The Development of Method for Evaluation of Information Security Threats in Critical Systems

The big problem in information security is threat assessment process. It should be both the abstract and the practical. It should be abstract because the vulnerability and threat source can be hidden until attack started. It should be practical (close to reality) because it influence on the developm...

Full description

Saved in:
Bibliographic Details
Main Authors: Kamenskih, Anton N., Filippov, Mikhail A., Yuzhakov, Alexander A.
Format: Conference Proceeding
Language:English
Subjects:
advanced persistent threat
Conferences
Firewalls (computing)
Information security
Machine learning
Markov processes
Markov's model
Resource management
risk management
Threat assessment
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:The big problem in information security is threat assessment process. It should be both the abstract and the practical. It should be abstract because the vulnerability and threat source can be hidden until attack started. It should be practical (close to reality) because it influence on the development of whole information security system. The underestimation of threat potential lead to insufficient security controls. The overestimation of threat potential lead to high expenses on information security system. In this paper, the method for threat assessment based on Markov models is proposed. The proposed method is mostly suitable for critical systems because they very frequently faces with «targeted» attacks, but also the performance limitation is very high in such systems.
ISSN:2376-6565
DOI:10.1109/EIConRus49466.2020.9038960