PRIVATE TECHNIQUE OF FORMATION OF REQUIREMENTS TO INFORMATION PROTECTION SYSTEMS FROM UNAUTHORIZED ACCESS TO AUTOMATED BATH SYSTEMS USING GENETIC ALGORITHM

Objectives. Analysis of the existing methodology for the formation of requirements for information protection systems (GIS) from unauthorized access (NSD) to automated systems (AS) revealed a number of significant flaws, the main of which is the following: despite the fact that the considered method undoubtedly has theoretical significance, the same time, it can not claim practical value. This is due to the fact that in this methodology, the studies were carried out not on a specific standard (widely used certified according to the regulations of the Federal Service for Technical and Export Control of Russia) GIS, and the data on threats of unauthorized access given in it do not correspond to reality (morally obsolete), but therefore require a significant upgrade. Accepting the existing methodology as a baseline, the purpose of the article is to develop a private method of forming requirements for GIS from unauthorized access to the AU, which has practical value and allows you to formulate quantitative requirements for a wide class of certified GIS.

Method. When writing the article, the methods of system analysis, evolutionary modeling, probability theory and mathematical statistics, mathematical apparatus for modeling dynamic discrete networks (E-networks), and theory of algorithms were used. The methodological basis is a systematic approach.

Result. A private methodology has been developed that determines the parameters of the symbolic genetic algorithm (GA) for creating a software package for analysis, evolutionary modeling, and forming quantitative requirements for GIS from un-authorized access to speakers using the Matlab 13 application software to implement GA in the Optimization toolbox programming environment.

Conclusion. The proposed private method of forming requirements for GIS from unauthorized access in the AU using GA has a theoretical significance, practical value and allows you to formulate quantitative requirements for a wide class of AS certified in a certain class of security in accordance with the requirements of current regulatory documentation.

1. Doktrina informatsionnoy bezopasnosti Rossiyskoy Federatsii. Utv. Ukazom Prezidenta Rossiyskoy Federatsii № 646 ot 05.12.2016. [The information security doctrine of the Russian Federation. Approved by the decree of the President of the Russian Federation No. 646 from 05.12.2016. (In Russ)]

2. Metody i sredstva evolyutsionnogo modelirovaniya pri obosnovanii trebovaniy k programmnym sistemam zash-chity informatsii: monografiya / A.A. Zmeyev [i dr.]; pod red. prof. Ye.A. Rogozina. – Voronezh: Voronezhskiy institut MVD Rossii, 2015. – 98 c. [Methods and tools of evolutionary modeling in support of requirements for software systems of information protection: monograph / A.A. Zmeev [and others]; under the editorship of Professor E.A. Rogozin. – Voronezh: Vo-ronezh Institute of MIA Russia, 2015. – 98 p. (In Russ)]

3. Tipovaya sistema zashchity informatsii ot nesanktsionirovannogo dostupa RU.48957919.501410-0231 // Tekhnicheskaya dokumentatsiya. – Gosudarstvennyy nauchno-issledovatel'skiy institut modelirovaniya intellektual'nykh slozhnykh sistem, 2017. – 16 s. [A typical system of information protection from unauthorized access EN.48957919.501410-02 31 // Technical documentation. – State scientific-research Institute of intelligent simulation of complex systems, 2017. – 16 p. (In Russ)]

4. Rad'ko N.M. Proniknoveniya v operatsionnuyu sredu komp'yutera: modeli zloumyshlennogo uda-lonnogo dostupa: ucheb. posobiye [Elektronnyy resurs]. – Elektron. tekstovyye, graf. dannyye (1,62 Mb) / N.M. Rad'ko, YU.K. YAzov, N.N. Korneyeva. – Voronezh: FGBOU VPO «Voronezhskiy gosudarstvennyy tekhniche-skiy universitet», 2013. – 265 s. [Radko N.M. Penetration into the operating environment of the computer: model malicious remote access: proc. Handbook [Electronic resource]. – Electron. text, count. data (1.62 MB) / N.M. Radko, Yu.K. Yazov, N.N. Korneeva. – Voronezh: FGBOU VPO «Voronezh state technical university», 2013. – 265 p. (In Russ)]

