CHARACTERISTIC PROPERTIES OF CENTRALIZATION IN THE ARCHITECTURE OF MULTI -COMPUTER SYSTEMS OF ANTIVIRAL COMBINED BAITS AND TRAPS
DOI:
https://doi.org/10.32782/IT/2024-4-14Keywords:
centralization, protection of information, fraudulent systems, multicomputer systems, malicious software; Computer attacks.Abstract
The work analyzes the prevention, detection and counteraction systems of malicious software and computer attacks, including fraudulent systems and systems with baits and traps. When developing such systems, mechanisms that provide their adaptability, that is, adaptation to the surrounding operating environment and internal and external influences, are often laid in their architecture. These mechanisms first consider mechanisms that provide restructuring of systems architecture in the process of their functioning in order to respond to malicious threats. One of the main elements in the restructuring of the architecture of systems without user intervention is the centers of systems. The detail of the mechanisms of restructuring of the centers of systems is not given enough attention, in particular, the developers of commercial systems do not declare. The work identifies the characteristic properties of centralization in multicomputer systems and detail the characteristic properties, their combination and presentation. Such detail of characteristic properties is the basis for establishing relationships between them, the synthesis of systems with such centers, as well as evaluating the effectiveness of centralization options. According to the developed submission of centralization options in the architecture of systems, the potential number of centralization options, which can be transferred when choosing the next centralization option, was evaluated. The purpose of the article is to detail the characteristic properties of centralization to identify the next version of the center in the architecture of systems of prevention, detection and counteraction to malicious software and computer attacks so that the systems are concealed their center independently, as well as to ensure effective interaction between their nodes And the rapid decision -making and the integrity of the system was maintained during operation. The methodology is to apply scientific methods: systematic analysis of synthesis, comparison. The work presents an analysis of the characteristic properties of centralization to determine the next version of the center in the architecture of the Milty -Computer Systems Preventing, Detection and Combating Mallen software and computer attacks. According to the analysis, a formal representation of the characteristic properties according to which will synthesize the variants of centralization in the architecture of systems. Scientific novelty lies in the designed models of characteristic properties of centralization to use them in the method of determining the next variant of the center in the architecture of multi-computer systems of prevention, detection and counteraction Able to form the following centralization option without involving the user and avoiding a complete or significant partial interview of options. Conclusions. The characteristic properties of centralization in the architecture of multi-computer baits and traps to detect and counteract the RFS and Ka. The characteristic properties are grouped into the set of characteristic properties. According to this definition, the indicators were obtained to use them in determining the following centralization in the multi -computer architecture, which they must be carried out independently without involving the administrator. The analysis of the proposed solution confirmed the prospect of the research. The experiment was staged for the developed system according to the submitted centralization. The results of the experiment confirm the prospect of research in the direction of restructuring of the center of systems.
References
Kashtalian A., Lysenko S., Savenko B., Sochor T., Kysil, T. Principle and method of deception systems synthesizing for malware and computer attacks detection. Radioelectronic and Computer Systems, (023. 0(4), 112–151. doi:https://doi.org/10.32620/reks.2023.4.10
B. Savenko, A. Kashtalian, S. Lysenko and O. Savenko, “Malware Detection By Distributed Systems with Partial Centralization,” 2023 IEEE 12th International Conference on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications (IDAACS), Dortmund, Germany, 2023, pp. 265–270, doi: 10.1109/IDAACS58523.2023.10348773.
Savenko O., Sachenko A., Lysenko S., Markowsky G., Vasylkiv N. BOTNET DETECTION APPROACH BASED ON THE DISTRIBUTED SYSTEMS. International Journal of Computing, 2020. 19(2), 190–198. https://doi.org/10.47839/ijc.19.2.1761
Kashtalian A., Lysenko S., Savenko O., Nicheporuk A., Sochor T., Avsiyevych V. Multi-computer malware detection systems with metamorphic functionality. Radioelectronic and Computer Systems, 2024. (1), 152–175. doi:https://doi.org/10.32620/reks.2024.1.13
Каштальян А. С. Концептуальна модель архітектури мультикомп’ютерних систем із приманками та пастками для виявлення та протидії зловмисному програмному забезпеченнюю Information Technology: Computer Science, Software Engineering and Cyber Security, 2023, № 3, С. 22
Suratkar S., Shah K., Sood A. An adaptive honeypot using Q-Learning with severity analyzer. J Ambient Intell Human Comput, 2022, 13, P.4865–4876.
