Метод оценки уровня рисков безопасности узлов сети для повышения эффективности размещения иммунных детекторов
Работая с нашим сайтом, вы даете свое согласие на использование файлов cookie. Это необходимо для нормального функционирования сайта, показа целевой рекламы и анализа трафика. Статистика использования сайта отправляется в «Яндекс» и «Google»
Научный журнал Моделирование, оптимизация и информационные технологииThe scientific journal Modeling, Optimization and Information Technology
Online media
issn 2310-6018

Method for assessing the level of security risks of network nodes to improve the efficiency of placement of immune detectors

Tokarev V.L.,  Sychugov A.A. 

UDC 004.56
DOI: 10.26102/2310-6018/2020.30.3.021

  • Abstract
  • List of references
  • About authors

The relevance of the study is due to the need to improve the efficiency of the use of intrusion detection systems based on immune detectors. The rational placement of immune detectors on separate network nodes is of great importance for the effectiveness of the use of such systems. It is proposed to use the security risk level of individual network nodes as a criterion for selecting nodes for installing immune detectors. In this article, we propose a method for estimating this value, which makes it possible to single out the least protected nodes. Assessing the security risk of network nodes is complicated by the fact that the vulnerability is often not the only one. The main idea underlying the method is the use of a statistical formal model based on Markov chains in combination with a graph of possible trajectories and metrics for analyzing vulnerabilities. Scoring scores are used as metrics for analyzing vulnerabilities, which use three types of metrics: basic, temporal, and contextual. A design example is given. The resulting model can be used to identify critical nodes along the path of access to the target node, in which intruders can be most dangerous. Based on the information obtained using the model, the network administrator can install immune detectors on these nodes, which will significantly improve the protection system.

1. Tokarev V.L., Sychugov A.A. Detection of malware using immune detectors. Bulletin of the Tula State University. Technical science. 2017;10:216-230.

2. Tokarev V.L., Sychugov A.A. Multi-agent system for network attack detection. International Journal of Civil Engineering and Technology (IJCIET). 2018;9(6):279-286.

3. Databank of information security threats. CVSS Calculator v2. Available at: https://bdu.fstec.ru/calc

4. Tokarev V.L. Recognition of the opposing side's strategy based on current observations. Reports of the Tomsk State University of Control Systems and Radioelectronics. 2014;(6):184-187.

5. Jha, S., Sheyner, O. and Wing, J. (2002) Two Formal Analyses of Attack Graphs. Proceedings of 15th IEEE Computer Security Foundations Workshop. 2002;6:49-63.

6. Mehta V., Bartzis C., Zhu H., Clarke E. and Wing J. Ranking Attack Graphs. International Workshop on Recent Advances in Intrusion Detection. 2006;1:127-124.

7. Dynkin E.B. Foundations of the theory of Markov processes. Fizmatlit. 2006.

Tokarev Vyacheslav Leonidovich
Doctor of Technical Sciences, Professor
Email: unwaiter@mail.ru

Federal State Budgetary Educational Institution of Higher Education “Tula StateUniversity”

Tula, Russian Federation

Sychugov Aleksey Alekseevich
Candidate of Technical Sciences, Associate Professor
Email: xru2003@yandex.ru

Federal State Budgetary Educational Institution of Higher Education “Tula StateUniversity”

Tula, Russian Federation

Keywords: information security, intrusion detection systems, immune detectors, markov chains

For citation: Tokarev V.L., Sychugov A.A. Method for assessing the level of security risks of network nodes to improve the efficiency of placement of immune detectors. Modeling, Optimization and Information Technology. 2020;8(3). URL: https://moit.vivt.ru/wp-content/uploads/2020/08/TokarevSychugov_3_20_1.pdf DOI: 10.26102/2310-6018/2020.30.3.021 (In Russ).

968

Full text in PDF

Published 30.09.2020