Application of statistical methods for predicting udp-flood attacks

Aim. Web resources are an integral part of modern human life. Today, these resources are increasingly exposed to hacker attacks, such as the introduction of SQL operators, crosssite scripting, etc. DDoS attacks continue to be included in the top 10 network attacks that lead to serious failures of we...

Full description

Bibliographic Details
Main Authors: M. V. Tumbinskaya, V. V. Volkov, B. G. Zagidullin
Format: Article
Language:Russian
Published: Daghestan State Technical University 2020-08-01
Series:Vestnik Dagestanskogo Gosudarstvennogo Tehničeskogo Universiteta: Tehničeskie Nauki
Subjects:
Online Access:https://vestnik.dgtu.ru/jour/article/view/813
id doaj-6f9ab31c4f0b48d8a7fd921058125b88
record_format Article
spelling doaj-6f9ab31c4f0b48d8a7fd921058125b882021-07-28T20:54:37ZrusDaghestan State Technical UniversityVestnik Dagestanskogo Gosudarstvennogo Tehničeskogo Universiteta: Tehničeskie Nauki 2073-61852542-095X2020-08-0147210812210.21822/2073-6185-2020-47-2-108-122584Application of statistical methods for predicting udp-flood attacksM. V. Tumbinskaya0V. V. Volkov1B. G. Zagidullin2Kazan National Research Technical University named after A.N. TupolevKazan National Research Technical University named after A.N. TupolevKazan National Research Technical University named after A.N. TupolevAim. Web resources are an integral part of modern human life. Today, these resources are increasingly exposed to hacker attacks, such as the introduction of SQL operators, crosssite scripting, etc. DDoS attacks continue to be included in the top 10 network attacks that lead to serious failures of web resources. The most common type of DDoS attack is UDP-flood attacks based on the endless sending of UDP packets to the ports of various UDP services. Our empirical study was based on the following factors: the lack of effective means of protection against DDoS attacks, the specificity of UDP-flood attacks, and the lack of prediction models that adequately describe the process under study. The aim of this study was to increase the level of security of web resources by means of timely detection of anomalies in their work, detection of information security threats based on analysis and forecasting methods. The research object was UDP-flood attacks. Methods. Correlation analysis and modelling methods were used to calculate the seasonal index of UDP-flood attacks and the autocorrelation of the time series of this type of attack. The forecast of UDP-flood attacks was built based on simple exponential smoothing and neural network forecasting models. Results. A classification of DDoS attacks was proposed, along with possible protection approaches. Using a correlation analysis, the forecast values of the impact of UDP-flood attacks against web resources were calculated, and the seasonal factor was identified. The analysis of the forecast results showed that the spread of forecast values was not significant; the largest number of attacks is expected in the fourth quarter of 2020. For DDoS attacks lasting up to 20 minutes, seasonality was also detected in the first quarter of the calendar year, which means that the largest number of attacks of this duration should be expected in the first quarter of 2020. Conclusion. In order to improve the level of protection against DDoS attacks, further research should be aimed at developing methods for combating UDP-flood attacks and algorithms increasing the information security of web resources, as well as implementing measures to improve the security of web-based resources.https://vestnik.dgtu.ru/jour/article/view/813ddos attackudp-floodcorrelation analysisforecastingsimple exponential smoothing methodsmoothing coefficientmodelingadditive time series modelautocorrelation functioninformation protection
collection DOAJ
language Russian
format Article
sources DOAJ
author M. V. Tumbinskaya
V. V. Volkov
B. G. Zagidullin
spellingShingle M. V. Tumbinskaya
V. V. Volkov
B. G. Zagidullin
Application of statistical methods for predicting udp-flood attacks
Vestnik Dagestanskogo Gosudarstvennogo Tehničeskogo Universiteta: Tehničeskie Nauki
ddos attack
udp-flood
correlation analysis
forecasting
simple exponential smoothing method
smoothing coefficient
modeling
additive time series model
autocorrelation function
information protection
author_facet M. V. Tumbinskaya
V. V. Volkov
B. G. Zagidullin
author_sort M. V. Tumbinskaya
title Application of statistical methods for predicting udp-flood attacks
title_short Application of statistical methods for predicting udp-flood attacks
title_full Application of statistical methods for predicting udp-flood attacks
title_fullStr Application of statistical methods for predicting udp-flood attacks
title_full_unstemmed Application of statistical methods for predicting udp-flood attacks
title_sort application of statistical methods for predicting udp-flood attacks
publisher Daghestan State Technical University
series Vestnik Dagestanskogo Gosudarstvennogo Tehničeskogo Universiteta: Tehničeskie Nauki
issn 2073-6185
2542-095X
publishDate 2020-08-01
description Aim. Web resources are an integral part of modern human life. Today, these resources are increasingly exposed to hacker attacks, such as the introduction of SQL operators, crosssite scripting, etc. DDoS attacks continue to be included in the top 10 network attacks that lead to serious failures of web resources. The most common type of DDoS attack is UDP-flood attacks based on the endless sending of UDP packets to the ports of various UDP services. Our empirical study was based on the following factors: the lack of effective means of protection against DDoS attacks, the specificity of UDP-flood attacks, and the lack of prediction models that adequately describe the process under study. The aim of this study was to increase the level of security of web resources by means of timely detection of anomalies in their work, detection of information security threats based on analysis and forecasting methods. The research object was UDP-flood attacks. Methods. Correlation analysis and modelling methods were used to calculate the seasonal index of UDP-flood attacks and the autocorrelation of the time series of this type of attack. The forecast of UDP-flood attacks was built based on simple exponential smoothing and neural network forecasting models. Results. A classification of DDoS attacks was proposed, along with possible protection approaches. Using a correlation analysis, the forecast values of the impact of UDP-flood attacks against web resources were calculated, and the seasonal factor was identified. The analysis of the forecast results showed that the spread of forecast values was not significant; the largest number of attacks is expected in the fourth quarter of 2020. For DDoS attacks lasting up to 20 minutes, seasonality was also detected in the first quarter of the calendar year, which means that the largest number of attacks of this duration should be expected in the first quarter of 2020. Conclusion. In order to improve the level of protection against DDoS attacks, further research should be aimed at developing methods for combating UDP-flood attacks and algorithms increasing the information security of web resources, as well as implementing measures to improve the security of web-based resources.
topic ddos attack
udp-flood
correlation analysis
forecasting
simple exponential smoothing method
smoothing coefficient
modeling
additive time series model
autocorrelation function
information protection
url https://vestnik.dgtu.ru/jour/article/view/813
work_keys_str_mv AT mvtumbinskaya applicationofstatisticalmethodsforpredictingudpfloodattacks
AT vvvolkov applicationofstatisticalmethodsforpredictingudpfloodattacks
AT bgzagidullin applicationofstatisticalmethodsforpredictingudpfloodattacks
_version_ 1721264716792201216