Construction of Schemes, Models and Algorithm for Detection Network Attacks in Computer Networks

Abstract

This article is devoted to develop network attack detection schemes to search for vulnerable servers and the likelihood of determining the type of attacks by the contents of network packets, a network attack recognition scheme that allows to filter external network traffic by processing incoming requests is proposedas well a network detection model attacks as signs of detecting the position of a security policy is offered. Based on the analysis of time series, a network attack detection model that allows identifying network attacks by a threshold value is developed and a mathematical model for real-time recognition of network attacks is proposed.Model of the behavior of the information flows are shown that the linear model does not provide an adequate assessment of the current process to the critical states. Within the framework of developing models for detecting network attacks, an algorithm for detecting and identifying network attacks is proposed, which allows one to perform not only an exhaustive search for the classification features of network attacks, but to limit itself to a shortened search.The behavior of the queue of half-open compounds are described with an absorbing state, and a system of differential equations for state probabilities are obtained. Also new requests to belong to a particular cluster are analyzed.