The paper considers estimations of the incoming network traffic spectrum characteristics sensitivity to computer attacks. The spectrum is built by means of singular spectrum analysis and "the caterpillar" for various attacks and traffic functions. The discovered spectrum change at the moment of the beginning of an attack and during its running can be useful for intrusion detection systems development.
Abstract. This paper considers the problem of a choice of algorithms and data structures to achieve the effective processing of events generated by intrusion detection systems. The proposed approach is based on balanced binary trees and speeds up the operations of adding and searching records in the structure. The paper provides the theoretical and experimental confirmation of the efficiency of the developed approach.
компьютерных атак методом сингулярного спектрального разложения сетевого трафика. Аннотация. Рассматривается метод анализа сингулярного спектра («гусеница») применительно к метрикам, базирующимся на значениях сетевого трафика и загрузки системы, с целью определения влияния DDoS-атак на главные компоненты временных рядов этих метрик. Выявленное поведение главных компонент в момент начала атаки и при её продолжении может использоваться при разработке средств обнаружения вторжений. Ключевые слова: информационная безопасность, Distributed Denial of Service (DDoS), сетевой трафик, временные ряды, сингулярное спектральное разложение, HTTP-flood, главные компоненты.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.