Development of a model for detecting network traffic anomalies in distributed wireless ad hoc networks
Annotation
Mobile ad hoc networks are one of the promising directions of the edge computing technology and they are used in various applications, in particular, in the development of intelligent transport systems. A feature of mobile ad hoc networks lies in the constantly changing dynamic network topology, as a result of which it is necessary to use reactive routing protocols when transmitting packets between nodes. Mobile ad hoc networks are vulnerable to cyber-attacks, so there is a need to develop measures to identify network threats and develop rules for responding to them based on machine learning models. The subject of this study is the development of a dynamic model for detecting network traffic anomalies in wireless distributed ad hoc networks. Within the framework of this study, methods and algorithms of data mining and machine learning were applied. The proposed approach to traffic monitoring in wireless distributed ad hoc networks consists in the implementation of two stages: initial traffic analysis to identify anomalous events and subsequent in-depth study of cybersecurity incidents to classify the type of attack. Within the framework of this approach, the corresponding models are constructed based on ensemble methods of machine learning. A comparative analysis and selection of the most efficient machine learning algorithms and their optimal hyperparameters has been carried out. In this paper, a formalization of the traffic anomaly detection model in distributed wireless ad hoc networks is carried out, the main quantitative metrics of network performance are identified, a generalized algorithm for detecting traffic anomalies in mobile ad hoc networks is presented, and an experimental study of the network segment simulation is carried out from the point of view of performance degradation during the implementation of various network attack scenarios. Network distributed denial of service attacks and cooperative blackhole attacks have the greatest negative impact on the performance of the mobile ad hoc network segment. In addition, the network simulation results were used to build a machine learning model to detect anomalies and classify types of attacks. The results of a comparative analysis of machine learning algorithms showed that the use of the LightGBM method is the most effective for detecting network traffic anomalies with an accuracy of 91 %, and for determining directly the type of attack being carried out with an accuracy of 90 %. The proposed approach for network anomalies detection through the use of trained traffic analysis models makes it possible to identify the considered types of attacks in due time. The future development direction of this research is the consideration of new scenarios for the emergence of network attacks and online additional training of the constructed identification models. The developed software tool for detecting network traffic anomalies in distributed mobile ad hoc networks can be used for any type of wireless ad hoc networks.
Keywords
Постоянный URL
Articles in current issue
- Investigation of congruent lithium niobate crystal dispersion properties in the terahertz frequency range
- Polarization extinction ratio in polarization maintaining fiber sealed with glass solder
- Method for remote control of radiation parameters of spacecraft based on X-ray fluorescence analysis
- Fiber-optic amplitude bend direction and magnitude sensor
- Compensation of external disturbances for MIMO systems with control delay
- Building cryptographic schemes based on elliptic curves over rational numbers
- An algorithm for generating design solutions for data and design-production procedures management at the stages of the lifecycle of an electronic product
- Karin S.A., Karin A.I.A method for improving the efficiency of integrated processing of Earth remote sensing data in solving problems of spatial objects monitoring
- Applying the FN-corrector to improve the quality of audio event classification
- Strengthening the role of microarchitectural stages of embedded systems design
- A multivariate binary decision tree classifier based on shallow neural network
- Improvement and comparison the performance of fuzzing testing algorithms for applications in Google Thread Sanitizer
- A method for protecting neural networks from computer backdoor attacks based on the trigger identification
- Software development system for creation adaptive user interfaces
- Light weight recommendation system for social networking analysis using a hybrid BERT-SVM classifier algorithm
- A method of detecting information security incidents based on anomalies in the user’s biometric behavioral characteristics
- Modeling of random processes based on Karhunen-Loeve decomposition
- Numerical dissipation control of a hybrid large-particle method in vortex instability problems
- Numerical model of a pulsed subcritical streamer microwave discharge for problems of plasma ignition of fuel mixtures in the gas phase
- Numerical study on the straight, helical and spiral capillary tube for the CO2 refrigerant
- Information reconstruction from noisy channel using ghost imaging method with spectral multiplexing in visible range