HIGH TECH IN EARTH SPACE RESEARCH

Analytical treatment technique distributed during information security incidents in time

Korolev I.D., Popov V.I., Konovalenko S.A.

The process of analytical processing of information security incidents has several drawbacks described in this article.  A structural model of the subsystem of analytical data processing of the monitoring system of a threat to the information security of the objects of critical information infrastructure is built and the process of its functioning is described. Based on probability theory, a process is described for predicting the occurrence of an information security incident in advance, due to both random and independent information security events, and a targeted attack on information resources.

 The subject of the article is the methodology of analytical processing of information security events in the monitoring system, a threat to the information security of critical information infrastructure facilities.

 The purpose of the article is to increase the likelihood of detecting an information security incident by retrospectively analyzing information security events distributed over time, and to timely warn of a possible occurrence of an information security incident by predicting its occurrence, which in turn leads to an increase in the security of information systems.  Thus, in contrast to the existing model of correlation of information security events, to reduce the time of detection of an information security incident in a given time interval.

 The research methodology allows us to solve two related but different tasks: “accounting problem” and “probabilistic problem”.  Within the framework of the “accounting task”, the solution boils down to one goal - to determine the proportion of the occurrence of an information security incident at various levels of its occurrence.  As part of the solution of the “probabilistic problem”, the methodology determines the probability of an information security incident on the basis of an accidental receipt of information security event chains at the entrance.

 The research results allow us to eliminate the shortcomings of existing systems for detecting computer attacks, such as distributed over time, and also to apply the developed methodology to create advanced tools for automated systems that can function stably under conditions of conducting distributed time attacks of computer attacks.

The subject of published articles on the nomenclature of specialties

2.2.15 Systems, networks and telecommunications (technical sciences)

2.3.1 System analysis, management and processing of information (technical sciences)

2.3.5 Mathematical and software of computing systems, complexes and computer networks (technical sciences)

2.3.6 Methods and information protection systems, information security (technical sciences)

2.5.13 Design, design and production of aircraft (technical sciences)

2.5.16 Dynamics, ballistics, the movement of aircraft (technical sciences)

Editorial board

Bobrowsky V.I.
(Ph.D., Associate Professor, Head of Department of "INTELTEH")

Borisov V.V.
(Ph.D., Professor, Actual Member of the Academy of Military Sciences, Professor, Department of Computer Science of MPEI)

Budko P.A.
(Ph.D., Professor, Department of Technical communication and automation in S.M. Budjonny Military Academy of the Signal Corps)

Budnikov S.A.
(Ph.D., associate professor, Actual Member of the Academy of Education Informatization, Head of the automated control systems Department in Russian Air Force Military Educational and Scientific Center “Air Force Academy named after Professor N.E. Zhukovsky and Y.A. Gagarin”)

Verhova G.V.
(Ph.D., Professor, Head of Department of Automation communication companies In the Bonch-Bruevich Saint Petersburg State University of Telecommunications)

Goncharevsky V.S.
(Ph.D., Professor, Honored Worker of Science and Technology of the Russian Federation, Professor of technologies and technical support and maintenance of the automated control systems in Military Space Academy of A.F. Mozhaysky)

Komashinskiy V.I.
(Ph.D., Professor, professor of processing and transmission discrete messages in the Bonch-Bruevich Saint Petersburg State University of Telecommunications)

Kirpanev A.V.
(Ph.D., Associate Professor, Head of JSC "Scientific Production Enterprise "Radar MMS")

Kurnosov V.I.
(Ph.D., Professor, Academician of Academy of Sciences of the Arctic, Academician of the International Academy of Informatization, International Academy of defense, security, law and order, corresponding member of the Academy of Natural Sciences, Senior Researcher" Open Joint Stock Company "Scientific Research Institute "Rubin")

Manuilov Y.S.
(Ph.D., Professor, Department of automated control systems space complexes in Military Space Academy of A.F. Mozhaysky)

Morozov A.V.
(Ph.D., Professor, Actual Member of the Academy of Military Sciences, Head of the Department of automated command and control systems in Military Аcademy of troops of antiaircraft defense)

Moshak N.N.
(Ph.D., Associate Professor, head of the department of "INTELTEH")

Prorok V.Y.
(Ph.D., Professor, professor of automatic control systems in Military Space Academy of A.F. Mozhaysky)

Semenov S.S.
(Ph.D., associate professor, professor of technical communication and automation in S.M. Budjonny Military Academy of the Signal Corps)

Sinicyn E.A.
(Ph.D., Professor, Head of the Research Department of JSC "The All-Russian research institute of radio equipment")

Shatrakov Y.G.
(Ph.D., Professor, Honored Worker of Science, Scientific Secretary of JSC "The All-Russian research institute of radio equipment")