Rodionov A. Enhancing security of information and communication systems using logical-probabilistic approach

This thesis is dedicated to research and development of methods, models and algorithms for security effectiveness calculation in information systems and developing protected systems. These methods take into account topology of the network, attack sources and attack targets. On the first step a comprehensive threat model and probability function are constructed. Using network topology we build a set of ways from attack sources to attack targets - attack scenarios. One or several (or all) of these attack scenarios might be used by an intruder to attack target services. To reach the attack target the intruder has to take control on the services (hosts) that belong to the attack scenario. Every attack scenario can be represented as a logical function. Taking into account all the attack sources and attack targets a logical function for the whole system is build. Using special logical-probabilistic method we evaluate probability of the logical function being true. This probability function allows calculating security effectiveness subject to the network topology. Then secure topology of information system is chosen, using probability function as a criteria. Also probability function is modified to take into account defence mechanisms. Based on this a method is developed for optimal security devices placement in the network. Based on proposed methods, models and algorithms logical-probabilistic approach for construction protected systems is proposed. Also special software for calculating security effectiveness, building secure network topology and optimal security devices placement is developed.