ANOMALOUS TRAFFIC DETECTION IN PUBLIC COMPUTER NETWORKS
DOI:
https://doi.org/10.31891/2219-9365-2022-71-3-9Keywords:
public computer network, anomalies, cyber incidents, attacks, network traffic, anomalous traffic detection systemAbstract
The increase in the number of users of Internet services and the digitization of society leads to a rapid increase in traffic volumes, and computer networks are increasingly becoming targets of cyber attacks. Which negatively affects the functioning and causes damage in various public or private spheres of activity.
The article analyzes the statistics of the State Center for Cyber Protection of the State Service for Special Communications and Information Protection of Ukraine on the quantitative and qualitative composition of attacks, and IBM reports on the damage they caused. Traffic control and analysis systems were analyzed, and the general orientation of such means for detecting attacks on the network was determined. The types of attacks that are usually carried out with ZKM are defined and a description of their actions is given. The architecture of public computer networks (PCNs) is presented, its components, location of the attacker and protection systems are defined. It is shown that the typical location of the attacker outside the network does not correspond to the reality, especially for ZKM. The structure of ZKM is proposed, which allows to protect the network from both external and internal attackers.
