Безопасность информационных технологий (Mar 2022)
Assessment of the state of protection of information systems against malware
Abstract
This paper discusses the main types of malware and their destructive effects on information systems. The current work develops a mathematical model for assessing the state of security of information systems based on structural and functional analysis. To achieve the goal of this work, we analyzed existing mathematical models of adaptive information security management, and built a probability graph of system states and transitions. We define the concept of system states and their dependence on the necessary and sufficient conditions for the emergence and duration of the process of destruction by malware. The dependence of information system states on various deterministic and stochastic events has been studied. A model of a system for protecting an information system from malicious programs has been developed, and the permissible values of dangerous factors of malicious programs have been determined. The result of this work is a mathematical model for assessing the state of protection of an information system from malware. This model can be used by specialists in the field of information security to assess the security of both the operating information systems and those under development.
Keywords
