(<.>U=681.32:007.5<.>)

Yevseiev, S. .
    Development of a method for assessing the security of cyber-physical systems based on the Lotka–Volterra model [Text] / S. Yevseiev, S. Pohasii, S. Milevskyi, O. Milov, Y. Melenti, I. Grod, D. Berestov, R. Fedorenko, O. Kurchenko // Eastern-European Journal of Enterprise Technologies. - 2021. - Vol. 5, No. 9 (113). - P. 30-47
   Перевод заглавия: Разработка метода оценки безопасности киберфизических систем на основе модели Лотки–Вольтерры

УДК	681.32:007.5

РУБ DOI: 10.15587/1729-4061.2021.241638

Аннотация: The paper presents the results of the development of a method for assessing the security of cyber-physical systems based on the Lotka-Volterra model. Security models of cyber-physical systems are proposed: “predator-prey” taking into account the computing capabilities and focus of targeted cyberattacks, “predator-prey” taking into account the possible competition of attackers in relation to the “prey”, “predato-prey” taking into account the relationships between “prey species” and “predator species”, “predator-prey” taking into account the relationship between “prey species” and “predator species”. Based on the proposed approach, the coefficients of the Lotka-Volterra model α=0.39, β=0.32, γ=0.29, φ=0.27 were obtained, which take into account the synergy and hybridity of modern threats, funding for the formation and improvement of the protection system, and also allow determining the financial and computing capabilities of the attacker based on the identified threats. The proposed method for assessing the security of cyber-physical systems is based on the developed threat classifier, allows assessing the current security level and provides recommendations regarding the allocation of limited protection resources based on an expert assessment of known threats. This approach allows offline dynamic simulation, which makes it possible to timely determine attackers' capabilities and form preventive protection measures based on threat analysis. In the simulation, actual bases for assessing real threats and incidents in cyberphysical systems can be used, which allows an expert assessment of their impact on both individual security services and security components (cyber security, information security and security of information). The presented simulation results do not contradict the graphical results of the classical Lotka-Volterra model, which indicates the adequacy of the proposed approach for assessing the security of cyber-physical systems.

Текст - 0 байт

Yevseiev, S. .
    Development of a concept for cybersecurity metrics classification [Electronic resource] / S. Yevseiev, O. Milov, I. Opirskyy, O. Dunaievska, O. Huk, V. Pogorelov, K. Bondarenko, N. Zviertseva, Y. Melenti, B. Tomashevsky // Eastern-European Journal of Enterprise Technologies. - 2022. - Vol. 4, No. 4 (118). - P. 6-18
   Перевод заглавия: Разработка концепции классификации метрик кибербезопасности

УДК	681.32:007.5

РУБ DOI: 10.15587/1729-4061.2022.263416

Аннотация: The development of the IT industry and computing resources allows the formation of cyberphysical social systems (CPSS), which are the integration of wireless mobile and Internet technologies and the combination of the Internet of things with the technologies of cyberphysical systems. To build protection systems, while minimizing both computing and economic costs, various sets of security profiles are used, ensuring the continuity of critical business processes. To assess/compare the level of CPSS security, various assessment methods based on a set of metrics are generally used. Security metrics are tools for providing up-to-date information about the state of the security level, cost characteristics/parameters from both the defense and attack sides. However, the choice of such sets is not always the same/understandable to the average person. This, firstly, leads to the absence of a generally accepted and unambiguous definition, which means that one system is more secure than another. Secondly, it does not take into account the signs of synergy and hybridity of modern targeted attacks. Without this knowledge, it is impossible to show that the metric measures the security level objectively. Thirdly, there is no universal formal model for all metrics that could be used for rigorous analysis. The paper explores the possibility of defining a basic formal model (classifier) for analyzing security metrics. The proposed security assessment model takes into account not only the level of secrecy of information resources, the level of provision of security services, but also allows, based on the requirements put forward, forming the necessary set of security assessment metrics, taking into account the requirements for the continuity of business processes. The average value of the provision of security services to CPSS information resources is 0.99, with an average value of the security level of information resources of 0.8

Текст англ. - 0 байт
,
Текст рос. - 0 байт