This article explores the process of detecting anomalies in information attacks, focusing on methodologies, tools, and technologies employed in cyber defense systems. By understanding the behaviors and patterns of legitimate activities, deviations—referred to as anomalies—can be identified, signaling potential malicious activities. The paper discusses various anomaly detection approaches, such as statistical methods, machine learning algorithms, and behavior-based techniques. Case studies highlight the application of these methods in real-world scenarios. The study underscores the importance of anomaly detection in fortifying information security against evolving cyber threats.

anomaly detection, information attacks, cyber security, machine learning, statistical analysis, behavior-based analysis

Chandola, V., Banerjee, A., & Kumar, V. (2009). Anomaly detection: A survey. ACM Computing Surveys, 41(3), 1-58.

Ahmed, M., Mahmood, A. N., & Hu, J. (2016). A survey of network anomaly detection techniques. Journal of Network and Computer Applications, 60, 19-31.

Breunig, M. M., Kriegel, H.-P., Ng, R. T., & Sander, J. (2000). LOF: Identifying density-based local outliers. Proceedings of the 2000 ACM SIGMOD International Conference on Management of Data.

Pimentel, M. A. F., Clifton, D. A., Clifton, L., & Tarassenko, L. (2014). A review of novelty detection. Signal Processing, 99, 215-249.

Sommer, R., & Paxson, V. (2010). Outside the closed world: On using machine learning for network intrusion detection. Proceedings of the IEEE Symposium on Security and Privacy.