Lysenko S, Bobrovnikova K, Kharchenko V, Savenko O. IoT Multi-Vector Cyberattack Detection Based on Machine Learning Algorithms: Traffic Features Analysis, Experiments, and Efficiency. Algorithms, 2022. 15(7), 239.
Leyi S., Yang L., Liu T., Liu J., Shan B., Chen H. Dynamic Distributed Honeypot Based on Blockchain. IEEE Access, 2019. P. 1–1. 10.1109/ACCESS.2019.2920239.
Fan W., Fernández D., Du Z. Adaptive and Flexible Virtual Honeynet. 2015. 10.1007/978-3-319-25744-0_1.
Acosta J. C., Basak A., Kiekintveld C., Kamhoua C. Lightweight On-Demand Honeypot Deployment for Cyber Deception. In: Gladyshev, P., Goel, S., James, J., Markowsky, G., Johnson, D. (eds) Digital Forensics and Cyber Crime. ICDF2C 2021. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, Springer, Cham, 2021, vol. 441.
Li Y, Shi L, Feng H. A Game-Theoretic Analysis for Distributed Honeypots. Future Internet, 2019. 11(3), 65.
Han W., Zhao Z., Doupé A., Ahn G.-J. HoneyMix: Toward SDN-based Intelligent Honeynet. 2016. 10.1145/2876019.2876022.
Baykara M., Das R. oftSwitch: a centralized honeypot-based security approach usingsoftware-defined switching for secure management of VLAN networks. Turkish journal of electrical engineering & computer sciences, 2019, 27, P.3309–3325
Anwar A. H., Zhu M., Wan Z., Cho J. -H., Kamhoua C. A., Singh M. P. Honeypot-Based Cyber Deception Against Malicious Reconnaissance via Hypergame Theory. GLOBECOM 2022 – 2022 IEEE Global Communications Conference, Rio de Janeiro, Brazil, 2022, P. 3393–3398.
Schindler S., Schnor B., Scheffler T. Sven Schindler. Hyhoneydv6: A hybrid Honeypot Architecture for Ipv6 Networks. International Journal of Intelligent Computing Research (IJICR), 2015, June, Volume 6, Issue 2, P. 562–570
Wegerer M., Tjoa S. Defeating the Database Adversary Using Deception – A MySQL Database Honeypot. 2016 International Conference on Software Security and Assurance (ICSSA), Saint Pölten, Austria, 2016, P. 6–10.
Achleitner S., Porta T., McDaniel P., Sugrim S., Krishnamurthy S., Chadha R. Cyber Deception: Virtual Networks to Defend Insider Reconnaissance. 2016. P.57–68. 10.1145/2995959.2995962.
Zaman M., Tao L., Maldonado M., Liu C., Sunny A., Xu S., Chen L. Optimally Blending Honeypots into Production Networks: Hardness and Algorithms. Science of Cyber Security : 5th International Conference, SciSec 2023, Melbourne, VIC, Australia, July 11–14, Proceedings. Springer-Verlag, Berlin, Heidelberg, 2023, P.285–304.
Chiang C. J., Gottlieb Y. M., Sugrim S., Chadha R., Serban C., Poylisher A., Marvel L. M., Santos J. ACyDS: An adaptive cyber deception system. MILCOM 2016 – 2016 IEEE Military Communications Conference, P. 800–805.
Ehab Al-Shaer. A Cyber Mutation: Metrics, Techniques and Future Directions. In Proceedings of the 2016 ACM Workshop on Moving Target Defense (MTD ‘16). Association for Computing Machinery, New York, NY, USA, 2016, 1.
