Analysis of existing solutions for preventing invasion in information and telecommunication networks

Authors

  • Igor Subach Institute of special communication and information protection of National technical university of Ukraine “Igor Sikorsky Kyiv polytechnic institute”, Kyiv
  • Vitalii Fesokha Military institute of telecommunications and informatization, Kiev,
  • Nadiia Fesokha Military institute of telecommunications and informatization, Kiev,

DOI:

https://doi.org/10.20535/2411-1031.2017.5.1.120554

Keywords:

Сybernetic space, information and telecommunication network, cybernetic security, cybernetic attack, intrusion prevention system, fuzzy sets, data mining.

Abstract

The article presents an overview of the current state of cybernetic space in the context of the growth of cybercrime (large-scale cyber attacks, which have received wide publicity in Ukraine and the world). A comparative analysis of the main existing software solutions for the prevention of intrusions into information and telecommunications networks, based on public licenses. The characteristics of the main methods for detecting attacks (intrusions) are given. There is identified  its main shortcomings: lack of adaptability, persistence and verification, high level of erroneous attacks, those misses of cyber attacks, weak opportunities to identify new attacks, lack of ability to determine the attack in its initial stages, practical lack of identification of the attacker and the purpose of the attack, in real time, a significant load of the system and a weak interpretation of the current situation. Prospective ways of their elimination based on the use of hybrid intelligent intrusion prevention systems based on the methods of knowledge engineering, the mathematical apparatus of fuzzy sets theory and fuzzy inference, as well as methods and technologies for data mining are proposed. Obtained results can be considered as a basis for the implementation of new mechanisms for identifying cybernetic attacks and their application during the implementation of intrusion detection systems of the next generation in order to respond to previously unknown types of cybernetic attacks. This will increase the efficiency and validity of the decisions taken by the security administrator of information and telecommunication systems and networks in real time during the detection and prevention of cybernetic attacks.

Author Biographies

Igor Subach, Institute of special communication and information protection of National technical university of Ukraine “Igor Sikorsky Kyiv polytechnic institute”, Kyiv

doctor of technical science,
associate professor, head
at the cybersecurity and application
of information systems and technologies
academic department

Vitalii Fesokha, Military institute of telecommunications and informatization, Kiev,

postgraduate student

Nadiia Fesokha, Military institute of telecommunications and informatization, Kiev,

lecturer at the computer
information technologies academic department

References

I. Y. Subach, “Ways of improving the detection of cyber attacks”, at National Scientific Conference. Actual problems of ensuring information security of the state, Kyiv, 2014,

pp. 112.

“Cisco Annual Information Security Report for 2016”. [Online]. Available: http://www.cisco.com/c/dam/m/en_en/internet-of-everything-oe/iac/assets/pdfs/security/cisco _2016_asr_011116_en.pdf. Accessed on: Febr. 06,2017.

S. Radkevych, ”Cyber security as a key element of combating hybrid aggression”. [Online]. Available: http://cacds.org.ua/ru/safe/theme/870. Accessed on: Jan. 23, 2017.

“Analysis of the Cyber Attack on the Ukrainian Power Grid”. [Online]. Available: https://ics.sans.org/media/E-SAC_SANS_Ukraine_DUC_5.pdf. Accessed on: March, 01, 2017.

“Cyber-Attack Against Ukrainian Critical Infrastructure”, [Online]. Available: https://ics-cert.us-cert.gov/alerts/IR-ALERT-H-16-056-01. Accessed on: Febr. 25, 2016.

“Cyberattack on “Ukrzaliznytsia”. [Online]. Available: https://www.depo.ua/rus/politics/ kibeataka-na-ukrzaliznitsyu-postavila-na-vuha-natspolitsiyu-16122016143800. Accessed on: Febr., 13, 2017.

“Italian Foreign Minister acknowledged the fact of hacker attacks on the ministry”. [Online]. Available: http://tass.ru/mezhdunarodnaya-panorama/4015482. Accessed on: Febr., 13, 2017.

D. I. Gamaiunov, “Detection of computer attacks based on the analysis of the behavior of network objects”, Faculty of computational mathematics and cybernetics, Lomonosov Moscow state university, Moscow, 2007.

O. I. Shelukhin, D. Z. Sakalema, and A.S. Filinova, Detection of intrusions into computer networks (network anomalies). Moscow, Russia: Goriachaia liniia – Telekom, 2016.

“The Bro Network Security Monitor”. [Online]. Available: https://www.bro.org. Accessed on: Febr., 06, 2017.

“OSSEC”. [Online]. Available: http://ossec.github.io. Accessed on: Febr., 06, 2017.

“Prelude”. [Online]. Available: http://www.prelude-siem.com. Accessed on: Febr., 06, 2017.

“Suricata”. [Online]. Available: https://suricata-ids.org. Accessed on: Febr., 06, 2017.

A. D. Falke, V. S. Fulsoundar, R. S. Pawase, S. B. Wale, and S. J. Ghule, “Network Intrusion Detection System using Fuzzy Logic”, International journal of scientific research and education, vol. 2, iss. 4, pp. 626-635, April 2014.

T. Lappas, and K. Pelechrinis, “Data Mining Techniques for (Network) Intrusion Detection Systems”. [Online]. Available: https://www.slideshare.net/Tommy96/data-mining-techniques-for-network-intrusion-detection-systems. Accessed on: Febr., 16, 2017.

T. I. Buldakova, and A. S. Dzhalolov, “Choosing Data Mining Technologies for Intrusion Detection Systems in the Corporate Network”, Engineering journal: science and innovation, no. 11 (23), pp. 1-14, 2013.

A. Youssef, and A. Emam, “Network intrusion detection using data mining and network behaviour analysis”, International journal of computer science & information technology, vol. 3, no. 6, pp. 87-98, December 2011.

doi: 10.5121/ijcsit.2011.3607.

A.A. Branitskii, and I. V. Kotenko, ”Analysis and classification of methods for detecting network attacks”, SPIIRAS Proceedings, iss., 45, pp. 207-244, 2016.

doi: 10.15622/sp.45.13.

E. Zubkov, and V. Belov, “Methods of Data Mining and Intrusion Detection”, Bulletin of SibGUTI, no. 1, pp. 118-133, 2016.

S. А. Petrenko, “Methods for detecting intrusions and anomalies of the functioning of cybersystem”, Proceedings of ISA RAS, no. 41, pp. 194-202, 2009.

Published

2017-06-30

How to Cite

Subach, I., Fesokha, V., & Fesokha, N. (2017). Analysis of existing solutions for preventing invasion in information and telecommunication networks. Information Technology and Security, 5(1), 29–41. https://doi.org/10.20535/2411-1031.2017.5.1.120554

Issue

Section

NETWORK AND APPLICATION SECURITY