Volyanska V. The models of intruder identification in information & communication system

In this work the current status of theoretical and practical framework for prediction and analytical support of decision making processes in state information security providing was researched. In particular, features of modern intrusion detection methods and means in information & communication systems were analyzed. The main disadvantage of these is an inability of intruder's concrete category identification. Given this, the set of host and network specific parameters of intruder was defined; the basic parameter model and universal model of standards were developed. Also the method and system of intruder detection and identification in information & communication systems were worked out - it gives a possibility to expand the capabilities of modern CERT / СSIRT instruments by intruder identification in fuzzy environment. Software was engineered end experimentation was carried out - it confirmed the adequacy of developed models, methods & system of intruder detection and identification. Key words: information security, intruder of information security, information & communication systems, information security incident, honeypot technology, importance coefficients, decision rules, models of linguistic variables standards, system of intruder detection and identification.