Modeling the Impact of Cyber Attacks

Kotenko, Igor; Saenko, Igor; Lauta, Oleg

doi:10.1007/978-3-319-77492-3_7

Cited by 14 publications

(7 citation statements)

References 15 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…To set the attack function of the intruder, consider the process of preparation of DDOS-attack from the point of view of the stochastic network conversion method [22]. Let us present this process as a sequence of events, each characterized by a distribution function, average time, and variance.…”

Section: Methods Of Early Detection Of Cyber-attacksmentioning

confidence: 99%

See 1 more Smart Citation

Method of Early Detection of Cyber-Attacks on Telecommunication Networks Based on Traffic Analysis by Extreme Filtering

et al. 2019

Self Cite

View full text Add to dashboard Cite

The paper suggests a method of early detection of cyber-attacks by using DDoS attacks as an example) using the method of extreme filtering in a mode close real time. The process of decomposition of the total signal (additive superposition of attacking and legitimate effects) and its decomposition using the method of extreme filtering is simulated. A profile model of a stochastic network is proposed. This allows to specify the influence of the intruder on the network using probabilistic-time characteristics. Experimental evaluation of metrics characterizing the cyber-attack is given. It is demonstrated how obtained values of metrics confirm the process of attack preparation, for instance the large-scaled telecommunication network, which includes the proposed method for early detection of attacks, has a recovery time of no more than 9 s, and the parameters of quality of service remain in an acceptable range.Keywords: DDoS; detection of cyber-attacks; extreme filtering; signal decomposition; stochastic network conversion method IntroductionFor the period from 2019 to 2024, one of the national projects in Russia was the "Digital Economy" project, the main tasks of which were to ensure information security in the transmission, processing, and storage of data [1]. This task was fully valid for modern power supply systems and grids, especially in modern conditions, where smart electronic devices and software-defined networks are embedded in energy power infrastructures [2,3].This fact confirms the relevance of information security and the need for diverse solutions in this area. References [4][5][6][7][8][9][10][11][12][13][14][15] describe the most common types of attacks, especially DDOS attacks. According to the Kaspersky Lab, in 2019 the total number of attacks and the number of smart attacks (i.e., attacks which require more thorough preparation and are directed on the most vulnerable network element) were increased. Moreover, despite a decrease in the average duration of DDOS attacks, the duration of smart attacks increased. The longest attacks that were employed lasted 509 h. The dynamics of the distribution of the total duration of attacks during the year had not changed much: those attacks that lasted no more than 4 hours dominate. At the same time, the cost of DDOS attacks was reduced due to their simple implementation [16]. However, if we take into account the fact that each year the implementation time of the longest attacks significantly increases (329 h in 2018 and 509 in 2019), the ever-increasing influence of these attacks on various organizations becomes obvious. Thus, the negative effect of attacks increases. Therefore, the issue of timely detection of such actions

show abstract

Section: Methods Of Early Detection Of Cyber-attacksmentioning

confidence: 99%

“…To implement DDOS attacks, the intruder must fulfill training, which consists of carrying out a group of the following cyber-attacks [22]:…”

mentioning

confidence: 99%

Method of Early Detection of Cyber-Attacks on Telecommunication Networks Based on Traffic Analysis by Extreme Filtering

et al. 2019

Self Cite

View full text Add to dashboard Cite

show abstract

“…In this data transmission network, data transmission routes are organized for information exchange in accordance with the required quality of user service (Figure 2). nisms of telecommunication networks, in [7,8,23] it is proposed to use a complex of GERT models that allows one to estimate the average time and dispersion of the metadata file transmission time, organization and delivery time of control transfer commands to a software client of the telecommunication network. The main restriction of the solutions obtained in [7,8] is the limitation on the type of traffic transmitted in the network and the usage of individual exponential distributions characterizing the realization time of individual processes, namely, the transmission of an information packet and the formation and delivery of control transmission commands.…”

Section: Problem Statementmentioning

confidence: 99%

“…The availability of network elements for the implementation of a cyberattack by a malefactor is characterized by the probability P i that is determined using the known model of the cybercriminal intelligence system [8,24,25]. If the malefactor's actions are successful, then in a random time t di with the distribution function ∆ i (t), i = 1, n, the network administrator detects the impact and realizes measures to restore the functioning of the damaged network element because of the cyberattack, and the data packet received for transmission is transmitted again.…”

Section: Problem Statementmentioning

confidence: 99%

“…The method proposed by the authors allows one to remove restrictions on the type of distributions which are used as original ones, and this method is free from the assumptions, indicated in [7,8], about the exponential distribution of the duration of packet waiting and service (transmission) in modern technological data transmission networks.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Evaluating the Functioning Quality of Data Transmission Networks in the Context of Cyberattacks

et al. 2021

Self Cite

View full text Add to dashboard Cite

Cyberattacks against the elements of technological data transmission networks represent a rather significant threat of disrupting the management of regional electric power complexes. Therefore, evaluating the functioning quality of data transmission networks in the context of cyberattacks is an important task that helps to make the right decisions on the telecommunication support of electric power systems. The known models and methods for solving this problem have limited application areas determined by the admissible packet distribution laws. The paper proposes a new method for evaluating the quality of the functioning of data transmission networks, based on modeling the process of functioning of data transmission networks in the form of a stochastic network. The proposed method removes restrictions on the form of the initial distributions and makes the assumptions about the exponential distribution of the expected time and packet servicing in modern technological data transmission networks unnecessary. The method gives the possibility to evaluate the quality of the network functioning in the context of cyberattacks for stationary Poisson transmission and self-similar traffic, represented by Pareto and Weibul flows models. The obtained evaluation results are in good agreement with the data represented in previously published papers.

show abstract

Efficient Deep Learning Method for Detection of Malware Attacks in Internet of Things Networks

Haouas,

Attia,

Hamel

et al. 2024

Communications in Computer and Information Science

View full text Add to dashboard Cite

Modeling the Impact of Cyber Attacks

Cited by 14 publications

References 15 publications

Method of Early Detection of Cyber-Attacks on Telecommunication Networks Based on Traffic Analysis by Extreme Filtering

Method of Early Detection of Cyber-Attacks on Telecommunication Networks Based on Traffic Analysis by Extreme Filtering

Evaluating the Functioning Quality of Data Transmission Networks in the Context of Cyberattacks

Efficient Deep Learning Method for Detection of Malware Attacks in Internet of Things Networks

Contact Info

Product

Resources

About