Security Assessment Methodology Based on the Semantic Model of Metrics and Data

The purpose of the article: development of semantic model of metrics and data and technique for security assessment based on of this model to get objective scores of information system security. Research method: theoretical and system analysis of open security data sources and security metrics, semantic analysis and classification of security data, development of the security assessment technique based on the semantic model and methods of logical inference, functional testing of the developed technique. The result obtained: an approach based on the semantic model of metrics and data is proposed. The model is an ontology generated considering relations among the data sources, information system objects and data about them, primary metrics of information system objects and integral metrics and goals of assessment. The technique for metrics calculation and assessment of unspecified information systems security level in real-time using the proposed model is developed. The case study demonstrating applicability of the developed technique and ontology to answer security assessment questions is provided. The area of use of the proposed approach are security assessment components of information security monitoring and management systems aimed at increasing their efficiency.

Criteria and Parameters for Estimating Quality of Penetration Testing

Relevance. Security issues of information systems in critical infrastructure objects become important now. However, current tasks of information security audit of critical infrastructure objects are mainly limited to checking them for compliance with requirements of standards and documents. With this approach to the audit, security of these objects from real attacks by hackers remains unclear. Therefore, objects are subjected to a testing procedure, namely, penetration testing, in order to objectively verify their security. An analysis of publications in this area shows that there is not mathematical approaches to selection of tests, as well as parameters and criteria for evaluating the effectiveness of penetration testing. The goals of the paper is to form specific parameters of completeness, efficiency, reliability and cost of testing, as well as, in a generalized form, a group of criteria “efficiency/cost”, allowing to estimate the quality of test sets, as well as to compare different penetration testing scenarios with each other. Research methods. Methods of probability theory and mathematical statistics, methods of processing experimental data, as well as the results of other studies in the field of software security testing are used in the paper to achieve the research goals. Results. The general form of the “efficiency/cost” criteria for estimating the quality of penetration testing, as well as formal particular parameters for evaluating separate parameters in the proposed criteria – the parameters of completeness, efficiency, reliability and cost are presented in the paper. The results of the paper can be used by auditors and testers to objectively justify test sets and compare different penetration testing scenarios with each other. The material of the paper can be useful for specialists who make research is such an area as penetration testing. Keywords: penetration testing, information technology impact, testing quality criterion, testing quality, testing completeness, testing efficiency, testing reliability, testing cost.

Cybersecurity in Russian Federation. A Trendy Term or the Priority Technologic Area of Enhancing National and International Security of the XXI Century

The purpose of the article: the study of the roleand and meaningof cybersecurity at the present stage of world development as the main factor for ensuring national and international security of the 21st century. Research method: synthesis and scientific forecasting, peer review, comparative analysis of the cybersphere within the system approach. Results: the state and ways of developing cybersecurity of leading foreign countries on the example of the United States, the state and ways of developing cybersecurity and cybersecurity technology in the Russian Federation are presented with justification for discussion proposals on the disclosure of the term and the concept of “cybersecurity.”

Model of the Process of Conducting Computer Attacks Using Special Information Influences

Purpose of work: development of a model of the process of conducting a computer attack. Research method: theory of complex systems, comparative analysis within the framework of system analysis and synthesis. Result: it is shown that the application of the proposed model of the process of conducting computer attacks allows you to fully describe the process, taking into account its inherent features and characteristics. The use in the model of information from the MITRE ATTACK database of Mitre, which contains a description of the tactics, techniques and methods used by cybercriminals, allows you to reduce the level of abstraction and describe specific scenarios for conducting complex targeted computer attacks with the maximum approximation to practice. The developed model is supposed to be used to form scenarios of computer attacks when assessing the security of information systems.

