12/28/2023 0 Comments Motrix computer system![]() Novozhilov, E.O.: Guidelines for construction of a risk matrix. Harchenko, V.S.: Security of Critical Infrastructures: Mathematical and Engineering Methods of Analysis and Support. Peace, C.: The risk matrix: uncertain results? Policy Pract. ![]() Bezopasnost Informatsionnykh Tekhnologiy (2020). (70).182-189īatskih, A.V., Drovnikova I.G., Ovchinnikova E.S., Rogozin E.A.: Analysis and classification of the main threats to information security of automated systems at the objects of informatization of internal affairs bodies. Milko, D.S.: Threat modeling expert system: reasons for development, method and implementation troubles. Saini, V.K., Duan, Q., Paruchuri, V.: Threat modeling using attack trees. Mauw, S., Oostdijk, M.: Foundations of Attack Trees. īrandao, P.R., Limonova, V.: Defense methodologies against advanced persistent threats. Quintero-Bonilla, S., Rey, T.J., Park, A.M.: A new proposal on the advanced persistent threat: a survey. In: Computer Applications for Security, Control and System Engineering (2012). Jeun, I.: A practical study on advanced persistent threats. HSSEDI (2018)Ĭhen, P.: A Study on Advanced Persistent Threats. Wiley, New York (2014)īodeau, D.J.: Cyber Threat Modeling: Survey, Assessment, and Representative Framework. Shostack, A.: Threat Modeling: Designing for Security. The scientific novelty of the work consists in the proposal of a method for analyzing the security of information systems, which takes into account the possibility of changing the probability of the implementation of information threats during the life cycle of an advanced persistent threat, the dependence of information threats and the value of information assets for the intruder and their owner, which makes it possible to predict various scenarios of computer attacks. The example demonstrates the use of a graph of threat matrices for modeling scenarios of targeted computer attacks on information system assets. A method for determining categorical variables characterizing the probability and damage as a result of the implementation of information threats using clustering methods is also proposed. As a result of the study, a method for modeling computer attack scenarios and assessing the security of information systems under the influence of advanced persistent threats is formed, based on the use of risk matrix models. Various approaches to modeling threats in information systems are considered, their advantages and disadvantages are noted, requirements for the developed methodology are formed. The article shows the need to build a threat model during an analyzing the security of information systems. ![]() The aim of the study is to assess the security of information systems during an influence of advanced persistent threats.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |