V.E. Dementiev, A.Y. Putsev

Rapid growth of the Internet has also the negative side assotiated with the ever-increasing damage caused by the misuse of Internet resources. This problem is caused by lot of ways of anonymous use of a global network. Among them it is possible to note technologies of use of proxy servers, vpn-connections and anonimizing networks. When using this methods there is no guaranteed possibility to identify the author of session, so, there is no possibility to stop an offense. Monitoring systems of a traffic SORM is updated for identification of malefactors, so this provides remote management of these systems from the uniform center. This updating does essentially possible procedure of comparison of a traffic directly on knot of the malefactor and the target server. However there are no algorithms now allowing to compare the traffic target and modified by various ways with high degree of reliability and in the sufficient speed. Existing methods of identification of malefactors on the Internet are focused on the analysing service data of a stack of data transmission protocols TCP/IP. Meanwhile works of domestic and foreign researchers show that for achievement of the best indicators at identification of a sample of a traffic it is necessary to estimate statistical characteristics of a traffic. It causes a high urgency of the task connected with synthesis and the analysis of statistical algorithms of a deanonimizing in public networks. Results of development and research of the procedures allowing with high reliability to define a source of a traffic are given in this article. The carried-out researches have shown the principal possibility of realization of these algorithms in real communication networks in the conditions of processing a significant amount of multiplexed traffic.