Development of a method for checking vulnerabilities of a corporate network using Bernstein transformations

Киричок, Роман Васильович and Лаптєв, Олександр Анатолійович and Лісневський, Ростислав Валерійович and Козловський, Валерій Валерійович and Клобуков, Віталій Віталійович (2022) Development of a method for checking vulnerabilities of a corporate network using Bernstein transformations Eastern-European Journal of Enterprise Technologies, 1 (9(115)). pp. 93-101. ISSN 1729-4061

[thumbnail of R_Kyrychok_O_Laptiev_R_Lisnevskyi_ta_in_EEJOET_115_FITU.pdf] Text
R_Kyrychok_O_Laptiev_R_Lisnevskyi_ta_in_EEJOET_115_FITU.pdf

Download (366kB)

Abstract

One of the leading areas of cybersecurity of communication networks is considered – the introduction of preventive mechanisms, among which the most promising are the methods of active security analysis. These methods allow, in addition to timely detection of vulnerabilities of the target system (analyzed system), to confirm the possibility of their implementation, that is, to validate vulnerabilities by simulating the real actions of a potential attacker. The urgent need to validate vulnerabilities out of the many identified is caused by the fact that some of them can only be theoretical, while others are exploited using malicious scripts (exploits). At the same time, the process of validating vulnerabilities is practically not studied. That is why the work carried out an experimental study of the functioning of modern tools for exploiting vulnerabilities. Based on the observations, general quantitative characteristics of the vulnerability validation process were identified. A mathematical model for the analysis of the above characteristics based on Bernstein polynomials has been developed. It is the polynomial representation of the procedure for confirming the possibility of implementing the identified vulnerabilities that makes it possible to describe the dynamics of this process, taking into account the complex and volatile nature of the environment. Analytical dependencies are obtained for the number of cases of successful and negative confirmation of vulnerabilities. In particular, negative validation cases include simply failed attempts to validate vulnerabilities, as well as attempts that resulted in critical errors on the target system during the rational cycle of validating the identified vulnerabilities. The proposed dependencies make it possible to construct the probability distribution laws for the above characteristics of the vulnerability testing process.

Item Type: Article
Uncontrolled Keywords: active security analysis; exploitation of vulnerabilities; target system; corporate network security
Subjects: Статті у наукометричних базах > Scopus
Статті у журналах > Фахові (входять до переліку фахових, затверджений МОН)
Divisions: Факультети > Факультет інформаційних технологій та управління > Кафедра інформаційної та кібернетичної безпеки імені професора Володимира Бурячка
Depositing User: Роман Васильович Киричок
Date Deposited: 29 Mar 2022 07:36
Last Modified: 29 Mar 2022 07:42
URI: https://elibrary.kubg.edu.ua/id/eprint/40889

Actions (login required)

View Item View Item