DEVELOPMENT OF A MATHEMATICAL FRAMEWORK FOR SOFTWARE SUPPORTING MODELING AND PREDICTION OF INFORMATION SECURITY THREATS BASED ON ARTIFICIAL INTELLIGENCE METHODS

Authors

  • Tynchtykbek Asilbekov Osh State University
  • Maksatbek Orozov Osh State University
  • Azizbek Asanov Osh State University

DOI:

https://doi.org/10.52754/16948610_2026_2_33%20

Keywords:

information security, artificial intelligence, machine learning, threat prediction, mathematical modeling

Abstract

This paper presents the scientific and methodological foundation for the future development of software designed to model, detect at an early stage, and predict information security threats using machine learning, deep learning, graph analysis, and explainable artificial intelligence techniques. The relevance of the study is driven by the increasing complexity of cyberattacks, the growing prevalence of multi-stage Advanced Persistent Threat (APT) campaigns, the rising number of attacks targeting cloud, corporate, and IoT infrastructures, as well as the limited effectiveness of traditional signature-based intrusion detection systems against new, modified, and previously unknown threats. Unlike conventional approaches focused solely on detecting incidents after they occur, the proposed framework justifies the transition toward a predictive information security model capable of considering the temporal sequence of events, relationships among network nodes, the probabilistic evolution of attacks, changes in network topology, and the need to provide interpretable AI decisions for Security Operations Center (SOC) analysts. The paper formulates the mathematical basis of the problem, including the representation of network events as feature vectors, modeling the infrastructure as a dynamic graph, defining a risk function, constructing probabilistic attack forecasts over a specified time horizon, and establishing quality criteria for the future software implementation. The practical significance of the study lies in the fact that the proposed theoretical framework can serve as a foundation for developing an intelligent software system integrated with SIEM/SOC infrastructures for information security event analysis, risk assessment, threat prediction, and explanation of security alerts.

References

Anderson, J.P. (1980). Computer Security Threat Monitoring and Surveillance. Fort Washington: James P. Anderson Co.

Bai S., Kolter J.Z., Koltun V. An Empirical Evaluation of Generic Convolutional and Recurrent Networks for Sequence Modeling. 2018.

Bishop C.M. Pattern Recognition and Machine Learning. Springer, 2006.

Breiman L. Random Forests // Machine Learning. 2001. Vol. 45. P. 5–32.

Brown T.B. et al. Language Models are Few-Shot Learners // NeurIPS. 2020. Vol. 33. P. 1877–1901.

Buczak A.L., Guven E. A Survey of Data Mining and Machine Learning Methods for Cyber Security Intrusion Detection // IEEE Communications Surveys & Tutorials. 2016. Vol. 18, No. 2. P. 1153–1176.

Chen T., Guestrin C. XGBoost: A Scalable Tree Boosting System // KDD. 2016. P. 785–794.

Denning D.E. An Intrusion-Detection Model // IEEE Transactions on Software Engineering. 1987. Vol. SE-13, No. 2. P. 222–232.

ENISA. Threat Landscape 2025. European Union Agency for Cybersecurity, 2025.

Ferrag M.A., Maglaras L., Moschoyiannis S., Janicke H. Deep Learning for Cyber Security Intrusion Detection: Approaches, Datasets, and Comparative Study // Information Security Journal. 2022. Vol. 31, No. 2. P. 108–139.

Goodfellow I.J., Shlens J., Szegedy C. Explaining and Harnessing Adversarial Examples // ICLR. 2015.

Hamilton W.L. Graph Representation Learning. Morgan & Claypool, 2020.

Hamilton W.L., Ying R., Leskovec J. Inductive Representation Learning on Large Graphs // NeurIPS. 2017. P. 1024–1034.

Hochreiter S., Schmidhuber J. Long Short-Term Memory // Neural Computation. 1997. Vol. 9, No. 8. P. 1735–1780.

IBM Security. Cost of a Data Breach Report 2025. IBM, 2025.

