METHOD FOR FILTERING ATTACKING STREAMS AIMED AT THE COMMUNICATION MODULE Russian patent published in 2022 - IPC G06F21/55 H04L47/00 

FIELD: communication technology.

SUBSTANCE: invention relates to a method for filtering attacking streams aimed at the communication module. Several aggregates are defined, where each aggregate is the result of combining several incoming data streams received over a given period of time. Several first measurement vectors are determined, each of which is associated with one of the specified aggregates and contains the values of the first characteristic parameters of the aggregate with which this vector is associated. These first several measurement vectors are projected into at least one subspace defined by the first characteristic parameters. Another aggregate is determined, which is the result of combining several incoming data streams received during a different time period. Another first measurement vector is determined, associated with the specified other aggregate. The specified other first dimension vector is projected into at least one subspace. An estimate of deviation from the norm is determined depending on the results of projecting the specified other first measurement vector and projecting the totality of the specified several first measurement vectors, and then, if the estimate of deviation from the norm falls into the zone of doubt about the presence of attacking flows, several second measurement vectors are determined, each of which is associated with one of the specified aggregates. Another second measurement vector associated with another aggregate is determined. The presence or absence of an attack is detected by analyzing another second measurement vector.

EFFECT: increase in the probability of detecting an attacking stream.

11 cl, 10 dwg