Overview of the Methods for Predicting Network Anomalies

In this paper, the methods of predicting network anomalies are analyzed. Using the example of real statistical data, the stages of setting up forecasting models are shown. The effect of a DDoS attack on the destination IP-addresses’ entropy is shown.

1. GOST R 53114-2008. Obespechenie informacionnoj bezopasnosti v organizacii [Information security provision in organization], available at: https://docs.cntd.ru/document/1200075565 (accessed 22.11.2022).

2. Laboratoriya Kasperskogo. Otchety [DDoS reports], available at: https://www.kaspersky.ru/enterprise-security/resources (accessed 22.11.2022).

3. Positive Technologies. Analitika [Analytics], available at: https://www.ptsecurity.com/ruru/research/analytics/ (accessed 22.11.2022)

4. Metody zashchity ot DDOS napadenij [Methods of protection against DDOS attacks], available at: http://www.securitylab.ru/analytics/216251.php (accessed 22.11.2022)

5. Shanshan Yu, Jicheng Zhang, Ju Liu, Xiaoqing Zhang, Yafeng Li, Tianfeng Xu. A cooperative DDoS attack detection scheme based on entropy and ensemble learning in SDN, available at: https://www.researchgate.net/publication/348891807 (accessed 22.11.2022)

6. Jung Woo Seo, Sangjin Lee. A study on efficient detection of_network-based IP spoofing DDoS and malware-infected Systems, available at: https://www.researchgate.net/publication/309467794 (accessed 22.11.2022)

7. The NSL‐KDD Data Set, available at: https://www.unb.ca/cic/datasets/nsl.html (accessed 22.11.2022)

8. Afanas'ev V. N. Analiz vremennyh ryadov i prognozirovanie [Time series analysis and forecasting]: Saratov, Aj Pi Ar Media, Orenburg, Orenburgskij gos. un-t, 2020. 286 p.