A SET OF PROGRAMS FOR SOLVING PROBLEMS OF MODELING, OPTIMIZATION AND ASSESSMENT OF STABILITY OF COMPLEX SECURITY OF OBJECTS OF CRITICAL APPLICATION
UDC 004.02; 004.942; 378.1
A description of a set of programs for modeling, optimizing and evaluating the stability of integrated security processes in UIS institutions is given. The complex in the interactive mode of communication with the user allows you to: develop and display in the form of visual diagrams a model of complex security of objects of critical application; evaluate the inconsistency of local security aspects; choose the appropriate method of optimization depending on the degree of inconsistency of local security aspects and threats from malicious users; to optimize the processes of ensuring complex safety of critical application objects in regular, critical and threatening situations by the criterion of minimum deviation from the requirements; to give an integral rapid assessment of the level of safety, using models of additive, multiplicative and dichotomous convolution, as well as convolution based on the theory of non-clear sets; to carry out expert evaluation of local safety indicators at the preliminary stage of optimization; evaluate the sustainability of management decisions taking into account the management style adopted at this facility and the nature of relationships between subordinates. The complex is built on the basis of interactive ideology and differs from the existing disparate software products of similar purpose in that it is implemented as an information and calculation system of dialect type with a single interface and a common database. The complex is implemented in an integrated TURBO PASCAL environment using VISUAL BAISIC, DELPHI, and C++ procedures and functions that are focused on creating applications running Windows 10. It can find practical application as a decision support tool for managing the safety of critical application ergatic systems.
Keywords: critical application object, safety, complex of programs, management decision, stability.
PROBLEMS OF IMPLEMENTING NEW APPROACHES TO INFORMATION SECURITY IN THE ENERGY INDUSTRY
UDC 004.046, 004.056
The quality of life of a modern society directly depends on the functioning of the energy sector. Despite the measures taken to protect the energy infrastructure, statistics of information security incidents indicate significant shortcomings in the applied security architecture that are of systematic nature. The likelihood of malicious software penetrating the computer systems of energy companies has increased significantly in recent years, which could have a strong impact on the availability, integrity and confidentiality of technological network systems. In the article analyzed information security (IS) incidents, shown the vulnerability of power facilities not only to well-planned attacks, but also to ordinary malicious software. The features of using the principles of information security in the energy sector are identified, the landscape of existing threats and vulnerabilities is described, the shortcomings of the applied security model are identified. The author gives a generalized characteristic of the “zero trust” model, which is proposed to be used at power supply facilities, and provides a comparative analysis of two approaches to information security. The application of the developed roadmap for the implementation of a new information security concept, supplemented by a description of ways to minimize operational risks, can significantly improve the quality of services provided for critical business applications, provide reliable protection against modern information security threats and data leaks, and improve harmonization with the requirements of the legislation for safety.
Keywords: information security in the energy sector, the concept of Zero Trust, information security threats, information security incidents, information security models, vulnerability management, minimum privileges.
REMOTE WORKSTATION MONITORING BASED ON WIRELESS TECHNOLOGY
One of the tasks of remote wireless workstation monitoring is to ensure data sharing security by remotely monitoring a workstation or portable devices based on Wi-Fi, 4G or Bluetooth. The developed model of application for mobile communication devices (ICC) serves to monitor and verify various operations on workstations (laptops) connected through a computer network Wi-Fi. Wireless information security protocols are compared. The application is based on Wi-Fi technology, which is protected by wireless security protocol WPA2 . The WPA2 implements the AES block cipher to provide more reliable data encryption, but it is still vulnerable to several attacks due to the transmission of unencrypted control and control frames and the sharing of a group time key (GTK) between nodes connected to the wireless network. Secure communication between the server and the ICC creates the need to offer a security algorithm – simple and efficient to create a robust platform under an already existing wireless information security protocol, such as WPA/WPA2. The results of the workstation monitoring system, encryption algorithm are presented and the performance of the application module is estimated.
Keywords: platform, model, algorithm, computer network monitoring, WPA/WPA2, encryption.
