Кафедра комп’ютерної інженерії та охоронних систем
Постійне посилання на фондhttps://repository.lntu.edu.ua/handle/123456789/76
Переглянути
2 результатів
Результати пошуку
Item type:Наукова стаття, Threats detection and analysis based on SYSMON tool(2023) Nataliia Bahniuk; Oleksandr Linchuk; Kateryna Bortnyk; Inna Kondius; Kateryna Melnyk; Kostiantyn KondiusIn this work, an nalysis for the study of threats in a real environment with the possibility of conducting a fullfledged analysis of threats, as well as their simulationhas been developed for research purposes. Designed laboratory was built for the threats research, specification of deploying and configuring Sysmon, imitation of an attack in laboratory conditions and its investigation by implicit signs, the processesing of threat analysis using the Sysmon tool. We present a system based on the analysis of continuous input chan-nels of Sysmon logs. The system is based on the Cyber Threat Analysis Ontology and analyzes SYSMON logs to classify software according to different threat levels and enhance cyber defense capabilities with situational awareness, prediction and auto-mated actions. The developed laboratory improves the effectiveness of threat analysis using the Sysmon tool, makes study of threats, deploying and configuring Sysmon, imitation of an attack in laboratory conditions and its investigation by implicit signs. It can be applied for the study of threats in a real environment with the possibility of conducting a full-fledged analysis of threats, as well as their simulation for research purposes.Item type:Наукова стаття, Development of network traffic monitoring system elements using Deep Learning(Piscataway, NJ: IEEE, 2024) Melnyk, Vasyl; Bahniuk, Nataliia; Bortnyk, Kateryna; Kondius, Inna; Zubovetska, Nataliia; Kondius, KostiantynIn this article we develop a network traffic monitoring system elements using deep learning that demonstrates the high effectiveness of deep learning in detecting and analyzing network traffic, which contributes to ensuring the security and stability of corporate networks. In this context we develop algorithms for detecting and countering potential threats in network traffic, providing deeper analysis and effective response to cyber threats