The model of information security based on markov random processes

Abstract

In this article rotary and propozed mathematical apparatus which as part of the information security are not the threat of unauthorized removal of information — attack and threats — the possibility of eavesdropping vulnerability. Most of the known modelling approaches that differ in which parameters in the simulation they are used as the input information and the characteristics of the simulated system are calculated and sent to the model (models are Built using probability theory, stochastic processes, Petri nets, automata theory, graph theory, fuzzy sets, catastrophe theory, entropy approach, etc.), provides for the use as a simple safety feature the threat of an attack on an information system [3]. The practical applicability of such models is extremely complicated through the necessity of the expert of the task key characteristics of safety — probability of threat of attack.
In the simulation, based on the use of as the simplest element of security threats attacks threats attacks is regarded as independent events; therefore, use appropriate calculation formulas. However, this original promise is wrong, because the real threats of attack created in the system are vulnerable, while the events of the threats of attacks, as a rule, dependent sensitivity because many attacks use the same vulnerability. Because of emergence and elimination of sensitivity with certain reservations, can be interpreted as the occurrence and elimination of failures (in this case, the security characteristics of the information system), we can assume that to solve these problems, modeling simulation of failures and recoveries safety features — can be used mathematical apparatus of reliability theory. As parameters in the vulnerability threat considering the intensity of occurrence of vulnerability λ and intensity of vulnerability µ. Under the appearance of vulnerability (here and beyond) naturally understand its detection by the security breach. On the one hand, assuming that the system contains a finite (albeit very large) number of undiscovered vulnerabilities, I can say that in this case, the process is not Markov, since the identification and elimination of vulnerabilities of each leads to change their numbers on a finite initial set, i. e. have a process with aftereffect.
Will sight, the mathematical apparatus for simulation of systems with refusals and restoration (identifying channels of information leakage and prevention of information acquisition through these channels), with the safety features. Had calculated on this method for different values of ρ (where ρ = λ/µ, λ — the emergence of vulnerability and µ — vulnerability).

Keywords: mathematical apparatus; systems modeling; information retrieval; attack; threat; vulnerability.

References
1. Щеглов К. А., Щеглов А. Ю. Эксплуатационные характеристики риска нарушений безопасности информационной системы // Научно-технический вестник информационных технологий, механики и оптики. 2014. №1(89). С. 129–139.
2. Щеглов К. А., Щеглов А. Ю. Математические модели эксплуатационной информационной безопасности // Вопросы защиты информации. 2014. Вып. 106. № 3. С. 52–65.
3. Вентцель Е. С. Исследование операций. Москва, 1972. 566 с.