Математическая модель атак и защит в программно-конфигурируемых сетях

Yuliіa Yuriivna Kolіadenko; Anatoliі Petrovych Glushko; Oleksandr Ivanovych Voronin

doi:10.30837/pt.2018.1.04

Authors

Yuliіa Yuriivna Kolіadenko Kharkiv National University of Radio Electronics, Ukraine https://orcid.org/0000-0002-0247-2736
Anatoliі Petrovych Glushko Ivan Kozhedub Kharkiv National Air Force University,
Oleksandr Ivanovych Voronin National Academy of National Guard of Ukraine, https://orcid.org/0000-0002-1783-9852

DOI:

https://doi.org/10.30837/pt.2018.1.04

Abstract

Distinctive features of the construction of wireless urban telecommunication networks are the high complexity of the medium access control protocol, which is responsible, in particular, for providing subscribers with access to a common communication channel, as well as the presence of a large number of uncertain parts in which only some of the network interaction mechanisms are standardized. These features of the SDN technology, as well as its novelty, lead to the need to develop methods for improving information security in the case of multiple radio access by subscribers. The task of ensuring security is becoming especially relevant for telecommunication networks, where the data transmission channel is often shared between a large number of users. In wireless metropolitan area networks, another problem appears - the general availability of the communication channel. The article discusses the active way of organizing the fight against unauthorized interference with the Software-Defined Network (SDN). Proactive measures are planned based on known vulnerability data of software products. An open NVD database is used. The forecast of the most dangerous threats is carried out in the form of a game between two partners: the attacker and the defender. The result of the game is recommendations for the protection of information for the investigated software system. The analysis is carried out to determine the equilibrium states and stability of the dynamic system. For this purpose, a phase portrait is built, i.e. the dependence of the state of threats on the effectiveness of attacks is obtained. As the analysis has shown, with greater attack efficiencies, a smaller sampling interval is needed to maintain the system in an equilibrium state.

References

PARTYKA, T.L.; POPOV, I.I. Informacionnaja bezopasnost'. Uchebnoe posobie dlja studentov uchrezhdenij srednego professional'nogo obrazovanija [Information Security. A manual for students of insti-tutions of secondary vocational education]. Moskva, Russia: FORUM: INFRA-M, 2002. (In Russian).

KOLJADENKO, JU.JU.; LUKINOV, I.G. “Model' vyjavlenija i ustranenija ujazvimostej v pro-grammno-konfiguriruemyh setjah svjazi na osnove apparata markovskih processov [Model for identifying and fixing vulnerabilities in software-configured communication networks based on Markov processes].” Radiotehnika, no. 189, pp. 148-154. (In Russian).

KOLYADENKO, YU.YU.; LUKINOV, I.G. “A model for disclosure and elimination of vul-nerabilities in the software-defined communication networks based on the markovian processes,” Telecommunications and Radio Engineering, n. 77(4), pp. 327-336, 2018. DOI: https://doi.org/10.1615/TelecomRadEng.v77.i4.40.

KOLYADENKO, YU.YU.; BІLOUSOVA, K.E. “OpenFlow-based software-defined network-ing,” Technology audit and production reserves, n.2(28), p. 9-13, 2016.

KOLJADENKO, JU.JU.; BІLOUSOVA, K.E. “Organizacija programmno-konfiguriruemoj seti na baze protokola OpenFlow [Organization of software-defined network based on the OpenFlow protocol].” Tehnologicheskij audit i rezervy proizvodstva, n.2(2), pp. 9-13, 2016. (In Russian).

KOLJADENKO, JU.JU.; BІLOUSOVA, K.E. “Programmno-konfiguriruemye seti na baze protokola OpenFlow i ih harakteristiki [Software-configured networks based on the OpenFlow protocol and their characteristics].” ScienceRise, n.2(20), pp. 11-16, 2016. (In Russian).

KOLJADENKO, JU.JU.; LUKINOV, I.G. “Model' raspredelennyh atak v programmno-konfiguriruemyh setjah svjazi [Model of distributed attacks in software-configured communication networks].” Vestnik JuUrGU. Serija “Komp'juternye tehnologii, upravlenie, radiojelektronika”, vol. 17, no. 3, pp. 34–43, 2017. (In Russian).

