The development of cyberindidents management system on LTE networks

Abstract

Cellular networks at this stage are among the most widespread in the world. The latest technological solution, which has become widespread, are LTE networks. These networks are used to transmit voice, data, connecting stationary devices, Internet devices, etc. However, with a number of advantages provided by each new generation of communication networks, new threats are emerging, including in the field of cybersecurity. So there are new types of attacks, the number of devices from which they can be organized. Therefore, it is very important to develop new mechanisms for providing cybersecurity in modern cellular networks, as it will provide guarantees for the safe delivery of data to subscribers and devices IoT. Therefore, we analyzed the mechanisms of information security in the world's most popular type of LTE networks. Studies have shown that LTE, despite a number of advantages, also has disadvantages. First of all, this is a vulnerability to DoS (Denial of Service) attacks on the network, virus attacks, attacks on additional services. The presence of vulnerabilities and cyber threats generates cyber incidents, which require effective detection, identification, processing and investigation methods for localization and neutralization. In order to detect and combat cyber incidents, the architecture of the cyber incident monitoring center in LTE networks was created. The paper also describes the classification of cyber incidents, examines the Computer Crisis Response Service (CERT), and access control options for this service. The netForensics system, which is designed to work with a heterogeneous information security information security environment and implements a continuous collection, processing and display of security events, was explored. Also developed was the deployment of the NetForensics cyber incident management system on the LTE network, the main elements of the LTE network and their interaction with netForensics nFX Open Security Platform were considered. This cyber incident management system has wide-ranging capabilities in distributed mode, support for various fault-tolerant configurations, and more. NetForensics cyber incident management system is implemented on the basis of Java technology on a modular basis.