Russian Federation
Formal models of subjects, infrastructure and attacks for information security systems are proposed. The models include descriptions of information security operators, administrators, users and violators, taking into account their knowledge, qualifications and initial conditions. A comprehensive intruder model is presented, including initial knowledge and access rights, initial location, qualifications and goals. Infrastructure models, vulnerabilities, and information collection methods are also considered, which makes it possible to more accurately predict the behavior of violators and develop effective protection strategies. The results of the study show that the proposed models significantly improve the accuracy of risk assessment and security planning, which is especially important for mission-critical information systems. The practical significance lies in the possibility of using models to develop and improve information network security systems. The results of the practical implementation of the model on real data are also presented.
information security, intruder model, cyber attacks, risk assessment, network protection
1. Aktual'nye kiberugrozy: I kvartal 2024 goda: otchet kompanii Positive Technologies. URL: https://www.ptsecurity.com/ru-ru/research/analytics/cybersecurity-threatscape-2024-q1/ (data obrashcheniya: 04.04.2024).
2. Problemnye voprosy informacionnoj bezopasnosti kiberfizicheskih sistem / D.S. Levshun [i dr.] // Informatika i avtomatizaciya. 2020. № 5 (19). S. 1050–1088.
3. Modelirovanie komp'yuternyh atak na raspredelennuyu informacionnuyu sistemu / A.A. Kornienko [i dr.] // Izvestiya Peterburgskogo universiteta putej soobshcheniya. 2018. T. 15. № 4. S. 613–628.
4. Zhukabaeva T.K., Desnickij V.A., Mardenov E.M. Analiticheskoe modelirovanie atakuyushchih vozdejstvij v besprovodnyh sensornyh setyah dlya resheniya zadach obnaruzheniya atak // Informatizaciya i svyaz'. 2023. № 3. S. 98–105.
5. Hybrid Modeling of Cyber Adversary Behavior: International Conference on Social Computing, Behavioral-Cultural Modeling and Prediction and Behavior Representation in Modeling and Simulation / A. Sliva [et al.] // Lecture Notes in Computer Science. 2017. P. 133–138.
6. Basin D., Cremers C. Modeling and Analyzing Security in the Presence of Compromising Adversaries: Proceedings of the 15th European Symposium on Research in Computer Security, 2010. P. 340–356.
7. Da G., Xu M., Zhao P. Modeling Network Systems Under Simultaneous Cyber-Attacks: IEEE Transactions on Reliability. 2019. Vol. 68. P. 971–984.
8. Common Platform Enumeration (CPE). URL: https://nvd.nist.gov/products/cpe (data obrashcheniya: 04.04.2024).
9. Common Vulnerabilities and Exposures (CVE). URL: https://cve.mitre.org/ (data obrashcheniya: 04.04.2024).
10. Desnitsky V.A., Kotenko I.V., Chechulin A.A. Configuration-based approach to embedded device security // Lecture Notes in Computer Science. 2012. Vol. 7531. LNCS. P. 270–285.
