PROTECTION MODEL AGAINST DISTRIBUTED GRADUAL DEGRADATION ATTACKS BASED ON STATISTICAL AND SEMANTIC APPROACHES
DOI:
https://doi.org/10.17721/ISTS.2024.8.26-33Keywords:
distributed systems, gradual degradation attacks, resource exhaustion, statistical analysis, semantic approaches, resilience, LightGBM, Distilbert, EWMAAbstract
B a c k g r o u n d . Nowadays, every critical sector of social institutions conducts its operations on top of distributed processing systems. Contemporary digital infrastructure heavily relies on user-provided data in its operation. As a result, distributed attacks based on botnets are in a continuous state of arms race with the protection methods that filtrate malicious data influx. A common method to do so often relies on heuristics and human-oriented verifications. As the new advancements in the field of artificial intelligence emerge, such attacks adopt new oblique paths towards achieving their goals. The successful execution of the said plan could lead to a gradual resource depletion on the target system. The purpose of this research is to address such threats with a combination of statistical and semantic approaches.
M e t h o d s . The following research conducts a theoretical analysis and systematization of the distributed gradual degradation attack in distributed systems and its implication in the context of the evolving technologies of artificial intelligence. Mathematical modeling is leveraged to define the proposed model's properties and execution process. The proposed model heavily relies on statistical methods for analyzing time series data and its deviations, as well as classification neural networks for semantic detection of suspicious behavior.
R e s u l t s . As a result of the following research, a new model is developed that leverages statistical and semantical verification for anomaly detection. The continuous monitoring and detection process is optimized towards highly loaded systems with a constant flurry of data streams.
C o n c l u s i o n s . Since the distributed attacks could be potentially equipped with intelligent means to bypass existing security measures, the development of a protection model against potential resource leaks is gaining relevance. The recent success in the development of artificial generative intelligence leads to raising concerns about the safety and adequacy of the current security measures against automation-based distributed attack vectors. It is often a case that the protection models are inclined towards prevention of the attack rather than recovery. This approach, while targeting the source of risks, often leads to complacent design decisions without considering the potential outcomes of a successful breach. The proposed model provides a theoretical foundation for building systems that both react to the active execution of threats and perform recovery mechanisms, assuming that the attack may potentially bypass initial security measures.
Downloads
References
Adoma, A. F., Henry, N.-M., & Chen, W. (2020). Comparative analyses of Bert, Roberta, Distilbert, and Xlnet for text-based emotion recognition. 2020 17th International Computer Conference on Wavelet Active Media Technology and Information Processing (ICCWAMTIP), 117–121. IEEE. https://doi.org/10.1109/ICCWAMTIP51612.2020.9317379
Arora, R., Basu, A., Mianjy, P., & Mukherjee, A. (2018). Understanding deep neural networks with rectified linear units. https://doi.org/10.48550/arXiv.1611.01491
Box, G. E. P., & Pierce, D. A. (1970). Distribution of residual autocorrelations in autoregressive-integrated moving average time series models. Journal of the American Statistical Association, 65(332), 1509– 1526. https://doi.org/10.1080/01621459.1970.10481180
Buchyk, S., Shutenko, D., & Toliupa, S. (2022). Phishing attacks detection. CEUR Workshop Proceedings, 3384, 193–201. https://ceur- ws.org/Vol-3384/Short_7.pdf
Buchyk, S., Toliupa, S., Buchyk, O., & Shevchenko, A. (2024). Method for detecting phishing sites. In A. Luntovskyy, M. Klymash, I. Melnyk, M. Beshley, & A. Schill (Eds.). Digital ecosystems: Interconnecting advanced networks with AI applications. TCSET 2024. Lecture notes in electrical engineering, 1198. Springer, Cham. https://doi.org/10.1007/978-3-031-61221-3_15
Büyüköz, B., Hürriyetoğlu, A., & Özgür, A. (2020). Analyzing ELMo and DistilBERT on socio-political news classification. In Proceedings of the Workshop on Automated Extraction of Socio-political Events from News 2020 (pp. 9–18). European Language Resources Association (ELRA).
