Menu
Publications
2024
2023
2022
2021
2020
2019
2018
2017
2016
2015
2014
2013
2012
2011
2010
2009
2008
2007
2006
2005
2004
2003
2002
2001
Editor-in-Chief
Nikiforov
Vladimir O.
D.Sc., Prof.
Partners
doi: 10.17586/2226-1494-2021-21-5-694-701
An experimental methodology for assessing the probability and danger of network attacks in automated systems
Read the full article ';
Article in Russian
For citation:
Abstract
For citation:
Drovnikova I.G., Ovchinnikova E.S., Popov A.D., Livshitz I.I., Basov O.O., Rogozin E.A. An experimental methodology for assessing the probability and danger of network attacks in automated systems. Scientific and Technical Journal of Information Technologies, Mechanics and Optics, 2021, vol. 21, no. 5, pp. 694–701 (in Russian). doi: 10.17586/2226-1494-2021-21-5-694-701
Abstract
The paper proposes a new method of conducting an experiment to assess the dynamics of the information conflict “Network attack – Protection system” in automated systems. As a result of the application of the methodology, quantitative values of the initial data necessary for assessing the probability and danger of network attacks in automated systems were obtained. The research method implied an experiment that displayed the dynamics of the information conflict “Network attack – Protection system” in automated systems. The authors developed a methodology to determine the quantitative values of the characteristics, as well as the amount of damage from standard network attacks that affect the elements of automated systems. The use of the results makes it possible to observe the course of the information conflict “Network attack – Protection System” in dynamics, to calculate the probabilistic and temporal characteristics of network attacks and to carry out an accurate quantitative assessment of the danger of their implementation in automated systems in the “CPN Tools” and MathCad software environments. The prospects for using the obtained results deal with the construction of particular models of actual attacks and increase of stability of automated systems.
Keywords: experiment, automated system, network attack, information protection system, information conflict, probability of a network attack, danger of a network attack, quantitative assessment
References
References
1. Melnikov D.A., Durakovsky A.P., Dvoryankin S.V., Gorbatov V.S. Concept for increasing security of national information technology infrastructure and private clouds. Proc. 5th International Conference on Future Internet of Things and Cloud (FiCloud 2017), 2017, pp. 155–160. https://doi.org/10.1109/FiCloud.2017.11
2. Butusov I.V., Romanov A.A. Methodology of security assessment automated systems as objects critical information infrastructure. Voprosy kiberbezopasnosti, 2018, no. 1(25), pp. 2–10. https://doi.org/10.21681/2311-3456-2018-1-2-10
3. Kalashnikov A., Sakrutina E. Towards risk potential of significant plants of critical information infrastructure. Proc. of the International Russian Automation Conference (RusAutoCon), 2018, pp. 8501644. https://doi.org/10.1109/RUSAUTOCON.2018.8501644
4. Drovnikova I.G., Ovchinnikova E.S., Rogozin E.A. Analysis of existing methods and procedures for assessing the risk of network attacks in automated systems of internal affairs bodies and aspects of their improvement. The bulletin of Voronezh Institute of the Ministry of Internal Affairs of Russia, 2019, no. 4, pp. 51–63. (in Russian)
5. Sher A. Simulation of Attacks in a Wireless Sensor Network using NS2. Graduate Project Report. The School of Engineering & Computing Sciences. Texas A&M University-Corpus Christi. Spring 2015, 49 p.
6. Yao Y., Viswanath B., Cruan J., Zheng H., Zhao B.Y. Automated crowdturfing attacks and defenses in online review systems. Proc. 24th ACM SIGSAC Conference on Computer and Communications Security (CCS 2017), 2017, pp. 1143–1158. https://doi.org/10.1145/3133956.3133990
7. Solic K., Ocevcic H., Golub M. The information systems' security level assessment model based on an ontology and evidential reasoning approach. Computers & Security, 2015, vol. 55, pp. 100–112. https://doi.org/10.1016/j.cose.2015.08.004
8. Lan Y., Liu S.-P., Lin L., Ma Y.-Y. Effectiveness evaluation on cyberspace security defense system. Proc. of the International Conference on Network and Information Systems for Computers (ICNISC), 2015, pp. 576–579. https://doi.org/10.1109/ICNISC.2015.120
9. Radko N.M., Skobelev I.O. Risk-Models of Information and Telecommunication Systems at the Threat of Remote and Direct Access. Moscow, RadioSoft Publ., 2010, 232 p. (in Russian)
10. Radko N.M., Iazov Iu.K., Korneeva N.N. Penetration Into the Computer Operating System: Models of Malicious Remote Access. Voronezh, Voronezh State Technical University Publ., 2013, 265 p. (in Russian)
11. Bokova O.I., Drovnikova I.G., Ovchinnikova E.S., Rodin S.V. Innovative technology in the research of implementation dynamics of network attacks on the digital educational resources. Journal of Physics: Conference Series, 2020, vol. 1691, pp. 12063. https://doi.org/10.1088/1742-6596/1691/1/012063
12. Drovnikova I.G., Ovchinnikova E.S., Rogozin E.A., Kalach A.V. Modeling the dynamics of information conflict in secure automated systems of internal affairs bodies based on the Petri-Markov network. Vestnik of Voronezh Institute of the Russian Federal Penitentiary Service, 2020, no. 4, pp. 37–44. (in Russian)
13. Drovnikova I.G., Ovchinnikova E.S., Konobeevsky V.V. Analysis of typical network attacks on automated systems of internal affairs departments. Herald of Daghestan State Technical University. Technical Sciences, 2020, vol. 47, no. 1, pp. 72–85. (in Russian). https://doi.org/10.21822/2073-6185-2020-47-1-72-85
14. Ovchinnikova E.S. Graph models of the dynamics of network attacks in automated systems of internal affairs bodies. Herald of Daghestan State Technical University. Technical Sciences, 2021, vol. 48, no. 1, pp. 116–129. (in Russian). https://doi.org/10.21822/2073-6185-2021-48-1-119-129