EVALUATION OF NETWORK TRAFFIC ANOMALIES BASED ON CYCLIC ANALYSIS
Natalya V. Kireeva, Povolzhskiy State University of Telecommunications and Informatics, Samara, Russia, email@example.com
Olga A. Karaulova, State University of Telecommunications and Informatics, Samara, Russia,
The article presents the General concepts of network traffic anomalies, as well as the reasons for the inability to detect malware intrusion into modern network systems, in particular systems that are based on the definition of attacks and signature method of data analysis. Detailed classification of anomalies for the reasons of their occurrence is given. The main methods of network traffic anomalies detection in computer networks are presented in detail, the principle of operation, as well as advantages and disadvantages of each of them are described. Of the presented methods, the most effective and optimal method of prediction of anomalies is the method using statistical analysis, the evaluation of anomalies of network traffic on the basis of cyclic analysis. The article deals with the widespread today means to detect anomalies, namely the means of detecting attacks (SOA). The object of the study are anomalies of network traffic. The subject of the study was the evaluation of anomalies of network traffic through cyclic analysis. The purpose of the article is to estimate anomalies of network traffic on the basis of cyclic analysis. The scope of information and communication technology.
The traffic management methodology for calculating anomalies is as follows:
– retrieving information about network packets;
– forecast construction; finding and evaluating anomalies; respond to the anomaly; filling and editing of the rules database.
The methodology of the cyclic analysis consists of the following stages: data selection; data smoothing; search for possible cycles; removal of trend components in the traffic; inspection cycles from the point of view of statistical significance; combination and projection of cycles in the future.
Thus, the proposed algorithm of traffic forecasting based on cyclic time series analysis allows determining the network load based on the periodicity search in network traffic. It should be noted that anomaly prediction is an important component of network traffic estimation and allows to quickly and efficiently solve problems of network traffic congestion management.
Keywords: network traffic, anomaly, cyclic analysis, computer network, information security.
1. Emel’yanov V.N., Emel’yanova M.M., Zinov’eva E.L., Shamonov M.U. (2016). Analiz metodov obnaruzheniya anomaliy setevogo trafika. V sbornike: Priborostroenie v XXI veke — 2015. Integraciya nauki, obrazovaniya I proizvodstva. Sbornik materialov Xi Mezdunarodnoy naucho-technicheskoy konferencii, pp. 420-425.
2. Belyaev A., Petrenko S. Sistemy obnaruzheniya anomaliy: novye idei v zashite informacii [Online] // Cit Forum. URL: http://citforum.ru/security/articles/anomalis/ (Accessed: 14.03.2018).
3. Mikova, S.U., Olad’ko, V.S. (2016). Model’ sistemy obnaruzheniya anomaliy setevogo trafika. Informacionnye sistemy I technologii. No.5 (97), ðp. 115-121.
4. Azhmuchamedov I.M., Mar’enkov A.N. (2012). Poisk i ozenka anomaliy setevogo trafica na osnove ziklicheskogo analiza. Inzenerniy vestnik Dona. Vol. 20. No.2, pp. 17-26.
5. Mar’enkov A.N. (2012). Upravlenie trafikom vwchislitel’noy seti na osnove identifikacii anomaliy: avtoreferat dis. Kandidata technitheskich nauk: 05.13.01 / Mar’enkov Alexandr Nikolaevith, [Mesto zachitw:Astrach. gos. tech. un-t]. Astrachan’. P. 16.
6. Mikova S.U. (2016). Razrabotka algoritma obnaruzhenya setevych anomaly. Materiaky nauchnoy sessii. Sbornik materialov. Volgogradskii gosudarstvennwi universitet, pp. 113-116.
Information about authors:
Natalya V. Kireeva, Povolzhskiy State University of Telecommunications and Informatics, Assistant professor, Samara, Russia
Olga A. Karaulova, State University of Telecommunications and Informatics, postgraduate, Samara, Russia