This paper offers a fundamentally new and more effective conceptual model for the intelligent network security monitoring. It reviews the general intellectual architecture of the monitoring process, its functional blocks, processing and application trends. In addition, it explores the gaps and weak points of the monitoring system. To tackle the mentioned problems, the proposed model combines functional capabilities, such as the monitoring of problem-oriented information, initial processing of the gathered data, data indexation, data structuring, storing and managing collected data, selecting the data at the request of decision makers and generating readable and analyzable reports (pp.70-77).
- Alguliyev R.M., Imamverdiyev Y.N., Nabiyev B.R. // The analysis of the methods for information technology network security monitoring, 2014, No 1, pp. 60-68.
- Fung C.J., Boutaba R. Design and management of collaborative intrusion detection networks / International Symposium on Integrated Network Management, 2013, pp. 955-961.
- Yegneswaran V., Barford P., Jha S. Global Intrusion Detection in the DOMINO Overlay System / Proc.of the Network and Distributed System Security Symposium, 2004, 1-17.
- Fataliyev Z., Imamverdiyev Y.N. Security Operation Center Architecture for E-government based on Big Data Analysis / Republican scientific-practical conference on the problems of building e-government. Baku, 2014. pp. 140-144.
- Hofstede R., Celeda P., Trammell B., Drago I., Sadre R., Sperotto A., Pras A. Flow Monitoring Explained: From Packet Capture to Data Analysis with NetFlow and IPFIX // IEEE Communications Surveys & Tutorials, 2014, vol. 16, pp. 2037-2064.
- Deri L., Lorenzetti V., Mortimer S., Collection and Exploration of Large Data Monitoring Sets Using Bitmap Databases / Second International Workshop Traffic Monitoring and Analysis, 2010, pp 73-86.
- Giura P., Memon N., NetStore: An Efficient Storage Infrastructure for Network Forensics and Monitoring /Proc.of the International Symposium on Recent Advances in Intrusion Detection, 2010, pp. 277-296.
- Lee Y., KangW., Son H., An Internet Trafﬁc Analysis Method with MapReduce // Proc. of the IEEE/IFIP Network Operations and Management Symposium Workshops (NOMS Wksps), 2010, pp. 357 – 361.
- Imamverdiyev Y.N., Nabiyev B.R. Multi-classifier model for the network traffic // Problems of Information Technology, 2014, No 2, pp. 60-68.
- Nabiyev B.R. Method for the network traffic clustering / Second Republic scientific-practical conference on the multidisciplinary issues of information security dedicated to the 150th anniversary of the International Telecommunication Union, Baku, 2015, pp. 213-215.
- Jaiswal R. C., Lokhande S. D. Machine learning based internet traffic recognition with statistical approach /Proc.of the Annual IEEE India Conference, 2013, pp. 1-16.
- Imamverdiyev YN., Nabiyev B.R. Precedents theory-based of decision-making method for the network security monitoring // Problems of Information Technology, 2012, No 2, pp. 53-58.