On the Analogy of the Problems of Optimizing the Choice of Information Security Controls with Some Problems of Communication Theory

Purpose of the article: optimization of the choice of information security tools in a multi-level automated system, taking into account higher levels, quality indicators of information security tools, as well as the general financial budget. Demonstration of analogies of solving these problems with known problems from communication theory. Research method: optimal choice of information security tools based on risk analysis and the Lagrange multiplier method; Optimal bit budget allocation based on the Waterfilling optimization algorithm. Optimal placement of information security tools in a multilevel automated system based on bisectional search. Obtained result: the article shows analogies between some problems of communication theory and the optimal choice of information security tools. The well-known problem of the optimal choice of information security tools is solved using the rate-distortion theory, the well-known problem of the optimal budget allocation for their purchase is solved by analogy with the problem of distributing the power of transmitters. For the first time, the problem posed for the optimal placement of information security tools in a multilevel automated system was solved by analogy with the problem of distributing the total bit budget between quantizers.

Analysis of Vulnerabilities of Key Management Systems in Distributed Ledger Using the Example of the IBM Blockchain

Today, one of the most discussed topics in the field of information technology is distributed registry systems. They attract investors and developers with their functionality. Distributed ledger systems are being introduced into business processes in many areas of human activity, which makes their contribution to development irreplaceable. One of the most vulnerable parts of such systems is the process of managing cryptographic keys, an attack on which can destroy the entire security of the distributed registry system. The aim of the research is to identify possible threats to the process of managing cryptographic keys, on the basis of which recommendations and standards for managing cryptographic keys in distributed ledger systems will be developed. Research methods: to achieve this goal, the structure of the life cycle of cryptographic keys was considered, an analysis of possible vulnerabilities in the process of managing cryptographic keys at each stage of the life cycle of a cryptographic key was carried out. In addition, the distributed ledger system was analyzed in the context of the identified vulnerabilities of the key management process using the example of the IBM blockchain and the possibility of outsourcing cryptographic key management systems was considered. Result: a set of possible threats to the process of managing cryptographic keys was proposed, the necessity of assessing the security of the key management system before deciding on the introduction of these systems into distributed registries was proposed, conclusions were drawn about the need to develop recommendations and standards for the process of managing cryptographic keys for such systems, as well as the possibility applicability of the recommendations for assessing the security of the implementation of outsourcing of cryptographic key management systems in distributed ledgers.

Selection Method of Test Cyber Attacks that Ensure the Rational Completeness of the Penetration Testing of a Critical Information Infrastructure Object

Relevance. Security issues of information systems in critical infrastructure objects become important now. However, current tasks of information security audit of critical infrastructure objects are mainly limited to checking them for compliance with requirements of standards and documents. With this approach to the audit, security of these objects from real attacks by hackers remains unclear. Therefore, objects are subjected to a testing procedure, namely, penetration testing, in order to objectively verify their security. An analysis of publications in this area shows that there is not mathematical approaches to selection of test cyber attacks for penetration testing set. The goals of the paper is to form the selection method of test cyber attacks that ensure the rational completeness of the security audit of a critical information infrastructure object. Research methods. Methods of probability theory and mathematical statistics, methods of graph theory and set theory are used in the paper to achieve the research goals. Results. The Select Method of test cyber attacks for security audit of a critical information infrastructure object with rational completeness is presented in the paper. This method formalizes the selection process in the form of a two-stage procedure. At the first stage, based on the topological model of the object testing, a set of testing paths is formed, and these paths are ordered by the degree of weight increase. The path weight is the efficiency/cost indicator that takes in account the test resource for realized of a test cyber attack, the vulnerability of an object element, and the level of damage caused to the element by this test cyber attack. At the second stage of the method, from an ordered set of test paths are selected of such, which would ensure the maximization of the whole absolute cost of the detected damage, within the limits on the resource making of test cyber attacks. It is using of this method in audit practice will allow us to justify the most effective test cyber attacks according to the “efficiency/cost” criterion, as well as to form test sets that will ensure the rational completeness of the audit of the critical infrastructure object.

