D.O. Sverchkov, H.V. Fesenko
Èlektron. model. 2023, 45(2):61-82
A thorough analysis of literary sources on the application of artificial intelligence (AI) in cyber security was carried out. During the examination, the most significant attention was paid to sources describing the use of AI-based applications to analyze and evaluate existing systems for vulnerabilities, as well as to sources that consider the features of using built-in AI mechanisms for searching, detecting, classifying, and combating attacks on the system during her works. The types, impacts, and features of attacks on web services are defined. The features of the application of AI for the classification of web services under test are considered, with the aim of further justifying the selection of the best tools for ensuring their cyber security. The methods of using AI in the cyber security of web services during the introduction of built-in mechanisms and models for searching, detecting, classifying, and countering threats are analyzed. The accuracy of machine learning methods used to detect intrusions was compared. Directions for further research can cover: the development of methods, models, and applications based on the use of AI for analyzing the source code for possible vulnerabilities of a web service with support for various programming languages and the development of mechanisms for search and classification of threats based on the use of AI built into the web service.
web service, artificial intelligence, cyber attack, cybersecurity.
- Sattikar, A.A. and Kulkarni, R.V. (2012), “A Role of Artificial Intelligence Techniques in Security and Privacy Issues of Social Networking”, International Journal of Computer Science Engineering and Technology, Vol. 2, no. 1, pp. 792-795.
- Ishaq, A.M. (2020), “Artificial intelligence for cybersecurity: a systematic mapping of literature”, IEEE Access, Vol. 8, no. 1, pp. 172-
- Das, R. and Sandhane, (2021), “Artificial Intelligence in Cyber Security”, Journal of Physics: Conference Series, Vol. 1964, article 042072.
- Abdullahim, M., Baashar, Y., Alhussian, H., Alwadain, A., Aziz, N., Capretz, L.F. and Abdulkadir, S.J. (2022), “Detecting Cybersecurity Attacks in Internet of Things Using Artificial Intelligence Methods: A Systematic Literature Review”, Electronics, Vol. 11, no. 2, article 198.
- Kirichenko, L., Radivilova, T. and Anders, C. (2017), “Detecting cyber threats through social network analysis: short survey”, SocioEconomic Challenges, Vol. 1, no. 1, pp. 20-
- Radwan, M. and Tariq, K. (2021), “Difficulties Faced and Applications of Machine Learning in Cyber-Security”, International Journal of Advances in Soft Computing and its Applications, Vol. 13, no. 2, pp. 162-172.
- Zeadally, S., Adi, E., Baig, Z. and Khan, I. (2020), “Harnessing Artificial Intelligence Capabilities to Improve Cybersecurity”, IEEE Access, Vol. 8, pp. 23817-
- Faesen, L., Frinking, E., Gricius, G. and Mayhew, E. (2019), Understanding the Strategic and Technical Significance of Technology for Security, The Hague Security Delta (HSD), Den Haag, Nederland. URL: https://hcss.nl/wp-content/uploads/2021/01/HSD-Rapport-Data-Diodes.pdf.
- Musser, M. and Garriott, A. (2021), Machine Learning and Cybersecurity: Hype and Reality, Center for Security and Emerging Technology, Washington, USA.
- Jemal, I., Haddar, M.A., Cheikhrouhou, O. and Mahfoudhi, A. (2021), “Performance evaluation of Convolutional Neural Network for web security”, Computer Communications, Vol. 175, pp. 58-
- Russo, P., Caponi, A., Leuti, M. and Bianchi, G. (2019), “A Web Platform for Integrated Vulnerability Assessment and Cyber Risk Management”, Information, Vol. 10, no. 7, article 242.
- Li, C., Wang, Y., Miao, C. and Huang, C. (2020), “Cross-Site Scripting Guardian: A Static XSS Detector Based on Data Stream Input-Output Association Mining”, Applied Sciences, Vol. 10, no. 14, article 4740.
- Kuwatly, I., Sraj, M., Masri, Z.A. and Artail, H. (2004), “A dynamic honeypot design for intrusion detection”, Proceedings of the IEEE/ACS International Conference on Pervasive Services (ICPS), pp. 95-
- Abdel, K. (2022), Intelligent system using machine learning techniques for security assessment and cyber intrusion detection, Université d’Angers, Angers, France. URL: https://theses.hal.science/tel-03522384/file/KASSEM.pdf.
- Nila, C., Apostol, I. and Patriciu, (2020), “Machine learning approach to quick incident response”, Proceedings of the13th International Conference on Communications (COMM), pp. 291-296.
