The rapid development of information technology has expanded the capabilities of cyberthreads regarding computer systems. Cybercriminals are developing new ways to avoid attack detection, so existing approaches are not able to withstand the growing threat of attacks. Meanwhile, the consequences of cyberattacks are becoming more dangerous and destructive. One of the approaches to solve the problem is the construction of resilient systems that are able to quickly recover and continue to function under attack conditions. The subject of research is the construction process of the resilient computer systems in the face of cyber threats. The goal is to develop a taxonomy and ontology of resilient computer systems under cyberthreats. Results. The article presents the definitions of the resilience from the point of view of cybersecurity, presents the gap between the concepts of resilience and dependability. The paper presents the main elements of the taxonomic scheme of computer system resilience, which include threats (changes in the environment and requirements, network attacks, attacks on software, software and hardware vulnerabilities, errors, failures), information and technical conditions that computer system passes during its operating cycle, the principles on which resilience is based (proactivity, adaptability, resistance, diversity, elasticity, controlled degradation, defense in depth, ability to evolvability), as well as primary and secondary properties. Based on the above elements, a generalized taxonomic scheme of resilience related to information security has been developed. The work presents the operational cycle of a resilient CS as a set of information and technical states that the system goes through (preparation, system protection, threat detection, threat absorption, response to a threat, system recovery after a cyberattack, adaptation.) An ontology scheme of the resilience from the point of view of information security of computer systems in the presence of cyberthreats is developed. Conclusions A taxonomy and ontology of resilient computer systems in the presence of cyberthreats has been developed.
The article considers the issues of assessing the level of financial security of the bank. An analysis of existing approaches to solving this problem. A scientific and methodological approach based on the application of comprehensive assessment technology is proposed. The computational algorithm is presented in the form of a four-stage procedure, which contains the identification of the initial data set, their normalization, calculation of the partial composite indexes, and a comprehensive index of financial security. Results have interpretation. Determining the levels of financial security and the limits of the relevant integrated indicator is based on the analysis of the configuration of objects in the two-scale space of partial composite indexes, which is based on the division of the set of initial indicators by content characteristics. The results of the grouping generally coincided with the results of the banks ranking according to the rating assessment of their stability, presented in official statistics. The article presents the practical implementation of the proposed computational procedure. To automate calculations and the possibility of scenario modeling, an electronic form of a spreadsheet was created with the help of form controls. The obtained results allowed us to identify the number of levels of financial security and their boundaries.
The dynamic expansion of cyber threats poses an urgent need for the development of new methods, methods, and systems for their detection. The subject of the study is the process of ensuring the resilience of computer systems in the presence of cyber threats. The goal is to develop a self-adaptive method for computer systems resilience in the presence of cyberattacks. Results. The article presents a self-adaptive system to ensure the resilience of corporate networks in the presence of botnets’ cyberattacks. Resilience is provided by adaptive network reconfiguration. It is carried out using security scenarios selected based on a cluster analysis of the collected network features inherent cyberattacks. To select the necessary security scenarios, the proposed method uses fuzzy semi-supervised c-means clustering. To detect host-type cyberattacks, information about the hosts’ network activity and reports of host antiviruses are collected. To detect the network type attacks, the monitoring of network activity is carried out, which may indicate the appearance of a cyberattack. According to gathered in the network information concerning possible attacks performed by botnet the measures for the resilient functioning of the network are assumed. To choose the needed scenario for network reconfiguration, the clustering is performed. The result of the clustering is the scenario with the list of the requirement for the reconfiguration of the network parameters, which will assure the network’s resilience in the situation of the botnet’s attacks. As the mean of the security scenario choice, the semi-supervised fuzzy c-means clustering was used. The clustering is performed based on labeled training data. The objects of the clustering are the feature vectors, obtained from a payload of the inbound and outbound traffic and reports of the antiviral tool about possible hosts’ infection. The result of clustering is a degree of membership of the feature vectors to one of the clusters. The membership of feature vector to cluster gives an answer to question what scenario of the network reconfiguration is to be applied in the situation of the botnet’s attack. The system contains the clusters that indicate the normal behavior of the network. The purpose of the method is to select security scenarios following cyberattacks carried out by botnets to mitigate the consequences of attacks and ensure a network functioning resilience. Conclusions. The self-adaptive method for computer systems resilience in the presence of cyberattacks has been developed. Based on the proposed method, a self-adaptive attack detection, and mitigation system has been developed. It demonstrates the ability to ensure the resilient functioning of the network in the presence of botnet cyberattacks at 70 %.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.