Ensuring the Resistance of Critical Information Infrastructure Objects to Advanced Persistent Threats

Voprosy kiberbezopasnosti Pub Date : 1900-01-01 DOI:10.21681/2311-3456-2022-2-39-51

A. Lapsar’, Sergey Nazaryan, Alisa Vladimirova

{"title":"Ensuring the Resistance of Critical Information Infrastructure Objects to Advanced Persistent Threats","authors":"A. Lapsar’, Sergey Nazaryan, Alisa Vladimirova","doi":"10.21681/2311-3456-2022-2-39-51","DOIUrl":null,"url":null,"abstract":"The purpose of the study: to improve security of significant objects of critical information infrastructure in conditions of destructive information impact, implemented in the form of advanced persistent threat (APT). Methods: comparative analysis of destructive information impact within the framework of a systematic approach; Markov theory of evolutionary processes; synergetics. Results: the authors carried out analysis of APT properties and their impact on objects of critical information infrastructure. To identify APTs, the use of a combination of various detection methods with the priority of heuristic analysis is substantiated. A scheme has been developed for the implementation of the method for assessing the state of an object of a critical information infrastructure based on a modified Markov-parametric model with a system for detecting computer attacks integrated into its structure. The preliminary assessment of computer attacks danger level as well as development of recommendations for their neutralization simultaneously with conducting the assessment of the properties and characteristics of destructive information impact are proposed.","PeriodicalId":422818,"journal":{"name":"Voprosy kiberbezopasnosti","volume":"20 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Voprosy kiberbezopasnosti","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.21681/2311-3456-2022-2-39-51","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

The purpose of the study: to improve security of significant objects of critical information infrastructure in conditions of destructive information impact, implemented in the form of advanced persistent threat (APT). Methods: comparative analysis of destructive information impact within the framework of a systematic approach; Markov theory of evolutionary processes; synergetics. Results: the authors carried out analysis of APT properties and their impact on objects of critical information infrastructure. To identify APTs, the use of a combination of various detection methods with the priority of heuristic analysis is substantiated. A scheme has been developed for the implementation of the method for assessing the state of an object of a critical information infrastructure based on a modified Markov-parametric model with a system for detecting computer attacks integrated into its structure. The preliminary assessment of computer attacks danger level as well as development of recommendations for their neutralization simultaneously with conducting the assessment of the properties and characteristics of destructive information impact are proposed.

查看原文本刊更多论文

确保关键信息基础设施对象抵御高级持续性威胁

该研究的目的是:在破坏性信息影响的情况下，以高级持续威胁(APT)的形式实施，提高关键信息基础设施重要对象的安全性。方法:在系统方法的框架内对破坏性信息影响进行比较分析;马尔可夫进化过程理论;协同学。结果:分析了APT的特性及其对关键信息基础设施对象的影响。为了识别apt，使用各种检测方法的组合与启发式分析的优先级被证实。基于改进的马尔可夫参数模型，开发了一种方案，用于实现评估关键信息基础设施对象状态的方法，并将检测计算机攻击的系统集成到其结构中。提出了计算机攻击危险水平的初步评估以及在进行破坏性信息影响的性质和特征评估的同时制定消除计算机攻击的建议。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Voprosy kiberbezopasnosti

自引率

0.00%

发文量