TY - JOUR KW - anomaly KW - database KW - network monitoring KW - network parameters KW - network traffic AU - Ihor Skiter AU - Ivan Burmaka AU - Andriy Sigayov AB -
The article presents the design of a system for analysing technical networks with three main components. The attack generator monitors the network, checks its response, stability, and effectiveness to counter external threats. The database contains data about network parameters, their behaviour over time, network status, incidents, anomalies, etc. The network monitoring module uses information from the database for qualitative analysis of the network status.
The technical data analysis system of the distributed information system consists of two subsystems: the “Attacker” and the “Analyzer.” The “Attacker” is a scanning tool for targeted information monitoring. It generates streams of network attacks with the aim to test the network response, stability, and effectiveness of network protection. The subsystem “Analyzer” collects information in predetermined periods of time, establishes criticality levels of network parameters; determines the time of the last criticality levels’ change, records criticality levels values, and reports on the status, errors and script execution.
BT - Information & Security: An International Journal DA - 2020 DO - https://doi.org/10.11610/isij.4722 IS - 3 LA - eng N2 -The article presents the design of a system for analysing technical networks with three main components. The attack generator monitors the network, checks its response, stability, and effectiveness to counter external threats. The database contains data about network parameters, their behaviour over time, network status, incidents, anomalies, etc. The network monitoring module uses information from the database for qualitative analysis of the network status.
The technical data analysis system of the distributed information system consists of two subsystems: the “Attacker” and the “Analyzer.” The “Attacker” is a scanning tool for targeted information monitoring. It generates streams of network attacks with the aim to test the network response, stability, and effectiveness of network protection. The subsystem “Analyzer” collects information in predetermined periods of time, establishes criticality levels of network parameters; determines the time of the last criticality levels’ change, records criticality levels values, and reports on the status, errors and script execution.
PY - 2020 SE - 306 SP - 306 EP - 316 T2 - Information & Security: An International Journal TI - Design of Technical Methods for Analysing Network Security Based on Identification of Network Traffic Anomalies VL - 47 ER -