Cox, D. R. (1961). Prediction by exponentially weighted moving averages and related methods. Journal of the Royal Statistical Society. Series B (Methodological), 23(2), 414–422. https://doi.org/10.1111/j.2517-6161.1961.tb00424.x
Douligeris, C., & Mitrokotsa, A. (2004). DDoS attacks and defense mechanisms: Classification and state-of-the-art. Computer Networks, 44(5), 643–666. https://doi.org/10.1016/j.comnet.2003.10.003
Hernández-Castro, C. J., R-Moreno, M. D., Barrero, D. F., & Gibson,
S. (2017). Using machine learning to identify common flaws in CAPTCHA design: FunCAPTCHA case analysis. Computers & Security, 70, 744–756. https://doi.org/10.1016/j.cose.2017.05.005
Hunter, J. S. (1986). The exponentially weighted moving average. Journal of Quality Technology, 18(4), 203–210. https://doi.org/10.1080/00224065.1986.11979014
Kotov, M., Toliupa, S., & Nakonechnyi, V. (2024). Replica state discovery protocol based on advanced message queuing protocol. Cybersecurity: Education, Science, Technique, 3(23), 156–171. https://doi.org/10.28925/2663-4023.2024.23.156171
Kovács, Á., & Tajti, T. (2023). CAPTCHA recognition using machine learning algorithms with various techniques. Annales Mathematicae et Informaticae, 58, 81–91. https://doi.org/10.33039/ami.2023.11.002
Leevy, J. L., Hancock, J., Zuech, R., & Khoshgoftaar, T. M. (2020). Detecting cybersecurity attacks using different network features with LightGBM and XGBoost learners. IEEE Second International Conference on Cognitive Machine Intelligence (CogMI), 190–197. IEEE. https://doi.org/10.1109/CogMI50398.2020.00032
Lucas, J. M., & Saccucci, M. S. (1990). Exponentially weighted moving average control schemes: Properties and enhancements. Technometrics, 32(1), 1–12. https://doi.org/10.1080/00401706.1990.10484583
Mirkovic, J., & Reiher, P. (2004). A taxonomy of DDoS attack and DDoS defense mechanisms. SIGCOMM Computer Communication Review, 34(2), 39–53. https://doi.org/10.1145/997150.997156
Na, D., Park, N., Ji, S., & Kim, J. (2020). CAPTCHAs are still in danger: An efficient scheme to bypass adversarial CAPTCHAs. In I. You (Ed.). Information security applications. WISA 2020. Lecture Notes in Computer Science, 12583. Springer, Cham. https://doi.org/10.1007/978-3-030-65299-9_3
Nelson, B. K. (1998). Time series analysis using autoregressive integrated moving average (ARIMA) models. Academic Emergency Medicine, 5(7), 739–744. https://doi.org/10.1111/j.1553-2712.1998.tb02493.x
Prajapati, A. (2021). AMQP and beyond. In 2021 International Conference on Smart Applications, Communications and Networking (SmartNets). Glasgow, United Kingdom. https://doi.org/10.1109/SmartNets50376.2021.9555419
Srivastava, A., Gupta, B. B., Tyagi, A., Sharma, A., & Mishra, A. (2011). A recent survey on DDoS attacks and defense mechanisms. In D. Nagamalai, E. Renault, & M. Dhanuskodi (Eds.). Advances in parallel distributed computing. PDCTA 2011. Communications in computer and information science. Vol. 203. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-24037-9_57
Toliupa, S., Buchyk, S., Shabanova, A., & Buchyk, O. (2023). The method for determining the degree of suspiciousness of a phishing URL. CEUR Workshop Proceedings, 3646, 239–247.
Zargar, S. T., Joshi, J., & Tipper, D. (2013). A survey of defense mechanisms against distributed denial of service (DDoS) flooding attacks. IEEE Communications Surveys & Tutorials, 15(4), 2046–2069. https://doi.org/10.1109/SURV.2013.031413.00127
Zhang, B., Zhang, T., & Yu, Z. (2017). DDoS detection and prevention based on artificial intelligence techniques. In 2017 3rd IEEE International Conference on Computer and Communications (ICCC) (pp. 1276–1280). IEEE. https://doi.org/10.1109/CompComm.2017.8322748
Zhao, G., Wang, Y., & Wang, J. (2023). Intrusion detection model of Internet of Things based on LightGBM. IEICE Transactions on Communications, E106–B(8), 622–634. https://doi.org/10.1587/transcom.2022EBP3169
