A Model for the Network Security Monitoring Process in Data Transmission Networks Under Multi-Stage Attack Conditions
https://doi.org/10.31854/1813-324X-2026-12-2-102-112
EDN: MNHGTS
Abstract
Statement of the problem. The advancement of modern technologies has enabled adversaries to employ intelligent and sophisticated tools during the execution of multi-stage attacks to conceal their activities within the network infrastructure. Countering such attacks constitutes one of the primary objectives of information security monitoring for data transmission networks. Given this persistent challenge, there is a continuous demand for the development of novel countermeasures or the optimization of existing anomaly detection systems. These systems must not only facilitate more efficient acquisition of relevant information but also leverage this information to enhance the prediction of potential cyberattacks.
Purpose: to determine the relationship between the probabilistic and temporal characteristics of the network security monitoring process.
Results. А network security monitoring tool structure is proposed that utilizes streaming two-layer recurrent neural networks with controlled synapses to classify and predict multi-stage attacks. The network security monitoring process for a data transmission network was modeled to determine the impact of various factors. Software was developed to calculate the probabilistic and temporal characteristics of the network security monitoring process for a data transmission network under attacker attack.
Theoretical significance. The model and software used allow for the formulation of requirements for various subprocesses of network security monitoring for a data transmission network.
Practical Significance: The proposed model can serve as a foundational framework for the development of systems designed to prevent multi-stage attacks.
About the Authors
A. A. ShevchenkoRussian Federation
V. A. Zadboev
Russian Federation
V. A. Lipatnikov
Russian Federation
K. V. Melekhov
Russian Federation
P. I. Kuzin
Russian Federation
References
1. Kotenko I., Saenko I., Zakharchenko R., Velichko D. A Dynamic Functioning Control Model for Preventing Computer Attacks. Legal Informatics. 2024;2:35–43. (in Russ.) DOI:10.21681/1994-1404-2024-2-35-43. EDN:OGOTEF
2. Lipatnikov V., Zadboev V., Melekhov K., Shevchenko A. A Method of Improving the Security of Information and Telecommunications Network Using the Means of Determining Intruder's Geolocation. Proceedings Telecommunication Universities. 2023;9(4):86–96. (in Russ.) DOI:10.31854/1813-324X-2023-9-4-86-96. EDN:FWQHUC
3. Levshun D.S., Vesnin D.V., Kotenko I.V. Prediction of Vulnerability Categories in Configurations of Devices Using Artificial Intelligence Methods. Cybersecurity Issues. 2024;3(61):33–39. (in Russ.) DOI:10.21681/2311-3456-2024-3-33-39. EDN:FTORLR
4. Kim S., Park K.J., Lu C. A Survey on Network Security for Cyber–Physical Systems: From Threats to Resilient Design. IEEE Communications Surveys & Tutorials. 2022;24(3):1534–1573. DOI:10.1109/COMST.2022.3187531. EDN:ZEUEHY
5. Lipatnikov V.A., Kosolapov V.S., Shevchenko A.A., Sokol D.S. A Model for Evaluating the Process of Preparing and Implementing Intrusions in IP Telephony Networks. Information and Space. 2021;4:55–69. (in Russ.) EDN:FRPUPC
6. Zhou P., Zhou G., Wu D., Fei M. Detecting multi-stage attacks using sequence-to-sequence model. Computers & Security. 2021;105:102203. DOI:10.1016/j.cose.2021.102203. EDN:KUKUOO
7. Mishra S., Alotaibi W.B., Alshehri M., Saxena S. Cyber-attacks visualisation and prediction in complex multi-stage network. International Journal of Computer Applications in Technology. 2022;68(4):345–356. DOI:10.1504/IJCAT.2022.125180. EDN:CQPVYR