- Gong, X., Lu, J., Wang, Y., Qiu, H., He, R. and Qiu, M. (2019), “CECoR-Net: A Character-Level Neural Network Model for Web Attack Detection”, Proceedings of the 4th IEEE International Conference on Smart Cloud, SmartCloud 2019 and 3rd International Symposium on Reinforcement Learning (ISRL), pp. 98-103.
- Tekerek, A. (2021), “A novel architecture for web-based attack detection using convolutional neural network”, Computers and Security, Vol. 100.
- Liu, C., Gu, Z. and Wang, J. (2021), “A Hybrid Intrusion Detection System Based on Scalable K-Means+ Random Forest and Deep Learning”, IEEE Access, Vol. 9, pp. 75729-75740.
- Martín, A.G., Beltrán, M., Fernández-Isabel, A. and Martín de Diego, I. (2021), “An approach to detect user behaviour anomalies within identity federations”, Computers and Security, Vol. 108.
- Tetskyi, A., Kharchenko, V., Uzun, D. and Nechausov, A. (2021), “Architecture and Model of Neural Network Based Service for Choice of the Penetration Testing Tools”, International Journal of Computing, 2021, Vol. 20, no. 4, pp. 513-518.
- Mokbal, F.M.M., Wang, D., Wang, X. and Fu, L. (2020), “Data augmentation-based conditional Wasserstein generative adversarial network-gradient penalty for XSS attack detection system”, PeerJ Computer Science, Vol. 6, pp. 1-20.
- Zuech, R., Hancock, J. and Khoshgoftaar, T.M. (2021), “Detecting web attacks using random undersampling and ensemble learners”, Journal of Big Data, Vol. 8, no 1.
- Moradpoor, N., Clavie, B. and Buchanan, B. (2018), “Employing machine learning techniques for detection and classification of phishing emails”, Proceedings of the 2017 Computing Conference, pp. 149-156.
- Seo, S., Han, S., Park, J., Shim, S., Ryu, H.E., Cho, B. and Lee, S. (2021), “Hunt for Unseen Intrusion: Multi-Head Self-Attention Neural Detector”, IEEE Access, Vol. 9, pp. 129635-
- Kiruthiga, R. and Akila, D. (2019), “Phishing websites detection using machine learning”, International Journal of Recent Technology and Engineering, Vol. 8, no. 2, Special Issue 11, pp. 111-114.
- Shareef, S. and Hashim, S. (2020), “Proposed Hybrid Classifier to Improve Network Intrusion Detection System using Data Mining Techniques”, Engineering and Technology Journal, Vol. 38, no. 1B, pp. 6-14.
- Pupillo, L., Fantin, S., Ferreira, A. and Polito, C. (2021), Final Report of a CEPS Task Force on Artificial Intelligence and Cybersecurity, Centre for European Policy Studies (CEPS), Brussels, URL: https://www.ceps.eu/wp-content/uploads/2021/05/ CEPS-TFR-Artificial-Intelligence-and-Cybersecurity.pdf.
- Manju, C. (2017), “Performance evaluation of intrusion detection system using classification algorithms”, International Journal of Innovative Research in Science, Engineering and Technology, Vol. 6, no. 7, pp. 15051-15057. DOI:10.15680/IJIRSET.2017.0607329.
- Gupta, D., Singhal, S., Malik, S. and Singh, A. (2016), “Network intrusion detection system using various data mining techniques”, Proceedings of the International Conference on Research Advances in Integrated Navigation Systems (RAINS).
- Belavagi, M.C. and Muniyal, B. (2016), “Performance Evaluation of Supervised Machine Learning Algorithms for Intrusion Detection”, Procedia Computer Science, Vol. 89, pp. 117-123.
- Dawadi, B.R., Adhikari, B. and Srivastava, D.K. (2023), “Deep Learning Technique-Enabled Web Application Firewall for the Detection of Web Attacks”, Sensors, Vol. 23, no. 4, article 2073.
- Toprak, S. and Yavuz, A.G. (2022), “Web application firewall based on anomaly detection using deep learning”, Acta Infologica, Vol. 6, no. 2, pp. 219-244. DOI: 10.26650/acin.
- Aref, S. and Bassam Kurdy, M.H.D. (2022), “Web Application Firewall Using Machine Learning and Features Engineering”, Security and Communication Networks, Vol. 2022, article 5280158.
- Tekerek, A. and Bay, O.F. (2019), “Design and implementation of artiﬁcial intelligence-based web application ﬁrewall model”, Neural Network World, Vol. 29, no. 4, pp. 189-206.