Mathematical Interpretation of the Results of Cognitive Analysis of Network Packet Metadata

Purpose of research. The article discusses the possibility of increasing the probability of correct authentication of a remote message source based on the analysis of metadata of network packets generated by it. When transmitting data over networks with low power consumption, the values of inter-packet time intervals are subject to known distribution laws. Based on these laws and principles for the formation of authentic messages, it has been determined that an authentication error leads to the formation in the receiver of two sequences of packets that differ in one element, for which it is impossible to unambiguously determine the one that consists entirely of source packets. Analysis of the arrival time of data packets in two sequences allows us to develop a decision rule, on the basis of which the authentic one is determined from the two sequences.

Methods. Metadata analysis is carried out for sequences of 5–20 data packets in size, which makes only high-order moments for samples of inter-packet time intervals for such sequences informative. A map of coefficients of asymmetries and kurtosis is used, the analysis of which allowed us to formulate the hypothesis that the decisive rule for determining the authentic sequence can be adopted based on the minimum distance to the parabola, which is a map of the distribution of coefficients of kurtosis and asymmetries for the Poisson distribution.

Results. Based on the developed mathematical model of data arrival at the receiver, data sets were obtained to test the formulated criterion for selecting an authentic sequence. Analysis of the proportion of correct decisions made according to the minimum distance criterion and the proportion of cases in which the decision rule can be applied allowed us to formulate a criterion for the applicability of the rule of the minimum distance to a parabola on the map of kurtosis and asymmetry coefficients, which consists in the fact that the rule is applied if the minimum distance for one sequences are 3 – 4 times less than the minimum for the second sequence of the pair.

Conclusion. The work shows that using the criterion of multiple excess of the minimum distance to the map of distribution of kurtosis and skewness coefficients makes it possible to increase the reliability of determining authentic sequences with a length of 5–20 data packets for the Poisson distribution, and makes it possible to increase the accuracy of making the right decision to 90-95% with the possibility of using the method in 60% – 80% of cases.

1. Semtech Corporation. LoRa® and LoRaWAN®: A Technical Overview. Available at: https://lora-developers.semtech.com/uploads/documents/files/LoRa_and_LoRaWAN-A_Tech_Overview-Downloadable.pdf.

2. IEEE Standard for Low-Rate Wireless Networks. IEEE Std 802.15.4-2020, pp.1-800, 23 July 2020, doi: 10.1109/IEEESTD.2020.9144691

3. Petrov D. Standarty besprovodnoi svyazi diapazona ISM [Wireless communication standards of the ISM range]. Elektronnye komponenty = Electronic Components, 2010, no. 10, pp. 28-32.

4. IEEE P802.11ahTM Standard for Information technology – Telecommunications and information exchange between systems Local and metropolitan area networks – Specific requirements – Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications – Amendment 2: Sub 1 GHz License Exempt Operation, 2017.

5. Stallings W. NIST Block Cipher Modes of Operation for Authentication and Combined Confidentiality and Cryptologia. 2010, no. 34, pp. 225 - 235. doi: 10.1080/01611191003598295.

6. Iwata T., Kurosawa K. OMAC: one-key CBC MAC. Fast Software Encryption, 10th International Workshop, 2003, pp. 129 – 153. doi 10.1007/978-3-540-39887-5_11.

7. Dworkin M. SP 800-38D: Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC. Computer Security Division Information Technology Laboratory National Institute of Standards and Technology Gaithersburg, MD 20899-8930, 2007.

8. Ifzarne S., Imad H., Idrissi N. Homomorphic Encryption for Compressed Sensing in Wireless Sensor Networks. SCA '18, October 10–11, 2018, Tetouan, Morocco DOI 10.1145/3286606.3286857

9. Nikeshin A.V., Shnitman V.Z. Obzor rasshiryaemogo protokola autentifika-tsii i ego metodov [Overview of the Extensible Authentication Protocol and its methods]. Trudy ISP RAN = Proceedings of ISP RAS, 2018, vol. 30, is. 2, pp. 113-148. DOI: 10.15514/ISPRAS2018-30(2)-7.