Modeling of APT-Attacks Exploiting the Zerologon Vulnerability

Purpose: the need to assess the effectiveness of the security systems for significant objects of critical information infrastructure determines the need to develop simple and adequate mathematical models of computer attacks. The use of mathematical modeling methods in the design of security system of significant object allows without significant cost and impact on the functioning of the object to justify the requirements to the system as a whole or its individual parts. The purpose of the present paper is to develop a model of the process of multistage targeted computer attack that exploits the Zerologon vulnerability, based on the representation of the attack by a Markov random process with discrete states and continuous time. Methods: methods of Markov process theory, probability theory, computational mathematics and graph theory are used in the model to formalize the attack. Novelty: application of methods of computational mathematics for functional analysis of the results of Kolmogorov’s system of equations allows to solve the problem of maximizing the time of stable operation of critical information infrastructure during computer attacks against it, using the known methods of analysis of continuous functions. Result: formulated a general statement of the problem of modeling the process of a multistage targeted computer attack using a system of Kolmogorov equations, describing the probabilities of being in conflict states of the security system with the intruder. By the Adams method implemented in Mathcad environment, numerical solutions depending on time were obtained. We introduce a security system performance index as a ratio of probability of triggering the security system and blocking intruder’s actions during the attack to the probability of successful completion of the attack. We give an example of research of computer attack realization in a typical information infrastructure, including a corporate network with domain architecture and an automated control system of some technological process. 1 For the considered example defined the optimal values of time parameters of security system. When implementing protective measures with reasonable probabilistic-time characteristics proved an increase in time of stable operation of critical information infrastructure from 11 to 189 hours.

A Model for Quantifying the Agent of a Complex Network in Conditions of Incomplete Awareness

Purpose of the article: development of a mechanism for quantitative evaluation of elements of complex information systems in conditions of insufficient information about the presence of vulnerabilities. Research method: mathematical modeling of uncertainty estimation based on binary convolution and Kolmogorov complexity. Data banks on vulnerabilities and weaknesses are used as initial data for modeling. The result: it is shown that the operation of an element of a complex network can be represented by data transformation procedures, which consist of a sequence of operations in time, described by weaknesses and related vulnerabilities. Each operation can be evaluated at a qualitative level in terms of the severity of the consequences in the event of the implementation of potential weaknesses. The use of binary convolution and universal coding makes it possible to translate qualitative estimates into a binary sequence – a word in the alphabet {0,1}. The sequence of such words — as the uncertainty function — describes the possible negative consequences of implementing data transformation procedures due to the presence of weaknesses in an element of a complex system. It is proposed to use the Kolmogorov complexity to quantify the uncertainty function. The use of a Turing machine for calculating the uncertainty function provides a universal mechanism for evaluating elements of complex information systems from the point of view of information security, regardless of their software and hardware implementation.

Parametric Modeling of the State of Critical Information Infrastructure Object Under Destructive Impact Conditions

The purpose of the study: development of a method for obtaining parameterized values of local characteristics of a diffusion Markov process. It is used to simulate the state of a critical information infrastructure object under off-normal operating conditions caused by a destructive information impact. Methods: synthesis of local characteristics of evolutionary equations which describe the state of a critical information infrastructure object, using the Markov theory for estimating multidimensional diffusion processes as well as the apparatus for studying moment functions. Results: the problems of parametric modeling of the state of critical information infrastructure objects are analyzed on the basis of diffusion Markov processes in the process of synthesis of evolutionary equations which describe the behavior of such objects. The study reveals features of the functioning of objects, which implement the management of complex technical systems in the conditions of normal operation as well as off-normal operation, caused by destructive information impact. A method has been developed for the synthesis of local characteristics of the diffusion process, which simulates the behavior of critical information infrastructure objects during off-normal operation. An example of the formation of a domain for determining the characteristics of a destructive information impact, used as a parameter of synthesized models for assessing the state of objects of critical information infrastructure, is given. The proposed method can be used as the basis for specifying technical requirements for critical information infrastructure objects that perform the functions of automated control at promising and modernized complex technical facilities.