IMPROVEMENT OF EXISTING ALGORITHMS FOR DETECTION AND COMBAT WITH MALWARE
DOI:
https://doi.org/10.31891/2219-9365-2024-80-6Keywords:
machine learning, graph databases, malware, cybersecurity, Explainable AI, big data, data processing, transparency, adaptive algorithms, network traffic analysisAbstract
Modern research points to the promising use of machine learning to detect malicious programs due to the ability to analyze large volumes of data and detect anomalies that are difficult to detect with traditional methods. However, the effectiveness of such systems largely depends on the quality of data, the selected algorithms, and the ability to model complex relationships between system components. In this context, graph databases become a promising tool for storing and analyzing relationships between various elements of the computer system, which allows to improve the quality of threat detection.
In addition, the increasing complexity of malware requires transparent risk assessment methods, making the use of Explainable AI an important component in understanding how the detection system works.
Explainable AI allows explanations for the decisions made by the system, which increases trust in the system and makes it easier for cybersecurity professionals to analyze the results.
The methods of intelligent processing of big data play an important role in increasing the effectiveness of the threat detection system, as they allow processing data streams in real time and quickly adapting to new threats.
Thus, the challenge is to develop an integrated approach that integrates machine learning, graph databases, big data mining techniques, and Explainable AI to create an effective, scalable, and transparent malware detection system. This task is important from both a scientific and a practical point of view, as it allows to increase the level of cyber security and ensure reliable protection of information systems from modern threats.
This paper explores the improvement of existed algorithms for effective detection and combating of malware in computer systems. The scientific novelty of the research lies in integrating graph databases with machine learning algorithms to detect complex relationships between system components, using intelligent big data processing for real-time network traffic analysis, and applying Explainable AI to enhance transparency and trust in system decisions. The proposed methods aim to improve the accuracy, performance, and explainability of malware detection systems. The research also includes an analysis of the efficiency of the proposed approaches compared to existing methods, particularly evaluating their performance in different cybersecurity scenarios. It was found that using graph databases allows better modeling of interactions between system components, which enhances threat detection efficiency. Applying Explainable AI not only helps to identify malware but also provides justified explanations regarding detected threats, significantly improving the decision-making capabilities of administrators and enhancing the overall security level.
