MODEL FOR ANALYZING NETWORK ACTIVITY OF ELEMENTS IN A TELEPHONE IP NETWORK USING AN INTRUDER’S COMPUTER RECONNAISSANCE SYSTEM
Abstract and keywords
Abstract:
Objective: to develop and analyze a stochastic model of the process of analyzing the network activity of elements of a telephone IP network performed by an intruder's computer intelligence (CI) complex to quantify the time characteristics of the intelligence cycle. Methods: the network scanner's algorithm is presented as a stochastic network (GERT model), where the stages of detecting active elements, determining the roles of nodes, types of operating systems, ports/services, and analyzing vulnerabilities are described by arcs with their own time distribution functions and success probabilities, and repeated launches are represented by return loops. For the Role, OS, and Ports/Services branches, equivalent Laplace images of the distribution densities are obtained, based on which equivalent functions are derived for the parallel block and the full cycle of the scanner's operation in full and partial scan modes. The integral distribution function, average time, and level of requirements are calculated based on the obtained analytical expressions. Results: compact formulas for the equivalent function, distribution function, and average time of VoIP network intelligence are obtained, depending on the probabilities of successful completion of key operations. It is shown that the time characteristics of the process have a pronounced nonlinear dependence on the values of these probabilities: as the probabilities increase, the average time and the time required for successful completion of the scan decrease significantly. A comparison of full and partial scan modes demonstrates the expected compromise between the completeness of the information obtained by computer intelligence and the speed of obtaining results. Practical significance: the model allows for predicting the time characteristics of the CI complex's operation in a VoIP network, identifying “bottlenecks”, and quantifying the impact of network architecture and security measures on the speed at which an intruder can obtain critical information, providing a basis for making informed decisions to enhance cyber resilience.

Keywords:
telephone IP network, computer intelligence complex, network scanner; network activity analysis, stochastic network, GERT model, equivalent function, full and partial scanning
Text
Text (PDF): Read Download
References

1. Evaluating the Functioning Quality of Data Transmission Networks in the Context of Cyberattacks / A. Privalov, [et al.] // Energies. 2021. Vol. 14, no. 16. DOI:https://doi.org/10.3390/en14164755

2. Kocynyak M. A., Kuleshov I. A., Lauta O. S. Ustoychivost' informacionno-telekommunikacionnyh setey. SPb.: Izdatel'stvo Politehnicheskogo universiteta, 2013. 92 s.

3. Sheluhin O. I. Prichiny samopodobiya teletrafika i metody ocenki pokazatelya Hersta // Elektrotehnicheskie i informacionnye kompleksy i sistemy. 2007. T. 3, № 1. S. 5–14.

4. Nazarov A. N. Modeli i metody rascheta pokazateley kachestva funkcionirovaniya uzlovogo oborudovaniya i strukturno-setevyh parametrov setey svyazi sleduyuschego pokoleniya. 2-e izd., pererab. Krasnoyarsk: Polikom, 2011. 491 s.

5. Privalov A. A., Titov D. D. Model' processa raboty uzla kommutacii tehnologicheskoy IP-seti pri obsluzhivanii prioritetnogo mnogoproduktovogo potoka v usloviyah DDoS-atak narushitelya // Fundamental'nye i prikladnye nauchnye issledovaniya: sbornik trudov H Mezhdunarodnogo konkursa nauchno-issledovatel'skih rabot. Ufa, 2022.

6. Privalov A. A., Titov D. D. Model' processa peredachi prioritetnogo mnogoproduktovogo potoka po kanalu telefonnoy IP-seti v usloviyah komp'yuternyh atak // Innovacionnye nauchnye issledovaniya v sovremennom mire: sbornik trudov H Vseros. konkursa nauch.-issled. rabot. Ufa, 2022.

7. Privalov A. A. Metod topologicheskogo preobrazovaniya stohasticheskih setey i ego ispol'zovanie dlya analiza sistem upravleniya dvizheniem poezdov // Izvestiya Peterburgskogo universiteta putey soobscheniya. SPb.: PGUPS. 2017. T. 14, № 1. S. 137–148.

8. Shibanov A. P. Nahozhdenie plotnosti raspredeleniya vremeni ispolneniya GERT-seti na osnove ekvivalentnyh uproschayuschih preobrazovaniy // Avtomatika i telemehanika. 2003. № 2. S. 117–126.

9. Duhvalov A. P. Kiberataki na kriticheski vazhnye ob'ekty — veroyatnaya prichina katastrof // Voprosy kiberbezopasnosti. 2014. № 3 (4). S. 50–53.

10. Scarfone K., Mell P., Brewer T. NIST SP 800- 115: Technical Guide to Information Security Testing and Assessment. National Institute of Standards and Technology, 2008.

11. Martin Dzh. Sistemnyy analiz peredachi dannyh. T. 2. Proektirovanie sistem peredachi dannyh / pod red. V. S. Lapina. M.: Mir, 1975. 431 s.

Login or Create
* Forgot password?