Киричок, Роман Васильович та Лаптєв, О.А. та Євсеєв, С. (2023) Research and simulation of the mechanism of vulnerabilities validation in active analysis of information network security Колективна (три і більше авторів). Models of socio-cyber-physical systems security: Monograph. ПП "Технологічний центр", Україна, Харків, Україна.
![[thumbnail of R_Kyrychok_S_Yevseiev_O_Laptiev_ta_in_TC_Monographs_FITM.pdf]](https://elibrary.kubg.edu.ua/style/images/fileicons/text.png) |
Текст
R_Kyrychok_S_Yevseiev_O_Laptiev_ta_in_TC_Monographs_FITM.pdf Download (2MB) |
Анотація
A technique for analyzing the quality of the mechanism for validating the identified vulnerabili- ties of a corporate network has been developed, which is based on integral equations that take into account the quantitative characteristics of the mechanism for validating vulnerabilities under study at a certain point in time. This technique allows to build the laws of distribution of quality indicators of the vulnerability validation process and quantify the quality of the mechanism for validating de- tected vulnerabilities, which allows to monitor and control the validation of identified vulnerabilities in real time during active security analysis. A method is proposed for constructing a fuzzy knowledge base for making decisions when vali- dating vulnerabilities of software and hardware platforms with an active analysis of the security of a target corporate network based on the use of fuzzy logic, which makes it possible to provide reliable information about the quality of the mechanism for validating vulnerabilities indirectly. The constructed knowledge base allows to form decisive decision-making rules for the imple- mentation of a particular attacking action, which allows to develop expert systems to automate the decision-making process when validating the identified vulnerabilities of target information systems and networks. The method of automatic active security analysis has been further developed, which, based on the synthesis of the proposed models, techniques and methods, allows, unlike the existing ones, to abstract from the conditions of dynamic changes in the environment, i.e. constant development of information technologies, and take into account only the quality parameters of the vulnerability validation process itself.
| Тип елементу : | Монографія (Колективна (три і більше авторів)) |
|---|---|
| Ключові слова: | cyber incident; vulnerability; warfare; risks; information security; electronic intelligence. |
| Типологія: | Це архівна тематика Київського університету імені Бориса Грінченка > Монографії > Видані в Україні |
| Підрозділи: | Це архівні підрозділи Київського університету імені Бориса Грінченка > Факультет інформаційних технологій та математики > Кафедра інформаційної та кібернетичної безпеки імені професора Володимира Бурячка |
| Користувач, що депонує: | Роман Васильович Киричок |
| Дата внесення: | 28 Серп 2023 12:21 |
| Останні зміни: | 28 Серп 2023 12:21 |
| URI: | https://elibrary.kubg.edu.ua/id/eprint/45894 |
Actions (login required)
 |
Перегляд елементу |