Preview

Proceedings of Telecommunication Universities

Advanced search

A Model for the Network Security Monitoring Process in Data Transmission Networks Under Multi-Stage Attack Conditions

https://doi.org/10.31854/1813-324X-2026-12-2-102-112

EDN: MNHGTS

Abstract

Statement of the problem. The advancement of modern technologies has enabled adversaries to employ intelligent and sophisticated tools during the execution of multi-stage attacks to conceal their activities within the network infrastructure. Countering such attacks constitutes one of the primary objectives of information security monitoring for data transmission networks. Given this persistent challenge, there is a continuous demand for the development of novel countermeasures or the optimization of existing anomaly detection systems. These systems must not only facilitate more efficient acquisition of relevant information but also leverage this information to enhance the prediction of potential cyberattacks.

Purpose: to determine the relationship between the probabilistic and temporal characteristics of the network security monitoring process.

Results. А network security monitoring tool structure is proposed that utilizes streaming two-layer recurrent neural networks with controlled synapses to classify and predict multi-stage attacks. The network security monitoring process for a data transmission network was modeled to determine the impact of various factors. Software was developed to calculate the probabilistic and temporal characteristics of the network security monitoring process for a data transmission network under attacker attack.

Theoretical significance. The model and software used allow for the formulation of requirements for various subprocesses of network security monitoring for a data transmission network.

Practical Significance: The proposed model can serve as a foundational framework for the development of systems designed to prevent multi-stage attacks.

About the Authors

A. A. Shevchenko
The Bonch-Bruevich Saint Petersburg State University of Telecommunications
Russian Federation


V. A. Zadboev
Telecommunications Military Academy
Russian Federation


V. A. Lipatnikov
Telecommunications Military Academy
Russian Federation


K. V. Melekhov
Telecommunications Military Academy
Russian Federation


P. I. Kuzin
Saint-Petersburg State Forest Technical University
Russian Federation


References

1. Kotenko I., Saenko I., Zakharchenko R., Velichko D. A Dynamic Functioning Control Model for Preventing Computer Attacks. Legal Informatics. 2024;2:35–43. (in Russ.) DOI:10.21681/1994-1404-2024-2-35-43. EDN:OGOTEF

2. Lipatnikov V., Zadboev V., Melekhov K., Shevchenko A. A Method of Improving the Security of Information and Telecommunications Network Using the Means of Determining Intruder's Geolocation. Proceedings Telecommunication Universities. 2023;9(4):86–96. (in Russ.) DOI:10.31854/1813-324X-2023-9-4-86-96. EDN:FWQHUC

3. Levshun D.S., Vesnin D.V., Kotenko I.V. Prediction of Vulnerability Categories in Configurations of Devices Using Artificial Intelligence Methods. Cybersecurity Issues. 2024;3(61):33–39. (in Russ.) DOI:10.21681/2311-3456-2024-3-33-39. EDN:FTORLR

4. Kim S., Park K.J., Lu C. A Survey on Network Security for Cyber–Physical Systems: From Threats to Resilient Design. IEEE Communications Surveys & Tutorials. 2022;24(3):1534–1573. DOI:10.1109/COMST.2022.3187531. EDN:ZEUEHY

5. Lipatnikov V.A., Kosolapov V.S., Shevchenko A.A., Sokol D.S. A Model for Evaluating the Process of Preparing and Implementing Intrusions in IP Telephony Networks. Information and Space. 2021;4:55–69. (in Russ.) EDN:FRPUPC

6. Zhou P., Zhou G., Wu D., Fei M. Detecting multi-stage attacks using sequence-to-sequence model. Computers & Security. 2021;105:102203. DOI:10.1016/j.cose.2021.102203. EDN:KUKUOO

7. Mishra S., Alotaibi W.B., Alshehri M., Saxena S. Cyber-attacks visualisation and prediction in complex multi-stage network. International Journal of Computer Applications in Technology. 2022;68(4):345–356. DOI:10.1504/IJCAT.2022.125180. EDN:CQPVYR

8. Weerakody P.B., Wong K.W., Wang G., Ela W. A review of irregular time series data handling with gated recurrent neural networks. Neurocomputing, 2021;441:161–178. DOI:10.1016/j.neucom.2021.02.046. EDN:JKFTCG

