<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE article PUBLIC "-//NLM//DTD JATS (Z39.96) Journal Publishing DTD v1.3 20210610//EN" "JATS-journalpublishing1-3.dtd">
<article article-type="research-article" dtd-version="1.3" xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xml:lang="ru"><front><journal-meta><journal-id journal-id-type="publisher-id">ellibs</journal-id><journal-title-group><journal-title xml:lang="ru">Электронные библиотеки</journal-title><trans-title-group xml:lang="en"><trans-title>Russian Digital Libraries Journal</trans-title></trans-title-group></journal-title-group><issn pub-type="epub">1562-5419</issn><publisher><publisher-name>Казанский (Приволжский) федеральный университет</publisher-name></publisher></journal-meta><article-meta><article-id pub-id-type="doi">10.26907/1562-5419-2024-27-2-187-200</article-id><article-id custom-type="elpub" pub-id-type="custom">ellibs-500</article-id><article-categories><subj-group subj-group-type="heading"><subject>Research Article</subject></subj-group><subj-group subj-group-type="section-heading" xml:lang="ru"><subject>Статьи</subject></subj-group></article-categories><title-group><article-title>Применение синтетических данных в задаче обнаружения аномалий в сфере информационной безопасности</article-title><trans-title-group xml:lang="en"><trans-title>Application of Synthetic Data to the Problem of Anomaly Detection in the Field of Information Security</trans-title></trans-title-group></title-group><contrib-group><contrib contrib-type="author" corresp="yes"><name-alternatives><name name-style="eastern" xml:lang="ru"><surname>Гурьянов</surname><given-names>Артем Игоревич</given-names></name><name name-style="western" xml:lang="en"><surname>Gurianov</surname><given-names>Artem Igorevich</given-names></name></name-alternatives><email xlink:type="simple">armgnv@gmail.com</email><xref ref-type="aff" rid="aff-1"/></contrib></contrib-group><aff-alternatives id="aff-1"><aff xml:lang="ru"><institution>Национальный исследовательский центр «Курчатовский институт»</institution></aff><aff xml:lang="en"><institution>National Research Centre “Kurchatov Institute”</institution></aff></aff-alternatives><pub-date pub-type="collection"><year>2024</year></pub-date><pub-date pub-type="epub"><day>27</day><month>05</month><year>2024</year></pub-date><volume>27</volume><issue>2</issue><elocation-id>187–200</elocation-id><permissions><copyright-statement>Copyright &amp;#x00A9; Гурьянов А.И., 2024</copyright-statement><copyright-year>2024</copyright-year><copyright-holder xml:lang="ru">Гурьянов А.И.</copyright-holder><copyright-holder xml:lang="en">Gurianov A.I.</copyright-holder><license xml:lang="ru" license-type="creative-commons-attribution" xlink:href="https://creativecommons.org/licenses/by/4.0/" xlink:type="simple"><license-p>Данная работа распространяется под лицензией Creative Commons Attribution 4.0.</license-p></license><license xml:lang="en" license-type="creative-commons-attribution" xlink:href="https://creativecommons.org/licenses/by/4.0/" xlink:type="simple"><license-p>This work is licensed under a Creative Commons Attribution 4.0 License.</license-p></license></permissions><self-uri xlink:href="https://ellibs.elpub.ru/jour/article/view/500">https://ellibs.elpub.ru/jour/article/view/500</self-uri><abstract><p>В настоящее время в машинном обучении высокую актуальность имеют синтетические данные. Современные алгоритмы генерации синтетических данных дают возможность генерации данных, очень близких по статистическим свойствам к исходным данным. Синтетические данные используются на практике в широком спектре задач, в том числе связанных с аугментацией данных.
&#13;

Предложен метод аугментации данных, совмещающий подходы увеличения объема выборки с помощью синтетических данных и генерации синтетических аномалий. Метод использован для решения задачи в сфере информационной безопасности, заключающейся в поиске аномалий в журналах сервера с целью обнаружения атак.
