Machine learning model for threat analysis in composite security architecture

Currently, the number of cyber-attacks on various information systems is increasing. In this regard, the construction of composite security architecture is promising. Composite security architecture combines various methods and models into a single system. The modularity and flexibility of such architecture is especially effective in protecting distributed information systems. An important task is to study the potential impact of various threats on data integrity, the level of security, and ensuring secure inter-network interaction. The article analyzes various threat models. The application of machine learning based on the Isolation Forest algorithm is proposed. The STRIDE model is selected to illustrate the analysis of threats. A Python program has been developed to implement the Isolation Forest method to identify anomalies in data traffic. The results are presented in the form of graphs of the main parameters: number of requests, data volume, and response time. Silhouette Score model was used to assess the quality of training. The implementation of machine learning in combination with various security methods will help solve the problem of application architecture security and build an interchangeable modular structure.