Метод моніторингу обчислювальних мереж на основі спільного аналізу тимчасових та функціональних характеристик стека протоколів tcp / ip
Вантажиться...
Файли
Дата
2018
Автори
Желєзняк, В.В.
Мясіщев, О.А.
Zheliezniak, V.V.
Myasischev, O.A.
Назва журналу
Номер ISSN
Назва тому
Видавець
Хмельницький національний університет
Анотація
У зв’язку з наявністю на даний момент часу недосконалих систем мережевого моніторингу (СММ),
актуальною задачею є розробка нових засобів спостереження мережі, які будуть базуватися на тимчасових
закономірностях в роботі стека протоколів TCP / IP. Відповідно, виникає потреба побудови досконалого методу
моніторингу мережі, в якому будуть враховуватися недоліки теперішніх методів. Базуючись на застосованих
подібних методах в задачах моніторингу мережі та забезпечення мережевої інформаційної безпеки, результатом
є запропонований метод ідентифікації операційної системи (ІОС), заснований на спільному аналізі функціональних
і часових характеристик стеку TCP/IP з використанням методів класифікації.
Wide dissemination of network monitoring systems in corporate and public information systems leads to the need to pay close attention to solving their inherent problems of uninterrupted and long-term functioning. As a result of the analysis carried out in the article the relevance of the development of methods and algorithms for monitoring computer networks (CN) based on the analysis of time patterns in the work of the TCP / IP protocol stack and the construction of a network monitoring system on their basis. As a result of the research carried out by the authors, it was concluded that the perspective direction of improving the technology of monitoring the computing network is the development of methods for analyzing the information environment, which are implemented through the mechanism of retransmissions. A comparative analysis is performed on the criteria listed for extracting TCP / IP functional values that are used by the corresponding methods of identification of the operating system (IOS). An analysis of the main characteristics of the TCP / IP protocol stack was performed, which resulted in the main values for the development of the method. Due to the presence of imperfect systems of network monitoring (SNM) at present, the actual task is the development of new network monitoring tools that will be based on the timing patterns in the TCP / IP protocol stack. Accordingly, there is a need to build a perfect network monitoring method that takes into account the shortcomings of the current methods. Based on similar methods used in network monitoring and network information security tasks, the proposed method for identifying an operating system based on a joint analysis of the functional and time characteristics of the TCP / IP stack using classification methods is the result.
Wide dissemination of network monitoring systems in corporate and public information systems leads to the need to pay close attention to solving their inherent problems of uninterrupted and long-term functioning. As a result of the analysis carried out in the article the relevance of the development of methods and algorithms for monitoring computer networks (CN) based on the analysis of time patterns in the work of the TCP / IP protocol stack and the construction of a network monitoring system on their basis. As a result of the research carried out by the authors, it was concluded that the perspective direction of improving the technology of monitoring the computing network is the development of methods for analyzing the information environment, which are implemented through the mechanism of retransmissions. A comparative analysis is performed on the criteria listed for extracting TCP / IP functional values that are used by the corresponding methods of identification of the operating system (IOS). An analysis of the main characteristics of the TCP / IP protocol stack was performed, which resulted in the main values for the development of the method. Due to the presence of imperfect systems of network monitoring (SNM) at present, the actual task is the development of new network monitoring tools that will be based on the timing patterns in the TCP / IP protocol stack. Accordingly, there is a need to build a perfect network monitoring method that takes into account the shortcomings of the current methods. Based on similar methods used in network monitoring and network information security tasks, the proposed method for identifying an operating system based on a joint analysis of the functional and time characteristics of the TCP / IP stack using classification methods is the result.
Опис
Ключові слова
моніторинг мережі, стек протоколів, ідентифікація операційної системи, network monitoring, protocol stack, identification of operating system
Бібліографічний опис
Желєзняк, В.В. Метод моніторингу обчислювальних мереж на основі спільного аналізу тимчасових та функціональних характеристик стека протоколів TCP / IP [Текст] / В. В. Желєзняк, О. А. Мясіщев // Вісник Хмельницького національного університету. Технічні науки. – 2018. – № 1. – С. 38-42.