DASTURIY ANIQLANGAN TARMOQLARDA LOGLARNI SUN’IY INTELLEKTLI TAHLILLASH ORQALI ANOMALIYALARNI ANIQLASH USULI
Keywords:
Dasturiy aniqlangan tarmoqlar (SDN), anomaliyalarni aniqlash, log fayllarini tahlil qilish, sun’iy intellekt, mashina o‘qishi, kiberxavfsizlik, tarmoq xavfsizligi, K-means, PCA, Decision TreeAbstract
Zamonaviy axborot-kommunikatsiya tizimlarining rivojlanishi bilan dasturiy aniqlangan tarmoqlar (SDN) keng qo‘llanilmoqda. SDN tarmoqlarining markazlashtirilgan boshqaruv imkoniyati tarmoq infratuzilmasini moslashuvchan va dinamik qiladi, biroq bu xavfsizlik jihatidan yangi tahdidlarni ham keltirib chiqaradi. Ushbu maqolada SDN tarmoqlarda vujudga keladigan xavfsizlik tahdidlari, jumladan, konfiguratsiya xatoliklari, boshqaruv mexanizmining ochiqligi, avtorizatsiya zaifliklari va tarmoqni manipulyatsiya qilish hujumlari tahlil qilingan. Bu tahdidlarni aniqlash va ularga qarshi chora ko‘rish uchun log fayllarini tahlil qilish samarali vosita sifatida qaraladi. Loglarni tahlil qilish orqali anomaliyalarni aniqlashda sun’iy intellekt, mashina o‘qishi algoritmlari (masalan, K-means, PCA, Decision Tree, Isolation Forest) keng qo‘llanilmoqda. Maqolada loglarni tahlil qilishning tizimli usullari — loglarni yig‘ish, strukturalash, xususiyatlarni ajratib olish va anomaliyalarni aniqlash jarayonlari keltirilgan. Eksperimental natijalar log tahlilida sun’iy intellektli yondashuvlarning anomaliyalarni aniqlashda yuqori aniqlik (0.986) va F1-qiymat (0.710) ko‘rsatayotganini tasdiqlaydi.
References
1. Ming Zhong, Yajin Zhou, Gang Chen, “A Security Log Analysis Scheme Using Deep Learning Algorithm for IDSs in Social Network”, Security and Communication Networks, vol. 2021, Article ID 5542543, 13 pages, 2021. https://doi.org/10.1155/2021/5542543
2. Ricardo Ávila, Raphaël Khoury, Richard Khoury, Fábio Petrillo, “Use of Security Logs for Data Leak Detection: A Systematic Literature Review”, Security and Communication Networks, vol. 2021, Article ID 6615899, 29 pages, 2021. https://doi.org/10.1155/2021/6615899
3. Ambre, A., & Shekokar, N. (2015). Insider Threat Detection Using Log Analysis and Event Correlation. Procedia Computer Science, 45, 436–445. doi:10.1016/j.procs.2015.03.175
4. Mans F. Franzén, Nils Tyrén. Anomaly detection for automated security log analysis – Comparison of existing techniques and tools. Linköping University Department of Computer and Information Science Master’s thesis, 30 ECTS Datateknik 2021 | LIU-IDA/LITH-EX-A--2021/033—SE.
5. Leemans, M., van der Aalst, W. M. P., & van den Brand, M. G. J. (2018). The Statechart Workbench: Enabling scalable software event log analysis using process mining. 2018 IEEE 25th International Conference on Software Analysis, Evolution and Reengineering (SANER). doi:10.1109/saner.2018.8330248.
6. Leemans, M., van der Aalst, W. M. P., & van den Brand, M. G. J. (2018). Recursion aware modeling and discovery for hierarchical software event log analysis. 2018 IEEE 25th International Conference on Software Analysis, Evolution and Reengineering (SANER). doi:10.1109/saner.2018.8330208.
7. A.Makanju, A.N. Zincir-Heywood and E.E. Milios, “Investigating event log analysis with minimum apriori information,” 2013 IFIP/IEEE International Symposium on Integrated Network Management (IM 2013), 2013, pp. 962-968.
8. Ghosh, S., et al. (2017). “Anomaly Detection in Software-Defined Networking,” Journal of Network and Computer Applications, vol. 79, pp. 77-85.
