HIGH TECH IN EARTH SPACE RESEARCH

Adaptive method of detecting traffic anomalies in high-speed multiservice communication networks

Ageev S.A., Gldkikh A.A., Kurnosov V.I., Privalov A.A.

In the word we present and research an adaptive heuristic (behavioral) method of detecting traffic anomalies in high-speed multi-service communication networks, functioning in real time. The actual of this study due to the fact that many processes of information and network security management, as well as processes of risk management of their threats realization in high-speed multi-service communication networks need to be implemented in close to real time.

The approach proposed in the work is based on the concept of conditional nonlinear Pareto - optimal filtration by V. S. Pugachev. The main idea of this approach is that the traffic parameter is estimated in two stages, at the first stage the forecast of parameter values is estimated, and at the second stage the following observations of parameters are obtained, their values are corrected. In the proposed method and algorithm, traffic parameter values are predicted in a small sliding window, and adaptation is implemented on the basis of pseudogradient procedures, parameters of which are adjusted by means of the Takagi-Sugeno fuzzy logical inference method. A feature of the developed procedures for estimating characteristics high-speed traffic of multi-service communication networks is that they allow to take into account dynamics change parameters of network traffic. The proposed method and algorithm belong to a class of adaptive methods and algorithms with pre-learning. Average relative error of estimated traffic parameters estimation does not exceed 10%, which is sufficient value for implementation of operational network control tasks.

The procedure of detecting abnormal traffic behavior of the high-speed multi-service communication network in operation is implemented on the basis of the Mamdani fuzzy logic inference method, in which intervals of traffic parameters state are determined on the basis of the adopted security policy in the network. The study of the proposed method of detecting abnormal behavior of network traffic showed its high efficiency.

Editorial board

Bobrowsky V.I.
(Ph.D., Associate Professor, Head of Department of "INTELTEH")

Borisov V.V.
(Ph.D., Professor, Actual Member of the Academy of Military Sciences, Professor, Department of Computer Science of MPEI)

Budko P.A.
(Ph.D., Professor, Department of Technical communication and automation in S.M. Budjonny Military Academy of the Signal Corps)

Budnikov S.A.
(Ph.D., associate professor, Actual Member of the Academy of Education Informatization, Head of the automated control systems Department in Russian Air Force Military Educational and Scientific Center “Air Force Academy named after Professor N.E. Zhukovsky and Y.A. Gagarin”)

Verhova G.V.
(Ph.D., Professor, Head of Department of Automation communication companies In the Bonch-Bruevich Saint Petersburg State University of Telecommunications)

Goncharevsky V.S.
(Ph.D., Professor, Honored Worker of Science and Technology of the Russian Federation, Professor of technologies and technical support and maintenance of the automated control systems in Military Space Academy of A.F. Mozhaysky)

Komashinskiy V.I.
(Ph.D., Professor, professor of processing and transmission discrete messages in the Bonch-Bruevich Saint Petersburg State University of Telecommunications)

Kirpanev A.V.
(Ph.D., Associate Professor, Head of JSC "Scientific Production Enterprise "Radar MMS")

Kurnosov V.I.
(Ph.D., Professor, Academician of Academy of Sciences of the Arctic, Academician of the International Academy of Informatization, International Academy of defense, security, law and order, corresponding member of the Academy of Natural Sciences, Senior Researcher" Open Joint Stock Company "Scientific Research Institute "Rubin")

Manuilov Y.S.
(Ph.D., Professor, Department of automated control systems space complexes in Military Space Academy of A.F. Mozhaysky)

Morozov A.V.
(Ph.D., Professor, Actual Member of the Academy of Military Sciences, Head of the Department of automated command and control systems in Military Аcademy of troops of antiaircraft defense)

Moshak N.N.
(Ph.D., Associate Professor, head of the department of "INTELTEH")

Prorok V.Y.
(Ph.D., Professor, professor of automatic control systems in Military Space Academy of A.F. Mozhaysky)

Semenov S.S.
(Ph.D., associate professor, professor of technical communication and automation in S.M. Budjonny Military Academy of the Signal Corps)

Sinicyn E.A.
(Ph.D., Professor, Head of the Research Department of JSC "The All-Russian research institute of radio equipment")

Shatrakov Y.G.
(Ph.D., Professor, Honored Worker of Science, Scientific Secretary of JSC "The All-Russian research institute of radio equipment")