LUKACKIJ, A. “Informacionnaja bezopasnost' 2015 [Information Security 2015].” IT-bezopasnost'. Standarty. Sredstva zashhity. Meroprijatija, n.12, p. 64-69, 2013. (In Russian).

KOLJADENKO, JU.JU. “Analiz vzaimodejstvija i fazovye sostojanija gruppirovki radiojel-ektronnyh sredstv sistem abonentskogo radiodostupa [Interaction analysis and phase states of a group of radio electronic means of subscriber radio access systems].” Prikladnaja radiojelektronika, vol.3, no.3, pp. 37-42, 2004. (In Russian).

KOLJADENKO, JU.JU.; VELICHKO, T.V. “Model' dinamiki neravnovesnyh sostojanij pri raspredelenii resursov v seti abonentskogo radiodostupa [Model of the dynamics of nonequilibri-um states in the distribution of resources in the network of subscriber radio access].” Radiotehnika, n.142, p. 34-39, 2005. (In Russian).

LESIK, R.A. “Teoretiko-igrovaja model' atak v gorodskih besprovodnyh setjah [Game-theoretic model of attacks in urban wireless networks],” in Materialy XVІІ Mezhdunarodnogo mo-lodezhnogo foruma «Radiojelektronika i molodezh' v XXI veke», 2013, p. 103-104. (In Russian).

Пристатейна бібліографія

Партыка Т.Л., Попов И.И. Информационная безопасность. Учебное пособие для студентов учреждений среднего профессионального образования. — М.: ФОРУМ: ИНФРА-М, 2002. – 368 с.

Коляденко Ю.Ю., Лукинов И.Г. Модель выявления и устранения уязвимостей в программно-конфигурируемых сетях связи на основе аппарата марковских процессов // Радиотехника Всеукр. межвед. научн.-техн. сб. — 2017. — Вып. 189. — С. 148-154.

Kolyadenko Yu.Yu., Lukinov I.G. A model for disclosure and elimination of vulnerabilities in the software-defined communication networks based on the markovian processes // Telecommunications and Radio Engineering. – 2018. — № 77(4). – P. 327-336. DOI: 10.1615/TelecomRadEng.v77.i4.40.

Коляденко Ю.Ю., Білоусова К.Е. OpenFlow-based software-defined networking // Technology audit and production reserves. — 2016. — № 2 (28). — C. 9-13.

Коляденко Ю.Ю., Білоусова К.Е. Организация программно-конфигурируемой сети на базе протокола OpenFlow // Технологический аудит и резервы производства. — 2016. — № 2(2). — C. 9-13.

Коляденко Ю.Ю., Білоусова К.Е. Программно-конфигурируемые сети на базе протокола OpenFlow и их характеристики // ScienceRise. — 2016. — № 2 (20). — C. 11-16.

Коляденко Ю.Ю., Лукинов И.Г. Модель распределенных атак в программно-конфигурируемых сетях связи // Вестник ЮУрГУ. Серия «Компьютерные технологии, управление, радиоэлектроника». – 2017. – Т. 17, № 3. – С. 34–43.

Лукацкий А. Информационная безопасность 2015 // ИТ-безопасность. Стандарты. Средства защиты. Мероприятия. — 2013. — № 12. — C.64-69.

Коляденко Ю.Ю. Анализ взаимодействия и фазовые состояния группировки радиоэлектронных средств систем абонентского радиодоступа // Прикладная радиоэлектроника. — 2004. — Т. 3, №3. — С. 37-42.

Коляденко Ю.Ю., Величко Т.В. Модель динамики неравновесных состояний при распределении ресурсов в сети абонентского радиодоступа // Радиотехника. — 2005. — Вып. 142. — С. 34-39.

Лесик Р.А. Теоретико-игровая модель атак в городских беспроводных сетях // Материалы XVІІ Международного молодежного форума «Радиоэлектроника и молодежь в XXI веке». — Харьков, 2013. — C. 103-104.

A mathematical model of attacks and defenses in Software-Defined Networks

Authors

DOI:

Abstract

References

Downloads

Published

Issue

Section

License

Developed By

Language

Information