IMPROVIMG THE METHOD OF DEVELOPING A LOGIC-PROBABILISTIC MODEL OF AN INTERNAL VIOLATOR

I.A. Pilkevych, O.S. Boychenko, I.V. Humeniuk

Èlektron. model. 2020, 42(4):71-85
https://doi.org/10.15407/emodel.42.04.071

ABSTRACT

The modern approaches to the development of a model of an internal violator are analyzed. It is established that to obtain quantitative indicators of the probability of the implementation of information threats in the information and telecommunication system, methods of expert estimates and probability theory are used that take into account only the fact of the occurrence of the event, and not the probability of its occurrence. It is proposed to improve the method of developing an internal violator model by creating an internal violator model using a logical-probabilistic function, which consists of logical variables-events. Testing of the developed method showed that its application allows to increase the accuracy of assessing the probability of the implementation of information threats in the information and telecommunication system from an internal violator.

KEYWORDS

internal violator, violator model, logical-probabilistic model, information protection, information security policy.

REFERENCES

  1. Kabinet ministriv Ukrayiny. (2006), Resolution 373, “Pro zatverdzhennya pravyl zabezpechennya zakhystu informatsiyi v informatsiynykh, telekomunikatsiynykh ta informatsino-telekomunikatsiynykh systemakh”, available at: http://www.zakon.rada.gov.ua/ laws/show/373-2006-p (accessed August 3, 2020).
  2. Department of Special Telecommunication Systems and Information Protection. Security Service of Ukraine. (2015), Order No.215, “The procedure for creating a comprehensive information protection system in the information and telecommunications system. Sun TZI 3.7-003-05”.
  3. Nakaz Departamentu spetsialnykh telekomunikatsiynykh system ta zakhystu informatsiyi Sluzhby bezpeky Ukrayiny № 53 vid 04.12.2000 “Typove polozhennya pro sluzhbu zakhystu informatsiyi v avtomatyzovaniy systemi. ND TZI 1.4-001-2000”. [Elektronnyy resurs] Rezhym dostupu: http://www.tzi.com.ua/downloads/1.4-001-2000.pdf. Data zvernennya: 28 travnya, 2020.
  4. Greitzer, F. and Hohimer, R.E. (2011), “Modeling Human Behavior to Anticipate Insider Attacks”, Journal of Strategic Security, Vol. 4, no. 2, рp. 25-48. 
    https://doi.org/10.5038/1944-0472.4.2.2
  5. Frącik, K. (2016), “Insider attacks as one of the main threats to resolute support personnel in Afghanistan”, Security and Defence Quarterly, 12, no. 3, pp. 3-18. 
    https://doi.org/10.35467/sdq/103234
  6. Green, D. (2014), “Insider threats and employee deviance: developing an updated typology of deviant workplace behaviors”, Issues in Information Systems, Vol. 15, no. 2, pp. 185-
  7. Kim, P., Kim, C. and Kim, K. (2019), “Insider Threat Detection Based on User Behavior Modeling and Anomaly Detection Algorithms”, Applied Sciences, 9, no. 19. 
    https://doi.org/10.3390/app9194018
  8. Teng, H., Weina, N., Xiaosong, Z., Xiaolei, L., Jiazhong, L. and Yuan, L. (2019), “An Insider Threat Detection Approach Based on Mouse Dynamics and Deep Learning”, Security and Communication Networks, Vol. 2019. DOI: https://doi.org/1155/2019/3898951.
  9. Boychenko, O.S., Humenyuk, I.V. and Hladych, R.I. (2019), “Mathematical model for risk assessment of unauthorized access to information by users of information and telecommunication system”, Problemy stvorennya, vyprobuvannya, zastosuvannya ta ekspluatatsiyi skladnykh informatsiynykh system: zbirnyk naukovykh pratsʹ, 16, pp. 124-135.
  10. Boychenko, O.S. and Zyubina, R.V. (2019), “Method of calculating the probability of realization of threats of information with limited access from an internal violator”, Bezpeka informatsiynykh system ta tekhnolohiy, Vol. 1, no. 1, pp. 19-26. 
    https://doi.org/10.17721/ISTS.2019.1.19-26
  11. Komarov, M.Yu., Onysʹkova, A.V. and Honchar, S.F. (2018), “Analysis and research of the information security violator model for a secure Internet access node”, Vcheni zapysky TNU imeni V.I. Vernadsʹkoho. Seriya: tekhnichni nauky, 29, no. 68, pp. 138-142, available at: http://www.tech.vernadskyjournals.in.ua/journals/2018/5_2018/ part_1/26.pdf (accessed August 3, 2020).
  12. Honchar, S.F. (2014), Analysis of the probability of realization of information security threats in automated process control systems”, Zakhyst informatsiyi, 16, no. 1, pp. 40-46.
  13. Ryabinin, I.A. (2007), Nadezhnost' i bezopasnost' strukturno-slozhnykh sistem. 2-ye izd [Reliability and safety of structurally complex systems. Second ed], Izd-vo SPbGU.
  14. Zelenov S.V. and Zelenova S.A. (2017), “Modeling of software and hardware systems and analysis of their security”, Trudy Instituta sistemnogo programmirovaniya RAN, 5, pp. 257- 282. 
    https://doi.org/10.15514/ISPRAS-2017-29(5)-13
  15. Hunter, A. (2013), “A probabilistic approach to modelling uncertain logical arguments”, International Journal of Approximate Reasoning, 1, no. 54, pp. 47-81. 
    https://doi.org/10.1016/j.ijar.2012.08.003
  16. Lukinova, O.V. (2013), “Computer formation of goals and strategies of an information system security intruder”, Otkrytoye obrazovaniye, 4, no. 99, pp. 83-90.
  17. Mikhal'kova, A.P. and Zaytsev, A.S. (2013), “Applying a Bayesian Approach to Early Detection of Internal Information Security Offenders”, Bezopasnost' informatsionnykh tekhnologiy, no. 3, pp. 103-108.

Full text: PDF