ИЗПОЛЗВАНЕ НА ИЗКУСТВЕН ИНТЕЛЕКТ ЗА АНАЛИЗ И КАТЕГОРИЗАЦИЯ НА КИБЕРАТАКИ ЧРЕЗ РАЗПОЗНАВАНЕ НА ПОВЕДЕНЧЕСКИ МОДЕЛИ
USING ARTIFICIAL INTELLIGENCE TO ANALYZE AND CATEGORIZE CYBER ATTACKS THROUGH BEHAVIORAL PATTERN RECOGNITION

Summary/Abstract: The article presents a detailed analysis of the current state of cybersecurity in Bulgaria, focusing on assessing the risk of cyberattacks that affect or are carried out on Bulgarian IP addresses. Various approaches and tools are studied for data collection and analysis, including real-time operational monitoring, the use of honeypot systems, and analysis through Jupyter Notebook and Python, which support the comprehensive analysis of information. The research is based on an approach that includes summarizing the metadata used in the analysis and the methods for detecting cyberattacks, highlighting the importance of geographic location, methods of attack, and their sequence over time. The analysis emphasizes the intensity and spread of cyberattacks in the country, as well as significant diversity and potential instability of these attacks. The main part of the analysis presents key statistical data regarding cyberattacks, showing the activity and breadth of cyber threats in the country, including descriptive analysis and cluster analysis of the attacks. Correlation analyses are examined to study the connection between cyberattacks and different geographic regions, as well as time analysis for detecting long-term trends. Using visualization tools such as 3D bar charts and line charts provides a detailed representation of the correlations and changes over time, while boxplot and KS test for fitting comparison are used to assess the distribution and normality of the data. The article provides an overall view of cybersecurity in Bulgaria, using various methods and tools for data collection and analysis, with the aim of identifying key trends and potential risks from cyberattacks. The conclusions underline the importance of continuous monitoring and analysis of cyberattacks to detect trends and respond quickly. It is important to develop goals and strategies for cyber defense, taking into account regional, economic, and technological factors that can affect cybersecurity. The article offers recommendations for future research, including establishing long-term models and developing forecasting models that can predict changes in attackers’ tactics and offer effective preventative strategies.

• Details
• Contents