Estimation of the Multifractal Spectrum Characteristics of Fractal Dimension of Network Traffic and Computer Attacks in IoT

Abstract

Relevance. Changes in the fractal dimension of network traffic can serve as an indicator of attacks or anomalous activity. Fractal analysis allows to identify changes in the temporal structure of traffic and signal possible threats. The self-similarity observed over wide time scales indicates the multifractal nature of the anomalies, which requires further study. Thus, the development of methods for detecting and classifying cyber attacks using multifractal analysis is an urgent task to improve information security.The aim of the article. Increasing the efficiency of detection and classification of computer attacks in IoT networks using machine learning methods by expanding the number of attributes characterizing the parameters of the multifractal spectrum of fractal dimension.Research methods: discrete wavelet analysis, multifractal analysis, machine learning, software implementation of a combined multiclass classification method in conjunction with fractal analysis methods.Results. A methodology has been developed for assessing the characteristics of the multifractal spectrum of the fractal dimension of traffic using a sequence of current estimates of the fractal dimension in an analysis window of a fixed length depending on the resolution interval (sampling time). The analytical results of experimental assessments of multifractal analysis of processed processes in IoT networks are presented. The informational significance of additional attributes of computer attacks and normal traffic is assessed for the case of binary and multi-class classification using the Gini index for two cases: without adding a multifractal spectrum of fractal dimension and with the addition of a multifractal spectrum of fractal dimension. It has been shown that the main concentration of the most significant attributes falls on the sampling interval of 500 ms...1.5 s.Novelty. The concept of a multifractal spectrum of fractal dimension is introduced in the form of a sequence of current estimates of the fractal dimension in an analysis window of a fixed length depending on the resolution interval.Practical significance. The presented method for estimating the parameters of a multifractal spectrum of fractal dimension is universal and can be applied in various information systems.