{"title":"关于使用基于蒙特卡罗模拟的方法评估关键信息基础设施的自动化控制系统免受DDoS攻击的安全性的建议","authors":"V. A. Voevodin, V. S. Chernyaev, I. V. Vinogradov","doi":"10.21822/2073-6185-2023-50-3-57-65","DOIUrl":null,"url":null,"abstract":"Objective . The objective of the research is to develop a methodology for the security of an automated control system of critical information infrastructure from DDoS attacks. The methodology allows the decision-maker to obtain an assessment of the risk of exposure of the computer network (CN) to DDoS attacks and take necessary actions to reduce the risk of this threat. Method . To achieve the stated objective of the research, simulation modeling based on the Monte Carlo method was used, implemented within the framework of a specialized software environment, as well as a method for calculating integral risk. Result . A methodology was proposed for assessing the security of an automated control system for critical information infrastructure from DDoS attacks, taking into account the importance of individual nodes of its CN. Conclusion . Thus, the developed methodology is useful when conducting an information security audit to assess the integral risk of impact implementation of a DDoS attack on a CN and is designed to help an organization achieve global information security goals, as well as to justify the amount of the insurance premium paid when insuring cyber risks.","PeriodicalId":31714,"journal":{"name":"Vestnik Dagestanskogo Gosudarstvennogo Tehniceskogo Universiteta Tehniceskie Nauki","volume":"4 4","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-10-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Recommendations for using a methodology for assessing the security of an automated control system for critical information infrastructure from DDoS attacks based on Monte Carlo simulation\",\"authors\":\"V. A. Voevodin, V. S. Chernyaev, I. V. Vinogradov\",\"doi\":\"10.21822/2073-6185-2023-50-3-57-65\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Objective . The objective of the research is to develop a methodology for the security of an automated control system of critical information infrastructure from DDoS attacks. The methodology allows the decision-maker to obtain an assessment of the risk of exposure of the computer network (CN) to DDoS attacks and take necessary actions to reduce the risk of this threat. Method . To achieve the stated objective of the research, simulation modeling based on the Monte Carlo method was used, implemented within the framework of a specialized software environment, as well as a method for calculating integral risk. Result . A methodology was proposed for assessing the security of an automated control system for critical information infrastructure from DDoS attacks, taking into account the importance of individual nodes of its CN. Conclusion . Thus, the developed methodology is useful when conducting an information security audit to assess the integral risk of impact implementation of a DDoS attack on a CN and is designed to help an organization achieve global information security goals, as well as to justify the amount of the insurance premium paid when insuring cyber risks.\",\"PeriodicalId\":31714,\"journal\":{\"name\":\"Vestnik Dagestanskogo Gosudarstvennogo Tehniceskogo Universiteta Tehniceskie Nauki\",\"volume\":\"4 4\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-10-27\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Vestnik Dagestanskogo Gosudarstvennogo Tehniceskogo Universiteta Tehniceskie Nauki\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.21822/2073-6185-2023-50-3-57-65\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Vestnik Dagestanskogo Gosudarstvennogo Tehniceskogo Universiteta Tehniceskie Nauki","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.21822/2073-6185-2023-50-3-57-65","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Recommendations for using a methodology for assessing the security of an automated control system for critical information infrastructure from DDoS attacks based on Monte Carlo simulation
Objective . The objective of the research is to develop a methodology for the security of an automated control system of critical information infrastructure from DDoS attacks. The methodology allows the decision-maker to obtain an assessment of the risk of exposure of the computer network (CN) to DDoS attacks and take necessary actions to reduce the risk of this threat. Method . To achieve the stated objective of the research, simulation modeling based on the Monte Carlo method was used, implemented within the framework of a specialized software environment, as well as a method for calculating integral risk. Result . A methodology was proposed for assessing the security of an automated control system for critical information infrastructure from DDoS attacks, taking into account the importance of individual nodes of its CN. Conclusion . Thus, the developed methodology is useful when conducting an information security audit to assess the integral risk of impact implementation of a DDoS attack on a CN and is designed to help an organization achieve global information security goals, as well as to justify the amount of the insurance premium paid when insuring cyber risks.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
