A. I. Get'man, M. N. Goryunov, A. G. Matskevich, D. A. Rybolovlev, “A comparison of a machine learning-based intrusion detection system and signature-based systems”, Proceedings of ISP RAS, 34:5 (2022), 111

Loading [MathJax]/jax/output/SVG/config.js

Proceedings of the Institute for System Programming of the RAS

RUS ENG

JOURNALS PEOPLE ORGANISATIONS CONFERENCES SEMINARS VIDEO LIBRARY PACKAGE AMSBIB

JavaScript is disabled in your browser. Please switch it on to enable full functionality of the website

	General information
	Latest issue
	Archive

	Search papers
	Search references

	RSS
	Latest issue
	Current issues
	Archive issues
	What is RSS

Proceedings of ISP RAS:
Year:
Volume:
Issue:
Page:
	Find

Personal entry:
Login:
Password:
	Save password
	Enter
	Forgotten password?
	Register

Proceedings of the Institute for System Programming of the RAS, 2022, Volume 34, Issue 5, Pages 111–126
DOI: https://doi.org/10.15514/ISPRAS-2022-34(5)-7 (Mi tisp724)

This article is cited in 1 scientific paper (total in 1 paper)

A comparison of a machine learning-based intrusion detection system and signature-based systems

A. I. Get'man^a, M. N. Goryunov^b, A. G. Matskevich^b, D. A. Rybolovlev^b

^a Ivannikov Institute for System Programming of the RAS
^b Akademy of FGS of Russia

Full-text PDF (1117 kB) Citations (1)

DOI: https://doi.org/10.15514/ISPRAS-2022-34(5)-7

Abstract: The paper discusses the approach to the comparison of intrusion detection systems (IDS) that is based on several independent scenarios and comprehensive testing. This approach enabled to identify the advantages and disadvantages of the IDS based on machine learning methods (ML IDS), to identify the conditions under which ML IDS is able to outperform signature-based systems in terms of detection quality, to assess the practical applicability of ML IDS. The developed scenarios enabled to model the realization of both known attacks and a zero-day exploit. The conclusion is made about the advantage of ML IDS in the detection of previously unknown attacks and the feasibility of the construction of hybrid detection systems that combine the potential of signature-based and heuristic methods of analysis.

Keywords: information security, network intrusion detection system, machine learning, signature-based intrusion detection, comparison methodology, network traffic, computer attack

Document Type: Article

Language: Russian

Citation: A. I. Get'man, M. N. Goryunov, A. G. Matskevich, D. A. Rybolovlev, “A comparison of a machine learning-based intrusion detection system and signature-based systems”, Proceedings of ISP RAS, 34:5 (2022), 111–126

Citation in format AMSBIB

\Bibitem{GetGorMat22}

\by A.~I.~Get'man, M.~N.~Goryunov, A.~G.~Matskevich, D.~A.~Rybolovlev

\paper A comparison of a machine learning-based intrusion detection system and signature-based systems

\jour Proceedings of ISP RAS

\yr 2022

\vol 34

\issue 5

\pages 111--126

\mathnet{http://mi.mathnet.ru/tisp724}

\crossref{https://doi.org/10.15514/ISPRAS-2022-34(5)-7}

Linking options:

https://www.mathnet.ru/eng/tisp724

https://www.mathnet.ru/eng/tisp/v34/i5/p111

This publication is cited in the following 1 articles:

Citing articles in Google Scholar: Russian citations, English citations
Related articles in Google Scholar: Russian articles, English articles

Proceedings of the Institute for System Programming of the RAS

Statistics & downloads:
Abstract page:	51
Full-text PDF :	45

Registration to the website

Logotypes