&#13;

Модель, обученная в рамках решения названной задачи, показала высокие результаты. Это демонстрирует эффективность использования синтетических данных для увеличения объема выборки и генерации аномалий, а также возможность с высокой результативностью использовать эти подходы совместно.
</p></abstract><trans-abstract xml:lang="en"><p>Currently, synthetic data is highly relevant in machine learning. Modern synthetic data generation algorithms make it possible to generate data that is very similar in statistical properties to the original data. Synthetic data is used in practice in a wide range of tasks, including those related to data augmentation.
&#13;

The author of the article proposes a data augmentation method that combines the approaches of increasing the sample size using synthetic data and synthetic anomaly generation. This method has been used to solve an information security problem of anomaly detection in server logs in order to detect attacks.
&#13;

The model trained for the task shows high results. This demonstrates the effectiveness of using synthetic data to increase sample size and generate anomalies, as well as the ability to use these approaches together with high efficiency.
</p></trans-abstract><kwd-group xml:lang="ru"><kwd>синтетические данные</kwd><kwd>обнаружение аномалий</kwd><kwd>информационная безопасность</kwd><kwd>генерация аномалий</kwd><kwd>аугментация данных</kwd><kwd>машинное обучение</kwd></kwd-group><kwd-group xml:lang="en"><kwd>synthetic data</kwd><kwd>anomaly detection</kwd><kwd>information security</kwd><kwd>anomaly generation</kwd><kwd>data augmentation</kwd><kwd>machine learning</kwd></kwd-group></article-meta></front><back><ref-list><title>References</title><ref id="cit1"><label>1</label><citation-alternatives><mixed-citation xml:lang="ru">Synthetic Data Generation Market by End-user, Type, and Geography – Analysis and Forecast // Technavio. 2023. URL: https://www.technavio.com/report/synthetic-data-generation-market-analysis (дата обращения 04.02.2024)</mixed-citation><mixed-citation xml:lang="en">Synthetic Data Generation Market by End-user, Type, and Geography – Analysis and Forecast // Technavio. 2023. URL: https://www.technavio.com/report/synthetic-data-generation-market-analysis (дата обращения 04.02.2024)</mixed-citation></citation-alternatives></ref><ref id="cit2"><label>2</label><citation-alternatives><mixed-citation xml:lang="ru">Assefa S., Dervovic D., Mahfouz M., Balch T., Reddy P., Veloso M. Generating Synthetic Data in Finance: Opportunities, Challenges and Pitfalls // Proceedings of the First ACM International Conference on AI in Finance. 2020. https://doi.org/10.1145/3383455.3422554</mixed-citation><mixed-citation xml:lang="en">Assefa S., Dervovic D., Mahfouz M., Balch T., Reddy P., Veloso M. Generating Synthetic Data in Finance: Opportunities, Challenges and Pitfalls // Proceedings of the First ACM International Conference on AI in Finance. 2020. https://doi.org/10.1145/3383455.3422554</mixed-citation></citation-alternatives></ref><ref id="cit3"><label>3</label><citation-alternatives><mixed-citation xml:lang="ru">James S., Harbron C., Branson J., Sundler M. Synthetic data use: exploring use cases to optimise data utility // Discover Artificial Intelligence. 2021. V. 1. https://doi.org/10.1007/s44163-021-00016-y</mixed-citation><mixed-citation xml:lang="en">James S., Harbron C., Branson J., Sundler M. Synthetic data use: exploring use cases to optimise data utility // Discover Artificial Intelligence. 