Skip to main content
SpringerLink
Log in

Formation of Data Structures in the Problems of Active Security Monitoring

  • Published:
Automatic Control and Computer Sciences Aims and scope Submit manuscript

Abstract

The trend towards automation of security management processes, including in industrial cyber-physical systems, has led to a change in the role of information security monitoring from solving the problem of conformity assessment to ensuring timely awareness of security management methods—active monitoring. Requirements for the data collection and processing subsystem for active monitoring of information security have been formulated. The systematization of a number of security management problems for cyber-physical systems has been carried out, examples of methods for their solution have been considered, and data structures that are in demand by the considered methods have been highlighted.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1.

Similar content being viewed by others

REFERENCES

  1. Pavlenko, E., Zegzhda, D., and Shtyrkina, A., Criterion of cyber-physical systems sustainability, CEUR Workshop Proc., Moscow, 2019, Basarab, M. and Markov, A.S., Eds., Moscow: CEUR Workshop Proceedings, 2019, pp. 60–64.

  2. Petrenko, S.A., Controlling the cyber sustainability: Problem formulation, Zashchita Inf. Insaid, 2019, no. 3, pp. 16–24.

  3. Zegzhda, P.D., Poltavtseva, M.A., Pechenkin, A.I., Lavrova, D.S., and Zaitseva, E.A., A use case analysis of heterogeneous semistructured objects in information security problems, Autom. Control Comput. Sci., 2018, vol. 52, no. 8, pp. 918–930.  https://doi.org/10.3103/S0146411618080278

    Article  Google Scholar 

  4. Zaitsev, O.E. and Lyubimov, A.V., Functional modeling method of information technologies safety evaluation by common criteria, Nauch.-Tekh. Vestn. St. Petersburg Gos. Univ. Inf. Tekhnol., Mekh. Opt., 2008, no. 56, pp. 3–8.

  5. Kazarin, O.V., Kondakov, S.E., and Troitskii, I.I., Approaches to measuring of information security resources of automated systems, Vopr. Kiberbezop., 2015, no. 2, pp. 31–35.

  6. Makarevich, O.B. and Shelud’ko, I.A., Registration and analysis of security events in information systems, Izv. Taganrog. Tekh. Univ., 2003, no. 4, pp. 211–216.

  7. Zegzhda, D., Zegzhda, P., Pechenkin, A., and Poltavtseva, M., Modeling of information systems to their security evaluation, Proc. 10th Int. Conf. on Security of Information and Networks, Jaipur, India, 2017, New York: Association for Computing Machinery, 2017, pp. 295–298.  https://doi.org/10.1145/3136825.3136857

  8. Krundyshev, V. and Kalinin, M., The security risk analysis methodology for smart network environments, Int. Russian Automation Conf. (RusAutoCon), Sochi, Russia, 2020, IEEE, 2020, pp. 437–442.  https://doi.org/10.1109/RusAutoCon49822.2020.9208116

  9. Zegzhda, D., Lavrova, D., Pavlenko, E., and Shtyrkina, A., Cyber attack prevention based on evolutionary cybernetics approach, Symmetry, 2020, vol. 12, no. 11, p. 1931.  https://doi.org/10.3390/sym12111931

    Article  Google Scholar 

  10. Pavlenko, E., Zegzhda, D., and Shtyrkina, A., Estimating the sustainability of cyber-physical systems based on spectral graph theory, IEEE Int. Black Sea Conf. on Communications and Networking (BlackSeaCom), , Sochi, Russia, 2019, IEEE, 2019, pp. 1–5.  https://doi.org/10.1109/BlackSeaCom.2019.8812826

  11. Branitskii, A.A. and Kotenko, I.V., Analysis and classification of methods of network attack detection, Tr. SPIIRAN, 2016, vol. 2, no. 45, pp. 207–244.  https://doi.org/10.15622/sp.45.13

    Article  Google Scholar 

  12. Aleksandrova, E.B., Lavrova, D.S., and Yarmak, A.V., Benford’s law in the detection of DoS attacks on industrial systems, Autom. Control Comput. Sci., 2019, vol. 53, no. 8, pp. 954–962.  https://doi.org/10.3103/S0146411619080030

    Article  Google Scholar 

  13. Mudzingwa, D. and Agrawal, R., A study of methodologies used in intrusion detection and prevention systems (IDPS), Proc. of IEEE Southeastcon, Orlando, Fla., 2012, IEEE, 2012, pp. 1–6.  https://doi.org/10.1109/SECon.2012.6197080

