METHOD FOR DETECTING AND MITIGATING COMPROMISED NODES IN DISTRIBUTED INFORMATION SYSTEMS WITH DATA INTEGRITY ASSURANCE

Abstract

Modern distributed information systems, particularly Internet of Things (IoT) environments, are characterized by a large number of interconnected nodes and intensive data exchange. Ensuring cybersecurity and data integrity in such systems is one of the key challenges. Of particular importance is the problem of node compromise, which may lead to data distortion, incorrect computations, and a decrease in overall system reliability. Traditional security approaches do not always ensure timely detection of anomalous node behavior, which necessitates the development of effective methods for threat detection and mitigation.

This paper proposes a method for detecting and mitigating compromised nodes in distributed information systems based on the analysis of deviations of node-generated parameters from aggregated system characteristics. The method involves the formation of aggregate indicators, including average values, and the determination of threshold criteria for identifying anomalous deviations. If the threshold is exceeded, a node is classified as potentially compromised.

The proposed approach includes a mechanism for isolating suspicious nodes and adjusting the data processing procedure by excluding their influence on the results. This makes it possible to improve the reliability of computations and ensure data integrity even in the presence of partially compromised system components. Special attention is paid to the simplicity of implementation, which allows the method to be applied in systems with limited computational resources.

The obtained results demonstrate that the proposed method effectively detects anomalous node behavior and reduces the negative impact of cyber threats on system operation. The approach can be used as a component of comprehensive cybersecurity solutions for distributed information environments.