MULTI-MEASURE NAVIGATION SAFETY ESTIMATION AND DIGITAL REPRESENT FOR MARINE AREA
V.M. Grinyak, Y.S. Ivanenko, V.I. Lulko, A.V. Shulenina, A.V. Shurygin
The paper is devoted to the problem of ensuring the safe movement of ships. The problem of assessing the safety of a traffic pattern implemented in a specific water area is considered. Five different safety metrics are introduced. The first metric – “traffic intensity” – the traditionally used traffic density estimate, is calculated as the number of vessels passing through a particular section of the water area per unit time. It is supplemented by the metrics “intensity plus speed” (second) and “intensity plus size of ships” (third). When calculating them, respectively, the speed of the vessels and their length, which determine the “weight” of each vessel, are taken into account. The fourth metric – “stability of traffic parameters” – takes into account the nature of the movement of ships in terms of the regularity of their courses and speeds. The paper discusses various options for the metric, to illustrate the simplest of them is implemented – an estimate of the standard deviation of the ship’s course. The fifth metric – “traffic saturation” – characterizes the density of movement of ships in terms of the possibility of their maneuvers. The metric appeals to the traditional model representations of the collective motion parameters of the vessels in the form of a “speed-course” diagram and makes it possible to indirectly assess the difficulty of decision-making by skippers and the emotional burden on traffic participants. In the discussion of the results of the work, the option of integrating the five proposed metrics in the form of a system of rules giving an integrated assessment of traffic safety in a particular section of the water area is considered. The work is accompanied by the results of calculations of the proposed metrics on real data on the movement of ships in the Tsugaru Strait and their discussion. It is shown that the proposed system of metrics allows you to create a systematic idea of the degree of danger of traffic implemented in the water area.
Keywords: marine safety, traffic intensity, ship trajectory, ship traffic, traffic area, аutomatic
METHODS OF ACCEPTABLE OPTIONS FORMATION OF ORGANIZATIONAL STRUCTURE AND THE STRUCTURE OF THE AUTOMATED INFORMATION SECURITY MANAGEMENT SYSTEM
To ensure comprehensive information protection, it is necessary to use various means of information protection, distributed by levels and segments of the information system. This creates a contradiction, which consists in the presence of a large number of different means of information protection and the inability to ensure their joint coordinated application in ensuring the protection of information due to the lack of an automated control system. One of the tasks that contribute to the solution of this problem is the task of generating a feasible organizational structure and the structure of such an automated control system, whose results would provide these options and choose the one that is optimal under given initial parameters and limitations.Тhe problem is solved by reducing the General problem to a particular problem of splitting into subgraphs of the original graph of the automated cyber defense control system. In this case, the subgraphs will correspond to the subsystems of the automated cyber defense management system at different levels and will provide a visual representation of the process of acceptable variants formation of the organizational composition and structure of such an automated control system. As a result of the operation of splitting into subtasks of the graph, a set of acceptable variants of the organizational composition and structures of the automated cyber defense management system are supposed to be obtained, based on which the optimal choice is made under the given initial parameters and restrictions. As a result, the technique of formation of admissible variants of organizational structure and structure by the automated control system of cyber defense is received.
Keywords: information security, cybersecurity, information protection, control, automated control systems.
PRACTICAL ASPECTS OF APPLICATION OF THEORY OF GAMES TO THE ASSESSMENT OF SYSTEM SECURITY
L.V. Stepanov, A.S. Koltsov, A.V. Parinov, D.V. Parinov, B.A. Soloviev
: The paper considers the practical application of the game-theoretic approach to the task of assessing the security of systems. One of the factors determining the life and activity of any system is its safety. The concept of security is applicable to organizational, economic, engineering, biological and any other types of systems. The security status of the system is determined by many external and internal factors. Among the internal factors include the vulnerabilities inherent in this system, and among the external ones there are many threats that could potentially affect this system. The circumstance of the confrontation between threats on the one hand, and vulnerabilities (measures to eliminate vulnerabilities) on the other, makes it reasonable to use game theory methods to assess the security of a system.The parameters of threats and vulnerabilities, along with quantitative ones, can have a qualitative description, which limits the possibility of using mathematical methods. For this reason, these parameters must be formalized in a numerical form. To solve this problem, it is proposed to use a pairwise comparison of linguistic constructions. The obtained formalized values can be used to construct the game matrix.A feature of the approach proposed in the work is the possibility of its implementation in the form of algorithmic and software that will automate the work of analysts responsible for the formation of tactics and strategies for ensuring the security of any institution or organization. This fact reflects the practical usefulness of the proposed methodology.
Keywords: security system, security threats, system vulnerabilities, measures to counter threats, linear programming, game theory.
