Authors

Use of statistical methods for analysis and forecast of udp-flood attacks

Web resources are an integral part of the life of a modern person, who are now more and more often subjected to hacker attacks. The most popular types of attacks are the SQL-injections and cross-site scripting, but DDoS attacks continue to be in the top 10 of network attacks and lead to serious crashes and failures of web resources. The most common type of DDoS attack is UDP flood attack, based on the infinite sending of UDP packets to ports of various UDP services. The scientific novelty of the work lies in the fact that to increase the level of security of web resources a medium-term forecast of cyber attacks of the UDP-flood type, using the methods of correlation analysis, based on the additive time series model, is proposed taking into account seasonal factors and time duration, which will ensure the necessary level of web security -resources. The type of UDP-flood attacks was chosen as the object of study. Using the methods of correlation analysis and modeling, we calculated the seasonal index of UDP flood attacks, and the autocorrelation of the time series of this type of attack. Using the method of simple exponential smoothing, a forecast of UDP-flood attacks is constructed. The paper proposes a classification of DDoS attacks, describes protection methods. Based on the correlation analysis, the predicted values of the impact of UDP flood attacks on web resources are calculated, and the seasonal factor is revealed. The largest number of attacks is expected in the IV quarter of 2020. For DDoS attacks lasting up to 20 minutes, seasonality was also revealed in the 1st quarter of the calendar year, which means that in the 1st quarter of 2020 the largest number of attacks of this duration should be expected. Prospects for further research into the problem of protection against DDoS attacks are presented in the further development of the methodology for countering UDP flood attacks and information security algorithms for web resources, which will reduce the number of UDP flood attacks and increase the level of web resource security. Read more...