Kim J., Kim J., Thu H.L.T., Kim H. Long Short Term Memory Recurrent Neural Network Classifier for Intrusion Detection // ICUIMC. 2016. Article 94.

Kipf T.N., Welling M. Semi-Supervised Classification with Graph Convolutional Networks // ICLR. 2017.

Koroniotis N., Moustafa N., Sitnikova E., Turnbull B. Towards the Development of Realistic Botnet Dataset in the Internet of Things for Network Forensic Analytics: Bot-IoT Dataset // Future Generation Computer Systems. 2019. Vol. 100. P. 779–796.

Lo W.W., Layeghy S., Sarhan M., Gallagher M., Portmann M. E-GraphSAGE: A Graph Neural Network Based Intrusion Detection System for IoT // IEEE/IFIP NOMS. 2022. P. 1–9.

Madry A., Makelov A., Schmidt L., Tsipras D., Vladu A. Towards Deep Learning Models Resistant to Adversarial Attacks // ICLR. 2018.

MITRE. MITRE ATT&CK Enterprise Matrix.

Moustafa N. ToN_IoT Datasets: A New Generation Dataset of IoT and IIoT for Data-Driven Intrusion Detection Systems // IEEE Access. 2020. Vol. 8. P. 165130–165150.

Moustafa N., Slay J. UNSW-NB15: A Comprehensive Data Set for Network Intrusion Detection Systems // MilCIS. 2015. P. 1–6.

Murphy K.P. Machine Learning: A Probabilistic Perspective. MIT Press, 2012.

Myneni S., Chowdhary A., Sabur A., Sengupta S., Agrawal G., Huang D., Kang M. DAPT 2020: Constructing a Benchmark Dataset for Advanced Persistent Threats // MLHat 2020. Springer, 2020. P. 138–163.

Neto E.C.P. et al. CICIoT2023: A Real-Time Dataset and Benchmark for Large-Scale Attacks in IoT Environment // Sensors. 2023. Vol. 23, No. 13. Article 5941.

Scarselli F., Gori M., Tsoi A.C., Hagenbuchner M., Monfardini G. The Graph Neural Network Model // IEEE Transactions on Neural Networks. 2009. Vol. 20, No. 1. P. 61–80.

Shrikumar A., Greenside P., Kundaje A. Learning Important Features Through Propagating Activation Differences // ICML. 2017. P. 3145–3153.

Staudemeyer R.C. Applying Long Short-Term Memory Recurrent Neural Networks to Intrusion Detection // South African Computer Journal. 2015. Vol. 56, No. 1. P. 136–154.

Tavallaee M., Bagheri E., Lu W., Ghorbani A.A. A Detailed Analysis of the KDD CUP 99 Data Set // CISDA. 2009. P. 1–6.

Vaswani A. et al. Attention Is All You Need // NeurIPS. 2017. P. 5998–6008.

Veličković P., Cucurull G., Casanova A., Romero A., Liò P., Bengio Y. Graph Attention Networks // ICLR. 2018.

Verizon. Data Breach Investigations Report 2026. Verizon Business, 2026.

Warnecke A., Arp D., Wressnegger C., Rieck K. Evaluating Explanation Methods for Deep Learning in Security // IEEE EuroS&P. 2020. P. 158–174.

Yu W., Ge Z., Sun P., Wang J., Xu W. LogBERT: Log Anomaly Detection via BERT // IJCNN. 2021. P. 1–8.

Published

2026-06-30

How to Cite

Asilbekov , T., Orozov , M., & Asanov, A. (2026). DEVELOPMENT OF A MATHEMATICAL FRAMEWORK FOR SOFTWARE SUPPORTING MODELING AND PREDICTION OF INFORMATION SECURITY THREATS BASED ON ARTIFICIAL INTELLIGENCE METHODS. Bulletin of Osh State University, (2), 448–460. https://doi.org/10.52754/16948610_2026_2_33