•  
  •  
 

Abstract

The security monitoring system (SMS) receives information from the means of protection, detecting attacks, systems for monitoring the functioning of information communication systems (ICS) and performs adaptive security management of ICS, providing a flexible response of the security system to the actions of the intruder. In this case, the result of the functioning of the SMB are recommendations for modifying the ICS security system, in accordance with the specified restrictions, in order to minimize the possible damage from the implementation of threats. A complex of security systems is used in modern ICS. Typically, different systems are not linked and are purchased from different manufacturers. Even when using protection systems from one manufacturer, it is quite difficult to understand the events taking place in the ICS. When assessing the effectiveness of SMB, methods of expert assessments are used, i.e. methods of organizing work with specialist experts and processing expert opinions expressed in quantitative and / or qualitative form in order to prepare information for the formation of internal characteristics of the ICS SMB. Based on the analysis of existing approaches to assessing the effectiveness of SMB in the work for conducting research on the parameters of SMB in the ICS, a method is proposed that allows to evaluate the efficiency of SMB functioning.

First Page

66

Last Page

72

References

  1. O.I.Sheluxin, D.J.Sakalema, A.S.Filinova, Obnarujeniye vtorjeniy v kompyuterniye seti (seteviye anomalii) [Detection of computer network intrusions (network anomalies)]. Moskva: Goryachaya liniya – Telekom, 2018, 220 p. (in Russian).
  2. A.V.Lukatskiy, Obnaruzheniye atak [Detecting attacks]. Sankt-Peterburg: BKHV-Peterburg, 2003, 608 p. (in Russian).
  3. Nil Dzh.Rubenking, “Kompleksy bezopasnosti” [Security complexes], PC Magazine (Russian edition), no. 7, pp. 71-86, 2005. (in Russian).
  4. Computer Crime and Security Survey, vol. V11I, no. 1. Spring 2002, Computer Security Institute. Federal Bureau Investigation's Computer Intrusion Squad.
  5. V.F.Shan'gin, Informatsionnaya bezopasnost' komp'yuternykh sistem i setey [Information security of computer systems and networks]. Moskva: ID «FORUM»: INFRA - M, 2017, 416 p. (in Russian).
  6. A.I.Baranchikov, P.A.Baranchikov, A.N.Pyl'kin, Algoritmy i modeli ogranicheniya dostupa k bazisu dannykh [Algorithm and model and database access restrictions]. Moskva: Goryachaya liniya - Telekom, 2016, 182 p. (in Russian).
  7. A.A.Vnukov, Osnovy informatsionnoy bezopasnosti: zashchita informatsii [Fundamentals of information security: information protection]. Moskva: Izdatel'stvo Yurayt, 2019, 240 p. (in Russian).
  8. N.A.Olifer, Komp'yuternyye seti. Printsipy, tekhnologii, protokoly [Computer networks. Seals, technologies, protocols]. Sankt-Peterburg: Piter, 2002, 672 p. (in Russian).
  9. Ye.V.Vostretsova, Osnovy informatsionnoy bezopasnosti [Fundamentals of information security]. Yekaterinburg: Izd - vo Ural. un - ta, 2019, 204 p. (in Russian).
  10. S.A.Nesterov, Osnovy informatsionnoy bezopasnosti [Fundamentals of information security]. Sankt-Peterburg: Lan', 2017, 324 p. (in Russian).
  11. A.YU.Shcheglov, Zashchita komp'yuternoy informatsii ot nesanktsionirovannogo dostupa [Protection of computer information from unauthorized access]. Nauka i tekhnika, Sankt – Peterburg, 2004, 384 p. (in Russian).
  12. V.A.Galatenko, Osnovy informatsionnoy bezopasnosti [Fundamentals of information security]. Moskva: Izdatel'stvo ―INTUIR.RU, 2003, 280 p. (in Russian).
  13. Blyth Andrew, Kovacich Gerald, Information Assurance: Security in the Information Environment (Computer Communications and Networks). Springer, 2006, 264 p.
  14. A.V.Vasil'kov, I.A.Vasil'kov, Bezopasnost' i upravleniye dostupom v informatsionnyye sistemy [Security and access control to information systems]. Moskva: FORUM: INFRA - M, 2013, 368 p. (in Russian).
  15. Menga Justin, Timm Carl, CCSP: Secure Intrusion Detection and SAFE Implementation Study Guide, Sybex, 2004, 725 p.
  16. R.Pauer, “Eksperty diskutiruyut o nastoyashchem i budushchem sistem obnaruzheniya atak” [Experts discuss the present and future of attack detection systems], Computer Security Journal, vol. XIV, pp. 5–12, 2001. (in Russian).
  17. Riptech Internet Security Threat Report. Attack Trends for Ql and Q2 2002. Volume II. Riptech, Inc. July 2002.
  18. G.P.Zhigulin, Organizatsionnoye i pravovoye obespecheniye informatsionnoy bezopasnosti [Organizational and legal support of information security]. Sankt-Peterburg: NIU ITMO, 2014, 173 p. (in Russian).
  19. A.L.Denisova, Ye.V.Zaytsev, Teoriya i praktika ekspertnoy otsenki tovarov i uslug [Theory and practice of expert evaluation of goods and services]. Tambov: Izd-vo Tamb. gos. tekhn. un-ta, 2002, 72 p. (in Russian).

Share

COinS
 
 

To view the content in your browser, please download Adobe Reader or, alternately,
you may Download the file to your hard drive.

NOTE: The latest versions of Adobe Reader do not support viewing PDF files within Firefox on Mac OS and if you are using a modern (Intel) Mac, there is no official plugin for viewing PDF files within the browser window.