Problemi telekomunìkacìj

Information about the 13th International Scientific and Technical Conference “INFORMATION SYSTEMS AND TECHNOLOGIES IST-2024”

Oleksandr Lemeshko — 2024-11-28

Information about the 13th International Scientific and Technical Conference “INFORMATION SYSTEMS AND TECHNOLOGIES IST-2024”

Research of local network reliability indicators during the implementation of the port aggregation scheme

Roman Sytnikov — 2024-11-28

The article is devoted to a relevant scientific and applied problem related to the improvement of potential solutions for increasing the reliability of local networks by means of link (port) aggregation on switches. The article presents a study aimed at a comparative quantitative analysis of the reliability level of a local network in which the mechanism of link (port) aggregation is implemented. The technological task is formulated in the form of a mathematical model for calculating the probability of network uptime with a port aggregation scheme. The boundary values of network reliability indicators are calculated depending on the level of reliability of individual links and the implemented port aggregation scheme, for which the code in MATLAB is written and the corresponding graphs are constructed. It is established that at the level of local networks, the implementation of the mechanism of link (port) aggregation is an effective means of increasing their performance and reliability. The conditions under which this scheme is most appropriate are substantiated. It is demonstrated that in these conditions when implementing the aggregation scheme, it was advisable to limit ourselves to four links. The study results have confirmed the effectiveness of the proposed solution for aggregating links (ports) and allowed us to formulate general recommendations related to the implementation of reliable routing in practice. Consequently, it is proposed to use four aggregated links, provided that the probability of link failure is between 0.5 and 0.7. If the probability of link failure exceeds 0.7, it is advisable to limit the number of aggregated links to two. Further increases in the number of aggregated links affect the cost and performance of the network but do not improve reliability.

Method of designing a cyber-resilient information and communication network

Oleksandr Lemeshko — 2024-11-28

The proposed method for designing a cyber-resilient information and communication network (ICN) is based on solving an optimization problem related to the mutually coordinated calculation of various control variables responsible for choosing the network topology; the order of connecting access networks to ICN core routers; determining the characteristics of the equipment used in terms of its performance and security level; determining the order of routing packet flows. The method assumes that the locations of the probable placement of network routers are known in advance. Due to the synthesized mathematical model, the method provides not a sequential but a simultaneous solution to the primary design tasks, which significantly affects the level of efficiency of the final solutions. The mathematical model on which the developed design method is based is mostly linear. Only the conditions for preventing the overloading of communication links (router interfaces) are non-linear. The cyber resilience of design solutions is ensured by the fact that in the objective function to be minimized, the weighting coefficients, along with cost and quality of service indicators, should also consider network (information) security indicators – the compromise probability or information security risks of network equipment. This will make it possible to synthesize a network with specified or predicted cyber resilience indicators. Prospects for further research in this area are related to the introduction of a mathematical model and a method for designing conditions for ensuring guaranteed quality of service, which will allow only the requirements for the level of cyber resilience to be taken into account at the level of the optimality criterion. On the other hand, an attempt to move to a linear version of the conditions for preventing communication link overload is a certain direction of model improvement, which will somewhat reduce the computational complexity of calculations related to the determination of a large number of control variables.

Research of methods for counteracting Transport Layer attacks in information and communication networks

Vladyslav Momot — 2024-11-28

The work analyzes the most common threats and defines network security objectives, as well as describes quantitative and qualitative indicators of network security, classified into five categories. The work contains an analysis of attacks targeting all seven layers of the Open Systems Interconnection (OSI) model and provides their common features and mechanisms, attack examples, and tools used to carry them out. A review and comparative characteristic of methods for countering transport layer attacks is performed, as well as an experimental study of the effectiveness of the selected methods for countering attacks using the example of the TCP PUSH ACK Flood attack. Particular attention is paid to the transport layer due to its popularity among cybercriminals who carry out distributed denial-of-service attacks using the shortcomings of the TCP and UDP protocols. After studying the theoretical information about the transport layer of the OSI model, special attention is paid to the mechanisms of the TCP protocol, in particular, the selected methods of countering attacks at the transport layer are studied, and their advantages and disadvantages are described. A conclusion is made regarding the effectiveness of the implemented methods of countering the TCP PUSH ACK Flood attack based on the average and maximum values of CPU usage, the percentage of lost packets (Packet Loss), the average and maximum response time, as well as the availability of access to the deployed web page on the victim's server. The final part of the work provides recommendations for improving server software and transport layer protocols, in particular TCP, in order to increase the effectiveness of countering distributed denial-of-service attacks, which are based on the abuse of prohibited flag combinations, IP address spoofing, and sending «Martian packets».

Integrated use of information resources protection against social engineering attacks

Roman Kapusta — 2024-11-28

The article analyzes the main types of social engineering attacks and their classification. An overview of the instruments for detecting and counteracting social engineering as a method of accessing confidential information is provided, and key tools for counteracting such attacks are proposed. Experiments are conducted to demonstrate the effectiveness of each tool in different types of attacks. Particular attention is paid to software tools that help minimize the risks and losses from social engineering attacks. A system of integrated use of security tools has been developed that provides almost complete protection of the information system from such threats. The use of the WAZUH SIEM system in combination with the VirusTotal module provides opportunities to detect and counteract most types of attacks, including social engineering. For its part, integrating the Mozilla Firefox browser with the Startpage Privacy Protection application guarantees anonymous web browsing. The effectiveness of the protection methods has been confirmed experimentally. The proposed system was tested by modeling attacks, which proved its effectiveness. It was found that the integrated use of all modules provides the maximum level of protection of information resources. At the same time, the absence of any module reduces the overall security level.