Method of Early Detection of Cyber-Attacks on Telecommunication Networks Based on Traffic Analysis by Extreme Filtering
1
Emperor Alexander I Saint-Petersburg State Transport University, 9 Moskovsky pr., 190031 St. Petersburg, Russia
2
Saint-Petersburg Institute for Informatics and Automation of Russian Academy of Sciences (SPIIRAS), 39, 14 Liniya, 199178 St. Petersburg, Russia
*
Author to whom correspondence should be addressed.
Energies 2019, 12(24), 4768; https://doi.org/10.3390/en12244768
Received: 1 November 2019
/
Revised: 28 November 2019
/
Accepted: 12 December 2019
/
Published: 13 December 2019
(This article belongs to the Special Issue Advanced Methods for Decision Making and Planning in Telecommunication Systems)
The paper suggests a method of early detection of cyber-attacks by using DDoS attacks as an example) using the method of extreme filtering in a mode close real time. The process of decomposition of the total signal (additive superposition of attacking and legitimate effects) and its decomposition using the method of extreme filtering is simulated. A profile model of a stochastic network is proposed. This allows to specify the influence of the intruder on the network using probabilistic-time characteristics. Experimental evaluation of metrics characterizing the cyber-attack is given. It is demonstrated how obtained values of metrics confirm the process of attack preparation, for instance the large-scaled telecommunication network, which includes the proposed method for early detection of attacks, has a recovery time of no more than 9 s, and the parameters of quality of service remain in an acceptable range.
View Full-Text
Keywords:
DDoS; detection of cyber-attacks; extreme filtering; signal decomposition; stochastic network conversion method
▼
Show Figures
Figure 1
This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited
MDPI and ACS Style
Privalov, A.; Lukicheva, V.; Kotenko, I.; Saenko, I. Method of Early Detection of Cyber-Attacks on Telecommunication Networks Based on Traffic Analysis by Extreme Filtering. Energies 2019, 12, 4768. https://doi.org/10.3390/en12244768
AMA Style
Privalov A, Lukicheva V, Kotenko I, Saenko I. Method of Early Detection of Cyber-Attacks on Telecommunication Networks Based on Traffic Analysis by Extreme Filtering. Energies. 2019; 12(24):4768. https://doi.org/10.3390/en12244768
Chicago/Turabian StylePrivalov, Andrey, Vera Lukicheva, Igor Kotenko, and Igor Saenko. 2019. "Method of Early Detection of Cyber-Attacks on Telecommunication Networks Based on Traffic Analysis by Extreme Filtering" Energies 12, no. 24: 4768. https://doi.org/10.3390/en12244768
Find Other Styles
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.
