Adaptive Management of Information Network Protection with Analysis of Intruder's Actions-Reference-Cited by-同舟云学术

Adaptive Management of Information Network Protection with Analysis of Intruder's Actions

Published:2018-09-23 Issue:4 Volume: Page:61-72
ISSN:2541-8610
Container-title:Information and Control Systems
language:
Short-container-title:Informacionno-upravlâûŝie sistemy

Author:

Korshunov G. I.¹,Lipatnikov V. A.²,Shevchenko A. A.²,Malyshev V. Y.²

Affiliation:

1. Pantes, Ltd; Saint-Petersburg State University of Aerospace Instrumentation.

2. S. M. Budyonny Military Academy of Telecommunication.

Abstract

Introduction:The known methods of adaptive management of information network protection with special security measures are not effective enough in modern conditions, as they only take into account collected and processed data on security events and do not analyze the dynamics of the actions.Purpose:Developing a method of adaptive control of information network protection based on the analysis of violator's actions.Results:A method has been proposed for adaptive management of information network protection. Unlike other known methods, it is based on analyzing the dynamics of the violator's actions and determining the situational confrontation parameters under stochastic uncertainty. The method includes situation monitoring, operational control of the sequence of violator's actions, modeling the attacker's strategy, determining the situational parameters with a reliable prediction of the intrusion strategy. During the analysis, the network administrator receives information about the priority purposes of an intruder, the tools used and the vulnerabilities of the network. This provides an opportunity to promptly take measures to increase the security of the network and avoid its compromise.Practical relevance: Тhis approach allows you to maintain the operation of automated management systems for an organization with integrated structure, taking into account the scaling in planning and making changes to the structure on the background of information confrontation at the required level when multiple threats are changing their dynamics.

Publisher

State University of Aerospace Instrumentation (SUAI)

Subject

Control and Optimization,Computer Science Applications,Human-Computer Interaction,Information Systems,Control and Systems Engineering,Software

Reference25 articles.

1. Andrianov V. I., Krasov A. V., Lipatnikov V. A. Innovatsionnoe upravlenie riskami informatsionnoj bezopasnosti [Innovative Management of Information Security Risks]. Saint-Petersburg, SPbGUT im. prof. M. A. Bonch-Bruevicha Publ., 2012. 396 p. (In Russian).

2. State Standard R ISO/MEHK 27001-2006. Information Technology. Methods of Protection. Information Security Management Systems. Requirements. Available at: http://docs.cntd.ru/document/1200058325 (accessed 6 August 2018).

3. State Standard R ISO/MEHK 13335-1-2006. Information Technology. Methods and Means of Ensuring Security. Part 1. The Concept and Models of Security Management of Information and Telecommunication Technologies. Available at: http://docs.cntd.ru/document/1200048398 (accessed 6 August 2018).

4. Lipatnikov V. А., Shevchenko A. A., Yatskin A. D., Semenova E. G. Information Security Management of Integrated Structure Organization based on a Dedicated Server with Container Virtualization. Informatsionno-upravliaiushchie sistemy [Information and Control Systems], 2017, no. 4, pp. 67–76 (In Russian). doi:10.15217/issn1684-8853.2017.4.67

5. Lukatsky A. Obnaruzhenie atak [Detection of Attacks]. Saint-Petersburg, BKhV-Peterburg Publ., 2008. 304 p. (In Russian).

Cited by 1 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Models and methods of information reliability and data protection;IOP Conference Series: Materials Science and Engineering;2019-05-01