The etalons models of linguistic variables for sniffing attacks detection

Authors

  • Игорь Анатольевич Терейковский National Aviation University
  • Анна Александровна Корченко National Aviation University
  • Павел Александрович Викулов National Aviation University
  • Александра Анатольевна Шаховал National Aviation University

DOI:

https://doi.org/10.18372/2410-7840.19.11902

Keywords:

attacks, cyber attacks, anomalies, methods of forming linguistic etalons, intrusion detection systems, anomaly detection systems, attacks detection systems, detection of anomalies in computer networks

Abstract

The intensive development of information systems has led to an increase in destructive software, many of which are aimed at obtaining confidential information, which is directly related to the emergence of attacks like 0-day and non-signature types of cyber attacks. Expanding the impact of cyber attacks directed at various resources of information systems initiates the creation of special counter-measures that can remain effective when new types of threats emerge with undefined or indistinctly defined properties. There are known, quite effective developments used to solve problems of detecting cyber attacks, for example, the method of forming linguistic etalons for intrusion detection systems, in which the mechanism of the process of forming parameter etalons for attack sniffing is not disclosed. For this purpose, a model of linguistic variables has been developed to detect sniffing attacks, which is due to the evaluation of the state of the information system and the process of forming parameter standards: the number of incoming packets in the network, the speed of processing packets on the receiver side, the timing of packets in the channel, will allow to formalize the process of obtaining parameter etalons for given linguistic variables of a particular environment in solving problems of detecting attacks in computer systems. Such models can be used to improve the effectiveness of information security tools aimed at countering sniffing attacks in computer networks.

Author Biographies

Игорь Анатольевич Терейковский, National Aviation University

Doctor of Science in Eng., Associate Professor of Academic Department of IT-Security, National Aviation University

Анна Александровна Корченко, National Aviation University

PhD in Eng., Associate Professor of Academic Department of IT-Security, National Aviation University

Павел Александрович Викулов, National Aviation University

PhD student of Academic Department of IT-Security, National Aviation University

Александра Анатольевна Шаховал, National Aviation University

senior laboratory assistant of Academic Department of IT-Security, National Aviation University

References

А. Корченко Построение систем защиты информации на нечетких множествах. Теория и практические решения. К. : МК-Пресс, 2006, 320 с.

А. Корченко, "Модель эвристических правил на логико-лингвистических связках для обнаружения аномалий в компьютерных системах", Захист інформації, № 4 (57), С. 112-118, 2012.

А. Стасюк, А. Корченко, "Базовая модель параметров для построения систем выявления атак", Захист інформації, № 2 (55), С. 47-51, 2012.

М. Луцкий, А. Корченко, А. Гавриленко, А. Охрименко, "Модели эталонов лингвистических перемен-ных для систем выявления атак", Захист інформації, № 2 (55), С. 71-78, 2012.

А. Стасюк, А. Корченко, "Метод выявления ано-малий порожденных кибератаками в компьютерных сетях", Захист інформації, №4 (57), С. 129-134, 2012.

А. Корченко, "Метод формирования лингвистических эталонов для систем выявления вторжений", Захист інформації, Т. 16, №1, С. 5-12, 2014.

А. Корченко, "Метод фаззификации параметров на лингвистических эталонах для систем выявления кибератак", Безпека інформації, № 1 (20), С. 21-28, 2014.

А. Корченко, "Метод α-уровневой номинализации нечетких чисел для систем обнаружения вторжений", Захист інформації, Т. 16, №4, С. 292-304, 2014.

А. Корченко, "Метод определения идентифицирующих термов для систем обнаружения вторжений", Безпека інформації, Т. 20, №3, С. 217-223, 2014.

А. Корченко, "Система выявления аномального состояния в компьютерных сетях", Безпека інформації, № 2 (18), С. 80-84, 2012.

А. Корченко, "Система формирования нечетких эталонов сетевых параметров", Захист інформації, Т. 15, №3, С. 240-246, 2013.

А. Корченко, "Система формирования эвристических правил для оценивания сетевой активности", Захист інформації, Т. 15, №4, С. 353-359, 2013.

А. Корченко, "Кортежная модель формирования набора базовых компонент для выявления кибератак", Правове, нормативне та метрологічне забезпечення системи захисту інформації в Україні, №.2 (28), С. 29-36, 2014.

A. Korchenko, K. Warwas, A. Kłos-Witkowska, "The Tupel Model of Basic Components' Set Formation for Cyberattacks", Proceedings of the 2015 IEEE 8th International Conference on «Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications» (IDAACS’2015), Vol. 1., pp. 478-483, 2015.

Н. Карпинский, А. Корченко, С. Ахметова, "Метод формирования базовых детекционных правил для систем обнаружения вторжений", Захист ін-формації, Т. 17, №4, С. 312-324, 2015.

A. Korchenko, K. Warwas, A. Kłos-Witkowska, "The Tupel Model of Basic Components' Set Formation for Cyberattacks", Proceedings of the 2015 IEEE 8th Interna-tional Conference on «Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications» (IDAACS’2015), Vol. 1., pp. 478-483, 2015.

А. Корченко, В. Щербина, Н. Вишневская, "Методология построения систем выявления аномалий порожденных кибератаками", Захист інформації, Т. 18, №1, С. 30-38, 2016.

B. Akhemetov, A. Korchenko, S. Akhmetova, N. Zhumangalieva, "Improved method for the for-mation of linguistic standards for of intrusion detection systems", Journal of Theoretical and Applied Information Technology, Vol. 87, №.2, pp. 221-232, 2016.

А. Корченко, Н. Жумангалиева, П. Викулов, "Построение лингвистических эталонов для выявления сниффинг атак", Актуальні питання забезпечення кібербезпеки та захисту інформації : III міжнар. наук.-практ. конф. : Тези доп., С. 93-97.

M. Karpinski, A. Korchenko, P. Vikulov, R. Kochan, "The Etalon Models of Linguistic Variables for Sniffing-Attack Detection", Proceedings of the 2017 IEEE 9th International Conference on «Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications» (IDAACS’2017), Vol. 1, pp. 258-264.

B. Akhmetov, A. Korchenko, S. Akhmetova, N. Zhumangalieva, "Improved method for the formation of linguistic standards for of intrusion detection systems", Journal of Theoretical and Applied Information Technology, vol. 87, no. 2, pp. 221-232, 2016.

Downloads

Published

2017-09-27

Issue

Vol. 19 No. 3 (2017)

Section

Articles

License

Authors who publish with this journal agree to the following terms:

  1. Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.

  2. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.

  3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).