Безопасность информационных технологий (Dec 2023)
Optimal choice of information security in automated systems via Markov cyber-attack models
Abstract
One of the main problems to provisioning the information security of automated systems is the absence of unify approaches to the quantitative evaluation of their efficiency and reliability. In this article, we consider one of the approaches to this problem, which is based on the use of cyber-attack models described in terms of Markov chains with absorbing states. In particular, we describe one of these models in detail, in which, in contrast to the similar models of other authors, the different duration of attacks is provided. Moreover, we also have provided for this model the different absorbing states that are associated with the successful implementations for every of cyber-attacks. These features allow us to introduce two security metrics, which can be use for evaluating efficiency of the security remedies applied: the mean time to security failure and the mean risk of the attack implementation. Using these metrics, we formulate, in this article, a few optimization problems, which are of interest in the development and design of the secured automated systems. It has shown that these problems belong to the class of non-linear integer programming problems, and therefore we also suggest an efficient algorithm of their solving based on the concept of sequent analysis of variants. A program has been developed for studying Markov security models taking into account the duration of a computer attack and an example of solving one is given optimization problems whose solution is some optimal set of security remedies. This solution minimizes the cost and expenses sent on the security remedies at some constraints on the mean time to security failure.
Keywords
