Lakhno, Valeriy та Mamchenko, Sergiy та Desiatko, Alona та Bebeshko, Bohdan та Mirko, Ihor (2025) Hybrid method for detecting cyber threats in the network traffic Cyber Security and Data Protection 2025, 4042. с. 300-307. ISSN 1613-0073
![[thumbnail of V_Lakhno_S_Mamchenko_A_Desiatko_B_Bebeshko_I_Mirko_CSDP_4042_2025.pdf]](https://elibrary.kubg.edu.ua/style/images/fileicons/text.png) |
Текст
V_Lakhno_S_Mamchenko_A_Desiatko_B_Bebeshko_I_Mirko_CSDP_4042_2025.pdf Download (604kB) |
Анотація
Modern cyber threats are characterized by a high degree of adaptability, secrecy and variability. This fact makes the task of their timely detection in network traffic one of the key problems in the field of cyber security of informatization objects. Traditional methods based on signatures and rigidly defined rules do not provide sufficient flexibility to detect previously unknown or modified attacks. Consequently, the relevance of developing new hybrid intelligent systems capable of taking into account the behavioral characteristics of traffic and adapt to its dynamics is increasing. The paper proposes a hybrid method for detecting cyber threats that combines the advantages of ensemble clustering and Bayesian probabilistic modeling. In the first stage, a machine learning model extracts the hidden behavioral features of network connections using multiple clustering algorithms. And the obtained behavioral embeddings are further used as input variables to construct a Bayesian network that models the probabilistic dependencies between behavioral attributes and anomaly attributes. The outlined approach will allow not only to detect abnormalities in traffic, but also to ensure the interpretability of the adopted security decisions. The practical significance of the proposed method lies in the potential of its integration into traffic monitoring systems in corporate and distributed network infrastructures.
| Тип елементу : | Стаття |
|---|---|
| Ключові слова: | cyber threats; network traffic; behavioral analysis; Bayesian network; clustering; machine learning; anomaly; hybrid method; cybersecurity; attack detection |
| Типологія: | Статті у базах даних > Scopus (без квартилю) |
| Підрозділи: | Факультет інформаційних технологій та математики > Кафедра інформаційної та кібернетичної безпеки ім. професора Володимира Бурячка |
| Користувач, що депонує: | Павло Миколайович Складанний |
| Дата внесення: | 20 Жов 2025 09:32 |
| Останні зміни: | 20 Жов 2025 09:32 |
| URI: | https://elibrary.kubg.edu.ua/id/eprint/53209 |
Actions (login required)
 |
Перегляд елементу |