GRAPH MODELS OF THE DYNAMICS OF NETWORK ATTACKS IN AUTOMATED SYSTEMS OF INTERNAL AFFAIRS BODIES

Objective. The most important task of the theory and practice of ensuring the information security of automated systems during their operation in a secure version at the objects of computerization of internal affairs bodies is to analyze the functioning process of systems for protecting confidential information resources from unauthorized access in case of network attacks, which involves modeling the process of their implementation and the development of graph models of the implementation dynamics of the main types of network attacks.

Methods. The method for solving this problem is a mathematical simulation of implementing network attacks in protected automated systems of internal affairs bodies by constructing and describing graph models of typical network attacks on a confidential information resource in the dynamics of  their implementation.

Results. Based on the analysis of typical network attacks on the information resource of modern automated systems operated in a secure version at the objects of computerization of internal affairs bodies, graph models of these attacks in the dynamics of their implementation were developed, with the allocation of key elements and functional components of models identical to real network attacks. The developed graph models allow visualizing the process of implementing the main malicious functions of the considered  network attacks and consider the attacker's alleged actions.

Conclusion. The conducted research results can be used to develop simulation models of typical network attacks on a confidential information resource to obtain probabilistic-temporal characteristics in the form of the execution times of each attack of malicious functions for a quantitative risk  assessment of their implementation. This can become the basis for forming  a specific model of actual attacks for a specific automated system and  substantiating quantitative requirements for promising software and  information security systems at the computerization facilities of the internal affairs bodies following the current regulatory documentation requirements.

1. FSTEK Rossii. Rukovodyashchiy dokument. Kontseptsiya zashchity sredstv vychislitel'noy tekhniki i avtomatizirovannykh sistem ot nesanktsionirovannogo dostupa k informatsii [Elektronnyy resurs]. [FSTEC of Russia. Guidance document. The concept of protection of computer technology and automated systems from unauthorized access to information [Electronic resource]. Access mode: https://fstec.ru/component/ attachments / download / 299. - (Date of treatment: 05/15/2020). (In Russ)]

2. Ob utverzhdenii Kontseptsii obespecheniya informatsionnoy bezopasnosti organov vnutrennikh del Rossiyskoy Federatsii do 2020 goda: prikaz MVD Rossii ot 14.03.2012 № 169 [Elektronnyy resurs]. [On the approval of the Concept for ensuring information security of the internal affairs bodies of the Russian Federation until 2020: order of the Ministry of Internal Affairs of Russia dated March 14, 2012 No. 169 [Electronic resource]. Access mode: http://policemagazine.ru/forum/showthread.php?t = 3663. (Date of treatment: 05/15/2020). (In Russ)]

3. Rogozin Ye.A. Problemy i puti ikh resheniya pri proyektirovanii sistem zashchity informatsii ot nesanktsionirovannogo dostupa v avtomatizirovannykh informatsionnykh sistemakh OVD / Ye.A. Rogozin, A.D. Popov, T.V. Meshcheryakova // Informatsionnyye tekhnologii, svyaz' i zashchita informatsii MVD Rossii. 2017. CH. 1. S. 115-118. [Rogozin E.A. Problems and ways to solve them in the design of information protection systems from unauthorized access in automated information systems of the internal affairs department / E.A. Rogozin, A.D. Popov, T.V. Meshcheryakova // Information technologies, communication and information protection of the Ministry of Internal Affairs of Russia. 2017. Part 1. рр. 115-118. (In Russ)]

4. Butusov I.V. Methodology of Security Assessment Automated Systems as Objects Critical Information Infrastructure / I.V. Butusov, A.A. Romanov [Electronic resource]. Access mode: http://fcyberrus.com/wpcontent/uploads/2018/05/02-10-125-18_1. Butusov. pd. (Date of treatment: 05/17/2020).

