Article 1320

Title of the article

THE DEVELOPMENT OF CRITERIA FOR ASSESSING THE EXTERNAL IMPACT OF DESTRUCTIVE DATA FLOWS ON THE TECHNOLOGICAL NETWORK OF AN INDUSTRIAL ENTERPRISE 

Authors

Zharova Ol'ga Yur'evna, Senior lecturer, sub-department of information security, Kaluga brach of Bauman Moscow State Technical University (2 Bazhenova street, Kaluga, Russia), E-mail: ouzharova@yandex.ru 

Index UDK

004.052.42+004.056.53 

DOI

10.21685/2072-3059-2020-3-1 

Abstract

Background. The aim of the study is to develop base principles of a mechanism to minimize damage from DoS/DDoS attacks targeting technological networks of industrial enterprises. Data on information security incidents in such networks were studied and the objective prerequisites for increasing pressure from cybercriminals on technological networks were determined. The specificity of the DoS/DDoS attacks influence on industrial networks, as well as the influence of external influences of destructive data flows on the reliability of these networks, have been studied. Existing methods of DoS/DDoS attacks resistance in corporate networks were analyzed in detail. The reasons why these methods cannot be applied in technological networks have been established.
Materials and methods. The research was carried out on the basis of simulation.
Results. The basic principle of the mechanism for minimizing damage from DoS / DDoS attacks aimed at industrial networks is proposed. Taking into account the specifics of technological networks, a classification of DoS / DDoS attacks was developed, in the development of which special attention was paid to the dynamic parameters of traffic, depending on the mechanism of operation of the attacking software.
Conclusion. The main criteria for determining the state of an attack are obtained, which are statistical traffic parameters: data flow rate, data flow acceleration, entropy, Poisson data flow, Hurst parameter. 

Key words

technological networks, cyberthreat, DoS/DDoS attack, destructive dataflow external impact, dynamic traffic parameters, statistical traffic parameters 

Download PDF
References

1. Ivanov I. A. Avtomatizatsiya v promyshlennosti [Industrial automation]. 2007, no. 4, pp. 49–51. [In Russian]
2. Anzimirov L. V. Avtomatizatsiya v promyshlennosti [Industrial automation]. 2007, no. 4, pp. 53–54. [In Russian]
3. Golovko V. Nauka i Tekhnika. Informatsionnye tekhnologii [Science and Engineering. Information technology]. Available at: https://naukatehnika.com/kiberataki-virusdiversant-stuxnet-v-yadernoj-energeticheskoj-programme-irana-chast1.html (accessed Febr. 20, 2020). [In Russian]
4. Simonenko M. D. Indeks bezopasnosti [Safety Index]. 2013, vol. 19, no. 1(104), pp. 233–248. [In Russian]
5. Stuxnet v detalyakh: «Laboratoriya Kasperskogo» publikuet podrobnosti ataki na yadernyy proekt Irana [Stuxnet in details: Kaspersky Lab publishes details of the attack on Iran's nuclear project]. Available at: https://www.kaspersky.ru/about/pressreleases/ 2014_stuxnet-v-detaliakh (accessed Febr. 20, 2020). [In Russian]
6. Prognozy po razvitiyu ugroz v sfere promyshlennoy bezopasnosti na 2018 god [Predictions for the development of threats in the field of industrial safety for 2018]. Available at: https://ics-cert.kaspersky.ru/reports/2019/03/27/threat-landscape-forindustrial-
automation-systems-h2-2018/ (accessed Febr. 20, 2020). [In Russian]
7. Verteshev S. M., Konevtsov V. A. Vestnik Pskovskogo gosudarstvennogo universiteta. Ser.: Tekhnicheskie nauki [Bulletin of Pskov State University. Series: Engineering sciences]. 2015, no. 2, pp. 93–106. [In Russian]
8. Landshaft ugroz dlya sistem promyshlennoy avtomatizatsii. Vtoroe polugodie 2018 [Threat landscape for industrial automation systems. Second half of 2018]. Available at: https://naukatehnika.com/kiberataki-virus-diversant-stuxnet-v-yadernojenergeticheskoj-
programme-irana-chast1.html (accessed Febr. 20, 2020). [In Russian]
9. Khokhlov R. V., Mishin S. A., Solodukha R. A. Prestupnost' v sfere informatsionnykh i telekommunikatsionnykh tekhnologiy: problemy preduprezhdeniya, raskrytiya i rassledovaniya prestupleniy [Crime in the field of information and telecommunication technologies: problems of prevention, detection and investigation of crimes]. 2017, no. 1, pp. 151–156. [In Russian]
10. DoS i DDoS-ataki: znachenie i razlichiya [DoS and DDoS attacks: meaning and differences]. Available at: https://ddos-guard.net/ru/info/blog-detail/dos-i-ddos-atakiznachenie- i-razlichiya (accessed Febr. 20, 2020). [In Russian]
11. Azhmukhamedov I. M., Mel'nikov E. V., Podol'tsev V. V. Prikaspiyskiy zhurnal: upravlenie i vysokie tekhnologii [Caspian journal: management and high technologies]. 2019, no. 4, pp. 35–42. [In Russian]
12. GOST 27.002–89. Nadezhnost' v tekhnike. Osnovnye ponyatiya. Terminy i opredeleniya [State Standart 27.002-89. Reliability in technology. Basic concepts. Terms and definitions]. Moscow, 1989. [In Russian]
13. Frolov D. Yu. Mir sovremennoy nauki [Th world of modern science]. 2011, no. 3 (6), pp. 18–22. [In Russian]
14. Baskanov A. N. Ekonomika i kachestvo sistem svyazi [Economics and quality of communication systems]. 2019, no. 3 (13), pp. 68–76. [In Russian]
15. Hariharan M., Abhishek H. K., Prasad B. G. International Journal of Wireless and Microwave Technologies. 2018, vol. 9, no. 1, pp. 52–59.
16. Davletshin R. A. Sovremennaya nauka: aktual'nye voprosy, dostizheniya i innovatsii: sb. st. IV Mezhdunar. nauch.-prakt. konf.: v 2 ch. [Modern science: current issues, achievements and innovations: proceedings of the IV International scientific and practical conference: in 2 parts]. Penza, 2018, pp. 45–47. [In Russian]
17. Ernandes L. Foton-ekspress [Photon Express]. 2006, no. 7 (55), pp. 40–42. [In Russian]
18. Zharova O. Yu. Voprosy radioelektroniki [Radio electronics issues]. 2018, no. 11, pp. 48–52. [In Russian]
19. Khimenko V. I. Informatsionno-upravlyayushchie sistemy [Information management systems]. 2016, no. 4 (83), pp. 85–93. [In Russian]

 

Дата создания: 03.12.2020 13:14
Дата обновления: 03.12.2020 14:35