Evaluating the effectiveness of the information security system process based on the theory of stochastic indicators

Abstract

Introduction: Under the conditions of imperfect methods and means of detection and response to computer attacks there is a constant growth of destructive impacts aimed at critical information systems. This generates a need to develop research methods for early warning systems to provide information security in case of malware attacks. One of the effective ways to solve this problem is to use the methods of the theory of stochastic indicators. Purpose: The development of a tool for evaluating the effectiveness of the information security system functioning. Results: We describe deterministic, random and indefinite components of the information security system functioning. Constant and functional indicators are constructed, their distinctive features are revealed. To solve the problem of evaluating the effectiveness of the process under consideration stochastic superindicators are constructed. We have also described the features of the construction of stochastic indicators of different ranks on the basis of the theory of the effectiveness of targeted processes and purposeful systems. Practical relevance: Through the developed stochastic time indicators, the probabilistic and temporal characteristics of the destructive impact are estimated, with the intervals and time points of its occurrence taken into account. This allows the system to be timely warned of a possible destructive impact scenario for the elements of critical information infrastructure.