Application of statistical methods for predicting udp-flood attacks
Aim. Web resources are an integral part of modern human life. Today, these resources are increasingly exposed to hacker attacks, such as the introduction of SQL operators, crosssite scripting, etc. DDoS attacks continue to be included in the top 10 network attacks that lead to serious failures of we...
Main Authors: | , , |
---|---|
Format: | Article |
Language: | Russian |
Published: |
Daghestan State Technical University
2020-08-01
|
Series: | Vestnik Dagestanskogo Gosudarstvennogo Tehničeskogo Universiteta: Tehničeskie Nauki |
Subjects: | |
Online Access: | https://vestnik.dgtu.ru/jour/article/view/813 |
id |
doaj-6f9ab31c4f0b48d8a7fd921058125b88 |
---|---|
record_format |
Article |
spelling |
doaj-6f9ab31c4f0b48d8a7fd921058125b882021-07-28T20:54:37ZrusDaghestan State Technical UniversityVestnik Dagestanskogo Gosudarstvennogo Tehničeskogo Universiteta: Tehničeskie Nauki 2073-61852542-095X2020-08-0147210812210.21822/2073-6185-2020-47-2-108-122584Application of statistical methods for predicting udp-flood attacksM. V. Tumbinskaya0V. V. Volkov1B. G. Zagidullin2Kazan National Research Technical University named after A.N. TupolevKazan National Research Technical University named after A.N. TupolevKazan National Research Technical University named after A.N. TupolevAim. Web resources are an integral part of modern human life. Today, these resources are increasingly exposed to hacker attacks, such as the introduction of SQL operators, crosssite scripting, etc. DDoS attacks continue to be included in the top 10 network attacks that lead to serious failures of web resources. The most common type of DDoS attack is UDP-flood attacks based on the endless sending of UDP packets to the ports of various UDP services. Our empirical study was based on the following factors: the lack of effective means of protection against DDoS attacks, the specificity of UDP-flood attacks, and the lack of prediction models that adequately describe the process under study. The aim of this study was to increase the level of security of web resources by means of timely detection of anomalies in their work, detection of information security threats based on analysis and forecasting methods. The research object was UDP-flood attacks. Methods. Correlation analysis and modelling methods were used to calculate the seasonal index of UDP-flood attacks and the autocorrelation of the time series of this type of attack. The forecast of UDP-flood attacks was built based on simple exponential smoothing and neural network forecasting models. Results. A classification of DDoS attacks was proposed, along with possible protection approaches. Using a correlation analysis, the forecast values of the impact of UDP-flood attacks against web resources were calculated, and the seasonal factor was identified. The analysis of the forecast results showed that the spread of forecast values was not significant; the largest number of attacks is expected in the fourth quarter of 2020. For DDoS attacks lasting up to 20 minutes, seasonality was also detected in the first quarter of the calendar year, which means that the largest number of attacks of this duration should be expected in the first quarter of 2020. Conclusion. In order to improve the level of protection against DDoS attacks, further research should be aimed at developing methods for combating UDP-flood attacks and algorithms increasing the information security of web resources, as well as implementing measures to improve the security of web-based resources.https://vestnik.dgtu.ru/jour/article/view/813ddos attackudp-floodcorrelation analysisforecastingsimple exponential smoothing methodsmoothing coefficientmodelingadditive time series modelautocorrelation functioninformation protection |
collection |
DOAJ |
language |
Russian |
format |
Article |
sources |
DOAJ |
author |
M. V. Tumbinskaya V. V. Volkov B. G. Zagidullin |
spellingShingle |
M. V. Tumbinskaya V. V. Volkov B. G. Zagidullin Application of statistical methods for predicting udp-flood attacks Vestnik Dagestanskogo Gosudarstvennogo Tehničeskogo Universiteta: Tehničeskie Nauki ddos attack udp-flood correlation analysis forecasting simple exponential smoothing method smoothing coefficient modeling additive time series model autocorrelation function information protection |
author_facet |
M. V. Tumbinskaya V. V. Volkov B. G. Zagidullin |
author_sort |
M. V. Tumbinskaya |
title |
Application of statistical methods for predicting udp-flood attacks |
title_short |
Application of statistical methods for predicting udp-flood attacks |
title_full |
Application of statistical methods for predicting udp-flood attacks |
title_fullStr |
Application of statistical methods for predicting udp-flood attacks |
title_full_unstemmed |
Application of statistical methods for predicting udp-flood attacks |
title_sort |
application of statistical methods for predicting udp-flood attacks |
publisher |
Daghestan State Technical University |
series |
Vestnik Dagestanskogo Gosudarstvennogo Tehničeskogo Universiteta: Tehničeskie Nauki |
issn |
2073-6185 2542-095X |
publishDate |
2020-08-01 |
description |
Aim. Web resources are an integral part of modern human life. Today, these resources are increasingly exposed to hacker attacks, such as the introduction of SQL operators, crosssite scripting, etc. DDoS attacks continue to be included in the top 10 network attacks that lead to serious failures of web resources. The most common type of DDoS attack is UDP-flood attacks based on the endless sending of UDP packets to the ports of various UDP services. Our empirical study was based on the following factors: the lack of effective means of protection against DDoS attacks, the specificity of UDP-flood attacks, and the lack of prediction models that adequately describe the process under study. The aim of this study was to increase the level of security of web resources by means of timely detection of anomalies in their work, detection of information security threats based on analysis and forecasting methods. The research object was UDP-flood attacks. Methods. Correlation analysis and modelling methods were used to calculate the seasonal index of UDP-flood attacks and the autocorrelation of the time series of this type of attack. The forecast of UDP-flood attacks was built based on simple exponential smoothing and neural network forecasting models. Results. A classification of DDoS attacks was proposed, along with possible protection approaches. Using a correlation analysis, the forecast values of the impact of UDP-flood attacks against web resources were calculated, and the seasonal factor was identified. The analysis of the forecast results showed that the spread of forecast values was not significant; the largest number of attacks is expected in the fourth quarter of 2020. For DDoS attacks lasting up to 20 minutes, seasonality was also detected in the first quarter of the calendar year, which means that the largest number of attacks of this duration should be expected in the first quarter of 2020. Conclusion. In order to improve the level of protection against DDoS attacks, further research should be aimed at developing methods for combating UDP-flood attacks and algorithms increasing the information security of web resources, as well as implementing measures to improve the security of web-based resources. |
topic |
ddos attack udp-flood correlation analysis forecasting simple exponential smoothing method smoothing coefficient modeling additive time series model autocorrelation function information protection |
url |
https://vestnik.dgtu.ru/jour/article/view/813 |
work_keys_str_mv |
AT mvtumbinskaya applicationofstatisticalmethodsforpredictingudpfloodattacks AT vvvolkov applicationofstatisticalmethodsforpredictingudpfloodattacks AT bgzagidullin applicationofstatisticalmethodsforpredictingudpfloodattacks |
_version_ |
1721264716792201216 |