{"id":2127,"date":"2021-01-18T19:04:05","date_gmt":"2021-01-18T17:04:05","guid":{"rendered":"http:\/\/journals.khnu.km.ua\/vestnik\/?p=2127"},"modified":"2021-04-01T11:59:58","modified_gmt":"2021-04-01T08:59:58","slug":"%d0%bc%d0%b5%d1%82%d0%be%d0%b4-%d0%b2%d0%b8%d1%8f%d0%b2%d0%bb%d0%b5%d0%bd%d0%bd%d1%8f-%d1%82%d0%b0-%d0%bf%d1%80%d0%be%d1%82%d0%b8%d0%b4%d1%96%d1%97-%d1%80%d0%be%d0%b7%d0%bf%d0%be%d0%b4%d1%96%d0%bb","status":"publish","type":"post","link":"https:\/\/journals.khnu.km.ua\/vestnik\/?p=2127","title":{"rendered":"\u041c\u0435\u0442\u043e\u0434 \u0432\u0438\u044f\u0432\u043b\u0435\u043d\u043d\u044f \u0442\u0430 \u043f\u0440\u043e\u0442\u0438\u0434\u0456\u0457 \u0440\u043e\u0437\u043f\u043e\u0434\u0456\u043b\u0435\u043d\u0438\u043c \u0430\u0442\u0430\u043a\u0430\u043c, \u0441\u043f\u0440\u044f\u043c\u043e\u0432\u0430\u043d\u0438\u043c \u043d\u0430 \u0432\u0456\u0434\u043c\u043e\u0432\u0443 \u0432 \u043e\u0431\u0441\u043b\u0443\u0433\u043e\u0432\u0443\u0432\u0430\u043d\u043d\u0456"},"content":{"rendered":"

\u041c\u0415\u0422\u041e\u0414 \u0412\u0418\u042f\u0412\u041b\u0415\u041d\u041d\u042f \u0422\u0410 \u041f\u0420\u041e\u0422\u0418\u0414\u0406\u0407 \u0420\u041e\u0417\u041f\u041e\u0414\u0406\u041b\u0415\u041d\u0418\u041c \u0410\u0422\u0410\u041a\u0410\u041c, \u0421\u041f\u0420\u042f\u041c\u041e\u0412\u0410\u041d\u0418\u041c \u041d\u0410 \u0412\u0406\u0414\u041c\u041e\u0412\u0423 \u0412 \u041e\u0411\u0421\u041b\u0423\u0413\u041e\u0412\u0423\u0412\u0410\u041d\u041d\u0406<\/p>\n

METHODS OF DETECTION AND COUNTERACTION TO THE DISTRIBUTED ATTACKS AIMED AT FAILURE IN SERVICE<\/p>\n

<\/a> \u0421\u0442\u043e\u0440\u0456\u043d\u043a\u0438: 122-127. \u041d\u043e\u043c\u0435\u0440: \u21162, 2019 (271)<\/span><\/strong>
\n\u0410\u0432\u0442\u043e\u0440\u0438:<\/span><\/strong>
\n\u0412.\u00a0\u041c. \u0414\u0416\u0423\u041b\u0406\u0419, \u0412. \u0406. \u0427\u041e\u0420\u041d\u0415\u041d\u042c\u041a\u0418\u0419, \u041e. \u041e. \u0421\u0410\u0412\u0406\u0426\u042c\u041a\u0410<\/span>
\n\u0425\u043c\u0435\u043b\u044c\u043d\u0438\u0446\u044c\u043a\u0438\u0439 \u043d\u0430\u0446\u0456\u043e\u043d\u0430\u043b\u044c\u043d\u0438\u0439 \u0443\u043d\u0456\u0432\u0435\u0440\u0441\u0438\u0442\u0435\u0442
\nV. M. DZHULIY, V. I. CHORNENKY, O. O. SAVITSKAYA
\nKhmelnytskyi National University
\nDOI:<\/strong> https:\/\/www.doi.org\/10.31891\/2307-5732-2019-271-2-122-127<\/a>
\n\u0420\u0435\u0446\u0435\u043d\u0437\u0456\u044f\/Peer review :<\/strong> 15.03.2019 \u0440.
\n\u041d\u0430\u0434\u0440\u0443\u043a\u043e\u0432\u0430\u043d\u0430\/Printed :<\/strong> 10.04.2019 \u0440.<\/p>\n