  14. Aldwairi, M., Abu-Dalo, A.M., and Jarrah, M., Pattern matching of signature-based IDS using Myers algorithm under MapReduce framework, EURASIP J. Inf. Secur., 2017, vol. 2017, p. 9.  https://doi.org/10.1186/s13635-017-0062-7

    Article  Google Scholar 

  15. Denning, D.E., An intrusion-detection model, IEEE Trans. Software Eng., 1987, vol. SE-13, no. 2, pp. 222–232.  https://doi.org/10.1109/TSE.1987.232894

    Article  Google Scholar 

  16. Goonatilake, R., Herath, S., and Herath, A., Probabilistic models for anomaly detection based on usage of network traffic, J. Inf. Eng. Appl., 2013, vol. 3, no. 9, pp. 28–40.

    Google Scholar 

  17. Bereziński, P., Jasiul, B., and Szpyrka, M., An entropy-based network anomaly detection method, Entropy, 2015, vol. 17, no. 4, pp. 2367–2408.  https://doi.org/10.3390/e17042367

    Article  Google Scholar 

  18. Lavrova, D., Zaitceva, E., and Zegzhda, P., Bio-inspired approach to self-regulation for industrial dynamic network infrastructure, CEUR Workshop Proc., Moscow, 2019, Basarab, M. and Markov, A.S., Eds., Moscow: CEUR Workshop Proceedings, 2019, pp. 34–39.

  19. Petrov, V.V. and Platov, V.V., Studying self-similar structure of teletraffic of wireless network, Radiotekh. Tetradi, 2004, no. 30, pp. 58–62.

  20. Lavrova, D.S., Alekseev, I.V., and Shtyrkina, A.A., Security analysis based on controlling dependences of network traffic parameters by wavelet transformation, Autom. Control Comput. Sci., 2018, vol. 52, no. 8, pp. 931–935.  https://doi.org/10.3103/S0146411618080187

    Article  Google Scholar 

  21. Zegzhda, D., Lavrova, D., and Poltavtseva, M., Multifractal security analysis of cyberphysical systems, Nonlinear Phenom. Complex Syst. (Minsk, Belarus), 2019, vol. 22, no. 2, 196–204.

    Google Scholar 

  22. Marukhlenko, A.L., Seleznyov, K.D., Tanygin, M.O, and Marukhlenko, L.O., Arrangement of the system of network monitoring and assessment of the state of information security of an object, Izv. Yugo-Zap. Gos. Univ., 2019, vol. 23, no. 1, pp. 118–129.  https://doi.org/10.21869/2223-1560-2019-23-1-118-129

    Article  Google Scholar 

  23. Zegzhda, D.P., Vasil’ev, Yu.S., and Poltavtseva, M.A., Approaches to modeling the security of cyberphysical systems, Autom. Control Comput. Sci., 2018, vol. 52, no. 8, pp. 1000–1009.  https://doi.org/10.3103/S014641161808031X

    Article  Google Scholar 

  24. Glindis, L.D., et al., Network intrusion detection using machine learning techniques, Int. J. Res., 2018, vol. 5, no. 22, pp. 1122–1131.

    Google Scholar 

  25. Bharti, K.K., Shukla, S., and Jain, S., Intrusion detection using clustering, Int. J. Comput. Commun. Technol., 2010, vol. 1, no. 4, pp. 248–255.

    Article  Google Scholar 

  26. Anton, S.D.D., Sinha, S., and Schotten, H.D., Anomaly-based intrusion detection in industrial data with svm and random forests, Int. Conf. on Software, Telecommunications and Computer Networks (SoftCOM), Split, Croatia, 2019, IEEE, 2019, pp. 1–6.  https://doi.org/10.23919/SOFTCOM.2019.8903672

  27. Htun, P.T. and Khaing, K.T., Detection model for daniel-of-service attacks using random forest and k-nearest neighbors, Int. J. Adv. Res. Comput. Eng. Technol., 2013, vol. 2, no. 5, pp. 1855–1860.

