main| new issue| archive| editorial board| for the authors| publishing house|
Русский
Main page
New issue
Archive of articles
Editorial board
For the authors
Publishing house

 

 


ABSTRACTS OF ARTICLES OF THE JOURNAL "INFORMATION TECHNOLOGIES".
No. 5. Vol. 24. 2018

DOI: 10.17587/it.24.339-344

K. A. Shcheglov, Postgraduate Student, skd@npp-itb.spb.ru, A. Yu. Shcheglov, D. Sc., Professor, info@npp-itb.spb.ru, ITMO University, St. Petersburg, 197101, Russian Federation

Targeted Attacks Threat Modeling

In this article is dedicated to targeted attacks threat modeling approach, which is marked by use of zero-day vulnerabilities by the potential intruder. This feature radically changes the task of modeling, because of software tools vulnerabilities threat reservation absence in such case (which means a system without reservation must be modeled). Security breakups in this case are not managed because of their unknown status (only the potential intruder knows about this vulnerabilities). In common case taking in mind vulnerabilities appearing and eliminating during system work, attack threat can be present in different forms, which needs to be taken into account while threat modeling (making targeted attack threat description more correct). At the beginning threat is known only by potential intruder, then after it's identification the process of threat eliminating begins. After such process system became restorable, which needs to be taken into account while attack threat modeling (attack can turn it's form). In common case while attack implementation potential intruder can use both unknown and known vulnerabilities which create attack threat meanwhile known vulnerability is not yet patched. Let's review how to calculate these attack threat features inside the mathematical model and which attack threat actuality characteristics (measures) can be defined. We will use Markov model with discrete state and continues time to build attack threat model. The suggested targeted attacks threat modeling approach has such advantages as ability to receive actuality quantitate measures without using of any subjective expert decisions.
Keywords: attack threat, targeted attack, actuality, quantitate measure, mathematical modeling

P. 339-344

To the contents