International Journal of Open Information Technologies

Digitalization and intellectualization as part of the mass introduction of cyber-physical systems "Industry 4.0" has become a real trend in which cyber technologies provide automated and automatic control, greater efficiency, and increased security. At the same time, the integration of such technologies into critical infrastructure facilities is often subject to cyber threats, and as a result, cyber-attacks, violating not only the confidentiality and integrity of data, but also accessibility, for example, using DDoS attacks, which indicates the imperfection of most data filtering methods. attacks at various levels of the OSI model. This leads to the fact that many organizations whose physical and computing resources have access to the external global Internet network face the inaccessibility of their own services, which leads to the inability to provide the necessary data and services for both their own employees and customers, which leads to represents the financial loss of the company from equipment downtime. To minimize losses from this problem, it is proposed to use a spike (impulse) neural network to filter attacks by unauthorized external traffic (DDoS).

The main features of the proposed neural network are both high speed and quality (due to constant learning on big data) of self-learning, and quick response to DDoS attacks (including those that are unknown), as well as structural dependence (the number of neurons and layers of the impulse neural network) from the physical (computing) resources of the server/cluster. A modified method of nested mathematical models of self-learning (unsupervised learning) of a pulsed neural network is proposed, which is based on the standard ANN training method with error backpropagation (gradient descent), which allows the pulsed neural network to quickly and efficiently learn in order to filter attacks by external unauthorized traffic

Ramanauskaitė, S. et al., 2017. Modeling of two-tier DDoS by combining different type of DDoS models. Conference of Electrical, Electronic and Information Sciences (eStream), 1–4.

Xiang, Y.; Li, Z., 2006. An Analytical Model for DDoS Attacks and Defense. Conference on Computing in the Global Information Technology, 66.

Luo, J. et al., 2014. On a Mathematical Model for Low-Rate Shrew DDoS. IEEE Transactions on Information Forensics and Security 9 (7), 2321034.

Eian, M.; Mjølsnes, S.F., 2011. The modeling and comparison of wireless network Denial of Service attacks. ACM Symposium on Operating Systems Principles (SOSP) workshop, 7.

Fouladi, R.F.; Kayatas, C.E.; Anarim, E., 2016. Frequency based DDoS attack detection approach using naive Bayes classification. International Conference on Telecommunications and Signal Processing (TSP), 104-107.

Yuan, X.; Li, C.; Li, X., 2017. Deep ++Defense: identifying DDoS attack via deep learning. IEEE International Conference on Smart Computing (SMARTCOMP), 1-8.

Singh, K. J.; De, T., 2015. An approach of ddos attack detection using classifiers. Emerging Research in Computing, Information, Communication and Applications, 429-437.

Abdullah, E.C.; Ali B., 2021. Detection of DDoS attacks with feed forward based deep neural network model. Expert Systems with Applications. 169, 114520.

Viet-Hoang, T.; Olivier, B., 2020. Beyond socket options: Towards fully extensible Linux transport stacks. Computer Communications. 162, 118-138.

Syed G.A. et.al., 2021. Generic signature development for IoT Botnet families. Forensic Science International: Digital Investigation. 38, 301224.

Ying L. et.al., 2022. Software-defined DDoS detection with information entropy analysis and optimized deep learning. Future Generation Computer Systems. 129, 99-114.

Amaizu, G.C. et.al., 2021. Composite and efficient DDoS attack detection framework for B5G networks. Computer Networks. 188, 107871.

Matheus, P. N. et.al., 2021. Adversarial Deep Learning approach detection and defense against DDoS attacks in SDN environments. Future Generation Computer Systems. 125, 156-167.

Nisha, A. et.al., 2021. Automated DDOS attack detection in software defined networking. Journal of Network and Computer Applications. 187, 103108.

Silva, L.E.; Coury D.V. 2020. Network traffic prediction for detecting DDoS attacks in IEC 61850 communication networks. Computers & Electrical Engineering. 87, 106793.

