Vera Lukicheva scite author profile

Vera Lukicheva

4Publications

7Citation Statements Received

45Citation Statements Given

How they've been cited

How they cite others

Affiliations

Petersburg State Transport University

Publications

Order By: Most citations

Method of Early Detection of Cyber-Attacks on Telecommunication Networks Based on Traffic Analysis by Extreme Filtering

et al. 2019

View full text Add to dashboard Cite

The paper suggests a method of early detection of cyber-attacks by using DDoS attacks as an example) using the method of extreme filtering in a mode close real time. The process of decomposition of the total signal (additive superposition of attacking and legitimate effects) and its decomposition using the method of extreme filtering is simulated. A profile model of a stochastic network is proposed. This allows to specify the influence of the intruder on the network using probabilistic-time characteristics. Experimental evaluation of metrics characterizing the cyber-attack is given. It is demonstrated how obtained values of metrics confirm the process of attack preparation, for instance the large-scaled telecommunication network, which includes the proposed method for early detection of attacks, has a recovery time of no more than 9 s, and the parameters of quality of service remain in an acceptable range.Keywords: DDoS; detection of cyber-attacks; extreme filtering; signal decomposition; stochastic network conversion method IntroductionFor the period from 2019 to 2024, one of the national projects in Russia was the "Digital Economy" project, the main tasks of which were to ensure information security in the transmission, processing, and storage of data [1]. This task was fully valid for modern power supply systems and grids, especially in modern conditions, where smart electronic devices and software-defined networks are embedded in energy power infrastructures [2,3].This fact confirms the relevance of information security and the need for diverse solutions in this area. References [4][5][6][7][8][9][10][11][12][13][14][15] describe the most common types of attacks, especially DDOS attacks. According to the Kaspersky Lab, in 2019 the total number of attacks and the number of smart attacks (i.e., attacks which require more thorough preparation and are directed on the most vulnerable network element) were increased. Moreover, despite a decrease in the average duration of DDOS attacks, the duration of smart attacks increased. The longest attacks that were employed lasted 509 h. The dynamics of the distribution of the total duration of attacks during the year had not changed much: those attacks that lasted no more than 4 hours dominate. At the same time, the cost of DDOS attacks was reduced due to their simple implementation [16]. However, if we take into account the fact that each year the implementation time of the longest attacks significantly increases (329 h in 2018 and 509 in 2019), the ever-increasing influence of these attacks on various organizations becomes obvious. Thus, the negative effect of attacks increases. Therefore, the issue of timely detection of such actions

show abstract

Increasing the Sensitivity of the Method of Early Detection of Cyber-Attacks in Telecommunication Networks Based on Traffic Analysis by Extreme Filtering

et al. 2020

View full text Add to dashboard Cite

The paper proposes a method for improving the accuracy of early detection of cyber attacks with a small impact, in which the mathematical expectation is a fraction of the total, and the pulse repetition period is quite long. Early detection of attacks against telecommunication networks is based on traffic analysis using extreme filtering. The algorithm of fuzzy logic for deciding on the results of extreme filtering is suggested. The results of an experimental evaluation of the proposed method are presented. They demonstrate that the method is sensitive even with minor effects. In order to eliminate the redundancy of the analyzed parameters, it is enough to use the standard deviation and the correlation interval for decision making.

show abstract

Method for assessing the operating quality of a switching node in a technological transmission network data in the context of DDoS attacks by an intruder

Privalov

Lukicheva

Tsvetkov

et al. 2021

J. Phys.: Conf. Ser.

View full text Add to dashboard Cite

The purpose of this study is to develop a mechanism to account for the effects of a distributed denial of service attack on a switching node, as well as to assess the quality of its functioning under destructive effects. Relevance stems from the possibility of disruption of regional economic complex management due to the impact on the elements of the technological network of data transmission attacker type “distributed denial of service”. Based on the mathematical apparatus of GERT-networks the authors propose an approach to assess the quality of switching nodes. The essence lies in the representation of the data flow service node switching network data transmission under attack by an intruder in the form of a stochastic network, setting the type of partial distributions, the definition of the equivalent function, followed by determining the distribution function delay time packets. The model proposed by the authors allows to evaluate the quality of switching nodes operation under the conditions of “distributed denial of service” intruder attacks, both when transmitting stationary Poisson and self-similar traffic, represented by the Weibull and Pareto flow models. The results obtained are in good agreement with the data given in previously published works. The model allows to analyze and develop directions to improve the quality of functioning of switching nodes of technological network of data transmission under conditions of destructive information impact of the intruder.

show abstract

A model of the process of package delivering over a data transmission channel in the context of computer attacks by an intruder

Lukicheva¹,

Privalov²,

Titov³

2021

Proceedings PTU

View full text Add to dashboard Cite

Objective: To analyze the impact of computer attacks on the performance quality of data transmission channels and channeling systems. It is also necessary to take into account the capabilities of an intruder to introduce malware into channeling systems when committing a computer attack. Methods: To determine the required design ratios, several options for setting various distribution functions characterizing the parameters used as input data and types of inbound streams have been considered, taking into account the parameters of the intruder’s computer attack model set by the values of the probability of successful attack. Mathematical modeling is carried out using the method of topological transformation of stochastic networks. The exponential, momentum and gamma distributions are considered as distribution functions of random variables. The solutions are presented for inbound streams corresponding to the Poisson, Weibull, and Pareto models. Results: The proposed approach makes it possible to assess the performance quality of data transmission channels in the context of computer attacks. These assessments make it possible to analyze the state and develop guidelines for improving the performance quality of communication channels against the destructive information impact of the intruder. Various variants of the functions of random variables distribution and various types of the inbound stream were used for modeling, making it possible to compare them, as well as to assess the possibility of using them in channels that provide users with different services. Practical importance: The modeling results can be used to build communication management decision support systems, as well as to detect attempts of unauthorized access to the telecommunications resource of transportation management systems. The proposed approach can be applied in the development of threat models to describe the capabilities of the intruder (the ‘Intruder Model’).

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Vera Lukicheva

Method of Early Detection of Cyber-Attacks on Telecommunication Networks Based on Traffic Analysis by Extreme Filtering

Increasing the Sensitivity of the Method of Early Detection of Cyber-Attacks in Telecommunication Networks Based on Traffic Analysis by Extreme Filtering

Method for assessing the operating quality of a switching node in a technological transmission network data in the context of DDoS attacks by an intruder

A model of the process of package delivering over a data transmission channel in the context of computer attacks by an intruder

Contact Info

Product

Resources

About