., Modeling of information systems for solving the problem of security management, Probl. Inf. Bezop., Komp’yut. Sist., 2016, no. 3, pp. 7–16.
Methods and Technical Means of Ensuring Information Security, Materialy 26-i nauchno-tekhnicheskoi konferentsii 26.06–29.06 2017 g. (Proc. 26th Sci. Tech. Conf., September 26–29, 2017), St. Petersburg: Izd. politekh. univ., 2017.
Chernyak, L., Analytics of unstructured data, Otkryt. Sist., SUBD, 2012, no. 6, pp. 30–34.
Orlova, K.I. and Orlyuk, A.A., Unstructured data and their processing technologies, Aktual’nye napravleniya fundamental’nykh i prikladnykh issledovanii materialy XI mezhdunarodnoi nauchno-prakticheskoi konferentsii (Actual Directions of Fundamental and Applied Research Materials of the XI International Scientific and Practical Conference), NITs Akademicheskii, 2017, pp. 149–152.
Pechenkin, A.I., Poltavtseva, M.A., and Lavrova, D.S., An approach to data normalization in the Internet of Things for security analysis, Progr. Prod. Sist., 2016, no. 2, pp. 83–88.
Author information
Authors and Affiliations
Corresponding author
Additional information
Original Russian Text © M.A. Poltavtseva, A.I. Pechenkin, 2017, published in Problemy Informatsionnoi Bezopasnosti, Komp’yuternye Sistemy.
About this article
Cite this article
Poltavtseva, M.A., Pechenkin, A.I. Intelligent data analysis in decision support systems for penetration tests. Aut. Control Comp. Sci. 51, 985–991 (2017). https://doi.org/10.3103/S014641161708017X
Received:
Published:
Issue Date:
DOI: https://doi.org/10.3103/S014641161708017X