10. Landby S.A., Razumov L., Bao Gang Patent 2422998 Russian Federation H04B 7/216. Sposob i ustroistvo dlya vysokoskorostnoi peredachi paketnykh dannykh i peredachi dannykh s maloi zaderzhkoi [Method and device for high-speed packet data transmission and low-latency data transmission]; application 07/17/2006, published 06/27/2011

11. Plugatarev A. V. Model' opredeleniya istochnika soobshchenii na osnove statisticheskogo analiza metadannykh v otkrytom kanale svyazi [Model for determining the source of messages based on statistical analysis of metadata in an open communication channel]. Prikaspiiskii zhurnal: upravlenie i vysokie tekhnologii = Caspian Journal: Management and High Technologies, 2022, no. 4(60), pp. 30-37. DOI 10.54398/20741707_2022_4_30

12. Vorobyov A. V. Kontseptsiya informatsionnogo paketnogo vzaimodeistviya v mnogourovnevoi sisteme tsifrovykh dvoinikov [Concept of information packet interaction in a multi-level system of digital twins]. Izvestiya Saratovskogo universiteta. Novaya seriya. Seriya: Matematika. Mekhanika. Informatika = News of Saratov University. New Episode. Series: Mathematics. Mechanics. Computer Science, 2021. T. 21, is. 4. pp. 532–543. https://doi.org/10.18500/1816-9791-2021-21-4-532-543

13. Urazbakhtin A.I., Urazbakhtin I.G. Algoritm proverki odnorodnosti vyborki i ee reprezentativnosti issleduemomu sluchainomu protsessu [Algorithm for checking the homogeneity of the sample and its representativeness of the random process under study]. Infokommunikatsionnye tekhnologii = Infocommunication Technologies, 2006, vol. 4, no. 3, pp. 10-14

14. Zhukova G.N. Karta koeffitsientov asimmetrii i ekstsessa v prepodavanii teorii veroyatnostei i matematicheskoi statistiki [Map of skewness and kurtosis coefficients in teaching probability theory and mathematical statistics]. Kontsept. Nauchno-metodicheskii elek-tronnyi zhurnal = Concept. Scientific and methodological electronic journal. 2015, no. 8, pp. 56-60.

15. Khorov Evgeny, Lyakhov Andrey, Krotov Alexander, Guschin Andrey. A survey on IEEE 802.11 ah: An enabling networking technology for smart cities. Computer Communications, 2015,vol. 58, pp. 53–69. DOI:10.1016/j.comcom.2014.08.008.

16. Khorov Evgeny, Krotov Alexander, Lyakhov Andrey. Modeling Machine Type Communication in IEEE 802.11ah Networks. Communication Workshop (ICCW), 2015 IEEE International Conference on IEEE. 2015. pp. 1149–1154. DOI: 10.1109/ICCW.2015.7247332

17. Plugatarev A. V. Tanygin M. O., “Model for Determining the Message Source by Analyzing Their Arrival Time”. 2022 International Russian Automation Conference (RusAutoCon), 2022, pp. 388-392, doi: 10.1109/RusAutoCon54946.2022.9896326.

18. Politov E. N., Rukavitsyn A. N., Lomas Arciniega W. P., Terán Acosta G. R., Ávalos Cascante F. E., Puebla Puebla R. E. Method of Determining the Source of Messages Based on Processing the Time of Their Receipt. Izvestiya Yugo-Zapadnogo gosudarstvennogo universiteta = Proceedings of the Southwest State University. 2022; 26(3): 81-97 (In Russ.). https://doi.org/ 10.21869/2223-1560-2022-26-3-81-97

19. Zakharov I.S., Urazbakhtin A.I. Metod obnapuzheniya i isklyucheniya anomal'nykh znachenii vybopki, poluchennoi iz odnopodnoi genepal'noi sovokupnosti [Method for detecting and excluding anomalous values in a sample obtained from a homogeneous population]. Telekommunikatsii = Telecommunications, 2007, no. 7, pp. 14-23.

20. Zhukova G.N. Identifikatsiya raspredeleniya po koeffitsientam asimmetrii i ekstsessa [Identification of distribution by skewness and kurtosis coefficients]. Avtomatizatsiya. Sovremennye tekhnologii = Automation. Modern Technologies, 2016, no.5, pp. 26-33.

21. IEEE Standard for Low-Rate Wireless Networks. IEEE Std 802.15.4-2020, pp.1-800, 23 July 2020, doi: 10.1109/IEEESTD.2020.9144691

22. Petrov D. Standarty besprovodnoi svyazi diapazona ISM [Wireless communication standards of the ISM range]. Elektronnye komponenty = Electronic Components, 2010, no. 10, pp. 28-32.

23. Tanygin M. O. Restoring the Order of Information Packets Based on Hash Sequence Analysis. Izvestiya Yugo-Zapadnogo gosudarstvennogo universiteta = Proceedings of the Southwest State University. 2020, 24(1): 175-188 (In Russ.). https://doi.org/10.21869/2223-1560-2020-24-1-175-188.