Algorithm for detecting sources of malicious requests in cyber-physical systems

The paper is devoted to solving the problem of algorithmic security management processes of cyber-physical systems by detecting malicious requests from a number of other associated systems, internal services or human actions. The relevance of the research is due to the high degree of criticality of protection against possible degradation of services as part of the implementation of attacks on compound complex systems responsible for the integration of computing resources into physical entities. The authors focus on denial-of-service attacks on cyber-physical systems by sending http-flood to web management interfaces. The proposed algorithm for detecting malicious requests analyzes the activity of all investigated components of cyber-physical system web services. The research employs the method of visual analysis and data processing based on the representation as a single normalized set. Raw data of the analyzed queries is grouped in a specific way to detect a particular deviation as a suspected threat. Examples of data changes and security system responses are given. Experimental results confirm that the suggested algorithmic software achieves first- and second-order error reduction compared to commonly used regression models in modern application-level firewalls.

1. Iskhakov A.Y., Meshcheryakov R.V., Iskhakov S.Y. Problems of Application of Compromise Indicators for Proactive Threat Search in Robotics Complexes. Management of Large-Scale Systems Development (MLSD'2021). Proceedings of the Fourteenth International Conference. Edited by S.N. Vasiliev, A.D. Tsvirkun. Moscow; 2021. 1340–1347. (In Russ.).

2. Cherkasov A.N., Turkin E.A. Development of a malware detection model based on the analysis of API-request sequences. Vestnik Adygeyskogo gosudarstvennogo universiteta. Seriya 4: Yestestvenno-matematicheskiye i tekhnicheskiye nauki = The Bulletin of the Adyghe State University. Series 4 “Natural-Mathematical and Technical Sciences”. 2021;2(281):90–96. (In Russ.).

3. Meshcheryakov R., Iskhakov A., Mamchenko M., Romanova M., Uvaysov S., Amirgaliyev Y., Gromaszek K. A Probabilistic Approach to Estimating Allowed SNR Values for Automotive LiDARs in «Smart Cities» under Various External Influences. Sensors (Basel). 2022;22(2):609. DOI: 10.3390/s22020609.

4. Salomatin A.A., Iskhakov A.Y., Meshcheryakov R.V. Comparison of the Effectiveness of Countermeasures Against Tracking User Browser Fingerprints. IFAC-PapersOnLine. 2022;55(9):244–249. DOI: 10.1016/j.ifacol.2022.07.043.

5. Iskhakova A., Meshcheryakov R., Iskhakov A., Kulagina I. Analysis of textual content as a mechanism for ensuring safety of the socio-cyberphysical system. SIBCON 2021 - International Siberian Conference on Control and Communications. 2021:9438924. DOI: 10.1109/SIBCON50419.2021.9438924.

6. Shapiro L. DDoS attacks. Part 4. Military tricks. BIT. Biznes & Informatsionnyye tekhnologii. 2015;8(51):22–23. (In Russ.).

7. Yangliaev I. What DDoS attacks are and why it is more difficult to defend oneself from year to year. Available from: https://www.orange-business.com/ru/blogs/kakie-bivayut-ddos-ataki-i-pochemu-zaschischatsya-slozhnee-iz-goda-v-god (accessed 01.08.2022). (In Russ.).

8. Tobin D., Bogomolov A., Golosovskiy M. Model of Organization of Software Testing for Cyber-Physical Systems. Studies in Systems, Decision and Control. 2022;418:51–60.

9. Kazarian K.K., Belan V.V. Malicious queries. StudNet. 2022;1(5):58–64. (In Russ.).

10. Bolgov A.O., Kamenskikh A.N. Selection of optimal parameters for machine learning methods for detecting malicious queries to web applications. Mezhdunarodnaya konferentsiya po myagkim vychisleniyam i izmereniyam = International Conference on Soft Computing and Measurement. 2022;1:290–294. (In Russ.).

11. Uspensky E.N., Starikov A.S., Romashkina G.V., Norkina A.N. Adaptive detection of malicious requests in web attacks. Aktual'nyye problemy menedzhmenta, ekonomiki i ekonomicheskoy bezopasnosti. Sbornik materialov Mezhdunarodnoy nauchnoy konferentsii. 2019:308–311. (In Russ.).

12. Feher K. Digital identity and the online-self: footprint strategies – an exploratory and comparative research study. Journal of information science. 2019;47(2):1–5.