MATHEMATICAL MODEL OF THE DISTRIBUTION OF THE GLOBAL CHAIN EPIDEMIC OF NETWORK VIRUSES ON THE FRACTURING GRAPH
Research objective is the solution of a relevant problem of development of optimum strategy of management of processes of distribution of computer epidemics, design of local area networks which as much as possible protect network from viral infection with the structure as extensive damage to ordinary users of computers and local area networks of the enterprises, organizations, banks, objects of power supply is caused by epidemics of various computer viruses.The leading method of a research of a problem is creation of a mathematical model of branched chain process of distribution of computer network viruses with playing of options of succession of events, studying on model of efficiency of actions in fight against spread of viruses, a possibility of modeling of “epidemic” on the selected configuration of network for exact assessment of security of network from viruses.The new device of mathematical modeling and forecasting of branched chain processes is presented in article, the model carries out analytical conversions and numerical calculations, builds geometrical images of the proceeding branched chain epidemics of network viruses in real time. Process modeling of spread of network viruses is implemented in two stages: identification of structure of communications of intermediat of chain reaction (computers) of network – “recognition of the prefractal graph” and spread of “infection” on network in the form of chain branched process – “a covering of the prefractal graph”.The theoretical and practical importance of this work consists in adaptation of the instrumental office of prefractal graphs to a solution of problems of a spatio-temporal course of branched chain processes in virologic applications. Materials of article are of practical value at a research of distribution of global chain epidemic the new model device – the vertex costal weighed prefractal columns.
Keywords: computer viruses, computer network, priming, fractal, prefractal and weighted graphs.
ABOUT FINDING ALL NONDOMINATED MAXIMIN STRATEGIES OF ONE OF THE PLAYERS IN A TWO-PERSON NONCOOPERATIVE GAME THAT MODELS A PROCESS OF PURCHASING PROTECTION MEANS FOR A COMPUTER SYSTEM
A two-person noncooperative game that models a process of purchasing protection means for a computer system is considered. One of the players in this game is a party responsible for the security of the system. Having a certain amount of money that can be spent on the purchase of the protection means this party determines which of these funds should be purchased. Actions of the other player (and it’s the external world in relation to the computer system) are attacks on the computer system implemented via the network. For each of the protection means that can be purchased as well as for each of the types of attacks that can be used in an assault on the computer system a probability with which the attack will be reflected by the protection mean is known. By choosing the protection means a party responsible for the security seeks to minimize overall losses which include first a cost of the purchased protection means and secondly a damage expected from use of the other party attacks on the computer system. A study of an optimality principle implementations of which are nondominated maximin strategies of a player, which is a party responsible for ensuring the security of the system, is carried out. A result of this study is statements that determine a method of finding all nondominated maximin strategies of the specified player.
Keywords: noncooperative game, maximin strategy, nondominated strategy, computer system, attack on a computer system, protection of a computer system.
DISPERSION OF THE NUMBER OF FAILURES IN MODELS OF PROCESSES OF RESTORATION OF TECHNICAL AND INFORMATION SYSTEMS. OPTIMIZATION PROBLEMS
UDC 519.873, 004.056
I.I. Vainshtein, V.I. Vainshtein
In this work, for several models of recovery processes, dispersion formulas for the number of failures are obtained, depending both on the recovery functions of the considered model of the recovery process and on the recovery functions (average number of failures) of other models. Considering the formulas for the average and variance of the number of failures, the problem statements are given on the organization of the recovery process in which the minimum variance is achieved with a given limit on the average number of failures, or so that there is the smallest average number of failures with a given dispersion limit. The formulation tasks resemble Markowitz’s well-known task of forming a portfolio of securities, where the average makes sense of income, risk variance. The solution of the formulated problems is obtained for a simple recovery process with an exponential distribution of operating time, and for this case the Chebyshev inequality and the formula for the coefficient of variation are written. The developed mathematical apparatus is intended for use in the formulation and solution of various optimization problems of information and computer security, as well as in the operation of technical and information systems, software and hardware-software information protection when failures, threats of attacks, and security threats of a random nature occur.
Keywords: distribution function, recovery process, recovery function, failure rate dispersion, coefficient of variation
FORMALIZATION OF THE ACCESS CONTROL AUDIT PROCEDURE IN THE INFORMATION SYSTEM
The article discusses current problems and tools for ensuring information security in information systems. The author analyzes the current trends in information security breaches in 2018-2019, concludes about the relevance of countering threats related to unauthorized access. The basic tools for protecting an information system from unauthorized access are many rights and rules for access control between objects and subjects. Therefore, to ensure the necessary level of security, the adequacy and consistency of the distribution of access rights is important. The methodology and conceptual scheme for conducting an audit of the access control subsystem based on ACL lists, consisting of procedures for initiating audits, collecting and analyzing audit data has been developed. The mathematically model of audit procedure is automation in the form of an audit software tool for the access control subsystem using the Windows operating system as an example. The main advantage of the proposed audit procedure is that it does not require complex testing procedures, calculation of probabilities, involvement and selection of experts. The main purpose of the program is to assess the compliance of the existing settings of the access control policy in the system with the security policy of the system under investigation.
Keywords: access rights, information protection, operating system, access control model, mathematical model, cybersecurity.