2021. V. 1. https://doi.org/10.1007/s44163-021-00016-y</mixed-citation></citation-alternatives></ref><ref id="cit4"><label>4</label><citation-alternatives><mixed-citation xml:lang="ru">Jordon J., Szpruch L. et al. Synthetic Data – what, why and how? // ArXiv. 2022. https://doi.org/10.48550/arXiv.2205.03257</mixed-citation><mixed-citation xml:lang="en">Jordon J., Szpruch L. et al. Synthetic Data – what, why and how? // ArXiv. 2022. https://doi.org/10.48550/arXiv.2205.03257</mixed-citation></citation-alternatives></ref><ref id="cit5"><label>5</label><citation-alternatives><mixed-citation xml:lang="ru">Хафизов А.В., Григорьев М.В. Генерирование синтетических пористых изображений для аугментации данных с целью тренировки алгоритмов машинного обучения // Сенсорные системы. 2021. Т. 35, № 4. С. 340–347. https://doi.org/10.31857/S023500922104003X</mixed-citation><mixed-citation xml:lang="en">Хафизов А.В., Григорьев М.В. Генерирование синтетических пористых изображений для аугментации данных с целью тренировки алгоритмов машинного обучения // Сенсорные системы. 2021. Т. 35, № 4. С. 340–347. https://doi.org/10.31857/S023500922104003X</mixed-citation></citation-alternatives></ref><ref id="cit6"><label>6</label><citation-alternatives><mixed-citation xml:lang="ru">Heine J., Fowler E.E.E., Berglund A., Schell M.J., Eschrich S. Techniques to produce and evaluate realistic multivariate synthetic data // Scientific Reports. 2023. V. 13. https://doi.org/10.1038/s41598-023-38832-0</mixed-citation><mixed-citation xml:lang="en">Heine J., Fowler E.E.E., Berglund A., Schell M.J., Eschrich S. Techniques to produce and evaluate realistic multivariate synthetic data // Scientific Reports. 2023. V. 13. https://doi.org/10.1038/s41598-023-38832-0</mixed-citation></citation-alternatives></ref><ref id="cit7"><label>7</label><citation-alternatives><mixed-citation xml:lang="ru">Vicente C., Muzo D., Jiménez I., Fabelo H., Gram I.T., Løchen M., Granja C., Ruiz C. Evaluation of Synthetic Categorical Data Generation Techniques for Predicting Cardiovascular Diseases and Post-Hoc Interpretability of the Risk Factors // Applied Sciences. 2023. Vol. 13(7). https://doi.org/10.3390/app13074119</mixed-citation><mixed-citation xml:lang="en">Vicente C., Muzo D., Jiménez I., Fabelo H., Gram I.T., Løchen M., Granja C., Ruiz C. Evaluation of Synthetic Categorical Data Generation Techniques for Predicting Cardiovascular Diseases and Post-Hoc Interpretability of the Risk Factors // Applied Sciences. 2023. Vol. 13(7). https://doi.org/10.3390/app13074119</mixed-citation></citation-alternatives></ref><ref id="cit8"><label>8</label><citation-alternatives><mixed-citation xml:lang="ru">Wang Z., Wang H. Global Data Distribution Weighted Synthetic Oversampling Technique for Imbalanced Learning // IEEE Access. 2021. V. 9. P. 44770–44783. https://doi.org/10.1109/ACCESS.2021.3067060</mixed-citation><mixed-citation xml:lang="en">Wang Z., Wang H. Global Data Distribution Weighted Synthetic Oversampling Technique for Imbalanced Learning // IEEE Access. 2021. V. 9. P. 44770–44783. https://doi.org/10.1109/ACCESS.2021.3067060</mixed-citation></citation-alternatives></ref><ref id="cit9"><label>9</label><citation-alternatives><mixed-citation xml:lang="ru">Astrid M., Zaheer M., Lee S. Synthetic Temporal Anomaly Guided End-to-End Video Anomaly Detection // 2021 IEEE/CVF International Conference on Computer Vision Workshops (ICCVW). 