    Google Scholar 

  28. Lavrova, D., Zegzhda, D., and Yarmak, A., Using GRU neural network for cyber-attack detection in automated process control systems, IEEE Int. Black Sea Conf. on Communications and Networking (BlackSeaCom), Sochi, Russia, 2019, IEEE, 2019, pp. 1–3.  https://doi.org/10.1109/BlackSeaCom.2019.8812818

  29. Krundyshev, V. and Kalinin, M., Hybrid neural network frame work for detection of cyber attacks at smart infrastructures, Proc. 12th Int. Conf. on Security of Information and Network, Sochi, Russia, 2019, New York: Association for Computing Machinery, 2019, p. 9.  https://doi.org/10.1145/3357613.3357623

  30. Malhotra P., Ramakrishnan, A., Anand, G., Vig, L., Agarwal, P., and Shroff, G., LSTM-based encoder-decoder for multi-sensor anomaly detection, ICML 2016 Anomaly Detection Workshop, New York, 2016. arXiv:1607.00148 [cs.AI]

  31. Krundyshev, V., Kalinin, M., and Zegzhda, P., Artificial swarm algorithm for VANET protection against routing attacks, IEEE Industrial Cyber-Physical Systems (ICPS), St. Petersburg, 2018, IEEE, 2018, pp. 795–800.  https://doi.org/10.1109/ICPHYS.2018.8390808

  32. Kalinin, M. and Krundyshev, V., Sequence alignment algorithms for intrusion detection in the internet of things, Nonlinear Phenom. Complex Syst. (Minsk, Belarus), 2020, vol. 23, no. 4, pp. 397–404.

    Article  Google Scholar 

  33. Lavrova, D.S., Zegzhda, D.P., and Zaitceva, E.A., Simulation of complex objects network infrastructure t osolve the problem of counteraction to cyber attacks, Vopr. Kiberbezop., 2019, no. 2, pp. 13–20.  https://doi.org/10.21681/2311-3456-2019-2-13-20

  34. Kalinin, M.O., Krundyshev, V.M., and Semianov, P.V., Architectures for building secure vehicular networks based on SDN technology, Autom. Control Comput. Sci., 2017, vol. 51, no. 8, pp. 907–914.  https://doi.org/10.3103/S0146411617080120

    Article  Google Scholar 

  35. Zegzhda, D.P. and Pavlenko, E.Yu., Cyber- system homeostatic security management, Autom. Control Comput. Sci., 2017, vol. 51, no. 8, pp. 805–816.  https://doi.org/10.3103/S0146411617080260

    Article  Google Scholar 

  36. Zaitseva, E.A. and Lavrova, D.S., Self-regulation of the network infrastructure of cyberphysical systems on the basis of the genome assembly problem, Autom. Control Comput. Sci., 2020, vol. 54, no. 8, pp. 813–821.  https://doi.org/10.3103/S0146411620080350

    Article  Google Scholar 

  37. Ovasapyan, T.D. and Ivanov, D.V., Security provision in wireless sensor networks on the basis of the trust model, Autom. Control Comput. Sci., 2018, vol. 52, no. 8, pp. 1042–1048.  https://doi.org/10.3103/S0146411618080205

    Article  Google Scholar 

  38. Solovey, R. and Lavrova, D., Game-theoretic approach to self-regulation of dynamic network infrastructure to protect against cyber attacks, Int. Scientific and Technical Conf. Modern Computer Network Technologies (MoNeTeC), Moscow, 2020, IEEE, 2020, pp. 1–7.  https://doi.org/10.1109/MoNeTeC49726.2020.9258105

  39. Belenko, V., Chernenko, V., Krundyshev, V., and Kalinin, M., Data-driven failure analysis for the cyber physical infrastructures, IEEE Int. Conf. on Industrial Cyber Physical Systems (ICPS), Taipei, 2019, IEEE, 2019, pp. 1–5.  https://doi.org/10.1109/ICPHYS.2019.8854888

Download references

Funding

The reported study was funded by the Russian Ministry of Science (information security), project no. 2/2020.

Author information

Authors and Affiliations

  1. Peter the Great St. Petersburg Polytechnic University, 195251, St. Petersburg, Russia

    M. A. Poltavtseva

Authors
  1. M. A. Poltavtseva
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to M. A. Poltavtseva.

Ethics declarations

The authors declare that they have no conflicts of interest.

Additional information

Translated by S. Avodkova

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Poltavtseva, M.A. Formation of Data Structures in the Problems of Active Security Monitoring. Aut. Control Comp. Sci. 55, 1201–1208 (2021). https://doi.org/10.3103/S0146411621080423

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.3103/S0146411621080423

Keywords:

Search

Navigation