scholarly journals Predicting of cyber attacks on critical information infrastructure

2021 ◽  
Vol 2091 (1) ◽  
pp. 012062
Author(s):  
I M Kosmacheva ◽  
N V Davidyuk ◽  
SV Belov ◽  
Yu Kuchin ◽  
I Yu Kvyatkovskaya ◽  
...  
Keyword(s):  
Critical Infrastructure ◽  
Information Infrastructure ◽  
Cyber Attacks ◽  
Incident Detection ◽  
User Characteristics ◽  
Critical Information ◽  
Secure Storage ◽  
Computer Attacks ◽  
Software Updates ◽  
Forecasting System

Abstract According to modern statistics and analytical reviews, targeted computer attacks (cyber attacks) are becoming more and more numerous. Attackers began to use non-standard schemes for implementing attacks, using employees of organizations as intermediaries, which reduces the efficiency of detecting violations. At the same time, the targets of attackers are increasingly critical information infrastructure (CII) objects. The number of cyberattacks on the critical infrastructure of the Russian Federation increased by 150%. Successful attacks on CII are associated with a lack of software updates for industrial equipment, personnel errors, incorrect configuration of protection tools and can potentially lead to disasters. Prediction of computer attacks on CII based on a comprehensive analysis of the characteristics of incidents and system users can significantly increase the efficiency of incident detection, since it is obvious that technical and anthropogenic characteristics in this case should be taken into account together. It is difficult to classify computer incidents due to the volume and heterogeneity of the data about them. The paper proposes approaches that provide for the initial systematization of system log data and user characteristics, an assessment of their informativeness. This will reduce the complexity of further data processing and increase the performance of the computer attack forecasting system by excluding some uninformative data from a single secure storage. The second important task is to create test systems based on available platforms for analyzing and detecting computer incidents in order to train future information security specialists in big data analysis technologies.

scholarly journals Selection Method of Test Cyber Attacks that Ensure the Rational Completeness of the Penetration Testing of a Critical Information Infrastructure Object

2021 ◽  
pp. 12-25
Author(s):  
Sergey Makarenko ◽  
◽  
Gleb Smirnov ◽  
Keyword(s):  
Critical Infrastructure ◽  
Selection Process ◽  
Information Infrastructure ◽  
Selection Method ◽  
Cyber Attacks ◽  
Cyber Attack ◽  
Security Audit ◽  
Penetration Testing ◽  
Critical Information ◽  
Efficiency Cost

Relevance. Security issues of information systems in critical infrastructure objects become important now. However, current tasks of information security audit of critical infrastructure objects are mainly limited to checking them for compliance with requirements of standards and documents. With this approach to the audit, security of these objects from real attacks by hackers remains unclear. Therefore, objects are subjected to a testing procedure, namely, penetration testing, in order to objectively verify their security. An analysis of publications in this area shows that there is not mathematical approaches to selection of test cyber attacks for penetration testing set. The goals of the paper is to form the selection method of test cyber attacks that ensure the rational completeness of the security audit of a critical information infrastructure object. Research methods. Methods of probability theory and mathematical statistics, methods of graph theory and set theory are used in the paper to achieve the research goals. Results. The Select Method of test cyber attacks for security audit of a critical information infrastructure object with rational completeness is presented in the paper. This method formalizes the selection process in the form of a two-stage procedure. At the first stage, based on the topological model of the object testing, a set of testing paths is formed, and these paths are ordered by the degree of weight increase. The path weight is the efficiency/cost indicator that takes in account the test resource for realized of a test cyber attack, the vulnerability of an object element, and the level of damage caused to the element by this test cyber attack. At the second stage of the method, from an ordered set of test paths are selected of such, which would ensure the maximization of the whole absolute cost of the detected damage, within the limits on the resource making of test cyber attacks. It is using of this method in audit practice will allow us to justify the most effective test cyber attacks according to the “efficiency/cost” criterion, as well as to form test sets that will ensure the rational completeness of the audit of the critical infrastructure object.

scholarly journals Legal and organizational provision of protection of the critical information infrastructure from cyberattacks

2021 ◽  
pp. 121-128
Author(s):  
S. CIAPA
Keyword(s):  
United States ◽  
Organizational Support ◽  
Cyber Security ◽  
Critical Infrastructure ◽  
Information Infrastructure ◽  
The United States ◽  
Cyber Attacks ◽  
Positive Experience ◽  
Security Strategy ◽  
Critical Information

The article considers the legal and organizational aspects of ensuring the protection of the critical information infrastructure from cyberattacks. Attention is drawn to the positive experience of the United States in ensuring the resilience of the objects of critical infrastructure. The provisions of the new Cyber Security Strategy of Ukraine are analyzed, one of the priorities of which is to improve the regulatory framework for cyber security of critical information infrastructure. The shortcomings of the previous Cyber Security Strategy of Ukraine (2016) are noted. Contains a detailed analysis of legislation and initiatives on providing cybersecurity. General requirements for cyber protection of critical infrastructure objects are considered. Based on the analysis of the current legislation on cyber security of Ukraine, ways to improve the legal and organizational support for the protection of the critical information infrastructure from cyber attacks are proposed.

