Abstract
Formal models of subjects, infrastructure and attacks for information security systems are proposed. The models include descriptions of information security operators, administrators, users and violators, taking into account their knowledge, qualifications and initial conditions. A comprehensive intruder model is presented, including initial knowledge and access rights, initial location, qualifications and goals. Infrastructure models, vulnerabilities, and information collection methods are also considered, which makes it possible to more accurately predict the behavior of violators and develop effective protection strategies. The results of the study show that the proposed models significantly improve the accuracy of risk assessment and security planning, which is especially important for mission-critical information systems. The practical significance lies in the possibility of using models to develop and improve information network security systems. The results of the practical implementation of the model on real data are also presented.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
More From: Scientific and analytical journal «Vestnik Saint-Petersburg university of State fire service of EMERCOM of Russia»
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.