5. Drovnikova I.G. Analiz sushchestvuyushchikh sposobov i protsedur otsenki opasnosti realizatsii setevykh atak v avtomatizirovannykh sistemakh organov vnutrennikh del i aspekty ikh sovershenstvovaniya / I.G. Drovnikova, Ye.S. Ovchinnikova, Ye.A. Rogozin // Vestnik Voronezh. in-ta MVD Rossii. 2019. № 4. S. 51-63. [Drovnikova I.G. Analysis of existing methods and procedures for assessing the danger of implementing network attacks in automated systems of internal affairs bodies and aspects of their improvement / I.G. Drovnikova, E.S. Ovchinnikova, E.A. Rogozin // Bulletin Voronezh. Institute of the Ministry of Internal Affairs of Russia. 2019.No. 4.рр. 51-63. (In Russ)]

6. Sher A. Simulation of Attacks in a Wireless Sensor Network using NS2 / A. Sher // The School of Engineering & Computing Sciences. –Texas A&M University-Corpus Christi. Spring 2015. 49 p.

7. Yuanshun Y. Automated Crowdturfing Attacks and Defenses in Online Review Systems / Y. Yuanshun [etc.] // arXiv:1708.08151v2 [cs.CR]. 8 Sep. 2017. 16 p. [Elektronnyy resurs]. [Yuanshun Y. Automated Crowdturfing Attacks and Defenses in Online Review Systems / Y. Yuanshun [etc.] // arXiv: 1708.08151v2 [cs.CR]. 8 Sep. 2017.16 p. [Electronic resource]. Access mode: https://docviewer.yandex.ru/view/ (Date of access: 17.05.2020). (In Russ)]

8. Kresimir S. The information systems' security level assessment model based on an ontology and evidential reasoning approach / S. Kresimir, O. Hrvoje, G. Marin // Computers & Security. 2015. 100-112.

9. Effectiveness Evaluation on Cyberspace Security Defense System / L. Yun [etc.] // International Conference on Network and Information Systems for Computers (IEEE Conference Publications). 2015. 576-579.

10. Rad'ko N.M. Risk-modeli informatsionno-telekommunikatsionnykh sistem pri realizatsii ugroz udalennogo i neposredstvennogo dostupa / N.M. Rad'ko, I.O. Skobelev. M: RadioSoft, 2010. 232 s. [Radko N.M. Risk-models of information and telecommunication systems in the implementation of threats of remote and direct access / N.M. Radko, I.O. Skobelev. M: RadioSoft, 2010.232 p. (In Russ)]

11. Rad'ko N.M. Proniknoveniya v operatsionnuyu sredu komp'yutera: modeli zloumyshlennogo udalennogo dostupa / N.M. Rad'ko, YU.K. YAzov, N.N. Korneyeva. Voronezh: Voronezh. gosud. tekhnich. un-t, 2013. 265 s. [Radko N.M. Penetration into the operating environment of a computer: models of malicious remote access / N.M. Radko, Yu.K. Yazov, N.N. Korneeva. Voronezh: Voronezh. state technical un-t, 2013. 265 p. (In Russ)]

12. FSTEK Rossii. Bank dannykh ugroz bezopasnosti informatsii. Rezhim dostupa: https://bdu.fstec.ru/threat. (Data obrashcheniya: 16.05.2020). [FSTEC of Russia. Databank of information security threats. Access mode: https://bdu.fstec.ru/threat. (Date of treatment: 16.05.2020). (In Russ)]

13. Ovchinnikova Ye.S. Analiz i klassifikatsiya osnovnykh ugroz informatsionnoy bezopasnosti avtomatizirovannykh sistem na ob"yektakh informatizatsii organov vnutrennikh del / A.V. Batskikh, I.G. Drovnikova, Ye.S. Ovchinnikova, Ye.A. Rogozin // Bezopasnost' informatsionnykh tekhnologiy = IT Security. T. 27. № 1. 2020. S. 40-50. [Ovchinnikova E.S. Analysis and classification of the main threats to the information security of automated systems at the objects of informatization of the internal affairs bodies / A.V. Batskikh, I. G. Drovnikova, E.S. Ovchinnikova, E.A. Rogozin // Security of information technologies = IT Security. T. 27.No. 1. 2020.pp. 40-50. (In Russ)]

