ИССЛЕДОВАНИЕ ТЕЛЕКОММУНИКАЦИОННОГО ТРАФИКА СРЕДСТВАМИ АНАЛИТИЧЕСКОЙ СИСТЕМЫ ORANGE
To simplify the task of ensuring information security is possible through data mining usage. This technology can be used to predict attacks on the information systems. Decision tree is one of the effective tools for predictive models building. Orange is an analytical system that contains a large number of data mining algorithms, including a decision tree. With help of the system made an analysis of real data on network attacks obtained during the experimental study, with the aim of predicting
... aim of predicting DDoS attacks. Five metrics were used to assess the quality of work: accuracy, specificity, precision, recall and F-measure. The results of the analysis are presented in tabular form. The results were compared with the forecasts created by iWizard-E, an intelligent decision support system using a modified decision tree algorithm. iWizard-E surpasses Orange in the first three metrics, but inferior in the last two. The implementation of this algorithm in the Orange and iWizard-E systems cannot be applied to analyze the data of the above type, since they form forecasts with low reliability. It is necessary to improve the decision tree aimed at improving the quality of the generated prognostic models in the context of increasing the values of the "completeness" metric.