Information and Communication Engineering | Article | Published 2022
In this paper the possibility of distribution of Intrusion Detection System (IDS) functionality and Data Mining methods and tools for detecting attacks are analyzed as well variants of placement of the network attack detection system components and application of support vector machine for detecting attacks in a distributed computer network is proposed. The method of principal components which allows to form a feature space for detecting a given set of vectors (network attacks), as well as to reduce the amount of information stored in the base of decision rules necessary for classifying a network. packets, and increase the speed of formation of detection modules is presented. The scheme for applying dimension reduction methods, diagram of the application of clustering methods and its fuzzy inference mechanism is improved. Scheme of formation of detection modules, the variants of placement of functional blocks of the system for detecting network attacks in a separate node and the place of the detection module in the adaptive system are worked out.