\u0410\u043d\u043e\u0442\u0430\u0446\u0456\u044f \u043c\u043e\u0432\u043e\u044e \u043e\u0440\u0438\u0433\u0456\u043d\u0430\u043b\u0443<\/strong><\/p>\n

\u0412 \u0440\u043e\u0431\u043e\u0442\u0456 \u0437\u0430\u043f\u0440\u043e\u043f\u043e\u043d\u043e\u0432\u0430\u043d\u043e \u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u0438\u0439 \u043c\u0435\u0442\u043e\u0434 \u0442\u0430 \u0456\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430\u0440\u0456\u0439 \u0434\u043b\u044f \u0440\u0430\u043d\u043d\u044c\u043e\u0433\u043e \u0432\u0438\u044f\u0432\u043b\u0435\u043d\u043d\u044f \u0440\u043e\u0437\u043f\u043e\u0434\u0456\u043b\u0435\u043d\u0438\u0445 \u0430\u0442\u0430\u043a, \u0441\u043f\u0440\u044f\u043c\u043e\u0432\u0430\u043d\u0438\u0445 \u043d\u0430 \u0432\u0456\u0434\u043c\u043e\u0432\u0443 \u0432 \u043e\u0431\u0441\u043b\u0443\u0433\u043e\u0432\u0443\u0432\u0430\u043d\u043d\u0456, \u0456 \u043f\u043e\u0434\u0430\u043b\u044c\u0448\u043e\u0433\u043e \u0432\u0438\u044f\u0432\u043b\u0435\u043d\u043d\u044f \u0448\u043a\u0456\u0434\u043b\u0438\u0432\u043e\u0433\u043e \u0442\u0440\u0430\u0444\u0456\u043a\u0443 \u043d\u0430 \u0441\u0442\u043e\u0440\u043e\u043d\u0456 \u0440\u0435\u0441\u0443\u0440\u0441\u0443, \u0449\u043e \u0430\u0442\u0430\u043a\u0443\u0454\u0442\u044c\u0441\u044f \u0456 \u0439\u043e\u0433\u043e \u0431\u043b\u043e\u043a\u0443\u0432\u0430\u043d\u043d\u044f \u0432\u043b\u0430\u0441\u043d\u0438\u043c\u0438 \u0441\u0438\u043b\u0430\u043c\u0438. \u0414\u043b\u044f \u043f\u043e\u0434\u0456\u043b\u0443 \u0437\u043c\u0456\u0448\u0430\u043d\u043e\u0433\u043e \u0442\u0440\u0430\u0444\u0456\u043a\u0443 \u0432\u0438\u043a\u043e\u0440\u0438\u0441\u0442\u043e\u0432\u0443\u0454\u0442\u044c\u0441\u044f \u0430\u043b\u0433\u043e\u0440\u0438\u0442\u043c \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u0438\u0437\u0430\u0446\u0456\u0457 k-means. \u0412\u0438\u0431\u0456\u0440 \u0434\u0430\u043d\u043e\u0433\u043e \u0430\u043b\u0433\u043e\u0440\u0438\u0442\u043c\u0443 \u043e\u0431\u0491\u0440\u0443\u043d\u0442\u043e\u0432\u0430\u043d\u0438\u0439, \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u043e \u0434\u043e\u043a\u0430\u0437 \u0439\u043e\u0433\u043e \u0435\u0444\u0435\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u0456, \u043f\u0456\u0434\u0456\u0431\u0440\u0430\u043d\u0456 \u043e\u043f\u0442\u0438\u043c\u0430\u043b\u044c\u043d\u0456 \u0445\u0430\u0440\u0430\u043a\u0442\u0435\u0440\u0438\u0441\u0442\u0438\u043a\u0438 \u0456 \u0440\u043e\u0437\u043c\u0456\u0440\u043d\u0456\u0441\u0442\u044c \u0434\u0430\u043d\u0438\u0445, \u0432\u0438\u0440\u043e\u0431\u043b\u0435\u043d\u0456 \u043a\u0440\u0438\u0442\u0435\u0440\u0456\u0457 \u0443\u0441\u043f\u0456\u0448\u043d\u043e\u0441\u0442\u0456. \u0420\u043e\u0437\u0440\u043e\u0431\u043b\u0435\u043d\u0456 \u0430\u043b\u0433\u043e\u0440\u0438\u0442\u043c\u0438 \u0441\u043a\u043b\u0430\u0434\u0430\u044e\u0442\u044c \u043e\u0441\u043d\u043e\u0432\u0443 \u0443\u0437\u0430\u0433\u0430\u043b\u044c\u043d\u0435\u043d\u043e\u0457 \u043c\u0435\u0442\u043e\u0434\u0438\u043a\u0438 \u0432\u0438\u044f\u0432\u043b\u0435\u043d\u043d\u044f DDoS-\u0430\u0442\u0430\u043a \u0456 \u0448\u043a\u0456\u0434\u043b\u0438\u0432\u043e\u0433\u043e \u0442\u0440\u0430\u0444\u0456\u043a\u0443.
\n\u041a\u043b\u044e\u0447\u043e\u0432\u0456 \u0441\u043b\u043e\u0432\u0430:<\/strong> \u043c\u043e\u0434\u0435\u043b\u0456, \u0430\u043b\u0433\u043e\u0440\u0438\u0442\u043c\u0438, \u0435\u0444\u0435\u043a\u0442\u0438\u0432\u043d\u0456\u0441\u0442\u044c \u0432\u0438\u044f\u0432\u043b\u0435\u043d\u043d\u044f \u0430\u0442\u0430\u043a, \u043c\u0435\u0442\u043e\u0434, \u043c\u0435\u0440\u0435\u0436\u0435\u0432\u0438\u0439 \u0442\u0440\u0430\u0444\u0456\u043a, \u0456\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0456\u0439\u043d\u0430 \u0431\u0435\u0437\u043f\u0435\u043a\u0430.<\/p>\n

