Skip to main content
41
Views
403
Downloads
Reviewed article

Design of Technical Methods for Analysing Network Security Based on Identification of Network Traffic Anomalies

How to cite:
Ihor Skiter, Ivan Burmaka, Andriy Sigayov
"Design of Technical Methods for Analysing Network Security Based on Identification of Network Traffic Anomalies"
Information & Security: An International Journal,
47
no. 3
(2020):
306-316.
https://doi.org/10.11610/isij.4722

Design of Technical Methods for Analysing Network Security Based on Identification of Network Traffic Anomalies

Source:

Information & Security: An International Journal,
Volume: 47,
Issue3,
p.306-316
(2020)

Abstract:

The article presents the design of a system for analysing technical networks with three main components. The attack generator monitors the network, checks its response, stability, and effectiveness to counter external threats. The database contains data about network parameters, their behaviour over time, network status, incidents, anomalies, etc. The network monitoring module uses information from the database for qualitative analysis of the network status.

The technical data analysis system of the distributed information system consists of two subsystems: the “Attacker” and the “Analyzer.” The “Attacker” is a scanning tool for targeted information monitoring. It generates streams of network attacks with the aim to test the network response, stability, and effectiveness of network protection. The subsystem “Analyzer” collects information in predetermined periods of time, establishes criticality levels of network parameters; determines the time of the last criticality levels’ change, records criticality levels values, and reports on the status, errors and script execution.

41
Views
403
Downloads