ALGORITHM FOR THE DEVELOPMENT OF INFORMATION REPOSITORIES FOR STORING CONFIDENTIAL INFORMATION

Due to the intensive use of the Internet, network security is becoming a key foundation for all web applications. Intrusion detection by analysing records in network processes is an important way to solve problems in the field of network security. It has been identified that an intrusion can threaten not only the integrity of the data but also the system itself. With the development of information technology and an increase in data transfer speeds, there are threats of incorrect use of the Internet. The authors determine that more reliable control systems are needed that solve the problem of network protection without human intervention. In a number of sources, attention is focused on the possibility of autonomous detection of the vulnerability of programmes and protocols by analysing the criteria for the behaviour of the system itself. Many models are built on informal methods, such as signature ones, in which it is difficult to obtain a correct assessment of effectiveness and completeness. The authors start from the fact that the attack is characterised by states and transitions. The possibility of using neural networks has been tested. A distinctive feature of a neural network is that they start working only after the learning process. This is one of the main advantages of a neural network over conventional algorithms. The paper shows that the development of information storages is possible provided that an equilibrium state is reached when the system does not allow expanding the attack space and the information storage is available for both external access and remote disconnection. The learning model consists of arrays of data with a distributed storage environment. This is the main component of improving the performance of the intrusion detection system. The experimental results obtained showed that the proposed approach identifies anomalies more effectively than known methods. The paper is devoted to the development of a method for detecting attacks based on information about the behaviour of deviating values in the network.