Mathematical Model of the Computer Attack Implementation Possibility by an Intruder
- Resource Type
- Conference
- Authors
- Makarova, Olga; Porshnev, Sergey
- Source
- 2021 Ural Symposium on Biomedical Engineering, Radioelectronics and Information Technology (USBEREIT) Biomedical Engineering, Radioelectronics and Information Technology (USBEREIT), 2021 Ural Symposium on. :0395-0398 May, 2021
- Subject
- Bioengineering
Communication, Networking and Broadcast Technologies
Components, Circuits, Devices and Systems
Computing and Processing
Fields, Waves and Electromagnetics
Signal Processing and Analysis
Analytical models
Automata
Probabilistic logic
Mathematical model
Ransomware
Information technology
Monitoring
computer attacks
intruder
weighting factor of the transition
theory of cellular automata
defensible space
- Language
The article represents a substantiated mathematical model of the computer attack (CA) possibility by an intruder based on the theory of “defensible space” and the theory of cellular automata. A comparative analysis of mathematical approaches for describing the dynamics of the attacked IS and the cellular automata is carried out. The results of the analysis made it possible to draw a reasonable conclusion: the dynamics of the CA is similar to the dynamics of the cellular automata. Based on the analysis of the CA model, a reasonable list of quantitative indicators has been formed to determine the probability coefficient. The probabilistic coefficient is called the weighting factor of the transition (WFT) in the mathematical model of the CA implementation possibility. We show seven quantitative indicators. Two of them are the time required to develop protection method and the number of nodes potentially affected by CA; and (7) the total number of nodes. Other are coefficients. There are coefficient of availability / popularity of protection means against CA; coefficient of solution availability for CA monitoring; the coefficient of absence / presence of visible CA damage; the coefficient of the attack method popularity. Defines as active discussion (“explanation”) of the attack method on the DarkNet forums. For a specific attack method, the coefficient for all transitions is the same. The sufficiency of selected quantitative indicators list is confirmed by the results of the analysis of the Petya ransomware scenario on information system (IS) located on the territory of Ukraine.