Description: The decision-making methods for ensuring security in communication systems are considered in the article. The compo-nents of the security system of communication systems for processing state information resources are described. The necessity of monitoring the communication systems and destructive impacts on the systems is determined. The purpose, structure, classifica-tion and features of building intrusion detection and prevention systems are considered. It is determined that the functional blocks of intrusion detection and prevention systems implement a variety of methods for training the knowledge base of the in-formation protection system, decision-making support methods, prediction methods, and intrusion detection and prevention methods. The requirements for ensuring the communication systems' security in constructing real security systems include the maximum automation of decision-making processes, ensuring the adaptive functioning of information protection system elements with the possibility of self-organization, decentralization of management and the presence of a hierarchically-distributed struc-ture, making decisions in real scale time, increasing the accuracy and completeness of making management decisions reducing mathematical complexity and resource load, minimum load network service information, forecasting events and operation of information security systems in the face of uncertainty data obtained. When ensuring the security of information resources circu-lating in communication systems, as well as evaluating the implemented services and security mechanisms in information secu-rity systems, it is advisable to combine and improve security decision making methods based on certain requirements for security systems and taking into account the peculiarities of the communication processing systems information resources.
Keywords: communication system, information protection system, intrusion detection system, intrusion detection methods.
1. Buryachok, V.L. (2013), “Suchasni systemy vyyavlennya atak v informatsiyno-telekomunikatsiynykh systemakh imerezhakh. Modelʹ vyboru ratsionalʹnoho varianta reahuvannya na proyavy storonnʹoho kibernetychnoho vplyvu” [Modern sys-tems of intrusion detection in information and telecommunication systems and networks. The selection model of rational variant of responding to the occurrence of extraneous influence cybernetic], Informational security, No. 1, pp. 33-40.
2. The official site of KDD Cup 1999 Data (1999), available at: www. kdd.ics.uci.edu/databases/kddcup99/kddcup99.
3. Zorina, T.I. (2013), “Systemy vyyavlennya i zapobihannya atak v komp’yuternykh merezhakh” [Detection and preven-tion of attacks in computer networks], Bulletin East Ukrainian Volodymyr Dahl National University, No. 15(1), pp. 48-52.
4. Sievierinov, O.V. and Khrienov, A.H. (2014), “Analiz suchasnykh system vyiavlennia vtorhnen” [Analysis of modernintrusion detection systems], Information Processing Systems, No. 6(122), pp. 122-124.
5. Duravkin, I.V., Anders, C. and Loktionova, A.S. (2014), Method of slow-attack detection, Information Processing Sys-tems, No. 8(124), pp. 102-106.
6. Ranjan, R. and Sahoo, G. (2014), A new clustering approach for anomaly intrusion detection, International Journal ofData Mining & Knowledge Management Process (IJDKP),Vol. 4, No. 2, pp. 29-38.
7. More, S., Matthews, M. and Finin, T. (2012), A knowledge-based approach to intrusion detection modelling, Proceed-ings of the IEEE Workshop on Semantic Computing and Security, pp. 75-81.
8. Patel, A., Taghavi, M., Bakhtiyari, R. and Junior, J. (2013), An intrusion detection and prevention system in cloudcomputing: A systematic review, Journal of Network and Computer Applications, No. 36, pp. 25-41.
9. Kuchuk, H.A., Kosenko, V.V. and Davikoza, O.P. (2013), “Metod upravlinnia rozpodilom resursiv bahatoservernohovuzla obrobky informatsii” [Method of resources allocation of multiserver knot of information treatment is control], Scientific Works of Kharkiv National Air Force University, No. 3(36), pp. 111-115.
10. Losev, Iu.I., Rukkas, K.M., Shmatkov, S.I. and Arabiat, M.S.A. (2012), “Model priniatiia resheniia pri upravlenii resur-sami seti v usloviiakh neopredelennosti” [Decision-making model in managing resources networks under uncertainty], Informa-tion Processing Systems, No. 9(107), pp. 191-194.
11. Branitskiy, A.A. and Kotenko, I.V. (2016), “Analiz i klassifikatsiya metodov obnaruzheniya setevykh atak” [Analysisand classification of methods for network attack detection], SPIIRAS Proceedings, No. 2(45), pp. 207-244. https://doi.org/10.15622/sp.45.13.
12. Zhang, Y., Lee, W. and Huang, Y. (2003), Intrusion detection techniques for mobile wireless networks, Wireless Net-works Journal (ACM WINET), No. 9(5), pp. 545-556.
13. Zhang, Y., Lee, W. and Huang, Y. (2003), Intrusion detection techniques for mobile wireless networks, ACM/KluwerWireless Networks Journal, Vol. 9, No. 5, pp. 1-16.
14. Albers, P. and Camp, O. (2002), Security in adhoc networks: a general intrusion detection architecture enhancing trustbased approaches, Proceedings of the 1st International Workshop on Wireless Information Systems, pp. 1-12.
15. Manikopoulos, C. and Ling, Li (2003), Architecture of the mobile adhoc network security (MANS) system, Proceed-ings of the IEEE, International Conference on Systems, Man and Cybernetics, No. 4, pp. 312.
16. Nadkarni, K. and Mishra, A. (2003), Intrusion detection in MANETs – the second wall of defense, Proceedings of theIEEE Industrial, Electronics Society Conference (Roanoke, Virginia, USA), pp. 1235-1239.
17. Janakiraman, R., Waldvogel, M. and Qi, Zhang (2003), A peer-to-peer approach to network intrusion detection andprevention, Enabling Technologies: Infrastructure for Collaborative Enterprises, pp. 226-231, https://doi.org/10.1109/ENABL.2003.1231412.
18. Shipova, T.N., Bosko, V.V., Bereziuk, I.A. and Parkhomenko, Iu.M. (2016), “Analiz sovremennykh metodov obnaruz-heniia vtorzhenii v kompiuternye sistemy” [Analysis of modern methods of finding out intruding in computer systems], Informa-tion Processing Systems, No. 1(138), pp. 133-137.
19. Ruban, I.V., Martovytskyi, V.O. and Partyka, S.O. (2016), “Klasyfikatsiia metodiv vyiavlennia anomalii v informatsi-inykh systemakh” [Classification of methods of anomaly detection in information systems], Systems of Arms and Military Equipment, No. 3(47), pp. 100-105.
20. Salnyk, S.V., Salnyk, V.V. and Bovda, E.M. (2016), “Metodyka audytu vtorhnen v mobilni radiomerezhi klasuMANET” [Methodology of audit intrusions in mobile radio networks class MANET], Information Processing Systems, No. 1(138), pp. 125-130.