Mathematical models for masking structural and dynamic characteristics of departmental data transmission networks against computer reconnaissance

Roman S. Sherstobitov¹

¹Krasnodar Higher Military School named after General of the Army S.M. Shtemenko.

DOI 10.24412/2410-9916-2026-1-138-181

Full text

XML JATS

Abstract

Problem Statement: one of the methods to counter the threat of computer reconnaissance of information flows is masking the structural and dynamic characteristics of departmental data transmission networks. However, existing approaches to approximating the dynamic characteristics of information flows during masking implementation are characterized by low generalization capability and the necessity of converting non-stationary data to a stationary form using differencing transformations. At the same time, the existing scientific and methodological framework for determining probabilistic-temporal characteristics does not account for the non-stationarity of parameters of the random process assessing the security and availability of network devices, as well as the timeliness of information exchange during the implementation of masking of structural and dynamic characteristics of departmental data transmission networks against computer reconnaissance. The purpose of the work is to develop models for masking structural and dynamic characteristics of departmental data transmission networks against computer reconnaissance and to investigate, based on these models, the patterns of functioning of a departmental data transmission network during the implementation of computer reconnaissance protection procedures. Methods used: the work employs methods of machine learning, mathematical statistics, optimization, time series analysis, and random process research. Novelty: the article proposes an approach to approximating the dynamic characteristics of legitimate network traffic using an ensemble of recurrent neural network models with Long Short-Term Memory (LSTM) cells to evaluate and predict the frequency characteristic of the approximated network traffic, and an exponential distribution law of a random variable parameterized by the neural network output to obtain numerical values of pauses between packets of the predicted masking network traffic. The probabilistic-temporal characteristics of the functioning process of departmental data transmission networks during the implementation of masking of structural and dynamic characteristics under conditions of computer reconnaissance have been determined using the mathematical apparatus of the theory of non-homogeneous Markov and homogeneous semi-Markov processes with discrete states and continuous time. Practical significance: formation of masking network traffic whose dynamic parameters are statistically close to legitimate traffic, and obtaining probabilistic-temporal characteristics of the functioning process of departmental data transmission networks under conditions of computer reconnaissance and network traffic non-stationarity, necessary for formalizing the objective functions of masking effectiveness, network device availability, and timeliness of information exchange when formulating the problem of vector optimization of masking parameters for structural and dynamic characteristics. Result: a system of models for masking structural and dynamic characteristics has been developed, allowing the investigation of the functioning of departmental data transmission networks under conditions of computer reconnaissance.

Key words

data transmission network, structural and dynamic characteristics, compromise, information flow, recurrent neural network, exponential distribution law, random process, computer reconnaissance.

Reference for citation

Sherstobitov R. S. Mathematical models for masking structural and dynamic characteristics of departmental data transmission networks against computer reconnaissance. Systems of Control, Communication and Security, 2026, no. 1, pp. 138-181. DOI: 10.24412/2410-9916-2026-1-138-181 (in Russian).

References

1. CODE RED 2026: Current cyber threats for Russian organizations. The official information resource of Group Positive PJSC. 2026. Available at: http://ptsecurity.com/research/analytics/russia-cyberthreat-landscape-2026/#id1 (accessed 14 January 2026) (in Russian).

2. Davydov A. E., Maksimov R. V., Savitskiy O. K. Protection and safety of the departmental integrated information and communication systems. Moscow, Voentelecom Publ., 2017. 536 p. (in Russian).

3. Kanellopoulos A., Vamvoudakis K. A Moving Target Defense Control Framework for Cyber-Physical Systems. IEEE Trans Autom Control, 2020, vol. 65, pp. 1029-1043.

4. Sengupta S., Chowdhary A., Sabur A., Alshamrani A., Huang D., Kambhampati S. A. Survey of Moving Target Defenses for Network Security. IEEE Commun Surv Tutor, 2020, vol. 22, pp. 1909-1941.

