intrusion detection system

The research is dedicated to improving the security of telecommunication networks by developing a hybrid system for detecting anomalies in traffic. The problem of the work is due to the inefficiency of traditional signature-based Intrusion Detection Systems (IDS) against complex, time-distributed cyberattacks. A two-level architecture is proposed, which aggregates statistical and deep behavioral machine learning through an adaptive Decision Fusion module.

Systems for detecting network intrusions and detecting signs of cyber attacks on information systems have long been used as one of the necessary lines of defense of information systems. Today, intrusion and attack detection systems are usually software or hardware-software solutions that automate the process of monitoring events occurring in the information system or network, as well as independently analyze these events in search of signs of security problems.

The article proposes a model of intrusion detection systems (IDS), which reflects the main
processes that take place in the system in order to optimize the processes of anti-intrusion. Such
processes in general can be represented as processes of allocation and use of resources that are
allocated for the protection of information. The use of modeling techniques to ensure the
appropriate level of information security has led to the development of many formal security