NETWORK ATTACK ROUTE ANALYSIS APPROACH
I.A. Kuznetsov, V.S. Oladko
The article discusses current problems and tools for ensuring information security in network infrastructure. The author analyzes the current trends in information security breaches in 2018-2019, concludes about the relevance of countering threats related to unauthorized access to network resources and objects. A typical network infrastructure was analyzed, the main elements were identified: subjects, objects and access resources. The most important security elements are network and server hardware. The main sources of threats to network security violations are identified, a chain of threats to network security is compiled and described, the significance of threats is shown by sources of which are external and internal violators. An example of a network attack implementation scheme during exploitation of the BDU vulnerability: 2017-02494 is given. An approach to building network attack routes for an internal and external security intruder is proposed. It is shown that the network attack route represents the procedure for overcoming technical as well as logical devices containing security measures when implementing an attack on a network infrastructure object. An algorithm for constructing a network attack has been developed. The conclusion is drawn about the possibility of applying the approach to building a network attack route in the tasks of security monitoring, security assessment and planning of protective measures.
Keywords:vulnerability, network security, security event, attack vector, intruder.