The article proposes a method for assessing the risk of a possible stay of an automated special-purpose information system in a critical state, based on the synthesis of two heterogeneous mathematical models, one of which allows taking into account the intensity of DDOS attacks and the intensity of application processing, based on Markov processes, and the second is one of the forms of a formal description of protection systems, with complete overlap, in which the interaction of the "threat area", "protected area" is considered – areas of resources of an automated information system for special purposes, and "protection systems" – security mechanisms of an automated information system. The developed method makes it possible to simulate the information security tools included in the automated information system for special purposes, under the influence of DDOS attacks, taking into account both the empirical values obtained as a result of measurements or modeling, and the theoretical base of parameters specified by input data. In the synthesis of the two models, the lack of uncertainty of some of the input parameters, taking into account the values based on expert estimates, was eliminated.
Keywords: automated information system, security assessment, queuing system, risk
A model that implements a method for assessing the security of a special purpose automated information system is considered in the article. The model takes into account both the intensity of the load on the system and the number of channels as a means of protecting information from DDoS attacks based on the combination of theoretical and empirical approaches to assessing security of special purpose automated information system. The transition from a theoretical model using empirical states and continuous time to a discrete time model is applied to build a new model. The purpose of the work is to develop a model that implements a method for assessing the security of a special purpose automated information system against DDoS attacks based on a theoretical-empirical approach to modeling information protection means against DDoS attacks.The following tasks are solved in the article: analysis of known models that implement the method for assessing the security of special purpose automated information system from DDoS attacks; the model which implements a method for assessing the security of special purpose automated information system based on a theoretical-empirical approach to modeling information protection against DDoS attacks is being developed. The use of the new model makes it possible to apply both empirical values obtained as a result of measurements or modeling, and a theoretical basis for modeling information protection means under the influence of DDoS attacks, taking into account their characteristics, which will be reflected by the income function and the choice of the optimal mode of functioning of the special purpose automated information system in discrete moments in time. When synthesizing the models presented in the article, the lack of the static nature of the assessment of the security of the special purpose automated information system was eliminated, the intensity of computer attacks such as DDoS, which dynamically changes both the parameters evaluating the means of protection and the probability of the system being in critical states, was taken into account.
Keywords: automated system, modeling, security assessment, queuing system, probabilistic assessment, DDoS attack
The paper provides an analysis of the principles of the multichannel protection system. The analysis showed that in order to solve the problem of ensuring secure communication with an external resource through public networks, it is advisable to use a multi-channel system with different channel capacities, while the main channel and spare channels that are connected to work when the main channel cannot handle all incoming applications with probability of 0.95. This model takes into account that the channels are filled hierarchically, and are freed up as the applications are processed.
Keywords: automated system, modeling, protection subsystem, queuing system, probabilistic assessment