USING THE ANYLOGIC ENVIRONMENT FOR MODELING AND ANALYSIS OF THE INFORMATION SECURITY AUDIT PROCESS
The article presents the results of a comprehensive analysis of the information security audit process using simulation methods in the AnyLogic environment. The relevance of the study is due to the increasing complexity of cyber threats and the need to optimize the resources spent on ensuring the se...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Joint Stock Company "Experimental Scientific and Production Association SPELS
2025-05-01
|
| Series: | Безопасность информационных технологий |
| Subjects: | |
| Online Access: | https://bit.spels.ru/index.php/bit/article/view/1781 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | The article presents the results of a comprehensive analysis of the information security audit process using simulation methods in the AnyLogic environment. The relevance of the study is due to the increasing complexity of cyber threats and the need to optimize the resources spent on ensuring the security of information systems. The research aims to develop a dynamic model for evaluating temporal and logical parameters of security audits while identifying critical process bottlenecks. Methodologically, the study employs an agent-based approach implemented in AnyLogic. This environment platform was selected for its ability to integrate discrete event and system dynamics methods, enabling a multidimensional analysis of audit stage interactions. The model incorporates five key phases: planning, data collection, risk analysis, report generation, and corrective actions. Input data from RTM Group includes statistical timelines for audit stages and incident frequency patterns. Simulation results revealed a non-linear relationship between phase durations and detected vulnerabilities. AnyLogic's visualization tools helped pinpoint process bottlenecks. The developed model features adaptability, allowing parameter adjustments to align with organizational specifics. Validation against RTM Group’s real-world data showed an audit duration prediction error margin within a few percentage points. Conclusions confirm the effectiveness of simulation modeling for enhancing audit transparency. Unlike traditional methods, the AnyLogic-based approach enables quantitative scenario evaluation. The study contributes to information security management methodology by providing a tool to balance operational efficiency and cybersecurity requirements. Results are applicable to both commercial entities and government institutions handling mission-critical data. |
|---|---|
| ISSN: | 2074-7128 2074-7136 |