T. V. JAMGHARYAN, Lieutenant Colonel, PhD in Engineering, Deputy Head, Communications Security and Classified Communications Division, Signal and AMS Department, General Staff of the RA Armed Forces;

T. N. SHAHNAZARYAN, Major General, Head, Main Operative Department – Deputy Chief, General Staff of the RA Armed Forces

SUMMARY

The article discusses the results of calculations and testing of the machine learning application methods for the management of decoy infrastructure. The decoy infrastructure and the data circulating within it were managed by the generative adversarial network. The following factors were selected as estimation parameters: accuracy, precision, recall and specificity. The criterion of minimum discriminative threshold F_score was used to assess the quality of the generative adversarial network.

Testing of various types was conducted in the virtual environment. Various attacks were simulated – Domain Generation Algorithm (DGA attacks), port scanning attack, edge device access attack, Transmission Control Protocol attack, and User Datagram Protocol of “denial-of-service” type (TCP/UDP SYN). The generative adversarial network running the decoy infrastructure was attached to the intrusion detection system with machine learning. The theoretical calculations made and practical tests carried out come to confirm the possibility of creating the decoy infrastructure with minimum interference from the operator.