Zhang, L.; Wang, J. et.al., 2022. A Hybrid Method of Entropy and SSAE-SVM Based DDoS Detection and Mitigation Mechanism in SDN. Computers & Security. 102604.

Deepak, K.S.; Tarun, D. et.al., 2021. Anomaly detection framework to prevent DDoS attack in fog empowered IoT networks. Ad Hoc Networks. 121, 102603.

Huu-Khoi, B. et.al., 2021. CREME: A toolchain of automatic dataset collection for machine learning in intrusion detection. Journal of Network and Computer Applications. 193, 103212.

Arpita, P.; Gaurav S., 2021. Serving while attacked: DDoS attack effect minimization using page separation and container allocation strategy. Journal of Information Security and Applications. 59, 102818.

Manjula, H.T.; Neha, M., 2021. An approach to on-stream DDoS blitz detection using machine learning algorithms. Materials Today: Proceedings, 2214-7853.

Congyuan, X.; Jizhong, S.; Xin, D., 2021. Low-rate DoS attack detection method based on hybrid deep neural networks. Journal of Information Security and Applications. 60, 102879.

Abdullah, S.A.; Jochen, S., 2021. Deep Learning Algorithms for Detecting Denial of Service Attacks in Software-Defined Networks. Procedia Computer Science. 191, 254-263.

Marios, T.; Christoforos, N., 2021. Detection of collaborative misbehaviour in distributed cyber-attacks. Computer Communications. 174, 28-41.

Dalia, N.; Fatma, A., 2021. Hussain, Multifractal detrended fluctuation analysis based detection for SYN flooding attack. Computers & Security. 107, 102315.

Lian, Y. et.al., 2021. PBCNN: Packet Bytes-based Convolutional Neural Network for Network Intrusion Detection. Computer Networks. 194, 108117.

Zhen, Y. et.al., 2022. A systematic literature review of methods and datasets for anomaly-based network intrusion detection. Computers & Security. 116, 102675.

Jun, Z. et.al., 2021. Automatically predicting cyber attack preference with attributed heterogeneous attention networks and transductive learning. Computers & Security. 102, 102152.

Weicheng, Q. et.al., 2022. Hybrid intrusion detection system based on Dempster-Shafer evidence theory. Computers & Security. 117, 102709.

Zahid, H. et.al., 2021. An effective genetic algorithm-based feature selection method for intrusion detection systems. Computers & Security. 110, 102448.

NetScout — https://www.netscout.com/arbor-ddos (date of access to the page: 20.04.22).

MicroSoft — https://docs.microsoft.com/ru-ru/azure/fxt-edge-filer/cluster-create (date of access to the page: 20.04.22)

FitzHugh, R., 1961. Impulses and physiological states in theoretical models of nerve membrane. Biophys. J. 1, 445–466.

Paninski, L., 2004. Maximum likelihood estimation of cascade point-process neural encoding models. Network. 15, 243–262.

Palchevsky, E.V. et.al., 2020. Intelligent data analysis for forecasting threats in complex distributed systems. CEUR Workshop Proceedings. 2744, 285-296.

Kulikov, G.G. et.al., 2020. Formal method of structural-logical identification of functional model of subject area by polycubic data matrix. Acta Polytechnica Hungarica. 17 (8), 41-59.

Kolmogorov, A.N. et.al., 1937. Investigation of the equation of diffusion associated with an increase in the amount of substance, and its application to one biological problem. Moscow State University. Series: Mathematics and mechanics. 1, 1-26.

Hodgkin, A.L.; Huxley, A.F., 1952. A quantitative description of membrane current and its application toconduction and excitation in nerve. J. Physiol. 117 (4), 500-544.

FitzHugh, R., 1969. Mathematical model sofex citation and propagation in nerve. Biological Engineering. 1-85.

Palchevsky, E.V.; Khristodulo, O.I., 2019. Development of an impulse neural network with the possibility of high-speed learning to neutralize DDoS attacks. 32 (4), 561-577.