Method for rules forming of incidents extrapolation for network-centric information and telecommunication systems monitoring

Authors

  • Petro Pavlenko National aviation university, Kyiv,, Ukraine
  • Mykola Vinohradov National aviation university, Kyiv,, Ukraine
  • Serhii Hnatiuk National aviation university, Kyiv,, Ukraine
  • Andrii Hizun National aviation university, Kyiv,, Ukraine
  • Viktor Hnatiuk National aviation university, Kyiv,, Ukraine

DOI:

https://doi.org/10.20535/2411-1031.2016.4.2.109922

Keywords:

Incident, network-centriс monitoring, information security, cyberattack, information and telecommunication system.

Abstract

Security incidents and effective response have become an important component of information and telecommunication standards and guidances. Because performing incident response effectively is a complex undertaking, establishing a successful incident response capability requires substantial planning and resources. Incidents can disrupt regular mode of information and telecommunication systems functioning and cause substantial material and image losses for the company. The main task of incident management is consequense impact containment, quick response and backslide prevention. One of the modern approaches in incident management is usage of network-centric (continuously-evolving, complex community of people, devices, information and services interconnected by a communications network to achieve optimal benefit of resources and better synchronization of events and their consequences) management theory for incidents monitoring. Known method of network-centric incident management provides some advantages in influence forecasting, criticality evaluation and prioritizing. This method combines a set of stages but stage of forming basic rules set is not formalized. In this regard, in this work developed method for forming rule set of incidents extrapolation for network-centric information and telecommunication systems monitoring, which by determining possible types of cyberattacks and incidents categories, forming vector-matrix of incidents probability, incidents ranging by their importance and determining limit values of probability, forming incidents possibility indicators, and also development and establishment of incidents extrapolation rules, allows to automate and increase accuracy operation of network-centric systems for information and telecommunication systems monitoring.

Author Biographies

Petro Pavlenko, National aviation university, Kyiv,

doctor of technical science, professor,
professor at information security means
academic department

Mykola Vinohradov, National aviation university, Kyiv,

doctor of technical science, professor,
professor at computer information
technologies academic department

Serhii Hnatiuk, National aviation university, Kyiv,

candidate of technical sciences,
associate professor, associate professor
of IT-Security academic departament

Andrii Hizun, National aviation university, Kyiv,

candidate of technical sciences,
associate professor of IT-security
academic departament

Viktor Hnatiuk, National aviation university, Kyiv,

assistant of telecommunication systems
academic departament

References

V.O. Hnatiuk, “Analysis of «incident» definitions and its interpretation in cyberspace”, Bezpeka ìnformacìì, vol. 19, iss. 3. pp. 175-180, 2013.

doi: 10.18372/2225-5036.19.5620.

S. Hnatiuk, V. Hnatiuk, V. Kononovich, and I. Kononovich, “Transformation of Information and Social-Psychological Security Paradigms (Part 1)”, Informatics and Mathematical Methods in Simulation. vol. 6, iss. 3, pp. 227-239, 2016.

International Organization for Standardization. (2011, Aug. 17). ISO/IEC 27035, Information technology. Security techniques. Information security incident management. [Online]. Available: https://www.iso.org/standard/44379.html. Accessed on: Aug., 28, 2016.

S.O. Hnatiuk, Yu.Ye. Khokhlachova, A.O. Okhrimenko, and A.K. Hrebenkova, “The theoretical basis of construction and operation of information security incident management systems”, Zahist ìnformacìï, vol. 14, iss. 1, pp. 121-126, 2012.

doi: 10.18372/2410-7840.14.2073.

A. Hizun, V. Hnatyuk, N. Balyk, and P. Falat, “Approaches to Improve the Activity of Computer Incident Response Teams”, in Proc. 8th International conference. Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications (IDAACS’2015), Warsaw, Poland, September 2015, vol. 1, pp. 442-447.

doi: 10.1109/IDAACS.2015.7340775.

O.H. Korchenko, V.O. Hnatiuk, Ye.V. Ivanchenko, S.O. Hnatiuk, and N.A. Sieilova, “Method for cyberincidents network-centric monitoring in modern information & communication systems”, Zahist ìnformacìï, vol. 18, iss. 3, pp. 229-247, 2016.

doi: 10.18372/2410-7840.18.10852.

A.I. Hizun, V.O. Hnatiuk, and O.M. Suprun, “Formalized model of construction heuristic rules to identify incidents”, Journal of Engineering Academy of Ukraine, no. 1, pp. 110-115, 2015.

A.O. Korchenko, A.I. Hizun, V.V. Volianska, and O.V. Havrylenko, “Heuristic rules based on logical & linguistic connection to detect and identify information security intruders”, Zahist ìnformacìï, vol. 15, iss. 3, pp. 251-257, 2013.

doi: 10.18372/2410-7840.15.4862.

KDD CUP99 [Online]. Available: https://kdd.ics.uci.edu/databases/kddcup99/task.html. Accessed on: Aug., 28, 2016.

A.H. Korchenko, Construction of information security systems on fuzzy sets. Theory and practical solutions. Kyiv, Ukraine: MK-Press, 2006.

V.A. Olutayo, and A.A. Eludire, “Traffic Accident Analysis Using Decision Trees and Neural Networks”, International Journal of Information Technology and Computer Science (IJITCS), vol. 6, № 2, pp. 22-28, 2014.

doi: 10.5815/ijitcs.2014.02.03.

A.O. Korchenko, V.A. Kozachok, and A.I. Hizun, “Method of criticality level assessment for crisis management systems”, Zahist ìnformacìï, vol. 17, iss. 1, pp. 86-98, 2015.

doi: 10.18372/2410-7840.17.8349.

K.K. Sindhu, B.B. Meshram, “Digital Forensic Investigation Tools and Procedures”, International Journal of Computer Network and Information Security (IJCNIS), vol. 4, № 4, pp. 39-48, 2012.

doi: 10.5815/ijcnis.2012.04.05.

Downloads

Published

2016-12-31

How to Cite

Pavlenko, P., Vinohradov, M., Hnatiuk, S., Hizun, A., & Hnatiuk, V. (2016). Method for rules forming of incidents extrapolation for network-centric information and telecommunication systems monitoring. Collection "Information Technology and Security", 4(2), 189–199. https://doi.org/10.20535/2411-1031.2016.4.2.109922

Issue

Vol. 4 No. 2 (2016)

Section

INFORMATION SECURITY

License

Copyright (c) 2020 Collection "Information technology and security"

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

The authors that are published in this collection, agree to the following terms:

  1. The authors reserve the right to authorship of their work and pass the collection right of first publication this work is licensed under the Creative Commons Attribution License, which allows others to freely distribute the published work with the obligatory reference to the authors of the original work and the first publication of the work in this collection.
     
  2. The authors have the right to conclude an agreement on exclusive distribution of the work in the form in which it was published this anthology (for example, to place the work in a digital repository institution or to publish in the structure of the monograph), provided that references to the first publication of the work in this collection.
     
  3. Policy of the journal allows and encourages the placement of authors on the Internet (for example, in storage facilities or on personal web sites) the manuscript of the work, prior to the submission of the manuscript to the editor, and during its editorial processing, as it contributes to productive scientific discussion and positive effect on the efficiency and dynamics of citations of published work (see The Effect of Open Access).