Providing functional stability of information networks based on the development of method for countering DDoS-attacks

Main Article Content

Oleg Barabash
Nataliya Lukova-Chuiko
Andrii Musienko
Valentin Sobchuk

Abstract

The subject of study in the paper is the process of providing the property of the functional stability of information networks. The goal is to develop the method of countering of DDoS- attacks, which allows to effectively protect the information network, both from attacks on the overall time interval, and from slow attacks. The problem is to develop algorithms for detecting and blocking of DDoS - attacks, which describe the sequence of actions when applying the method of countering of DDoS- attacks, to evaluate of the efficiency of the proposed method. The methods, which used are graph approach, mathematical models of optimization, methods of solving nonlinear problems tasks. The following results are obtained. Algorithms are constructed for detecting and blocking DDoS-attacks which describing the sequence of actions when applying the method of countering. The algorithm for detecting attacks is implemented on the analyzer of incoming traffic, which is checked for the presence of DDoS attacks. In case of detecting such an attack, its type is determined. After that, the blocking algorithm is implemented, which reads from the database of malicious traffic source and redirects it to the software gateway, which takes on itself the further destructive influence. Conclusions. Scientific novelty of the obtained results is as follows, we have proposed the method of countering of DDoS- attacks, which effectively protects the information network, both from attacks on the overall time interval, and from slow attacks. This method allows ensuring the functional stability of the information network and is based on the use of algorithms for detecting and blocking DDoS-attacks, and also collection of information about incoming traffic with the record in the database of "Sources of Malicious Traffic". When an attack is detected, it is determined her type it is started the mechanism for her blocking, which is realized in two stages. At the first stage, it is executed searching of sources of malicious traffic using the collected information about incoming packages in the database. At the second stage, it is performed direct blocking of detected sources by sending packets of replies on the backup channel through the software gateway on which, the outgoing address of server in packages replaced by the address of the gateway which it is allows to disguise the server from external destructive effects (in the case of the outside attack). When the attack from the internal network, switches ports to which connected sources of malicious traffic are disconnected. After that, the system administrator is notified, who immediately starts to search and eliminate of malicious software.

Article Details

How to Cite
Barabash, O., Lukova-Chuiko, N., Musienko, A., & Sobchuk, V. (2018). Providing functional stability of information networks based on the development of method for countering DDoS-attacks. Advanced Information Systems, 2(1), 56–63. https://doi.org/10.20998/2522-9052.2018.1.11
Section
Methods of information systems protection
Author Biographies

Oleg Barabash, State University of Telecommunications, Kyiv

Doctor of Technical Sciences, Professor, Head of the Department of Higher Mathematics

Nataliya Lukova-Chuiko, Kyiv National Taras Shevchenko University, Kyiv

Candidate of Physical and Mathematical Sciences, Associate Professor, Assistant Professor of the Department of Cybersecurity and Information Security

Andrii Musienko, Kyiv National Taras Shevchenko University, Kyiv

Candidate of Science (Physics and Mathematics), Assistant Professor of the Department of Network and Internet Technologies

Valentin Sobchuk, East-European National University of Lesya Ukrainka, Lutsk

candidate of physical and mathematical sciences, associate professor of the department of differential equations
and mathematical physics

References

Salanda, I.P., Barabash, O.V., Musienko, A.P. and Lukova-Chuiko, N.V. (2017), “Mathematical model of the structure of the 5th generation branched information network (5G) on the basis of random graphs”, Control systems, navigation and communication, PNTU, Poltava, No. 6 (46), pp. 118-121.

Ruban, I.V., Loshakov, Ye.S., Pribilnov, D.V. and Davikoza O.P. (2012), “Analysis of cybernetic attacks as significant threats to information security”, Control, navigation and communication systems, PNTU, Poltava, No. 4 (24), pp, 102-105.

Salanda, I.P., Barabash, O.V. and Musienko, A.P. (2017), “The system of indicators and criteria for formalizing the processes of ensuring the local functional stability of the branched information networks”, Control, navigation and communication systems, PNTU, Poltava, No. 1 (41), pp, 122-126.

Ruban, I.V., Loshakov, Ye.S. and Pribilnov, D.V. (2013), “Analysis of the main aspects of the impact of DOS attacks on network performance”, Modern information technologies in the field of security and defense, Kyiv, No. 3 (18), pp. 90-92.

Mashkov, V.A. and Barabash, O.V. (1998), “Self-checking and Self-diagnosis of Module Systems on the Principle of Walking Diagnostic Kernel”, Engineering Simulation, OPA, Amsterdam, Vol. 15, pp. 43-51.

Barabash, O.V., Pashkov, D.P. and Gorsky, O.M. (2016), “Informational approach to ensuring the functional stability of complex organizational ergot systems”, Information Processing Systems, KhUPS, Kharkiv, No. 9 (146), pp. 86-89.

Barabash, O.V. (2004), Methodology for constructing functionally stable distributed information systems for special purposes, NAOU, Kyiv, 224 p.

Barabash, O.V., Bodrov, S.V. and Musienko, A.P. (2015), “Method of accumulation of diagnostic information in systems of intellectual video control”, Control systems, navigation and communication, PNTU, Poltava, No. 1 (33), pp. 118-121.

Barabash, O.V., Obidin, D.M. and Musienko, AP (2014), “The algorithm of self-diagnostics of the technical condition of the switching nodes of information systems”, Modern Information Protection, Kyiv, No. 2, pp. 114-112.

Ruban, I.V., Loshakov, Ye.S. and Pribilnov, D.V. (2014), “Justification of the choice of the interval of observation in anticipation of a slow DoS-attack”, Information Processing Systems, KhUPS, Kharkiv, No. 8 (124), pp. 135-137.