14. Ovchinnikova Ye.S. Analiz tipovykh setevykh atak na avtomatizirovannyye sistemy organov vnutrennikh del / I.G. Drovnikova, Ye.S. Ovchinnikova, V.V. Konobeyevskikh //Vestnik Dagestanskogo gosud. tekhnich. universiteta. Tekhnicheskiye nauki. T. 47. № 1. 2020. S. 72-85. [Ovchinnikova E.S. Analysis of typical network attacks on automated systems of internal affairs bodies / I.G. Drovnikova, E.S. Ovchinnikova, V.V. Konobeevskikh // Herald of the Daghestan State Technical University. Technical Science. T. 47. No. 1. 2020. pp. 72-85. (In Russ)]

15. Svami M. Grafy, seti i algoritmy: per. s angl. / M. Svami, K. Tkhulasiraman. Moskva: Mir, 1984. 455 s. [Swami M. Graphs, networks and algorithms: trans. from English / M. Swami, K. Thulasiraman. Moscow: Mir, 1984 455 p. (In Russ)]

16. Distel' R. Teoriya grafov / R. Distel'. Novosibirsk: izd-vo in-ta matematiki, 2002. 336 s. [Distel R. Graph Theory / R. Distel. Novosibirsk: publishing house of the Institute of Mathematics, 2002.336 p. (In Russ)]

17. Sudakov B. Graph Theory / B. Sudakov. 08/18/2016 [Electronic resource]. Access mode: https://legalacts.ru/doc/FZ-ob-informacii-informacionnyh-tehnologijah-i-o-zawite-informacii. (Date of access: 15.05.2020).

18. Ob informatsii, informatsionnykh tekhnologiyakh i o zashchite informatsii: federal'nyy zakon ot 27.07.2006 № 149-FZ (v red. ot 19.12.2016) (s izm. i dop., vstup. v silu s 13.12.2019) [Elektronnyy resurs]. – Rezhim dostupa: https://legalacts.ru/doc/FZ-ob-informacii-informacionnyh-tehnologijah-i-o-zawite-informacii. – (Data obrashcheniya: 17.05.2020). [On information, information technologies and information protection: Federal Law No. 149-FZ of July 27, 2006 (as amended on December 19, 2016) (as amended and supplemented, entered into force on December 13, 2019) [Electronic resource]. Access mode: https://legalacts.ru/doc/FZ-ob-informaciiinformacionnyh-tehnologijah-i-o-zawite-informacii. (Date of treatment: 05/17/2020). (In Russ)]

19. Ob utverzhdenii Doktriny informatsionnoy bezopasnosti Rossiyskoy Federatsii: ukaz Prezidenta RF ot 05.12.2016, №646 [Elektronnyy resurs]. [On the approval of the Doctrine of information security of the Russian Federation: decree of the President of the R.ussian Federation of 05.12.2016 No. 646 [Electronic resource]. Access mode: http://publication.pravo.gov.ru/Document/View/0001201612060002. (Date of access: 05/18/2020). (In Russ)]

20. GOST R 51583-2014. Natsional'nyy standart Rossiyskoy Federatsii. Zashchita informatsii. Poryadok sozdaniya avtomatizirovannykh sistem v zashchishchennom ispolnenii. Obshchiye polozheniya [Elektronnyy resurs] [GOST R 51583-2014. National standard of the Russian Federation. Protection of information. The procedure for creating automated systems in a protected design. General provisions [Electronic resource]. Access mode: http://docs.cntd.ru/document/1200108858. (Date of access: 05/18/2020). (In Russ)]

21. FSTEK Rossii Rukovodyashchiy dokument. Vremennoye polozheniye po organizatsii razrabotki, izgotovleniya i ekspluatatsii programmnykh i tekhnicheskikh sredstv zashchity informatsii ot nesanktsionirovannogo dostupa v avtomatizirovannykh sistemakh i sredstvakh vychislitel'noy tekhniki [FSTEC of Russia. Guidance document. Temporary regulations on the organization of development, manufacture and operation of software and technical means of protecting information from unauthorized access in automated systems and computer facilities [Electronic resource] (In Russ)]