Алгоритм детектирования источников вредоносных запросов в киберфизических системах
Работая с нашим сайтом, вы даете свое согласие на использование файлов cookie. Это необходимо для нормального функционирования сайта, показа целевой рекламы и анализа трафика. Статистика использования сайта отправляется в «Яндекс» и «Google»
Научный журнал Моделирование, оптимизация и информационные технологииThe scientific journal Modeling, Optimization and Information Technology
Online media
issn 2310-6018

Algorithm for detecting sources of malicious requests in cyber-physical systems

idIskhakova A.O., idIskhakov A.Y., Bogacheva D.N.,  Molotov A.A. 

UDC 004.056
DOI: 10.26102/2310-6018/2022.38.3.020

  • Abstract
  • List of references
  • About authors

The paper is devoted to solving the problem of algorithmic security management processes of cyber-physical systems by detecting malicious requests from a number of other associated systems, internal services or human actions. The relevance of the research is due to the high degree of criticality of protection against possible degradation of services as part of the implementation of attacks on compound complex systems responsible for the integration of computing resources into physical entities. The authors focus on denial-of-service attacks on cyber-physical systems by sending http-flood to web management interfaces. The proposed algorithm for detecting malicious requests analyzes the activity of all investigated components of cyber-physical system web services. The research employs the method of visual analysis and data processing based on the representation as a single normalized set. Raw data of the analyzed queries is grouped in a specific way to detect a particular deviation as a suspected threat. Examples of data changes and security system responses are given. Experimental results confirm that the suggested algorithmic software achieves first- and second-order error reduction compared to commonly used regression models in modern application-level firewalls.

1. Iskhakov A.Y., Meshcheryakov R.V., Iskhakov S.Y. Problems of Application of Compromise Indicators for Proactive Threat Search in Robotics Complexes. Management of Large-Scale Systems Development (MLSD'2021). Proceedings of the Fourteenth International Conference. Edited by S.N. Vasiliev, A.D. Tsvirkun. Moscow; 2021. 1340–1347. (In Russ.).

2. Cherkasov A.N., Turkin E.A. Development of a malware detection model based on the analysis of API-request sequences. Vestnik Adygeyskogo gosudarstvennogo universiteta. Seriya 4: Yestestvenno-matematicheskiye i tekhnicheskiye nauki = The Bulletin of the Adyghe State University. Series 4 “Natural-Mathematical and Technical Sciences”. 2021;2(281):90–96. (In Russ.).

3. Meshcheryakov R., Iskhakov A., Mamchenko M., Romanova M., Uvaysov S., Amirgaliyev Y., Gromaszek K. A Probabilistic Approach to Estimating Allowed SNR Values for Automotive LiDARs in «Smart Cities» under Various External Influences. Sensors (Basel). 2022;22(2):609. DOI: 10.3390/s22020609.

4. Salomatin A.A., Iskhakov A.Y., Meshcheryakov R.V. Comparison of the Effectiveness of Countermeasures Against Tracking User Browser Fingerprints. IFAC-PapersOnLine. 2022;55(9):244–249. DOI: 10.1016/j.ifacol.2022.07.043.

5. Iskhakova A., Meshcheryakov R., Iskhakov A., Kulagina I. Analysis of textual content as a mechanism for ensuring safety of the socio-cyberphysical system. SIBCON 2021 - International Siberian Conference on Control and Communications. 2021:9438924. DOI: 10.1109/SIBCON50419.2021.9438924.

6. Shapiro L. DDoS attacks. Part 4. Military tricks. BIT. Biznes & Informatsionnyye tekhnologii. 2015;8(51):22–23. (In Russ.).

7. Yangliaev I. What DDoS attacks are and why it is more difficult to defend oneself from year to year. Available from: https://www.orange-business.com/ru/blogs/kakie-bivayut-ddos-ataki-i-pochemu-zaschischatsya-slozhnee-iz-goda-v-god (accessed 01.08.2022). (In Russ.).

8. Tobin D., Bogomolov A., Golosovskiy M. Model of Organization of Software Testing for Cyber-Physical Systems. Studies in Systems, Decision and Control. 2022;418:51–60.

9. Kazarian K.K., Belan V.V. Malicious queries. StudNet. 2022;1(5):58–64. (In Russ.).

10. Bolgov A.O., Kamenskikh A.N. Selection of optimal parameters for machine learning methods for detecting malicious queries to web applications. Mezhdunarodnaya konferentsiya po myagkim vychisleniyam i izmereniyam = International Conference on Soft Computing and Measurement. 2022;1:290–294. (In Russ.).

11. Uspensky E.N., Starikov A.S., Romashkina G.V., Norkina A.N. Adaptive detection of malicious requests in web attacks. Aktual'nyye problemy menedzhmenta, ekonomiki i ekonomicheskoy bezopasnosti. Sbornik materialov Mezhdunarodnoy nauchnoy konferentsii. 2019:308–311. (In Russ.).

12. Feher K. Digital identity and the online-self: footprint strategies – an exploratory and comparative research study. Journal of information science. 2019;47(2):1–5.

Iskhakova Anastasia Olegovna
Candidate of Technical Sciences

WoS | Scopus | ORCID | eLibrary |

V. A. Trapeznikov Institute of Control Sciences of Russian Academy of Sciences

Moscow, Russian Federation

Iskhakov Andrey Yunusovich
Candidate of Technical Sciences

WoS | Scopus | ORCID | eLibrary |

V. A. Trapeznikov Institute of Control Sciences of Russian Academy of Sciences

Moscow, Russian Federation

Bogacheva Darya Nikolaevna

V. A. Trapeznikov Institute of Control Sciences of Russian Academy of Sciences

Moscow, Russian Federation

Molotov Aleksandr Anatolyevich

V. A. Trapeznikov Institute of Control Sciences of Russian Academy of Sciences

Moscow, Russian Federation

Keywords: information security, malicious requests, sources of malicious requests, cyber security, data analysis, threats, denial of service, DDoS, URI, HTTP

For citation: Iskhakova A.O., Iskhakov A.Y., Bogacheva D.N., Molotov A.A. Algorithm for detecting sources of malicious requests in cyber-physical systems. Modeling, Optimization and Information Technology. 2022;10(3). URL: https://moitvivt.ru/ru/journal/pdf?id=1238 DOI: 10.26102/2310-6018/2022.38.3.020 (In Russ).

374

Full text in PDF

Received 23.09.2022

Revised 26.09.2022

Accepted 29.09.2022

Published 30.09.2022