Statistical Techniques for Detecting Cyberattacks on Computer Networks Based on an Analysis of Abnormal Traffic Behavior

• Published in: International journal of computer network and information security Vol. 12; no. 6; pp. 1 - 13
• Main Authors: Hu, Zhengbing, Odarchenko, Roman, Gnatyuk, Sergiy, Zaliskyi, Maksym, Chaplits, Anastasia, Bondar, Sergiy, Borovik, Vadim
• Format: Journal Article
• Language: English
• Published: Hong Kong Modern Education and Computer Science Press 08.12.2021
• Subjects: Anomalies; Communications traffic; Computer networks; Effectiveness; Hazards; Methods; Network reliability; Segments; Statistical methods; Traffic information
• ISSN: 2074-9090; 2074-9104
• DOI: 10.5815/ijcnis.2020.06.01

Represented paper is currently topical, because of year on year increasing quantity and diversity of attacks on computer networks that causes significant losses for companies. This work provides abilities of such problems solving as: existing methods of location of anomalies and current hazards at networks, statistical methods consideration, as effective methods of anomaly detection and experimental discovery of choosed method effectiveness. The method of network traffic capture and analysis during the network segment passive monitoring is considered in this work. Also, the processing way of numerous network traffic indexes for further network information safety level evaluation is proposed. Represented methods and concepts usage allows increasing of network segment reliability at the expense of operative network anomalies capturing, that could testify about possible hazards and such information is very useful for the network administrator. To get a proof of the method effectiveness, several network attacks, whose data is storing in specialised DARPA dataset, were chosen. Relevant parameters for every attack type were calculated. In such a way, start and termination time of the attack could be obtained by this method with insignificant error for some methods.