Статистический алгоритм обнаружения угроз компьютерной безопасности
Работая с нашим сайтом, вы даете свое согласие на использование файлов cookie. Это необходимо для нормального функционирования сайта, показа целевой рекламы и анализа трафика. Статистика использования сайта отправляется в «Яндекс» и «Google»
Научный журнал Моделирование, оптимизация и информационные технологииThe scientific journal Modeling, Optimization and Information Technology
Online media
issn 2310-6018

Statistical algorithm for detecting computer security threats

Miloserdov I. V.,  Malyshev V. A. 

UDC 343.985
DOI: 10.26102/2310-6018/2020.31.4.020

  • Abstract
  • List of references
  • About authors

The problem of synthesis of a statistical algorithm constructed in a subclass of discrete-continuous random processes designed to predict and detect the beginning of a DDos attack by analyzing changes in the intensity of received traffic is considered. To analyze and identify threats to the security of computer networks, there are monitoring systems that focus on analyzing traffic, packets, and protocols. All of these systems are vulnerable. Almost all levels of the object's OSI model, which is defined as any type of server or selected applications, are subject to attack, but the first sign of an attack is abnormal behavior of input traffic. Promising techniques to ensure safety of the COP include methods based on the detection of the deviation by the change of probabilistic data parameters. Their essence is to determine changes in the statistical characteristics of data flows. The developed algorithm allows not only detecting a network security threat, but also.

1. Cabrera, J.B.D. Proactive detection of distributed denial of service attacks using mib traffic variables – a feasibility study I J.B.D. Cabrera, L. Lewis, X. Qin et al. II Proc.of International Symposium on Integrated Network Management. Seattle, 14–18 May. 2001. Piscataway: IEEE, 2001:609– 622.

2. Ioannidis, J. Implementing Pushback: Router-Based Defense Against DDoS Attacks I J. loannidis, S.M. Bellovin II Proc. of Symposium of Network and Distributed Systems Security (NDSS). San Diego, 6-8 February. 2002: 57-71.

3. Manajan, R. Controlling High Bandwidth Aggregates in the Network : ICSI Technical Report I R. Manajan, S.M. Bellovin, S. Floyd et al. - ICSI, 2001: 16.

4. CoIIins, M. An Empirical Analysis of Target-Resident DoS Filters I M. Collins, M.K. Reiter If Proc. of 2004 IEEE Symposium on Security and Privacy (S&P'04). Oakland, May 9 –12, 2004. Piscataway : IEEE, 2004: 103–114.

5. Krishnamurthy, B. On network-aware clustering of Web clients I B. Krishnamurthy, J. Wang II Proc. of ACM SIGCOMM 2000. Stockholm 28 August – 1 September, 2000. [USA]: ACM publishing, 2000:97–110.

6. Jin, C. Hop-count filtering: An effective defense against spoofed DDoS traffic I C. Jin, H. Wang, K.G. Shin II Proc. of 10th ACM Conference on Computer and Communications Security. Washington, October 27-30, 2003. [USA] : ACM publishing, 2003:30-41.

7. Xuan, D. A Gateway-Based Defense System for Distributed DoS Attacks in High Speed Networks I D. Xuan, R. Bettati, W. Zhao II Proc.of 2nd IEEE SMC Information Assurance Workshop. West Point, NY, June, 2001. - Piscataway : IEEE, 2001:212-219.

8. Kang, J. Protect E-Commerce against DDoS Attacks with Improved DWARD Detection System I J. Kang, Z. Zhang, J. Ju II Proc. of 2005 IEEE International Conference on eTechnology, e-Commerce and e-Service. HongKong, 29 March-1 April, 2005. Piscataway : IEEE, 2005:100-105.

9. Mirkovic, J. A Taxonomy of DDoS Attacks and Defense Mechanisms / J.Mirkovic, P. Reiher II ACM SIGCOMM Computer Communications Review. 2004;34(2):643-666.

10. Li, M. Decision Analysis of Statistically Detecting Distributed Denial-of Service Flooding Attacks I M. Li, С Chi, W. Jia et al. II International Journal of Information Technology and Decision Making. 2003;2(3):397-405.

11. Peng, T. Proactively Detecting DDoS Attack Using Source IP Address Monitoring I T. Peng, C. Leckie, R. Kotagiri II Networking 2004. Athens, Greece, May 9-14, 2004. Berlin : Springer, 2004;3042:771-782.

12. Ternovoy O.S., Shatokhina A.S. Method of detecting vulnerabilities to DDoS attacks of content management systems on the example of the Wordpress system/ Ternovoy O. S., Izvestiya Altaiskogo gosudarstvennogo universiteta. 2012;1/2(71):104-108.

13. Bukhalev V.A. Recognition, evaluation and control in systems with random jump structure /M.: Nauka "Fizmatlit". 1996:287.

Miloserdov Igor Vasilievich
Doctor of Technical Sciences, Professor
Email: ig.milos@yandex.ru

Saint Petersburg Institute of Informatics and automation of the Russian Academy of Sciences

Saint Petersburg, Russian Federation

Malyshev Vladimir Alexandrovich
Doctor of Technical Sciences, Professor
Email: vamalyshev@list.ru

MESC AF «Air Force Academy named after prof. N.E. Zhukovsky and Y.A. Gagarin”

Voronezh, Russian Federation

Keywords: computer network, security threat, discrete-continuous random processes, security monitoring, recurrent algorithm

For citation: Miloserdov I. V., Malyshev V. A., Statistical algorithm for detecting computer security threats. Modeling, Optimization and Information Technology. 2020;8(4). URL: https://moitvivt.ru/ru/journal/pdf?id=866 DOI: 10.26102/2310-6018/2020.31.4.020 (In Russ).

598

Full text in PDF

Published 31.12.2020