Detection of sources of network attacks based on the data sampling

E. S. Sagatov; A. M. Sukhov; V. V. Azmyakov

Geodesic

Parcourir par

Detection of sources of network attacks based on the data sampling

E. S. Sagatov ; A. M. Sukhov ; V. V. Azmyakov

Izvestiya of Saratov University. Mathematics. Mechanics. Informatics, Tome 24 (2024) no. 3, pp. 452-462

Voir la notice de l'article provenant de la source Math-Net.Ru

Résumé

This article defines the rules for finding the threshold values for the main network variables used to detect network intrusions under conditions of limited data sampling. The sFlow technology operates with a limited sample of packets, and one packet out of 50 can be analyzed, but this value can reach 5000. The main conclusion is that the product of the threshold value and sample resolution remains a constant value. The article defines the size of the maximum resolution, at which an attack with a given threshold can be detected. Based on the experimental data, this hypothesis was tested; considering the experimental error, it was verified.

Export
Comment citer

@article{ISU_2024_24_3_a12,
     author = {E. S. Sagatov and A. M. Sukhov and V. V. Azmyakov},
     title = {Detection of sources of network attacks based on the data sampling},
     journal = {Izvestiya of Saratov University. Mathematics. Mechanics. Informatics},
     pages = {452--462},
     publisher = {mathdoc},
     volume = {24},
     number = {3},
     year = {2024},
     language = {en},
     url = {http://geodesic.mathdoc.fr/item/ISU_2024_24_3_a12/}
}

TY  - JOUR
AU  - E. S. Sagatov
AU  - A. M. Sukhov
AU  - V. V. Azmyakov
TI  - Detection of sources of network attacks based on the data sampling
JO  - Izvestiya of Saratov University. Mathematics. Mechanics. Informatics
PY  - 2024
SP  - 452
EP  - 462
VL  - 24
IS  - 3
PB  - mathdoc
UR  - http://geodesic.mathdoc.fr/item/ISU_2024_24_3_a12/
LA  - en
ID  - ISU_2024_24_3_a12
ER  -

%0 Journal Article
%A E. S. Sagatov
%A A. M. Sukhov
%A V. V. Azmyakov
%T Detection of sources of network attacks based on the data sampling
%J Izvestiya of Saratov University. Mathematics. Mechanics. Informatics
%D 2024
%P 452-462
%V 24
%N 3
%I mathdoc
%U http://geodesic.mathdoc.fr/item/ISU_2024_24_3_a12/
%G en
%F ISU_2024_24_3_a12

E. S. Sagatov; A. M. Sukhov; V. V. Azmyakov. Detection of sources of network attacks based on the data sampling. Izvestiya of Saratov University. Mathematics. Mechanics. Informatics, Tome 24 (2024) no. 3, pp. 452-462. http://geodesic.mathdoc.fr/item/ISU_2024_24_3_a12/