Affiliation:
1. Russian academy of sciences
Abstract
Formal models of subjects, infrastructure and attacks for information security systems are proposed. The models include descriptions of information security operators, administrators, users and violators, taking into account their knowledge, qualifications and initial conditions. A comprehensive intruder model is presented, including initial knowledge and access rights, initial location, qualifications and goals. Infrastructure models, vulnerabilities, and information collection methods are also considered, which makes it possible to more accurately predict the behavior of violators and develop effective protection strategies. The results of the study show that the proposed models significantly improve the accuracy of risk assessment and security planning, which is especially important for mission-critical information systems. The practical significance lies in the possibility of using models to develop and improve information network security systems. The results of the practical implementation of the model on real data are also presented.
Publisher
St. Petersburg University of the State Fire Service of EMERCOM of Russia
Reference10 articles.
1. Актуальные киберугрозы: I квартал 2024 года: отчет компании Positive Technologies. URL: https://www.ptsecurity.com/ru-ru/research/analytics/cybersecurity-threatscape-2024-q1/ (дата обращения: 04.04.2024)., Aktual'nye kiberugrozy: I kvartal 2024 goda: otchet kompanii Positive Technologies. URL: https://www.ptsecurity.com/ru-ru/research/analytics/cybersecurity-threatscape-2024-q1/ (data obrashcheniya: 04.04.2024).
2. Проблемные вопросы информационной безопасности киберфизических систем / Д.С. Левшун [и др.] // Информатика и автоматизация. 2020. № 5 (19). С. 1050–1088., Problemnye voprosy informacionnoj bezopasnosti kiberfizicheskih sistem / D.S. Levshun [i dr.] // Informatika i avtomatizaciya. 2020. № 5 (19). S. 1050–1088.
3. Моделирование компьютерных атак на распределенную информационную систему / А.А. Корниенко [и др.] // Известия Петербургского университета путей сообщения. 2018. Т. 15. № 4. С. 613–628., Modelirovanie komp'yuternyh atak na raspredelennuyu informacionnuyu sistemu / A.A. Kornienko [i dr.] // Izvestiya Peterburgskogo universiteta putej soobshcheniya. 2018. T. 15. № 4. S. 613–628.
4. Жукабаева Т.К., Десницкий В.А., Марденов Е.М. Аналитическое моделирование атакующих воздействий в беспроводных сенсорных сетях для решения задач обнаружения атак // Информатизация и связь. 2023. № 3. С. 98–105., Zhukabaeva T.K., Desnickij V.A., Mardenov E.M. Analiticheskoe modelirovanie atakuyushchih vozdejstvij v besprovodnyh sensornyh setyah dlya resheniya zadach obnaruzheniya atak // Informatizaciya i svyaz'. 2023. № 3. S. 98–105.
5. Hybrid Modeling of Cyber Adversary Behavior: International Conference on Social Computing, Behavioral-Cultural Modeling and Prediction and Behavior Representation in Modeling and Simulation / A. Sliva [et al.] // Lecture Notes in Computer Science. 2017. P. 133–138., Hybrid Modeling of Cyber Adversary Behavior: International Conference on Social Computing, Behavioral-Cultural Modeling and Prediction and Behavior Representation in Modeling and Simulation / A. Sliva [et al.] // Lecture Notes in Computer Science. 2017. P. 133–138.