2021. P. 207–214. https://doi.org/10.1109/ICCVW54120.2021.00028</mixed-citation><mixed-citation xml:lang="en">Astrid M., Zaheer M., Lee S. Synthetic Temporal Anomaly Guided End-to-End Video Anomaly Detection // 2021 IEEE/CVF International Conference on Computer Vision Workshops (ICCVW). 2021. P. 207–214. https://doi.org/10.1109/ICCVW54120.2021.00028</mixed-citation></citation-alternatives></ref><ref id="cit10"><label>10</label><citation-alternatives><mixed-citation xml:lang="ru">Luo M., Wang K., Cai Z., Liu A., Li Y., Cheang C.F. Using Imbalanced Triangle Synthetic Data for Machine Learning Anomaly Detection // Computers, Materials &amp; Continua. 2019. V. 58(1). P. 15–26. https://doi.org/10.32604/cmc.2019.03708</mixed-citation><mixed-citation xml:lang="en">Luo M., Wang K., Cai Z., Liu A., Li Y., Cheang C.F. Using Imbalanced Triangle Synthetic Data for Machine Learning Anomaly Detection // Computers, Materials &amp; Continua. 2019. V. 58(1). P. 15–26. https://doi.org/10.32604/cmc.2019.03708</mixed-citation></citation-alternatives></ref><ref id="cit11"><label>11</label><citation-alternatives><mixed-citation xml:lang="ru">Salem M., Taheri S., Yuan J.S. Anomaly Generation Using Generative Adversarial Networks in Host-Based Intrusion Detection // 9th IEEE Annual Ubiquitous Computing, Electronics &amp; Mobile Communication Conference. 2018. P. 683–687. https://doi.org/10.1109/UEMCON.2018.8796769</mixed-citation><mixed-citation xml:lang="en">Salem M., Taheri S., Yuan J.S. Anomaly Generation Using Generative Adversarial Networks in Host-Based Intrusion Detection // 9th IEEE Annual Ubiquitous Computing, Electronics &amp; Mobile Communication Conference. 2018. P. 683–687. https://doi.org/10.1109/UEMCON.2018.8796769</mixed-citation></citation-alternatives></ref><ref id="cit12"><label>12</label><citation-alternatives><mixed-citation xml:lang="ru">Smolyakov D., Sviridenko N., Ishimtsev V., Burikov E., Burnaev E. Learning Ensembles of Anomaly Detectors on Synthetic Data // International Symposium on Neural Networks. 2019. https://doi.org/10.1007/978-3-030-22808-8_30</mixed-citation><mixed-citation xml:lang="en">Smolyakov D., Sviridenko N., Ishimtsev V., Burikov E., Burnaev E. Learning Ensembles of Anomaly Detectors on Synthetic Data // International Symposium on Neural Networks. 2019. https://doi.org/10.1007/978-3-030-22808-8_30</mixed-citation></citation-alternatives></ref><ref id="cit13"><label>13</label><citation-alternatives><mixed-citation xml:lang="ru">Емельянов С.О., Иванова А.А., Швец Е.А., Николаев Д.П. Методы аугментации обучающих выборок в задачах классификации изображений // Сенсорные системы. 2018. Т. 32, № 3. С. 236–245.</mixed-citation><mixed-citation xml:lang="en">Емельянов С.О., Иванова А.А., Швец Е.А., Николаев Д.П. Методы аугментации обучающих выборок в задачах классификации изображений // Сенсорные системы. 2018. Т. 32, № 3. С. 236–245.</mixed-citation></citation-alternatives></ref><ref id="cit14"><label>14</label><citation-alternatives><mixed-citation xml:lang="ru">https://doi.org/10.1134/S0235009218030058</mixed-citation><mixed-citation xml:lang="en">https://doi.org/10.1134/S0235009218030058</mixed-citation></citation-alternatives></ref><ref id="cit15"><label>15</label><citation-alternatives><mixed-citation xml:lang="ru">Ping H., Stoyanovich J., Howe B. DataSynthesizer: Privacy-Preserving Synthetic Datasets // Proceedings of the 29th International Conference on Scientific and Statistical Database Management. 