ANALYSIS OF TIME SERIAL FLOWS OF NETWORK TRAFFIC DATA BASED ON A WAVELET TRANSFORM
DOI:
https://doi.org/10.32782/2618-0340/2020.1-3.17Keywords:
wavelet-transform, de–noise suppressor, network traffic, network attack, wavelet Haar, Mallat algorithmAbstract
Currently, approaches based on the analysis of their output signals are widely used to study the properties in network systems and their processes. Therefore, the analysis of systems and processes, especially in experimental studies, is often implemented through the processing of recorded signals. In almost every subject area there are phenomena that need to be studied in their dynamics, and the set of registered signals of this kind for a certain period of time and there are time sequences of data flows. For the analysis of time sequences, which are stationary or non-stationary random processes, traditional methods of statistical analysis of random variables and functions are used. The most common of these are correlation and spectral analysis, data smoothing and filtering, autoregression models and prediction. Along with traditional methods, wavelet transform methods based on wavelet transform have become widespread in recent years. The peculiarity of this technology is that it allows you to reveal the features of the local structure of a complex signal and detect its various properties, invisible in real time. In the wavelet transform area, additional information is selected by presenting to the frequency-time image a signal that is not available in its original form. At present, the requirements for better detection of internal patterns in the behavior of time sequences and the forecast of periods of stability of the studied processes are increasing. Therefore, there is a need to develop new and modify existing algorithms for analyzing time sequences in network systems. In this work, we investigate the use of wavelet transform to detect intrusions into computer networks. The analysis of the last researches on the given problem where the already existing algorithms and methods of detection of attacks by means of wavelet transform are considered is offered. An important point in this paper is the substantiation of the application of the wavelet function and the wavelet transform algorithm for the analysis of time sequential data flows of network traffic. Using the wavelet function, it is proposed to eliminate noise from network traffic and using packet wavelet conversion to analyze network traffic and obtain information about possible attacks. The use of the wavelet function is important, because the choice of the optimal wavelet basis will increase the probability of detection both at the initial stage and during the reconstruction of the signal.
References
Бєрковський В. В., Безсонов О. С. Аналіз та класифікація методів виявленнявторгнень в інформаційну систему. Кібернетична безпека. 2017. №2. C. 57–62.
Шелухин О. И., Сакалема Д. Ж., Филинова А. С. Обнаружение вторжений вкомпьютерные сети (сетевые аномалии). Москва: Горячая линия – Телеком, 2016.221 с.
Соловьев Н. А. , Тишина Н. А., Дворовой И. Г.Обнаружение вторжений на основевейвлет–анализа сетевого трафика. Вестник УГАТУ. 2010. Т. 14. №5(40).С. 188–194.
Tverdohleb J., Dubrovin V., Zakharova M. Wavelet technologies of non–stationarysignals analysis. 1–th IEEE International Conference on Data Stream Mining &Processing. (Ukraine, Lviv, 23-27 August, 2016). Lviv: LPNU, 2016. Р. 75–79.
Твердохліб Ю. В. Методи та інформаційна технологія комплексного оцінюванняпараметрів вейвлет-перетворення нестаціонарних сигналів : автореф. дис. ... канд.тех. наук: 05.13.06. Харків. нац. екон. ун–т ім. Семена Кузнеця. Харків, 2018. 20 с.
SUN Donghong, SHU Zhibiao, LIU Wu, REN Ping, WU Jian–ping. Analysis ofNetwork Security Data Using Wavelet Transforms. Journal of Algorithms &Computational Technology. 2003. Vol. 8. №1. Р. 59–79.
Браницкий А. А., Котенко И. В. Анализ и классификация методов обнаружениясетевых атак. Труды СПИИРАН. 2016. №45. C. 211–213.