\u0420\u043e\u0437\u0448\u0438\u0440\u0435\u043d\u0430 \u0430\u043d\u043e\u0442\u0430\u0446\u0456\u044f \u0430\u043d\u0433\u043b\u0456\u0439\u0441\u044c\u043a\u043e\u044e \u043c\u043e\u0432\u043e\u044e<\/strong><\/p>\n

The purpose of the work is to create an actual method and tool for early detection of the distributed attacks aimed at denial of service, and further detection of any harmful traffic directed on the attacked resource and its own blocking. Countermeasures specialized to ensure the security of small and medium-sized resources, have received less development due to the predominance of large severe attacks in the past. And now they are lagging behind the evolution of DDoS attacks themselves. As a part of the method development for detecting DDoSatak and malicious traffic, an original algorithm has been created for detecting a distributed attack at the early stages of a denial of service attack. The algorithm takes into account seasonal deviations in the load, which makes it possible to detect the point of attack in the early stages and with greater accuracy. Besides, research was conducted to confirm the existence of seasonality and to identify any typical seasonal periods. As a result of the research the week, daily and uncertain seasonality and the reasons of its emergence are revealed. It was revealed the tendency of medium and low power attacks on regional resources. The peculiarities of regional level DDoS attacks were investigated and the task of creating a method and software complex for the detection of DDoS attacks and malicious inquiries was solved. The received technique was tested on the data – for legitimate requests, the completeness of the detection was 0.9991 with an accuracy of 0.99811, for malicious inquiries, completeness of 0.9975, accuracy of 0.9924.
\nKeywords:<\/strong> models, algorithms, attack detection efficiency, method, network traffic, information security.<\/p>\n