5. Maximov R. V., Sokolovsky S. P., Telenga A. P. Methodology for substantiating the characteristics of false network traffic to simulate information systems. Selected Papers of the XI Anniversary International Scientific and Technical Conference on Secure Information Technologies, 2021, pp. 115-124.

6. Gorbachev A. A. Masking of topological properties of computer networks in network reconnaissance conditions. Part 1. Voprosy kiberbezopasnosti, 2024, vol. 6, no. 64, pp. 130-139 (in Russian). doi: 10.21681/2311-3456-2024-6-130-139.

7. Gorbachev A. A. Masking of topological properties of computer networks in network reconnaissance conditions. Part 2. Voprosy kiberbezopasnosti, 2025, vol. 1, no. 65, pp. 63-72 (in Russian). doi: 10.21681/2311-3456-2025-1-63-72.

8. Denisov D. S. Model and algorithm for simulating email service traffic in departmental information systems. Elektronnii setevoi politematicheskii jurnal "Nauchnie trudi KubGTU", 2024, no. 5, pp. 74-96 (in Russian). doi: 10.26297/2312-9409.2024.5.7.

9. Gorbachev A. A., Lisenko D. E. Algorithm for simulating dynamic traffic characteristics web service. Voprosy kiberbezopasnosti, 2023, vol. 4, no. 62, pp. 104-115 (in Russian).

10. Ventcel E. S., Ovcharov L. A. Theory of random processes and its engineering applications. Moscow, Nauka Publ., 1991. 384 p. (in Russian).

11. Voronchikhin I. S., Ivanov I. I., Maximov R. V., Sokolovsky S. P. Masking of Distributed Information Systems Structure in Cyber Space. Voprosi Kiberbezopasnosti, 2019, vol. 6, no. 34, pp. 92-101 (in Russian). doi: 10.21681/2311-3456-2019-6-92-101.

12. Maximov R. V., Orekhov D. N., Sokolovsky S. P. Model and Algorithm of Client-Server Information System Functioning in Network Intelligence Conditions. Systems of Control, Communication and Security, 2019, no. 4, pp. 50-99 (in Russian). doi: 10.24411/2410-9916-2019-10403.

13. Gorbachev A. A., Sokolovsky S. P., Usatikov S. V. Functioning model and algorithm of email service proactive protection from network intelligence. Systems of Control, Communication and Security, 2021, no. 3, pp. 60-109 (in Russian). doi: 10.24412/2410-9916-2021-3-60-109.

14. Eryshov V. G., Ilina D. V. Markov model of a computer intelligence process that performs unauthorized access and acquisition of confidential information from organizational information systems. Wave Electronics and Infocommunication Systems: Proceedings of the XXV International Scientific Conference. Saint-Petersburg, 2022, pp. 17-21 (in Russian).

15. Gorbachev A. A., Sokolovsky S. P., Kaplin M. A. Determination of optimal parameters for configuring information systems in the conditions of network. Voprosy kiberbezopasnosti, 2022, vol. 4, no. 50, pp. 80-90 (in Russian).

16. Moskvin A. A., Maksimov R. V., Gorbachev A. A. Model, optimization and efficiency evaluation of application multicast network connections in conditions of network intelligence. Voprosy kiberbezopasnosti, 2023, vol. 3, no. 55, pp. 13-22 (in Russian).

17. Moskvin A. A. Algorithm of multiaddress network connection configuration under conditions of computer intelligence. System of Control, Communication and Security, 2023, vol. 2, pp. 102-130 (in Russian).

18. Lebedkina T. V., Horev G. A. Functioning model and algorithm for configuring the addressing of false network information objects in the conditions of network reconnaissance. System of Control, Communication and Security, 2023, vol. 2, pp. 23-62 (in Russian).

19. Sherstobitov R. S., Maksimov R. V., Kuchurov V. V. Model and technique for abonent address masking in cyberspace. Voprosy kiberbezopasnosti, 2020, vol. 6, no. 40, pp. 2-13 (in Russian).

 This article is distributed under a license Creative Commons Attribution 4.0 License.

  The metadata of the article is distributed under a license CC0 1.0 Universal