2017. P. 1–5. https://doi.org/10.1145/3085504.3091117</mixed-citation><mixed-citation xml:lang="en">Ping H., Stoyanovich J., Howe B. DataSynthesizer: Privacy-Preserving Synthetic Datasets // Proceedings of the 29th International Conference on Scientific and Statistical Database Management. 2017. P. 1–5. https://doi.org/10.1145/3085504.3091117</mixed-citation></citation-alternatives></ref><ref id="cit16"><label>16</label><citation-alternatives><mixed-citation xml:lang="ru">DataResponsibly / DataSynthesizer // GitHub. URL: https://github.com/DataResponsibly/DataSynthesizer (дата обращения 12.01.2024)</mixed-citation><mixed-citation xml:lang="en">DataResponsibly / DataSynthesizer // GitHub. URL: https://github.com/DataResponsibly/DataSynthesizer (дата обращения 12.01.2024)</mixed-citation></citation-alternatives></ref><ref id="cit17"><label>17</label><citation-alternatives><mixed-citation xml:lang="ru">Han S., Hu X., Huang H., Jiang M., Zhao Y. ADBench: Anomaly Detection Benchmark // Neural Information Processing Systems (NeurIPS). 2022.</mixed-citation><mixed-citation xml:lang="en">Han S., Hu X., Huang H., Jiang M., Zhao Y. ADBench: Anomaly Detection Benchmark // Neural Information Processing Systems (NeurIPS). 2022.</mixed-citation></citation-alternatives></ref><ref id="cit18"><label>18</label><citation-alternatives><mixed-citation xml:lang="ru">Minqi824 / ADBench // GitHub. URL: https://github.com/Minqi824/ADBench (дата обращения 23.01.2024)</mixed-citation><mixed-citation xml:lang="en">Minqi824 / ADBench // GitHub. URL: https://github.com/Minqi824/ADBench (дата обращения 23.01.2024)</mixed-citation></citation-alternatives></ref><ref id="cit19"><label>19</label><citation-alternatives><mixed-citation xml:lang="ru">Liu F.T., Ting K.M., Zhou Z. Isolation Forest // Eighth IEEE International Conference on Data Mining. 2008. P. 413–422. https://doi.org/10.1109/ICDM.2008.17</mixed-citation><mixed-citation xml:lang="en">Liu F.T., Ting K.M., Zhou Z. Isolation Forest // Eighth IEEE International Conference on Data Mining. 2008. P. 413–422. https://doi.org/10.1109/ICDM.2008.17</mixed-citation></citation-alternatives></ref><ref id="cit20"><label>20</label><citation-alternatives><mixed-citation xml:lang="ru">Snoek J., Larochelle H., Adams R.P. Practical Bayesian Optimization of Machine Learning Algorithms // Advances in Neural Information Processing Systems 25. 2012.</mixed-citation><mixed-citation xml:lang="en">Snoek J., Larochelle H., Adams R.P. Practical Bayesian Optimization of Machine Learning Algorithms // Advances in Neural Information Processing Systems 25. 2012.</mixed-citation></citation-alternatives></ref><ref id="cit21"><label>21</label><citation-alternatives><mixed-citation xml:lang="ru">Yang L., Shami A. On hyperparameter optimization of machine learning algorithms: Theory and practice // Neurocomputing. 2020. V. 415. P. 295–316. https://doi.org/10.1016/j.neucom.2020.07.061</mixed-citation><mixed-citation xml:lang="en">Yang L., Shami A. On hyperparameter optimization of machine learning algorithms: Theory and practice // Neurocomputing. 2020. V. 415. P. 295–316. https://doi.org/10.1016/j.neucom.2020.07.061</mixed-citation></citation-alternatives></ref></ref-list><fn-group><fn fn-type="conflict"><p>The authors declare that there are no conflicts of interest present.</p></fn></fn-group></back></article>
