Visible to the public Situational Control of a Computer Network Security System in Conditions of Cyber Attacks

TitleSituational Control of a Computer Network Security System in Conditions of Cyber Attacks
Publication TypeConference Paper
Year of Publication2021
AuthorsKotenko, Igor, Saenko, Igor, Lauta, Oleg, Karpov, Mikhail
Conference Name2021 14th International Conference on Security of Information and Networks (SIN)
Date Publisheddec
KeywordsAerospace electronics, composability, computer network security system, computer networks, control scenario forecast, Cyber Attacks, Markov chain, Metrics, Networked Control Systems Security, optimal control, Prediction algorithms, probability, pubcrawl, Real-time Systems, resilience, Resiliency, security, situational control
AbstractModern cyberattacks are the most powerful disturbance factor for computer networks, as they have a complex and devastating impact. The impact of cyberattacks is primarily aimed at disrupting the performance of computer network protection means. Therefore, managing this defense system in the face of cyberattacks is an important task. The paper examines a technique for constructing an effective control system for a computer network security system operating in real time in the context of cyber attacks. It is supposed that it is built on the basis of constructing a system state space and a stack of control decisions. The probability of finding the security system in certain state at each control step is calculated using a finite Markov chain. The technique makes it possible to predict the number of iterations for managing the security system when exposed to cyber attacks, depending on the segment of the space of its states and the selected number of transitions, as well as automatically generate control decisions. An algorithm has been developed for situational control of a computer network security system in conditions of cyber attacks. The experimental results obtained using the generated dataset demonstrated the high efficiency of the developed technique and the ability to use it to determine the parameters that are most susceptible to abnormal deviations during the impact of cyber attacks.
Citation Keykotenko_situational_2021