МОДЕЛЮВАННЯ ХАРАКТЕРИСТИК ОБЛАДНАННЯ КОМП’ЮТЕРНИХ МЕРЕЖ У РАКУРСІ ІНФОРМАЦІЙНОЇ БЕЗПЕКИ

Abstract

The study focuses on the development of models for analyzing and assessing information security risks in computer networks that are used in the development of enterprise information security systems and in auditing the level of protection of already existing information systems, the development of a family of security models of computer network communications equipment. The developed algorithms and models have been implemented in the system of analysis and correction of information security violations, the use of which has allowed to reduce the time of correction of the consequences of such violations. The basic elements of violations, which are described by the information structure and determine the influence on the activity of information systems, are revealed. It is determined that most information security events are related to the communication equipment of the computer networks on which the information systems operate. Further research has been aimed at finding and developing security models for communication levels of operation of computer networks and a system for correcting information security violations. To implement the algorithm, a number of models, that describe the characteristics of network equipment in the security perspective, have been developed. The model of switch security describes the switch characteristics that affect the security and reliability of the network infrastructure. The tunneling security model reflects the security of the gateway portion of the deployed VPN tunnel. The intrusion detection security model involves the use of a compatible model with the shielding model, namely extending the state-based filtering parameter. The routing security model considers the types and protocols of routing. The use of models in the correcting system of the consequences of information security violations has made it possible to fully or partially automate the response to security events occurring in information systems. The developed models allow to take into account the peculiarities of the information system, the nature of the threat scenarios and the features of the network equipment.