DETECTION OF UNAUTHORISED ACTIONS AND ATTACKS IN NETWORKS OF THE METHOD OF WAVELET ANALYSIS
DOI:
https://doi.org/10.32782/mathematical-modelling/2022-5-1-1Keywords:
wavelet basis, wavelet analysis, wavelet filter, de-noise suppression, network traffic, sinusoid, network anomalyAbstract
Behavioural methods based on the models of "normal" functioning of an information network. The principle of work is in identifying differences between the current state of the information system functioning and the one that is thought to be examplary for this network. Any discrepancy is seen as an intrusion or anomaly. Perspective method for detecting unauthorised invasions must have high accuracy of detection known and unknown types of cyberattacks, perfectly own accuracy of decision-making, that is low number of false positives. The detecting cyberattacks method based on wavelet analysis (WA) proved itself well in struggling against non stationary signals. The wavelet transform (WT) has a self-adjusting moving frequency-time window, but equally well reveals both low-frequency (LF) and high-frequency (HF) characteristics of the signal on different time scales. Wavelet filters allow not only to fight against noise, but also to extract the necessary components of the signal. Today’s society cannot do without information technology. IT plays a major role in and is an integral part of every sphere of our life. Current development of the information society is inextricably linked with collecting, processing and passing huge amounts of data, and converting data into a product that has significant value. This is the main reason behind the global shift from the industrial society to the information society. The invention of the Internet has led to a significant increase in international communication in various spheres of human life. On the other hand, along with a large number of benefits, there has been a significant number of threats related to the current technology. There are currently multiple threats now on both national and international level. Therefore, different mechanisms for protecting cyberspace are now part of many countries’ national strategy Network anomalies are so varied that they cannot be categorized using one simple classification. The number of attacks, their power and complexity are increasing. Malicious users are looking for radically new ways of network intrusion and the existing methods of cyber protection often turn out to be inefficient. [1].
References
'Горобець В.І., Дубровін В. І., Твердохліб Ю.В. Поведінкові методи виявлення несанкціонованих дій та атак в мережах методом вейвлет-аналізу. Комбінаторні конфігурації та їхні застосування: Матеріали XXIII Міжнародного науково-практичного семінару імені А.Я. Петренюка, присвяченого 70-річчю Льотної академії Національного авіаційного університету (Запоріжжя–Кропивницький, 13-15 травня 2021 року) / за ред. Г.П. Донця – Кропивницький: ПП «Ексклюзив-Систем», 2021. 208 с.
Tverdohleb J.V., Dubrovin V.I. Processing of ECG signals based on wavelet transformation. International journal of advanced science and technology, 2011. Vol. 30. p. 73 – 81.
Олифер В. Г., Олифер Н. А. Компьютерные сети. Принципы, технологии, протоколы: Учебник для вузов. 5-е изд. СПб.: Питер, 2016. 992 c.: ил. (Серия «Учебник для вузов»).
Види мережевих атак. Способи їх виявлення. – URL: http://holodoks.blogspot.com/2017/12/blog-post.html. (дата звернення 01.12.2022).
Куроуз Джеймс, Кит Росс. Компьютерные сети : Нисходящий подход : 6-е изд. М.: Издательство «Э», 2016. 912 c.
Астафьева Н. М. Вейвлет-анализ: основы теории и примеры. Успехи физических наук. М.: Наука, 1996. Том 166, №11. С. 1145-1170.
Смоленцев Н. К. Введение в теорию вейвлетов. Ижевск: РХД, 2010. 292 с.
Вейвлет. Википедия. Свободная энциклопедия. – URL: https://ru.wikipedia.org/wiki/Вейвлет (дата обращения 02.12.2022).
Дьяконов В. П. Вейвлеты. От теории к практике. М.: СОЛОН-Пресс, 2004. 440 с.
Браницкий А. А., Котенко И. В. Анализ и классификация методов обнаружения сетевых атак. Труды СПИИРАН. 2016. № 45. С. 207-244.
Вейвлет – преобразование. URL: http://gwyddion.net/documentation/user-guide-ru/wavelettransform.html (дата обращения: 02.12.2022).
Критерии оценки качества алгоритмов обнаружения сетевых аномалий. URL: http://research-journal.org/technical/kriterii-ocenki- kachestva-algoritmov-obnaruzheniya-setevyxanomalij.html (дата обращения: 03.12.2022).
Debar H., Dacier M., Wespi A. Towards a taxonomy of intrusion-detection systems. Computer Networks. 1999. Vol. 31. Issue 8. pp. 805–822.
Barford P., Kline J., Plonka D., Ron A. A signal analysis of network traffic anomalies. Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurement. 2002. pp. 71–82.
