CASPIAN JOURNAL

MANAGEMENT AND HIGH TECHNOLOGIES

RESEARCH OF THE ISSUES OF IMPROVEMENT OF PROTECTION SYSTEMS AGAINST DDOS-ATTACKS BASED ON THE COMPREHENSIVE ANALYSIS OF MODERN INTERACTION MECHANISMS

Read

Bachmanov Dmitriy A., Ocheredko Andrey R., Putyato Michael M., Makaryan Alexander S. RESEARCH OF THE ISSUES OF IMPROVEMENT OF PROTECTION SYSTEMS AGAINST DDOS-ATTACKS BASED ON THE COMPREHENSIVE ANALYSIS OF MODERN INTERACTION MECHANISMS // Caspian journal : management and high technologies. — 2021. — №1. — pp. 63-74.

Bachmanov Dmitriy A. - Kuban State Technological University, 2 Moskovskaya St., Krasnodar, 350072, Russian Federation

Ocheredko Andrey R. - Kuban State Technological University, 2 Moskovskaya St., Krasnodar, 350072, Russian Federation

Putyato Michael M. - Kuban State Technological University, 2 Moskovskaya St., Krasnodar, 350072, Russian Federation

Makaryan Alexander S. - Kuban State Technological University, 2 Moskovskaya St., Krasnodar, 350072, Russian Federation

The article presents the results of an analysis of the growth in the development of botnet networks and new cyber threats when they are used by cybercriminals. A review and comparison of the models for the implementation of botnet networks is carried out, as a result of which there are two main types. The main types of attacks carried out using the infrastructure of distributed computer networks are identified and classified, formed into 7 main groups, taking into account the relevance, prevalence and amount of damage. Based on the results of the analysis, it was determined that the most widespread and relevant type of attack is “Denial of Service”. The article presents a classification of services that provide services to ensure the protection of network resources from distributed attacks by the "Denial of Service" type, by the type of deployment, the level of security and the types of services provided. The comparison criteria are given taking into account their infrastructure, availability of technical support and a test period, available types of protection, capabilities, additional options, notification and reporting, as well as licensing. Practically implemented and shown a way to integrate the DDoS-Guard Protection service with an additional module at the application level, which made it possible to expand the methods of protection against DDoS attacks. Various modifications of the combined use of the module and the modified system make it possible to increase the expected level of detection and prevention of cyber - attacks.

Key words: cybersecurity, information security, botnet, DDoS, distributed computer networks, denial of service, cyber threats, OSI model