Designing a Security Audit Plan for a Critical Information Infrastructure (CII)

2013 ◽  
pp. 262-285 ◽  
Author(s):  
Eduardo E. Gelbstein
Keyword(s):  
Information Systems ◽  
Critical Infrastructure ◽  
Information Infrastructure ◽  
September 11 ◽  
Cyber Attacks ◽  
Coordination Mechanisms ◽  
Security Audit ◽  
Good Practices ◽  
Critical Information ◽  
The Impact

Critical Information Infrastructure Infrastructures (CII) have been recognized as potential targets for cyber-attacks since the late 1990s and many have already been successfully attacked since then. The attacks that took place on September 11, 2001 have increased the concerns of the impact such attacks could have and many governments, professional bodies, and vendors have put in place advisory and coordination mechanisms to share and encourage such good practices. Critical infrastructures are monitored and controlled by information systems, and this makes it increasingly difficult to distinguish a Critical Infrastructure from a Critical Information Infrastructure. It is also acknowledged that such information systems are complex, interdependent, and convergent as they share components that use a small number of products and standards. All of these systems and the products with which they are built are known to have known and unknown vulnerabilities that could be exploited by attackers.

scholarly journals Model of Security Audit of a Critical Information Infrastructure Object with Use the Test Cyber Attacks

2021 ◽  
Vol 7 (1) ◽  
pp. 94-104
Author(s):  
S. Makarenko ◽  
G. Smirnov
Keyword(s):  
Critical Infrastructure ◽  
Information Infrastructure ◽  
Cyber Attacks ◽  
Audit Process ◽  
Critical Information ◽  
Test Information ◽  
Cost Criterion ◽  
Efficiency Cost ◽  
The Individual ◽  
Test Suites

The article presents a model for auditing the security of a critical information infrastructure object by test information and technical influences. This model formalizes an object in the form audit process of a multilevel topological model, the individual levels of which correspond to: resource costs for impacts, test information and technical impacts, vulnerabilities, object elements and damage levels. The use of this model in audit practice will make it possible to substantiate the most effective impacts on the basis of the “efficiency / cost” criterion, as well as form test suites that will ensure the rational completeness of the audit of a critical infrastructure facility.

Ensuring the security of critical information infrastructure: the powers of the federal government bodies of the Russian Federation

2019 ◽  
Author(s):  
Ilia Pavlovich Mikhnev ◽  
Svetlana Vladimirovna Mikhneva
Keyword(s):  
Information Security ◽  
Federal Government ◽  
Russian Federation ◽  
Legal Status ◽  
Information Infrastructure ◽  
Critical Information ◽  
Security Service ◽  
Presidential Decree ◽  
Computer Attacks ◽  
The Russian Federation

The article discusses the competences and powers of the state authorities of the Russian Federation within their legal status in the field of ensuring the security of critical information infrastructure. Some functions and authorities in the field of information security have changed in a number of federal executive bodies. In particular, the Federal Security Service, on the basis of a presidential decree, is authorized to create a state system for detecting, preventing and eliminating the consequences of computer attacks on information resources of the Russian Federation. However, not all rights and obligations are enshrined; a number of powers cause the duality of the legal status of certain federal bodies of state power. The clarity and unambiguity of securing the rights and obligations of state bodies authorized in the field of information security are guarantees for effectively ensuring the security of important information infrastructure facilities.

scholarly journals ON THE FORMATION OF LEGAL AND SCIENTIFIC BASES OF ENSURING THE SAFETY OF CRITICAL INFORMATION INFRASTRUCTURE OF THE RUSSIAN FEDERATION

2019 ◽  
Vol 29 (5) ◽  
pp. 644-654
Author(s):  
N.M. Kurbatov
Keyword(s):  
Information Security ◽  
Russian Federation ◽  
Critical Infrastructure ◽  
Information Infrastructure ◽  
Significant Information ◽  
Critical Information ◽  
Foreign Countries ◽  
History Of ◽  
The Russian Federation ◽  
Definition Of

The concept of critical information infrastructure is analyzed. The history of its formation and consolidation in the legal space of Russian legislation is considered. The article studies the experience of foreign countries in the field of ensuring information security in general and protecting critical infrastructure in particular. The relevance of the chosen topic is due to the course taken by the Russian Federation for the development of the information society in the country, as well as the need to protect significant information systems and resources of state authorities. The author of the article reveals the terms included in the definition of critical information infrastructure, enshrined in the legislation of the Russian Federation. In conclusion, the main problems of the considered regulatory legal acts are highlighted, recommendations are given on the further development of the information security system of critical infrastructure.

