Rules for the Implementation of Exploits During an Active Analysis of the Corporate Networks` Security Based on a Fuzzy Assessment of the Quality of the Vulnerability Validation Mechanism

Киричок, Роман Васильович and Бржевська, Зореслава Михайлівна and Гулак, Геннадій Миколайович and Бессалов, Анатолій Володимирович and Астапеня, Володимир Михайлович (2021) Rules for the Implementation of Exploits During an Active Analysis of the Corporate Networks` Security Based on a Fuzzy Assessment of the Quality of the Vulnerability Validation Mechanism Електронне фахове наукове видання "Кібербезпека: освіта, наука, техніка", 2 (14). pp. 148-157. ISSN 2663-4023

[thumbnail of R_Kyrychok_Z_Brzhevska_H_Hulak_A_Bessalov_V_ Astapenya_CEST_14.pdf] Text
R_Kyrychok_Z_Brzhevska_H_Hulak_A_Bessalov_V_ Astapenya_CEST_14.pdf

Download (932kB)

Abstract

The dynamics of the increase in the number of vulnerabilities of software and hardware platforms of corporate networks, the accessibility of exploit modules for these vulnerabilities in the Internet and the Darknet, along with the lack of a sufficient number of highly qualified cybersecurity specialists make the problem of effective automation of preventive information protection mechanisms quite urgent. In particular, the basic algorithms for the sequential implementation of exploits embedded in the vulnerability exploitation tools are quite primitive, and the proposed approaches to their improvement require constant adaptation of mathematical models of the implementation of attacking actions. This justifies the direction of this research. This paper considers the issue of forming decision-making rules for the implementation of vulnerabilities’ exploits during an active analysis of the corporate networks’ security. Based on the results of the analysis of quantitative indicators of the quality of the validation mechanism of the identified vulnerabilities and the use of fuzzy logic methods, a fuzzy system was formed, membership functions for each of the linguistic variables were determined and a knowledge base was built, which makes it possible to determine the quality level of the validation mechanism of the identified vulnerabilities based on all available information. At the same time, in order to eliminate the “human factor” of making mistakes when validating vulnerabilities, based on the built fuzzy knowledge base and the established levels of exploit modules’ efficiency, the rules for the implementation of individual exploit modules during an active analysis of the corporate network’s security were formed. Results of research make it possible to create expert systems for diagnosing the effectiveness of the validation mechanism of the identified vulnerabilities of target systems, and also help to solve the problem of the lack of qualified specialists in the analysis and maintenance of an appropriate level of information security of corporate networks.

Item Type: Article
Uncontrolled Keywords: active analysis of the security; corporate network; exploit; vulnerability validation; fuzzy logic
Subjects: Статті у наукометричних базах > Index Copernicus
Статті у журналах > Фахові (входять до переліку фахових, затверджений МОН)
Divisions: Факультети > Факультет інформаційних технологій та управління > Кафедра інформаційної та кібернетичної безпеки імені професора Володимира Бурячка
Depositing User: Павло Миколайович Складанний
Date Deposited: 04 Jan 2022 10:15
Last Modified: 04 Jan 2022 10:15
URI: https://elibrary.kubg.edu.ua/id/eprint/40423

Actions (login required)

View Item View Item