Recommendations for using a methodology for assessing the security of an automated control system for critical information infrastructure from DDoS attacks based on Monte Carlo simulation
Objective. The objective of the research is to develop a methodology for the security of an automated control system of critical information infrastructure from DDoS attacks. The methodology allows the decision-maker to obtain an assessment of the risk of exposure of the computer network (CN) to DDo...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | Russian |
| Published: |
Dagestan State Technical University
2023-10-01
|
| Series: | Вестник Дагестанского государственного технического университета: Технические науки |
| Subjects: | |
| Online Access: | https://vestnik.dgtu.ru/jour/article/view/1341 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1850040969005629440 |
|---|---|
| author | V. A. Voevodin V. S. Chernyaev I. V. Vinogradov |
| author_facet | V. A. Voevodin V. S. Chernyaev I. V. Vinogradov |
| author_sort | V. A. Voevodin |
| collection | DOAJ |
| description | Objective. The objective of the research is to develop a methodology for the security of an automated control system of critical information infrastructure from DDoS attacks. The methodology allows the decision-maker to obtain an assessment of the risk of exposure of the computer network (CN) to DDoS attacks and take necessary actions to reduce the risk of this threat.Method. To achieve the stated objective of the research, simulation modeling based on the Monte Carlo method was used, implemented within the framework of a specialized software environment, as well as a method for calculating integral risk.Result. A methodology was proposed for assessing the security of an automated control system for critical information infrastructure from DDoS attacks, taking into account the importance of individual nodes of its CN.Conclusion. Thus, the developed methodology is useful when conducting an information security audit to assess the integral risk of impact implementation of a DDoS attack on a CN and is designed to help an organization achieve global information security goals, as well as to justify the amount of the insurance premium paid when insuring cyber risks. |
| format | Article |
| id | doaj-art-507298a4abaa48c39e6f2dc0cb2aba01 |
| institution | DOAJ |
| issn | 2073-6185 2542-095X |
| language | Russian |
| publishDate | 2023-10-01 |
| publisher | Dagestan State Technical University |
| record_format | Article |
| series | Вестник Дагестанского государственного технического университета: Технические науки |
| spelling | doaj-art-507298a4abaa48c39e6f2dc0cb2aba012025-08-20T02:55:54ZrusDagestan State Technical UniversityВестник Дагестанского государственного технического университета: Технические науки2073-61852542-095X2023-10-01503576510.21822/2073-6185-2023-50-3-57-65806Recommendations for using a methodology for assessing the security of an automated control system for critical information infrastructure from DDoS attacks based on Monte Carlo simulationV. A. Voevodin0V. S. Chernyaev1I. V. Vinogradov2National Research University of Electronic TechnologyНациональный исследовательский университет «Московский институт электронной техники»National Research University of Electronic TechnologyObjective. The objective of the research is to develop a methodology for the security of an automated control system of critical information infrastructure from DDoS attacks. The methodology allows the decision-maker to obtain an assessment of the risk of exposure of the computer network (CN) to DDoS attacks and take necessary actions to reduce the risk of this threat.Method. To achieve the stated objective of the research, simulation modeling based on the Monte Carlo method was used, implemented within the framework of a specialized software environment, as well as a method for calculating integral risk.Result. A methodology was proposed for assessing the security of an automated control system for critical information infrastructure from DDoS attacks, taking into account the importance of individual nodes of its CN.Conclusion. Thus, the developed methodology is useful when conducting an information security audit to assess the integral risk of impact implementation of a DDoS attack on a CN and is designed to help an organization achieve global information security goals, as well as to justify the amount of the insurance premium paid when insuring cyber risks.https://vestnik.dgtu.ru/jour/article/view/1341simulation modelingmonte carlo methodddos attackinformation security auditinformation security risk assessment |
| spellingShingle | V. A. Voevodin V. S. Chernyaev I. V. Vinogradov Recommendations for using a methodology for assessing the security of an automated control system for critical information infrastructure from DDoS attacks based on Monte Carlo simulation Вестник Дагестанского государственного технического университета: Технические науки simulation modeling monte carlo method ddos attack information security audit information security risk assessment |
| title | Recommendations for using a methodology for assessing the security of an automated control system for critical information infrastructure from DDoS attacks based on Monte Carlo simulation |
| title_full | Recommendations for using a methodology for assessing the security of an automated control system for critical information infrastructure from DDoS attacks based on Monte Carlo simulation |
| title_fullStr | Recommendations for using a methodology for assessing the security of an automated control system for critical information infrastructure from DDoS attacks based on Monte Carlo simulation |
| title_full_unstemmed | Recommendations for using a methodology for assessing the security of an automated control system for critical information infrastructure from DDoS attacks based on Monte Carlo simulation |
| title_short | Recommendations for using a methodology for assessing the security of an automated control system for critical information infrastructure from DDoS attacks based on Monte Carlo simulation |
| title_sort | recommendations for using a methodology for assessing the security of an automated control system for critical information infrastructure from ddos attacks based on monte carlo simulation |
| topic | simulation modeling monte carlo method ddos attack information security audit information security risk assessment |
| url | https://vestnik.dgtu.ru/jour/article/view/1341 |
| work_keys_str_mv | AT vavoevodin recommendationsforusingamethodologyforassessingthesecurityofanautomatedcontrolsystemforcriticalinformationinfrastructurefromddosattacksbasedonmontecarlosimulation AT vschernyaev recommendationsforusingamethodologyforassessingthesecurityofanautomatedcontrolsystemforcriticalinformationinfrastructurefromddosattacksbasedonmontecarlosimulation AT ivvinogradov recommendationsforusingamethodologyforassessingthesecurityofanautomatedcontrolsystemforcriticalinformationinfrastructurefromddosattacksbasedonmontecarlosimulation |