Review and analysis of intelligent methods of critical information infrastructure protection on the example of the financial sector of the Russian Federation

Cover Page

Cite item

Full Text

Open Access Open Access
Restricted Access Access granted
Restricted Access Subscription or Fee Access

Abstract

In recent years, cyberattacks, including DDoS attacks, on the critical information infrastructure of the Russian Federation have resulted in financial losses for companies, enterprises, individuals, universities and even hospitals. The damage reaches trillions of roubles,and on average, each large online shop that has been attacked can lose up to 600,000 roubles a day. And this is despite the fact that most companies have their own equipment and software to detect and filter DDoS attacks, or use the services of providers/data centres.

The main reason is that not all companies, providers and data centres have sufficient capacity to filter DDoS attacks of various types and types. In addition, an equally important reason is the misconfiguration of physical servers and network equipment ranging from switches to software-defined networks (SDNs)/content delivery networks (CDNs).

Thus, given the importance and necessity of ensuring the availability of critical information infrastructure in the era of digital economy, this paper presents a comprehensive systematic review of DDoS attack types and their intelligent filtering techniques.

The main findings and results of this study open up the possibility of implementing next-generation systems based on neural networks and computational clusters to analyse network traffic and detect DDoS attacks. In addition, these systems will help to solve existing critical problems, the main ones being the speed of response to emerging cyberattacks and the quality of filtering unauthorised network traffic.