Using Hybrid Attack Graphs to Model and Analyze Attacks against the Critical Information Infrastructure

2013 ◽  
pp. 173-197
Author(s):  
Peter J. Hawrylak ◽  
Chris Hartney ◽  
Mauricio Papa ◽  
John Hale
Keyword(s):  
Smart Grid ◽  
Information Infrastructure ◽  
Cyber Attacks ◽  
Computer Networking ◽  
Attack Graphs ◽  
Critical Information ◽  
Best Practice Guidelines ◽  
Modeling Methodology ◽  
Physical Attack ◽  
Networking Technologies

The Smart Grid will incorporate computer networking technologies into the electrical generation, transmission, and distribution sectors. Thus, there will be an underlying Critical Information Infrastructure (CII) based on these network connections. This CII is vulnerable to traditional cyber or computer based attacks typically geared toward disabling devices or networks. However, the Smart Grid is also vulnerable to physical attacks where sensors are tricked into reporting false conditions that cause the control system to react in an inappropriate manner. Cyber-physical attacks blending both cyber and physical attack components are also a possibility. Techniques to model cyber-attacks exist, and this chapter presents a modeling methodology, termed hybrid attack graphs, to model cyber-physical attacks. The hybrid attack graph formalism can be applied to develop best practice guidelines and security patches for the Smart Grid. This formalism can also be applied to other cyber-physical domains as well to help bridge the gap between the physical, logical, and network domains.

scholarly journals Modeling of APT-Attacks Exploiting the Zerologon Vulnerability

2021 ◽  
pp. 47-61
Author(s):  
Sergey Budnikov ◽  
◽  
Ekaterina Butrik ◽  
Sergey Soloviev ◽  
◽  
...  
Keyword(s):  
Numerical Solutions ◽  
Domain Architecture ◽  
Information Infrastructure ◽  
Continuous Functions ◽  
Security System ◽  
Stable Operation ◽  
Automated Control ◽  
Computational Mathematics ◽  
Critical Information ◽  
Computer Attacks

Purpose: the need to assess the effectiveness of the security systems for significant objects of critical information infrastructure determines the need to develop simple and adequate mathematical models of computer attacks. The use of mathematical modeling methods in the design of security system of significant object allows without significant cost and impact on the functioning of the object to justify the requirements to the system as a whole or its individual parts. The purpose of the present paper is to develop a model of the process of multistage targeted computer attack that exploits the Zerologon vulnerability, based on the representation of the attack by a Markov random process with discrete states and continuous time. Methods: methods of Markov process theory, probability theory, computational mathematics and graph theory are used in the model to formalize the attack. Novelty: application of methods of computational mathematics for functional analysis of the results of Kolmogorov’s system of equations allows to solve the problem of maximizing the time of stable operation of critical information infrastructure during computer attacks against it, using the known methods of analysis of continuous functions. Result: formulated a general statement of the problem of modeling the process of a multistage targeted computer attack using a system of Kolmogorov equations, describing the probabilities of being in conflict states of the security system with the intruder. By the Adams method implemented in Mathcad environment, numerical solutions depending on time were obtained. We introduce a security system performance index as a ratio of probability of triggering the security system and blocking intruder’s actions during the attack to the probability of successful completion of the attack. We give an example of research of computer attack realization in a typical information infrastructure, including a corporate network with domain architecture and an automated control system of some technological process. 1 For the considered example defined the optimal values of time parameters of security system. When implementing protective measures with reasonable probabilistic-time characteristics proved an increase in time of stable operation of critical information infrastructure from 11 to 189 hours.

scholarly journals PREVENTING CYBER ATTACKS ON CRIRICAL INFRASTRUCTURE: A NEW PRIORITY FOR THE RUSSIAN PUBLIC DIPLOMACY?

2013 ◽  
pp. 58-61
Author(s):  
O. V. Demidov
Keyword(s):  
Public Diplomacy ◽  
Information Technologies ◽  
Critical Infrastructure ◽  
Legal Regulation ◽  
Cyber Attacks ◽  
Nuclear Industry ◽  
Computer Attacks ◽  
The Russian Federation ◽  
Practical Progress ◽  
Global Agenda

The article analyses the problem of cyber attacks on critical infrastructure, including facilities of the nuclear industry. At present there is almost no international legal regulation of the possible usage of information technologies in order to information systems used by object of the critically important infrastructure. Still, there has been an unprecedented growth in the information threats in recent years. As it was revealed in 2010, several Middle East States, first of all Iran in 2008, were the target for a series of systematic and sophisticated computer attacks, whose initiators remain unknown, which were aimed at the collection of information about the objects of critical information infrastructure of these states and its program intrusion. The author supports the thesis of the need for early development of international legal instruments to prevent and prohibit such cyber attacks. At the same time the leadership in the formulation and solution of this problem on the international scene can assume the Russian Federation, whose initiatives have since 1998 shaped the global agenda in terms of regulating the behavior of states in cyberspace. Despite the significant differences of different countries in this area, their positions on ensuring protection against cyber attacks peaceful nuclear infrastructure are the closest to a consensus, creating a window of opportunity for practical progress on this issue in 2013-2014.

Sign in / Sign up

Export Citation Format

Share Document