References<\/strong><\/p>\n

    \n
  1. Babash A.V. Kriptograficheskie metody zashhity informacii : uchebnik dlja stud. vuzov \/ A. V. Babash, E. K. Baranova. \u2013 M. : KNORUS, 2016. \u2013 190 s.<\/li>\n
  2. Baturin Ju.M. Komp’juternaja prestupnost’ i komp’juternaja bezopasnost’ \/ Ju.M. Baturin, A.M. Zhodzinskij. \u2013 M. : Juridicheskaja literatura, 2006. \u2013 160 s.<\/li>\n
  3. Borisov M.A. Osnovy programmno-apparatnoj zashhity informacii : ucheb. posobie dlja vuzov \/ M.A. Borisov, I.V. Zavodcev, I.V. Chizhov. \u2013 4-e izd., pererab. i dop. \u2013 M. : LENAND, 2016. \u2013 416 s.<\/li>\n
  4. Vasil’eva I.N. Kriptograficheskie metody zashhity informacii : uchebnik i praktikum dlja akadem. bakalavriata \/ I.N. Vasil’eva. \u2013 Sankt-Peterb. gos. jekonom. un-t . \u2013 M. : Jurajt, 2017. \u2013 349 s.<\/li>\n
  5. Nesterov S.A. Osnovy informacionnoj bezopasnosti : uchebnik \/ S. A. Nesterov. \u2013 SPb : Lan’, 2017. \u2013 423 s.<\/li>\n
  6. Olifer V.G. Bezopasnost’ komp’juternyh setej \/ V.G. Olifer, N.A. Olifer. \u2013 M. : Gorjachaja linija-Telekom, 2017. \u2013 644 s.<\/li>\n
  7. Tihonenko O.M. Modeli massovogo obsluzhivanija v informacionnyh sistemah : uchebnoe posobie dlja VUZov \/ O.M. Tihonenko. \u2013 Minsk : Tehnoprint, 2003. \u2013 327 s.<\/li>\n
  8. Shan’gin V.F. Informacionnaja bezopasnost’ i zashhita informacii \/ V.F. Shan’gin. \u2013 M. : DMK Press, 2017. \u2013 702 s.<\/li>\n<\/ol>\n","protected":false},"excerpt":{"rendered":"

    \u041c\u0415\u0422\u041e\u0414 \u0412\u0418\u042f\u0412\u041b\u0415\u041d\u041d\u042f \u0422\u0410 \u041f\u0420\u041e\u0422\u0418\u0414\u0406\u0407 \u0420\u041e\u0417\u041f\u041e\u0414\u0406\u041b\u0415\u041d\u0418\u041c \u0410\u0422\u0410\u041a\u0410\u041c, \u0421\u041f\u0420\u042f\u041c\u041e\u0412\u0410\u041d\u0418\u041c \u041d\u0410 \u0412\u0406\u0414\u041c\u041e\u0412\u0423 \u0412 \u041e\u0411\u0421\u041b\u0423\u0413\u041e\u0412\u0423\u0412\u0410\u041d\u041d\u0406 METHODS OF DETECTION AND COUNTERACTION TO THE DISTRIBUTED ATTACKS AIMED AT FAILURE IN SERVICE \u0421\u0442\u043e\u0440\u0456\u043d\u043a\u0438: 122-127. \u041d\u043e\u043c\u0435\u0440: \u21162, 2019 (271) \u0410\u0432\u0442\u043e\u0440\u0438: \u0412.\u00a0\u041c. \u0414\u0416\u0423\u041b\u0406\u0419, \u0412. \u0406. \u0427\u041e\u0420\u041d\u0415\u041d\u042c\u041a\u0418\u0419, \u041e. \u041e. \u0421\u0410\u0412\u0406\u0426\u042c\u041a\u0410 \u0425\u043c\u0435\u043b\u044c\u043d\u0438\u0446\u044c\u043a\u0438\u0439 \u043d\u0430\u0446\u0456\u043e\u043d\u0430\u043b\u044c\u043d\u0438\u0439 \u0443\u043d\u0456\u0432\u0435\u0440\u0441\u0438\u0442\u0435\u0442 V. M. DZHULIY, V. I. CHORNENKY, O. O. SAVITSKAYA Khmelnytskyi National University […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[22],"tags":[],"_links":{"self":[{"href":"https:\/\/journals.khnu.km.ua\/vestnik\/index.php?rest_route=\/wp\/v2\/posts\/2127"}],"collection":[{"href":"https:\/\/journals.khnu.km.ua\/vestnik\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/journals.khnu.km.ua\/vestnik\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/journals.khnu.km.ua\/vestnik\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/journals.khnu.km.ua\/vestnik\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2127"}],"version-history":[{"count":3,"href":"https:\/\/journals.khnu.km.ua\/vestnik\/index.php?rest_route=\/wp\/v2\/posts\/2127\/revisions"}],"predecessor-version":[{"id":5299,"href":"https:\/\/journals.khnu.km.ua\/vestnik\/index.php?rest_route=\/wp\/v2\/posts\/2127\/revisions\/5299"}],"wp:attachment":[{"href":"https:\/\/journals.khnu.km.ua\/vestnik\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2127"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/journals.khnu.km.ua\/vestnik\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2127"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/journals.khnu.km.ua\/vestnik\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2127"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}