8. Weerakody P.B., Wong K.W., Wang G., Ela W. A review of irregular time series data handling with gated recurrent neural networks. Neurocomputing, 2021;441:161–178. DOI:10.1016/j.neucom.2021.02.046. EDN:JKFTCG
9. Olszewski D. A data-scattering-preserving adaptive self-organizing map. Engineering Applications of Artificial Intelligence. 2021;105:104420. DOI:10.1016/j.engappai.2021.104420. EDN:EGGQEI
10. Osipov V.Yu., Nikiforov V.V. Coding and stability of signal processing in streaming recurrent neural networks. Information and Control Systems. 2021;3(112):9–18. (in Russ.) DOI:10.31799/1684-8853-2021-3-9-18. EDN:TMUFQK
11. Al-Turaiki I., Altwaijry N. A convolutional neural network for improved anomaly-based network intrusion detection. Big Data. 2021;9(3):233–252. DOI:10.1089/big.2020.0263. EDN:BINXTC
12. Sarker I.H. Deep Cybersecurity: A Comprehensive Overview from Neural Network and Deep Learning Perspective. SN Computer Science. 2021;2(3):154. DOI:10.1007/s42979-021-00535-6. EDN:EKIIIP
13. Gong J. Network Information Security Pipeline Based on Grey Relational Cluster and Neural Networks // Proceedings of the 5th International Conference on Computing Methodologies and Communication, 08–10 April 2021, Erode, India. IEEE, 2021. p.971–975. DOI:10.1109/ICCMC51019.2021.9418311
14. Khan M.A. HCRNNIDS: Hybrid convolutional recurrent neural network-based network intrusion detection system. Processes. 2021;9(5):834. DOI:10.3390/pr9050834. EDN:BBATMC
15. Dolgachev M.V., Moskvichev A.D., Moskvicheva K.S. Detection of attacks on a web application using self-organizing Kohonen maps. Cybersecurity Issues. 2024;1(59):38–44. (in Russ.) DOI:10.21681/2311-3456-2024-1-38-44. EDN:KHTKXR
16. Pletenkova A.D., Sokolov A.N. Application of a two-stage clustering method based on the Kohonen self-organizing map for detecting anomalies in synthetic data sets. Journal of the Ural Federal District. Information security. 2024;4(54):49–60. (in Russ.) DOI:10.14529/secur240406. EDN:ZLGTJQ
17. Pinto A., Herrera L.-C., Donoso Y., Gutierrez J.A. Survey on Intrusion Detection Systems Based on Machine Learning Techniques for the Protection of Critical Infrastructure. Sensors. 2023;23(5):2415. DOI:10.3390/s23052415. EDN:GBGCLV
18. Yang H., Li X., Qiang W., Zhao Y., Zhang W., Tang C. A network traffic forecasting method based on SA optimized ARIMA–BP neural network. Computer Networks. 2021;193:108102. DOI:10.1016/j.comnet.2021.108102. EDN:NKGPOO
19. Lipatnikov V.A., Shevchenko A.A. Mathematical Model of Information Security Management Process for a Distributed Information System Under Conditions of Unauthorized Attacker Impact. Information systems and technologies. 2022;3(131):121–130. (in Russ.) EDN:KSBCGK
20. Robak V.A., Lipatnikov V.A., Parfirov V.A., Zadboev V.A., Shevchenko A.A., Petrenko M.I., et al. Program for Calculating Probabilistic-Temporal Characteristics of Network Control Tools Under Conditions of Multi-Stage Attacks. Patent RF, no. 2024661259, 11.04.2024. (in Russ.) EDN:WTNJLT
21. Savina A.G., Malyavkina L.I., Gerasimova Yu.Ya., Zhilina D.E. Python Programming Language in Scientific Computing. Proceedings of the National Scientific and Practical Conference on Infrastructure for Digital Development of Education and Business, 1–30 April 2021, Orel, Russian Federation. Orel: Oryol State University of Economics and Trade Publ.; 2021. p.64–69 (in Russ.) EDN:CPPPGG
Review
For citations:
Shevchenko A.A., Zadboev V.A., Lipatnikov V.A., Melekhov K.V., Kuzin P.I. A Model for the Network Security Monitoring Process in Data Transmission Networks Under Multi-Stage Attack Conditions. Proceedings of Telecommunication Universities. 2026;12(2):102-112. (In Russ.) https://doi.org/10.31854/1813-324X-2026-12-2-102-112. EDN: MNHGTS
JATS XML

























