РЕЗИЛЬЄНТНІСТЬ КОМП’ЮТЕРНИХ СИСТЕМ В УМОВАХ КІБЕРЗАГРОЗ: ТАКСОНОМІЯ ТА ОНТОЛОГІЯ

Abstract

The rapid development of information technology has expanded the capabilities of cyberthreads regarding computer systems. Cybercriminals are developing new ways to avoid attack detection, so existing approaches are not able to withstand the growing threat of attacks. Meanwhile, the consequences of cyberattacks are becoming more dangerous and destructive. One of the approaches to solve the problem is the construction of resilient systems that are able to quickly recover and continue to function under attack conditions. The subject of research is the construction process of the resilient computer systems in the face of cyber threats. The goal is to develop a taxonomy and ontology of resilient computer systems under cyberthreats. Results. The article presents the definitions of the resilience from the point of view of cybersecurity, presents the gap between the concepts of resilience and dependability. The paper presents the main elements of the taxonomic scheme of computer system resilience, which include threats (changes in the environment and requirements, network attacks, attacks on software, software and hardware vulnerabilities, errors, failures), information and technical conditions that computer system passes during its operating cycle, the principles on which resilience is based (proactivity, adaptability, resistance, diversity, elasticity, controlled degradation, defense in depth, ability to evolvability), as well as primary and secondary properties. Based on the above elements, a generalized taxonomic scheme of resilience related to information security has been developed. The work presents the operational cycle of a resilient CS as a set of information and technical states that the system goes through (preparation, system protection, threat detection, threat absorption, response to a threat, system recovery after a cyberattack, adaptation.) An ontology scheme of the resilience from the point of view of information security of computer systems in the presence of cyberthreats is developed. Conclusions A taxonomy and ontology of resilient computer systems in the presence of cyberthreats has been developed.