9. Olszewski D. A data-scattering-preserving adaptive self-organizing map. Engineering Applications of Artificial Intelligence. 2021;105:104420. DOI:10.1016/j.engappai.2021.104420. EDN:EGGQEI

10. Osipov V.Yu., Nikiforov V.V. Coding and stability of signal processing in streaming recurrent neural networks. Information and Control Systems. 2021;3(112):9–18. (in Russ.) DOI:10.31799/1684-8853-2021-3-9-18. EDN:TMUFQK

11. Al-Turaiki I., Altwaijry N. A convolutional neural network for improved anomaly-based network intrusion detection. Big Data. 2021;9(3):233–252. DOI:10.1089/big.2020.0263. EDN:BINXTC

12. Sarker I.H. Deep Cybersecurity: A Comprehensive Overview from Neural Network and Deep Learning Perspective. SN Computer Science. 2021;2(3):154. DOI:10.1007/s42979-021-00535-6. EDN:EKIIIP

13. Gong J. Network Information Security Pipeline Based on Grey Relational Cluster and Neural Networks // Proceedings of the 5th International Conference on Computing Methodologies and Communication, 08–10 April 2021, Erode, India. IEEE, 2021. p.971–975. DOI:10.1109/ICCMC51019.2021.9418311

14. Khan M.A. HCRNNIDS: Hybrid convolutional recurrent neural network-based network intrusion detection system. Processes. 2021;9(5):834. DOI:10.3390/pr9050834. EDN:BBATMC

15. Dolgachev M.V., Moskvichev A.D., Moskvicheva K.S. Detection of attacks on a web application using self-organizing Kohonen maps. Cybersecurity Issues. 2024;1(59):38–44. (in Russ.) DOI:10.21681/2311-3456-2024-1-38-44. EDN:KHTKXR

16. Pletenkova A.D., Sokolov A.N. Application of a two-stage clustering method based on the Kohonen self-organizing map for detecting anomalies in synthetic data sets. Journal of the Ural Federal District. Information security. 2024;4(54):49–60. (in Russ.) DOI:10.14529/secur240406. EDN:ZLGTJQ

17. Pinto A., Herrera L.-C., Donoso Y., Gutierrez J.A. Survey on Intrusion Detection Systems Based on Machine Learning Techniques for the Protection of Critical Infrastructure. Sensors. 2023;23(5):2415. DOI:10.3390/s23052415. EDN:GBGCLV

18. Yang H., Li X., Qiang W., Zhao Y., Zhang W., Tang C. A network traffic forecasting method based on SA optimized ARIMA–BP neural network. Computer Networks. 2021;193:108102. DOI:10.1016/j.comnet.2021.108102. EDN:NKGPOO

19. Lipatnikov V.A., Shevchenko A.A. Mathematical Model of Information Security Management Process for a Distributed Information System Under Conditions of Unauthorized Attacker Impact. Information systems and technologies. 2022;3(131):121–130. (in Russ.) EDN:KSBCGK

20. Robak V.A., Lipatnikov V.A., Parfirov V.A., Zadboev V.A., Shevchenko A.A., Petrenko M.I., et al. Program for Calculating Probabilistic-Temporal Characteristics of Network Control Tools Under Conditions of Multi-Stage Attacks. Patent RF, no. 2024661259, 11.04.2024. (in Russ.) EDN:WTNJLT

21. Savina A.G., Malyavkina L.I., Gerasimova Yu.Ya., Zhilina D.E. Python Programming Language in Scientific Computing. Proceedings of the National Scientific and Practical Conference on Infrastructure for Digital Development of Education and Business, 1–30 April 2021, Orel, Russian Federation. Orel: Oryol State University of Economics and Trade Publ.; 2021. p.64–69 (in Russ.) EDN:CPPPGG


Review

For citations:


Shevchenko A.A., Zadboev V.A., Lipatnikov V.A., Melekhov K.V., Kuzin P.I. A Model for the Network Security Monitoring Process in Data Transmission Networks Under Multi-Stage Attack Conditions. Proceedings of Telecommunication Universities. 2026;12(2):102-112. (In Russ.) https://doi.org/10.31854/1813-324X-2026-12-2-102-112. EDN: MNHGTS

Views: 124

JATS XML


Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 License.


ISSN 1813-324X (Print)
ISSN 2712-8830 (Online)