Разработка и исследование алгоритмов формирования правил для узлов сетевой безопасности в мультиоблачной платформе

As part of the study, existing solutions aimed at ensuring the security of the network perimeter of the multi-cloud platform were considered. It is established that the most acute problem is the effective formation of rules on firewalls. Existing approaches do not allow optimizing the list of rules on nodes that control access to the network. The aim of the study is to increase the effectiveness of firewall tools by conflict-free optimization of security rules and the use of a neural network approach in software-defined networks. The proposed solution is based on the sharing of intelligent mathematical approaches and modern technologies of virtualization of network functions. In the course of experimental studies, a comparative analysis of the traditional means of rule formation, the neural network approach, and the genetic algorithm was carried out. It is recommended to use the multilayer perceptron neural network classifier for automatic construction of network security rules since it gives the best results in terms of performance. It is also recommended to reduce the size of the firewall security rule list using the Kohonen network, as this tool shows the best performance. A conflict-free optimization algorithm was introduced into the designed architecture, which produces finite optimization by ranking and deriving the most common exceptions from large restrictive rules, which allows increasing protection against attacks that are aimed at identifying security rules at the bottom of the firewall list. On the basis of the proposed solution, the adaptive firewall module was implemented as part of the research.В рамках исследования рассмотрены существующие решения, направленные на обеспечение безопасности сетевого периметра мультиоблачной платформы. Установлено, что наиболее острой является проблема эффективного формирования правил на межсетевых экранах. Существующие подходы не позволяют оптимизировать список правил на узлах, контролирующих доступ к сети. Целью исследования является повышение эффективности средств межсетевого экрана путем бесконфликтной оптимизации правил безопасности и применения нейросетевого подхода в программно-определяемых сетях. Предлагаемое решение основано на совместном использовании интеллектуальных математических подходов и современных технологий виртуализации сетевых функций. В ходе экспериментальных исследований проведен сравнительный анализ традиционных средств формирования правил, нейросетевого подхода, а также генетического алгоритма. Для автоматического построения правил сетевой безопасности рекомендуется применять нейросетевой классификатор архитектуры «многослойный персептрон», поскольку он даёт лучшие результаты с точки зрения производительности, и уменьшать размерность списка правил безопасности межсетевого экрана при помощи сети Кохонена, поскольку это средство показывает лучшую производительность. В спроектированную архитектуру был внедрен алгоритм бесконфликтной оптимизации, который производит конечную оптимизацию путем ранжирования и выведения наиболее часто встречаемых исключений из больших запретительных правил, что позволяет увеличить защиту от атак, которые направлены на выявление правил безопасности, находящихся внизу списка межсетевого экрана. На базе предложенного решения в рамках исследования реализован модуль адаптивного межсетевого экрана

Development and Study of Algorithms for the Formation of Rules for Network Security Nodes in the Multi-Cloud Platform

As part of the study, existing solutions aimed at ensuring the security of the network perimeter of the multi-cloud platform were considered. It is established that the most acute problem is the effective formation of rules on firewalls. Existing approaches do not allow optimizing the list of rules on nodes that control access to the network. The aim of the study is to increase the effectiveness of firewall tools by conflict-free optimization of security rules and the use of a neural network approach in software-defined networks. The proposed solution is based on the sharing of intelligent mathematical approaches and modern technologies of virtualization of network functions. In the course of experimental studies, a comparative analysis of the traditional means of rule formation, the neural network approach, and the genetic algorithm was carried out. It is recommended to use the multilayer perceptron neural network classifier for automatic construction of network security rules since it gives the best results in terms of performance. It is also recommended to reduce the size of the firewall security rule list using the Kohonen network, as this tool shows the best performance. A conflict-free optimization algorithm was introduced into the designed architecture, which produces finite optimization by ranking and deriving the most common exceptions from large restrictive rules, which allows increasing protection against attacks that are aimed at identifying security rules at the bottom of the firewall list. On the basis of the proposed solution, the adaptive firewall module was implemented as part of the research

Investigation of Transfer Learning Efficiency in Adversarial Attacks

Deep neural networks are becoming an increasingly effective tool for solving a wide range of complex applied tasks, because they are able to establish patterns in unstructured data, such as images, video and audio information. Despite the fact that the probability of error of modern neural network models decreases, ML models remain vulnerable to adversarial attacks. In this regard, the issues of ensuring the security of machine learning models from adversarial attacks are among the most urgent. Within the framework of this work, a study was conducted on the effectiveness of the transfer learning technology to increase the stability of convolutional neural networks from adversarial attacks. The study was conducted on the example of the task of recognizing road signs in images, which is key in the field of automotive unmanned transport networks. During the experiment, a basic neural network model was built to solve the problem of classifying road signs and attacks based on PGD and FGSM algorithms were implemented, which reduced the classification accuracy by about 2.8 times. To protect against the considered white box attacks on the neural network, competitive training was conducted, which increased the accuracy of the model by 12.11%. In addition, the technology of transfer training was considered, which made it possible to achieve an increase in reliability after competitive training by 42.38% compared to the original data set. The obtained research results can be used in the development of a secure intelligent decision support system for detecting an area containing a road sign on a DVR frame and subsequent classification of the selected image segment