5. . Sovetov B.YA. Modelirovaniye sistem: ucheb. dlya vuzov / B.YA. Sovetov, S.A. Yakovlev. – 3-ye izd., pererab. i dop. – M.: Vyssh. shk., 2001. – 343 s. [Sovetov B.Y. Modelling of systems: proc. for universities / B.Y. Sovetov, S.A. Yakovlev. – 3rd d. rev. and extra. – M.: Higher. wk., 2001. – 343 p. (In Russ)]

6. Marakhovskiy V.B. Modelirovaniye parallel'nykh protsessov. Seti Petri / V.B. Marakhovskiy, L.YA. Ro-zenblyum, A.V. Yakovlev. – SPb.: Professional'naya literatura, 2014. – 400 s. [Marakhovsky V.B. Modeling of parallel processes. Petri nets / V.B. Marakhovsky, L.Y. Rosenblum, A.V. Yakovlev. – SPb.: Professional literature, 2014. – 400 p. (In Russ)]

7. Lomazova I.A. Vlozhennyye seti Petri: modelirovaniye i analiz raspredelonnykh sistem s ob"-yektnoy strukturoy / I.A. Lomazova. – M.: Nauchnyy Mir, 2004. – 208 s. [Lomazova I.A. Nested Petri nets: modeling and analysis of distributed systems with object structure / I.A. Lomazova. – M.: Scientific World, 2004. – 208 p. (In Russ)]

8. Tikhonov V.I. Markovskiye protsessy / V.I. Tikhonov, M.A. Mironov. – M.: Sov. Radio, 1977. – 488 s. [Tikhonov V.I. Markov processes / V.I. Tikhonov, M.A. Mironov. – M.: Owls. Radio, 1977. – 488 p. (In Russ)]

9. Ventsel' Ye.S. Teoriya veroyatnostey / Ye.S. Ventsel'. – M.: Nauka, 1969. – 576 s. [Ventsel E.S. Probability theory / E.S. Wenzel. – M.: Nauka, 1969. – 576 p. (In Russ)]

10. Matematicheskaya model' otsenki effektivnosti sistem zashchity informatsii s ispol'zovaniyem preobrazovaniya Laplasa i chislennogo metoda Givensa / I.G. Drovnikova [i dr.] // Trudy SPIIRAN. № 3 (52) (2017). – S.-Pb.: SPIIRAN, 2017. – 2017. – № 3(52). – S. 234-258. – DOI 10.15622/sp.52. [Mathematical model of evaluation of the effectiveness of information security systems using the Laplace transform and the numerical method Givens / I.G. Drovnikova [and others] // Proceedings of SPIIRAS. № 3 (52) (2017). – S.-Pb.: SPIIRAS, 2017. – 2017. – № 3(52). – P. 234-258. – DOI 10.15622/sp.52. (In Russ)]

11. Rukovodyashchiy dokument. Kontseptsiya zashchity sredstv vychislitel'noy tekhniki i avtomatiziro-vannykh sistem ot nesanktsionirovannogo dostupa k informatsii. Utv. resheniyem Gostekhkomissii Rossiy-skoy Federatsii ot 30.03.1992. [Guidance document. The concept of protection of computer equipment and automated systems from unauthorized access to information. Approved by the decision of gostekhkomissii of the Russian Federation from 30.03.1992. (In Russ)]

12. Goldberg D.E. Genetic Algorithms in Search, Optimization, and Machine Learning / D.E. Goldberg. — Massachusetts: Addison-Wesley, 1989. [Goldberg D.E. Genetic Algorithms in Search, Optimization, and Machine Learning / D.E. Goldberg. — Massachusetts: Addison-Wesley, 1989.

13. Mitchell M. An Introduction to Genetic Algorithms / M. Mitchell. — Cambridge: MIT Press, 1999. — 158 p.