Журнал «Современная Наука»

Russian (CIS)English (United Kingdom)
MOSCOW +7(495)-142-86-81

ANALYSIS OF IOT MALWARE DARKNET TRAFFIC USING ASSOCIATIVE RULES

Kulikov Alexander Anatolievich  (D. in Technical Sciences, Associate Professor of the Department of Instrumental and Applied Software of the Institute of Information Technologies, RTU MIREA, Moscow, Russia)

Kravtsova Yekaterina Yuryevna  (Student of the Instrumental and Applied Software Department, Institute of Information Technologies, RTU MIREA)

Platoshin Alexander Igorevich  (Student of Practical and Applied Informatics Department, Institute of Information Technologies, RTU MIREA)

This research paper examines the issues of cybersecurity in the context of the development of information technology and the Internet of Things (IoT - Internet of Things). Due to the increasing frequency of cyber-attacks in today's world, including the use of malicious software Mirai for IoT, it is necessary to develop mechanisms to detect cyber-attacks occurring on the Internet. Thus, the paper proposes the use of an anonymous network to detect cyber-attacks, as it is a system of virtual tunnels in which packets are generated by malware. Statistical methods and associative rule learning are used to analyze the behavior of scanning attacks based on the packets observed in the Darknet. Particular attention is paid to TCP SYN packets that characterize scanning attacks. The paper discusses the principles of anonymous networking, IP addresses, and the characteristics of the Mirai malware for IoT. The basic concepts used in finding associative rules, such as support and confidence, are also discussed, and the FP-Growth/FP-tree algorithm is proposed for finding such rules. A large set of TCP SYN packets collected by the NICT/16 Darknet sensor was used to evaluate the proposed method. The results show that the proposed method is efficient and can be used to find associative rules in large databases. The algorithm parameters and strategies for determining them to obtain the best results are also discussed. The research can be useful for developing new mechanisms for detecting cyber-attacks and improving cybersecurity.

Keywords:darknet; cyberattacks; Mirai; analysis using associative rule learning, darknet, anonymous network, IoT

 

Read the full article …



Citation link:
Kulikov A. A., Kravtsova Y. Y., Platoshin A. I. ANALYSIS OF IOT MALWARE DARKNET TRAFFIC USING ASSOCIATIVE RULES // Современная наука: актуальные проблемы теории и практики. Серия: Естественные и Технические Науки. -2023. -№06. -С. 122-127 DOI 10.37882/2223-2966.2023.06.24
LEGAL INFORMATION:
Reproduction of materials is permitted only for non-commercial purposes with reference to the original publication. Protected by the laws of the Russian Federation. Any violations of the law are prosecuted.
© ООО "Научные технологии"