Vector formation features of modern network attacks

The problems that arise when setting tasks for determining the vector of a network attack in a corporate information network are considered. The varieties of various techniques that simplify the construction of a network  attack vector used  in the analysis of the reliability of information systems are presented and characterized. The suitability for various procedures for determining vector parameters is considered. When constructing a network attack vector, the specificity of the manifestation of the time parameter was determined as a characteristic indicating a more effective way of spreading compromise. The formation of the vector is considered taking into account the specifics of the networks multilevel organization. The specifics of the simplified vector calculation model including procedures focused on various approaches are determined.

1. Metodika otsenki ugroz bezopasnosti informatsii Metodicheskii dokument FSTEK Rossii: utv. FSTEK Rossii 5 fevralya 2021. [Methodology for assessing threats to information security Methodological document of the FSTEC of Russia]. Moscow, 2021.

2. GOST R 56546-2015 Natsional'nyi standart rossiiskoi federatsii. Zashchita informatsii. Uyazvimosti informatsionnykh sistem. Klassifikatsiya uyazvimostei informatsionnykh system [National Standard of the Russian Federation. Data protection. Vulnerabilities of information systems. Classification of vulnerabilities of information systems]. Moscow, Standartinform, 2018.

3. Gorbachev I. E., Glukhov A. P. Modelirovanie protsessov narusheniya informatsionnoi bezopasnosti kriticheskoi infrastruktury [Modeling the processes of violation of information security of critical infrastructure]. Trudy SPIIRAN, Moscow, 2015, iss. 1(38), pp. 112 – 135.

4. Kotenko I. V. Mnogoagentnye tekhnologii analiza uyazvimostei i obnaruzheniya vtorzhenii v komp'yuternykh setyakh [Multi-agent technologies for vulnerability analysis and intrusion detection in computer networks]. Novosti iskusstvennogo intellekta, 2004, no. 1, pp. 56–72.

5. Shcheglov A.Yu. Zashchita komp'yuternoi informatsii ot nesanktsionirovannogo dostupa [Protection of computer information from unauthorized access]. Saint Petersburg, Science and Technology, 2004, 384 p.

6. Galatenko V.A. Upravlenie riskami: obzor upotrebitel'nykh podkhodov (chast' 2) [Risk management: a review of common approaches (part 2)]. Jet Info, no. 12, 2018, available at: https://www.jetinfo.ru/upravlenie-riskami-obzor-upotrebitelnykh-podkhodov-chast-2/ (accessed: 29.01.2022).

7. Astakhov A. Vvedenie v audit informatsionnoi bezopasnosti [Introduction to information security audit [Report]], GlobalTrust Solutions, 2018, available at: http://globaltrust.ru (accessed: 29.01.2018).

8. Averchenkov V.I., Rytov M.Yu., Gainulin T.R Optimizatsiya vybora sostava sredstv inzhenerno-tekhnicheskoi zashchity informatsii na osnove modeli Klementsa–Khoffmana [Optimization of the choice of the composition of the means of engineering and technical protection of information based on the Clements–Hoffman model]. Vestnik Bryanskogo gosudarstvennogo tekhnicheskogo universiteta, Bryansk, 2008, no. 1(17).

9. Markovskie protsessy v diskretnom vremeni [Markov processes in discrete time], available at: https://proproprogs.ru/dsp/markovskie-processy-v-diskretnom-vremeni (accessed: 29.01.2022).