Assessment methodology for security of an automated control system of critical information infrastructure against DDoS attacks based on Monte Carlo simulation

Objective. The purpose of the study is to develop a methodology for assessing the security of an automated control system of critical information infrastructure from DDoS attacks. The purpose of the methodology development is to provide the decision–maker with a scientifically sound tool for assessing the risk of implementing a DDoS attack.

Method. To achieve the stated goal of the study, simulation modeling based on the Monte Carlo method was used.

Result. The expediency of using Monte Carlo simulation to assess the probability of server failure under DDoS attacks is confirmed. It was concluded that the server can be considered as a queuing system, however, the flow of incoming applications under DDoS attacks is not Poisson, so the use of analytical expressions to assess the probability of failure is considered incorrect. The simulation results allow the decision-maker to assess the probability of server failure and make organizational and technical decisions to increase the level of security. Analysis of the simulation results showed the effectiveness of improving server performance by increasing service channels.

Conclusion. Thus, the developed methodology will be useful in conducting an information security audit of an organization to justify the amount of its insurance premium in the framework of cyber risk insurance. A possible direction for further research is to study the issue of computer network security, taking into account the features of a specific topology.

1. Analysis of existing automated process control systems [Electronic resource]. Access mode: https://cyberleninka.ru/article/n/analiz-suschestvuyuschih-avtomatizirovannyh-sistem-upravleniyatehnologicheskim-protsessom/viewer

2. The threat of DDoS attacks and ambiguous attitude to them [Electronic resource]. Access mode: https://www.kaspersky.ru/blog/ugroza-ddos-atak-i-neodnoznachnoe-k-nim-otnoshenie/3236/

3. Federal Law No. 152-FZ of 27.07.2006 "On personal data" // SPS ConsultantPlus.

4. Resolution of the Government of the Russian Federation of November 1, 2012 N 1119 Moscow "On approval of requirements for the protection of personal data during their processing in personal data information systems"

5. Government Resolution No. 162 of 17.02.2018 "On approval of the Rules for the Implementation of state Control in the Field of ensuring the security of Significant objects of critical information infrastructure of the Russian Federation"

6. Decree of the President of the Russian Federation of 25.11.2017 N 569 "On Amendments to the Regulations on the Federal Service for Technical and Export Control, approved by Decree of the President of the Russian Federation of August 16, 2004; 1085

7. NIST Special Publication 800-82. Guide to Industrial Control Systems (ICS) [Electronic resource]. Access mode: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-82r1.pdf

8. Solnyshkina I.V. Theory of queuing systems: textbook. Manual. Komsomolsk-on-Amur : FGBOU VPO "KnAGTU", 2015;76.[In Russ]

9. Queuing theory. Methodical instructions, curriculum and tasks for control works No. 1, 2 for correspondence students of the specialty 071900 "Information systems in engineering and technology". Samara: SamGAPS, 2002; 38.[In Russ]

10. Lychkina N.N. Simulation modeling of economic processes. Textbook. M.: Infra-M, 2012;253.[In Russ]

11. Modeling of systems: a textbook. comp. R. G. Asuldaev. Belgorod, 2016; 236. [In Russ]

12. Simulation modeling: textbook .Yu.A. Korablev. Moscow : KNORUS, 2017;146.[In Russ]

13. Voevodin V. A., Chernyaev V. S., Burenok D.S. On the use of a simulation model to assess the probability of server failure in the context of DDoS attacks // Proceedings of the 76th All-Russian Conference "Radioelectronic Devices and Systems for Infocommunication Technologies", 2021; 390-393. [In Russ]

14. Lee J L and Hong C S Nonparametric Detection Methods against DDoS Attack Korean Journal of Applied Statistics 2013; 4: 291-305.

15. Leian Chen, Xiaodong Wang. Quickest attack detection in smart grid based on sequential Monte Carlo filtering» IET Smart Grid 2020; 3: 686 – 696.

16. Micel` A.A., Gribanova E.B., Simulation of economic processes in Excel Tomsk: TUSUR Publishing House, 2019;115 [El.res.]. Access mode:https://asu.tusur.ru/learning/090303/d24/090303-d24-lect2.pdf

17. Voevodin V.A., Burenok D.S. i Chernyaev V.S. 2021 Program for evaluating server security from DDoS attacks Certificate of official registration of a computer program No. 2021615403.