Application of artificial intelligence for detecting information-technical impacts

Purpose of the work was to substantiate the effectiveness of applying artificial intelligence techniques (machine learning and deep learning) for the timely detection of destructive information-technical impacts on critical infrastructure objects. 

Methods. An analysis of scientific sources has been conducted scientific sources, including cybersecurity surveys and standards, and conducted an experiment on a public network attack dataset (UNSW-NB15) using machine learning (Random Forest) and a deep neural network. Evaluation was based on metrics such as accuracy, detection recall, F1-score, etc. 

Results. ML/DL methods show significantly higher attack detection accuracy compared to traditional signature-based tools: ~96% accuracy was achieved on the UNSW-NB15 dataset using a neural network, versus ~70% for the signature approach. We demonstrate that deep learning enables discovery of previously unknown attacks (including sophisticated multi-vector APTs) by recognizing hidden anomalies, and that ensemble and federated approaches improve detection reliability and speed.

Conclusion. Integrating AI techniques into security monitoring systems considerably increases the protection efficiency of critical systems by proactively identifying cyberattacks with minimal false alarms. The experimental results confirm the practical applicability of the chosen methods for securing network infrastructure (energy, communications, industrial IoT). However, further work is needed to ensure robustness against adversarial attacks and to uphold AI reliability principles.

1. Kotenko I.V., Kolesnikov A.I., Saenko I.B., Zakharchenko R.I., Velichko D.V. Subsystem of prevention of computer attacks on objects of critical information infrastructure of the Russian Federation. Voprosy kiberbezopasnosti = Cybersecurity issues. 2023;(1):13–27. (In Russ.). https://doi.org/10.21681/2311-3456-2023-1-13-27

2. Salem A.H., Azzam S.M., Emam O.E., Abohany A.A. Advancing cybersecurity: a comprehensive review of AI-driven detection techniques. Journal of Big Data. 2024;11(1):1–38. https://doi.org/10.1186/s40537-024-00957-y

3. Jensen B., Atalan Y., Macias J.M. Algorithmic Stability: How AI Could Shape the Future of Deterrence. Center for Strategic and International Studies (CSIS). 2024 Jun 10. Available from: https://www.csis.org/analysis/algorithmic-stability-how-ai-could-shapefuture-deterrence

4. Pinto Neto E.C., Iqbal S., Buffett S., Sultana M., Taylor A. Deep learning for intrusion detection in emerging technologies: a comprehensive survey and new perspectives. Artificial Intelligence Review. 2025;58:340. https://doi.org/10.1007/s10462-025-11346-z

5. Pang G., Shen C., Cao L., van den Hengel A. Deep learning for anomaly detection: challenges, methods and opportunities. Preprint: arXiv:2007.02500; 2020. Available from: https://arxiv.org/abs/2007.02500

6. Sowmya T., Mary Anita E.A. A comprehensive review of AI-based intrusion detection system. Measurement: Sensors. 2023;28:100827. https://doi.org/10.1016/j.measen.2023.100827

7. Issa M.M., Aljanabi M., Muhialdeen H.M. Systematic literature review on intrusion detection systems: research trends and future directions (2018–2023). Journal of Intelligent Systems. 2024;(early access). https://doi.org/10.1515/jisys-2023-0248

8. Zhang Y., Muniyandi R.C., Qamar F. A review of deep learning applications in intru-sion detection systems: overcoming challenges in spatiotemporal feature extraction and data imbalance. Applied Sciences. 2025;15(3):1552. https://doi.org/10.3390/app15031552

9. Ren W., Song X., Hong Y., Lei Y., Yao J., Du Y., Li W. APT attack detection based on graph convolutional neural networks. International Journal of Computational Intelligence Systems. 2023;16:184. https://doi.org/10.1007/s44196-023-00369-5

10. Kostogryzov A.I. Forecasting risks based on monitoring data for artificial intelligence systems. In: BIT. Sbornik trudov Desyatoi mezhdunarodnoi nauchno-tekhnicheskoi konferentsii = BIT. Proceedings of the Tenth International Scientific and Technical Conference. Moscow: Bauman Moscow State Technical University; 2019. P. 220–229. (In Russ.)

11. Kumar G., Thakur K., Ayyagari M.R. MLEsIDSs: machine learning-based ensembles for intrusion detection systems – a review. The Journal of Supercomputing. 2020;76(12):8938–8971. https://doi.org/10.1007/s11227-020-03196-z

12. Bobyr M.V., Milostnaya N.A., Bulatnikov V.A. The fuzzy filter based on the method of ar-eas’ ratio. Applied Soft Computing. 2022;117:108449. https://doi.org/10.1016/j.asoc.2022.108449

13. Wang M., Song G., Yu Y., Zhang B. The current research status of AI-based network security situational awareness. Electronics. 2023;12(10):2309. https://doi.org/10.3390/electronics12102309

14. Kotenko I.V., Izrailov K.E., Buinevich M.V. A method for detecting attacks of various origins on complex objects based on state information. Part 1. Voprosy kiberbezopasnosti = Cybersecurity issues. 2023;3(55):90–100. (In Russ.). https://doi.org/10.21681/2311-3456-2023-3-90-100

15. Tushkanova O., Levshun D., Branitskiy A., Fedorchenko E., Novikova E., Kotenko I. Detection of cyberattacks and anomalies in cyber-physical systems: approaches, data sources, evaluation. Algorithms. 2023;16(2):85. https://doi.org/10.3390/a16020085

16. Novikova E.S., Kotenko I.V., Meleshko A.V., Izrailov K.E. Intrusion detection based on federated learning: system architecture and experiments. Voprosy kiberbezopasnosti = Cybersecurity issues. 2023;(6):50–66. (In Russ.). https://doi.org/10.21681/2311-34562023-6-50-66

17. Shanmugam V., Razavi-Far R., Hallaji E. Addressing class imbalance in intrusion detection: a comprehensive evaluation of machine learning approaches. Electronics. 2025;14(1):69. https://doi.org/10.3390/electronics14010069

18. Zhang H., Ye J., Huang W., Liu X., Gu J. Survey of federated learning in intrusion detection. Journal of Parallel and Distributed Computing. 2024;195:104976. https://doi.org/10.1016/j.jpdc.2024.104976

19. Izrailov K.E., Buinevich M.V. A method for detecting attacks of various origins on complex objects based on state information. Part 2. Algorithm, model and experiment. Voprosy kiberbezopasnosti = Cybersecurity issues. 2023;(4):80–93. (In Russ.). https://doi.org/10.21681/2311-3456-2023-4-80-93