Research of Model Increasing Reliability Intrusion Detection Systems


  • Timur V. Jamgharyan National Polytechnic University of Armenia



Machine learning, Dataset, Malware, Preprocessor, Metasploit, k nearest neighbors method, Intrusion detection system


The paper presents the results of the using, a recurrent neural network to detect malicious software as part of the Snort intrusion detection system.The research was conducted on datasets generated on the basis of athena, dyre, engrat, grum, mimikatz, surtr malware exploiting vulnerability CVE-2022-20685 in the Snort intrusion detection system. Processing of input traffic data was carried out before the frag-3 and modbus preprocessors. The method of k nearest neighbors was used as a mathematical apparatus. The simulation of the developed software at different iterations.
All research results are presented in


G.Stoneburner, “Underlying Technical Models for Information Technology Security” , NIST Special Publication 800-33, 2001.

R.Atefinia, M.Ahmadi, Performance Evaluation of Apache Spark Mlib Algorithms on an Untrusion Detection Dataset. [Online].Available:

M. Bachi, A. Harti, J. Fabini and T. Zseby, Walling up Backdoors in Intrusion Detection Systems. [Online].Available:

National standard of the Russian Federation, “Quality of official information”, GOST R-51170-98, (2020)// 12, Moscow, Standardinform.

B.E.Zolbayar et al, “Generating practical adversarial network traffic flows using NIDSGAN”, [Online].Available:

F. Zhong et al, “MalFox: Camouflaged adversarial malware example generation based on Conv-GAN againist black—box detectors”, [Online].Available:

Dominik Kus et al, “A false sense of security? Revisting the state of machine learning-based industrial intrusion system”, [Online].Available:

K. Jallad, M. Aljnidi and M.Desoki, «Big data analysis and distributed deep learning for next-generation intrusion detection system optimization», (2022)//[Online].Available:

A. Branitsky and I. Kotenko, «Analysis and classification of methods for detecting network attacks», Proceedings of SPIIRAS, (2016) // issue 45, pp. 207-244.

Electronic resource dedicated to digital transformation technologies. [Online].Available:

T. V. Jamgharyan and V.H.Ispiryan, “Network infrastructures assessment stability” Proceedings of 13th International Conference on Computer Science and Information Technologies (CSIT), Yerevan, Armenia, pp. 199-203, 2021.

Malware Bazaar Database. [Online]. Available:

Malware database. [Online]. Available:

Malware repository. [Online]. Available:

Viruses repository. [Online]. Available:

G. Campos, A.Zimek, et al, «On the evaluation of unsupervised outlier detection: measures,datasets, and an empirical study». [Online].Available:

Professional information and analytical resource dedicated to machine learning, pattern recognition and data mining. [Online].Available: http://www.

T. Jamgharyan, “Research of obfuscated malware with a capsule neural network”, Mathematical Problems of Computer Science, vol. 58, 67–83, 2022.

Website for identifying, defining and cataloging publicly disclosed cybersecurity vulnerabilities. [Online].Available:

T.Jamgharyan, “Modernization of intrusion detection system via the generative model”, «Haikakan Banak» («Armenian Army») Defense-Academic journal, National Defense Research University, Ministry of Defense, Republic of Armenia, no. 2, pp.75-79, 2021. [Online].Available:




How to Cite

Jamgharyan, T. V. (2023). Research of Model Increasing Reliability Intrusion Detection Systems. Mathematical Problems of Computer Science, 59, 69–81.