MODEL THREATS TO SECURITY OF INFORMATION AND COMMUNICATIONS SYSTEMS BASED ON REGRESSION ANALYSIS
Article Sidebar
Main Article Content
Abstract
Mathematical model of threats to security of information and communication systems was developed by means of regression analysis to determine, which potential threats are most probable and critical for a particular network and to decide in the further on the use of specific technologies and means of protection. The multilevel classification of threats which based on the OSI model and takes into account such criteria as the source of the threats, the type of impact, objectives pursued, objects and types of attacks was used in constructing the model. The statement of the problem of regression analysis was considered and was showed as from theoretical model get the approximation regression equation which can be used to further forecasting the impact of possible attacks on the network state. Statistics on threats and their consequences, expert assessments, the results of the evaluation simulation or experiment are proposed to use to fill a matrix of possible attacks and network states. For calculating the regression coefficients for approximating analytic model as a regression equation the formalized procedure was proposed. This procedure is proposed to use for each OSI model level, which will provide analytical model appropriate level threats. The model can be used for multilevel analysis of the impact of possible threats to the state of information and communication systems, identifying the most critical threats and making decisions on creation of information security systems in networks for different purposes. The versatility of the model and its adequacy can increase by creating a database of attack and experimental results of their impact on the information and communication systems. This will apply the model to systems for various purposes with different requirements for information security.
References 10, tables 2.
Article Details
This work is licensed under a Creative Commons Attribution 4.0 International License.
Authors who publish with this journal agree to the following terms:- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).
References
"Cisco Annual Report on Information Security for 2016," 2016. [Online]. Available: http://www.cisco.com/c/m/ru_ru/offers/sc04/2016-annual-security-report.
"2016 Security Report," Check Point Software Technologies Ltd., [Online]. Available: http://www.secdatacom.dk/files/agenturer/check%20point/2016-security-report.pdf.
Graivoronsky, M. V.; Novikov, O. M., Bezpeka informatsiino-komunikatsiinyh system [Information and communication systems security], Kyiv: Publishing Group BHV, 2009, p. 608.
Dudykevich, V. B.; Opirsky, I. R., «AnalIz modeley zahistu Informatsii v InformatsIynih merezhah derzhavi [Analysis of models of information security in information networks of state],» Information processing systems, № 4, pp. 86-89, 2016, URL: http://nbuv.gov.ua/UJRN/soi_2016_4_18
E. N. Davydova, «Matematicheskoe modelirovanie raspredelennyih sistem zaschityi informatsii [Mathematical modelling of the distributed systems of security of the information],» Programmnye produkty i sistemy, № 2, pp. 57 - 61, 11 06 2011, URL: http://www.swsys.ru/index.php?page=article&id=2764
Pavlov, I. N.; Tolyupa, S. V., «AnalIz pIdhodIv otsInki efektivnostI matematichnih modeley pri proektuvannI sistem zahistu InformatsIi,» Modern information security, № 3, pp. 36-44, 2014, URL: http://nbuv.gov.ua/UJRN/szi_2014_3_9
Khvostov, V. V.; Rogozin, E. A.; Nikulina, E. Y., «Obosnovanie norm bezopasnosti informatsii avtomatizirovannyih sistem s ispolzovaniem metodov evolyutsionnogo modelirovaniya [Justification Safety standards of automated information systems with the use of evolutionary modeling methods],» The bulletin of Voronezh Institute of the Ministry of Internal Affairs of Russia, № 4, pp. 197-203, 2014, URL: https://ви.мвд.рф/Nauka/nauchnij-zhurnal-vestnik/Vestnik_arhiv/item/6897080/
Khoroshko, V. A.; Maysak, T. V.; Dakhno, N. B., «Matematichni modeli informatsiino-komunikatsiinyh sistem i merezh schodo zahistu informatsii na osnovi teorii variatsiino-gradiientnyh metodiv [Mathematical models of information and communication systems and networks to protect information based on the theory of variational-gradient methods],» Modeling and Information Systems in the economy, № 91, pp. 246 - 255, 2015, URL: http://nbuv.gov.ua/UJRN/Mise_2015_91_25
A. O. Dovhal, «KlasifIkatsIi zagroz bezpeki v InformatsIynIy merezhI [Classification of security threats in the information network],» в IX Interna-tional Scientific Conference of Young Scientists "Electronics-2016". Collection of articles, Kyiv, 2016, URL: http://elconf.kpi.ua/wp-content/uploads/2016/04/ELCONF-2016_sbornik.pdf
P. Yahanov, Regresiinyi analiz bagatofaktornyh tehnichnyh system. Teksty lektsii dlia vyvchennia rozdiliv distsiplini "Osnovy naukovo-doslidnoii produktsii" [Regression analysis of multifactor technical systems. Texts of lectures to study sections of discipline "Fundamentals of research production"], Kyiv: PPC VPI "Polytechnic", 2006, p. 36.
