Statistical data analysis for network infrastructure monitoring to recognize aberrant behavior of system local segments

Abstract

Wireless network of low-power devices “Smart Home”, “Internet of things” has been considered. A number of signs of security attacks on behalf of potential information interloper have been identified. We have analyzed the characteristics of a system based on wireless technologies that are obtained as a result of passive surveillance and active polling of devices comprising the network infrastructure. A model is presented for the information security state analysis based on identifying, quantitative, frequency, timing characteristics. In view of the peculiarities of the devices providing network infrastructure, estimation of the information security state is focused on the analysis of the system normal functioning profile, rather than on search of signatures and features of anomalies during various kinds of attacks. An experiment has been disclosed that provides obtaining statistical information about operation of wireless network remote devices where data acquisition for decision-making purposes occurs by comparing statistical signal messages from the leaf nodes in passive and active modes. Experimental results of information onslaught on the standard system have been presented. The proposed model may be used to determine technical characteristics of WLAN ad hoc network devices and to draw recommendations for IS state analysis.