About the authors

E. V. Palchevsky

Financial University under the Government of the Russian Federation

Author for correspondence.
Email: teelxp@inbox.ru

Senior Lecturer

Russian Federation, Moscow

V. V. Antonov

Ufa University of Science and Technology

Email: antonov.v@bashkortostan.ru

Dr. Sci. (Tech.), Professor

Russian Federation, Ufa, 450008

References

  1. Souiden I., Omri M., Brahmi Z. A survey of outlier detection in high dimensional data streams, Computer Science Review, vol. 44, pp. 100463.
  2. CloudFlare Report, available at: https://blog.cloudflare. com/ddos-attack-trends-for-2022-q1/ (accessed: 10.03.2024).
  3. TAdviser Information Technology Resource, available at: https://www.tadviser.ru/index.php/Статья:Безопасность_критической_информационной_инфраструктуры_РФ (accessed: 11.03.2024).
  4. CloudFlare Report, available at: https://blog.cloudflare.com/ddos-threat-report-2023-q4 (accessed: 11.03.2024).
  5. Klimenko T. M., Akzhigitov R. R. Overview of methods for detecting distributed denial-of-service attacks based on machine learning and deep learning, International Journal of Open Information Technologies, 2023, vol. 11, no. 6, pp. 46—66 (in Russian).
  6. Kponyo J. J., Agyemang J. O., Klogo G. S., Boateng J. O. Lightweight and host-based denial of service (DoS) detection and defense mechanism for resource-constrained IoT devices, Internet of Things (Netherlands), 2020, vol. 12, pp. 100319, doi: 10.1016/j.iot.2020.100319.
  7. NG S. DDoSMitigator: An On-The-Fly Method of Mitigating Denial of Service Attack in Software Defined Networking, International Journal for Research in Applied Science and Engineering Technology, 2022, vol. 10, no. 12, pp. 404—420, doi: 10.22214/ijraset.2022.47885.
  8. Sukhoparov М. Е., Lebedev I. S., Salakhutdinova K. I. Method for identifying the information security status of internet of things devices, Informazionnye tehnologii, 2021, vol. 27, no. 2, pp. 72—77, doi: 10.17587/it.27.72-77 (in Russian).
  9. Noskov S. I., Vergasov A. S. Regression model of structural factors of cyber threats, Software engineering, 2020, vol. 11, no. 4, pp. 251—256, doi: 10.17587/prin.11.251-256 (in Russian).
  10. Drachev G. A. Development of an algorithm for extracting and encoding data from computing system log messages for anomaly detection systems, Informazionnye tehnologii, 2023, vol. 29, no. 7, pp. 351—359, doi: 10.17587/it.29.351-359 (in Russian).
  11. Abramov A. G., Evseev A. V. Conceptual aspects of creating a new generation national research computer network in the Russian Federation, Informazionnye tehnologii, 2019, vol. 25, no. 12, pp. 724—733, doi: 10.17587/it.25.724-733 (in Russian).
  12. Sokolovsky S. P. Parametric optimisation of information systems in solving the problem of network connectivity management with network reconnaissance tools, Informazionnye tehnologii, 2022, vol. 28, no. 6, pp. 302—308, doi: 10.17587/it.28.302-308 (in Russian).
  13. Gangula R., Mohan V. M., Kumar R. A comprehence study of DDoS attack detecting algorithm using GRU-BWFA classifier, Measurement: Sensors, 2022, vol. 24, p. 100570, doi: 10.1016/j.measen.2022.100570.
  14. Guts A. K. Mathematical differential game model of a computer system and its defence against DDoS-attacks, Journal of Physics: Conference Series: 15, 09—11 November 2021, Online, 2022, pp. 012021, doi: 10.1088/1742-6596/2182/1/012021.
  15. Khristodulo O. I., Palchevsky E. V. Development of a self-learning method of a pulse neural network for DDoS attack defence, Software & Systems, 2019, no. 3, pp. 41—432 (in Russian).
  16. Cisco Products, available at: https://www.cisco.com/c/en/us/products/index.html (accessed: 15.03.2024).
  17. СКАТ DPI, available at: https://vasexperts.ru/products/skat/ (accessed: 15.03.2024).
  18. PROTEI DPI, available at: https://protei.ru/sites/default/files/2021-10/L_DPI_2020_rus.pdf (accessed: 15.03.2024).
  19. Napa Labs, available at: https://napalabs.ru/ (accessed: 15.03.2024).
  20. Sandvine, available at: https://www.sandvine.com/ (accessed: 16.03.2024).
  21. Huawei Enterprise Network, available at: https://e.huawei.com/en/solutions/enterprise-network (accessed: 16.03.2024).
  22. Netscout Arbor, available at: https://www.netscout.com/arbor (accessed: 16.03.2024).
  23. Juniper Networks, available at: https://www.juniper.net/(accessed: 16.03.2024).
  24. Xie L., Yuan B., Yang H., Hu Z., Jiang L., Zhang L., Cheng X. MRFM: A timely detection method for DDoS attacks in IoT with multidimensional reconstruction and function mapping, Computer Standards & Interfaces, 2024, vol. 89, pp. 103829, doi: j.csi.2023.103829.
  25. Jaszcz A., Połap D. AIMM: Artificial Intelligence Merged Methods for flood DDoS attacks detection, Journal of King Saud University Computer and Information Sciences, 2022, vol. 34, iss. 10, part A, pp. 8090—8101, doi: j.jksuci.2022.07.021.
  26. Coscia A., Dentamaro V., Galantucci S., Maci A., Pirlo G. Automatic decision tree-based NIDPS ruleset generation for DoS/DDoS attacks, Journal of Information Security and Applications, 2024, vol. 82, pp. 103736, doi: j.jisa.2024.103736.
  27. Kotenko I. V., Saenko I. B., Lauta O. S., Kribel A. M. Methodology of anomaly detection and cyberattacks based on the integration of fractal analysis and machine learning methods, Informatics and Automation, 2022, vol. 21, no. 6, pp. 1328—1358, doi: 10.15622/ia.21.6.9 (in Russian).
  28. Vulfin A. M. Detection of network attacks in a heterogeneous industrial network on the basis of machine learning technologies, Software, 2022, vol. 13, no. 2. pp. 68—80, doi: 10.17587/prin.13.68-80 (in Russian).
  29. Kozachok A. V., Spirin A. A. Model of pseudorandom sequences formed by the algorithms of data encrypti on and compression, Programming, 2021, no. 4, pp. 31—44, doi: 10.31857/S0132347421040051 (in Russian).
  30. Koryakova V. A. Detection of distributed attacks of the "denial of service" type, Mathematical Methods in Technology and Engineering, 2021, no 5, pp. 105—108, doi: 10.52348/2712-8873_MMTT_2021_5_105 (in Russian).
  31. Sharif D. M., Beitollahi H. Detection of application-layer DDoS attacks using machine learning and genetic algorithms, Computers & Security, 2023, vol. 135, p. 103511, doi: 10.1016/j.cose.2023.103511.
  32. Hossain A. M., Islam M. S. Enhancing DDoS attack detection with hybrid feature selection and ensemble-based classifier: A promising solution for robust cybersecurity, Measurement: Sensors, 2024, vol. 32, pp. 101037, doi: 10.1016/j.measen.2024.101037.
  33. Sergadeeva A. I., Lavrova D. S. Application of a modular neural network for DDOS-attack detection, Problems of information security. Computer systems, 2023, no. 1 (53), pp. 111—118, doi: 10.48612/jisp/65d1-nu8m-8euv.
  34. Palchevsky E. V., Khalikov A. R. Development of a remote client for automated data transfer in UNIX-like systems, Software Products and Systems, 2019, no. 1, pp. 092—102.
  35. Palchevsky E. V., Antonov V. V., Rodionova L. E., Kromina L. A. Development of a self-learning spike neural network for proactive response to external information impacts of different nature, International Journal of Open Information Technologies, 2022, vol. 10, no. 7, pp. 74—85 (in Russian).
  36. Hnamte V., Najar A. A., Nhung-Nguyen H., Hussain J., Sugali M. N. DDoS attack detection and mitigation using deep neural network in SDN environment, Computers & Security, 2024, vol. 138, pop. 103661, doi: 10.1016/j.cose.2023.103661.
  37. Yungaicela-Naula N. M., Vargas-Rosales C., Perez-Diaz J. A. SDN/NFV-based framework for autonomous defense against slow-rate DDoS attacks by using reinforcement learning, Future Generation Computer Systems, 2023, vol. 149, pp. 637—649, doi: 10.1016/j.future.2023.08.007.

Supplementary files

Supplementary Files
Action
1. JATS XML
Download

Copyright (c) 2025 Informacionnye Tehnologii


СМИ зарегистрировано Федеральной службой по надзору в сфере связи, информационных технологий и массовых коммуникаций (Роскомнадзор).
Регистрационный номер и дата принятия решения о регистрации СМИ: серия ПИ № 77 - 15565 от 02 июня 2003 г.