IDENTIFICATION OF CYBER ATTACKS ON INFORMATION NETWORKS WITH A RANDOM MOMENT OF ITS APPEARANCE
Authors: Volodymyr Khoroshko, Mykhailo Shelest, Yuliia Tkach, Nikolay Brailovskyi
Affiliation: National Aviation University, Doctor of Engineering Science, Full Professor, Kiev, Ukraine, Chernihiv Polytechnic National University, Doctor of Technical Science, Full Professor, Chernihiv, Ukraine, Chernihiv Polytechnic National University, Doctor of Pedagogical Science, Professor, Chernihiv, Ukraine, Taras Shevchenko National University of Kyiv, PhD in Engineering Science, Associate Professor Kiev,
Category:
Keywords: analysis of the processes of attack and counteraction in the information space, sequential detection and assessment of cyberattacks, multi-alternative tasks.
ABSTRACT. In information networks, when detecting and recognizing cyber-attacks, they are usually interested not only in the fact of the appearance of a particular attack, but also in its informative parameters. The result of actions performed in solving the problem of the presence of a cyberattack depends on the degree of closeness of the estimate to the true value of the parameters. Therefore, losses in the process of recognizing (detecting) and evaluating a cyberattack depend both on errors in its detection and on the inaccuracy of assessment, which will not allow providing adequate countermeasures, and at the same time the task of joint development and evaluation arises. In practice, the moment of making a decision is very important, since with an increase in the observation time, the costs increase and, therefore, the fastest decision-making is desirable. At the same time, sequential detection-estimation procedures are more effective than inconsistent ones. Therefore, finding the optimal, consistent or close to them procedures will increase the cybersecurity of information.
Some results related to joint sequential detection and estimation, obtained in the works of other authors, show that in the general case it is not possible to find a constructive solution even in a two-alternative problem. Therefore, the authors made an attempt to solve the problem of multi-alternative sequential detection and evaluation of a cyberattack with a random moment of its occurrence.
References:
1.Brailovskyi N., Khoroshko V., Kozura V., Kondakova S. Analysis of the Cybersecurity Status of the Information Space. Scientific and Practical Cyber Security Journal (SPCSJ), vol2, #4, december, 2018.-p.64-74.
2.Brailovskyi N., Khokhlacheva Y., Khoroshko V., Ayasrah Ahmad. Evaluation of the Level of Cyber Security of Information. Scientific and Practical Cyber Security Journal (SPCSJ), vol3, #3, september, 2019.-p.18-24.
3.Левин Б.Р. Теоретические основы статистической радиотехники / Б.Р. Левин. – М.: Радио и связь, 1989. – 656 с.
4.Сосулин Ю.Г. Теория обнаружения и оценивание стохастических сигналов. Изд. 2-е / Ю.Г. Сосулин. – М.: Сов. радио, 2001. – 323 с
5.Ширяев А.Н. Статистический, последовательный анализ. Оптимальные правила постановки. Изд. 3-е, допол./ А.Н. Ширяев. – М.: Наука, 2002. – 282 с.
6.Огірський І.Р. Загальні проблеми прогнозування НСД в інформаційних системах держави / І.Р. Огірський // Правове, нормативне та метрологічне забезпечення системи захисту інформаціх в Україні. Вип. 2 (30), 2015. – С. 31-34.
7.Леман Э. Проверка статистических гипотез. Изд-е 2-е / Э. Леман. М.: Наука, 2000. – 418 с.
8.Кокс Д. Статистический анализ последовательностей событий. Изд-е 2-е доп. / Д.Кокс, П. Лбюис. – М.: Наука, 2001. – 315 с.
9.Суслин Ю.Г. Теория последовательных решений и ее применение. Изд-е 2-е доп. /Ю.Г. Суслин, М.М. Фишман. – М.: Радио и связь, 2005. – 292 с.
10.Де Гроот М. Оптимальные статистические решения. Изд-е 3-е доп. / М. Де Гроот. – М.: Мир, 2004. – 506 с.
11.Иоффе А.Д. Теория экстремальных задач. Изд-е 3-е /А.Д. Иоффе, В.М. Тихомиров. – М.: Наука, 1999. – 558 с.
12.Ковалевский В.Н. Методы оптимальных решений в распознавании изображений. Изд-е 2 доп. / В.Н. Ковалевский. – М.: Наука, 1996. – 348 с.
13.Браіловський М.М. Технології захисту інформації / М.М. Браіловський, С.В. Зибін, І.В. Пискун, В.О. Хорошко, Ю.Є. Хохлачова – К.: ЦП «Компринт», 2021.-296 с.
14.Козюра В.Д., Захист інформації в комп’ютерних системах: підручник / В.Д. Козюра, В.О. Хорошко, М.Е. Шелест, Ю.М. Ткач, О.О. Балюнов.
15.Закс Ш. Теория статистических выводов. Изд. 2-е доп. / Ш. Закс. – М.: Мир, 1995. – 775 с.
Menu