V rabote rassmatrivayutsya perspektivnye napravleniya issledovaniy v oblasti analiza zaschischennosti informacionno-telekommunikacionnyh setey i vvodyatsya osnovnye pokazateli dlya rascheta ih zaschischennosti. Predlagaetsya mnogourovnevyy podhod k ocenivaniyu zaschischennosti, osnovannyy na derev'yah atak i zavisimostyah servisov.
pokazateli zaschischennosti, derevo atak, ocenka riskov, uyazvimost'
1. GOST R 52653-Informacionno-kommunika cionnye tehnologii v obrazovanii. Terminy i opredeleniya. – M. : Standartinform, – 11 s.
2.
3. Kotenko I. V. Perspektivnye napravleniya issledovaniy v oblasti komp'yuternoy bezopasnosti / I. V. Kotenko, R. M. Yusupov // Zaschita informacii. Insayd. – – No – S. 46–57.
4.
5. Blakely B. A. Cyberprints Identifying cyber attackers by feature analysis : Doctoral Diss. – Iowa State Univ. 2012.
6.
7. Kumar S. An Application of Pattern Matching in Intrusion Detection / S. Kumar, E. H. Spafford // Tech. Rep. CSDTR 94 The COAST Project. Department of Comput. Sci. Purdue Univ. – West Lafayette, 1994.
8.
9. Iglun K. State Transition Analysis: A Rule-Based Intrusion Detection System / K. Iglun, R. A. Kemmerer, P. A. Porras // IEEE Trans. Software Eng. – – No. 21 (3).
10.
11. Cohen F. Simulating Cyber Attacks, Defenses, and Consequences / F. Cohen // IEEE Symp. Security and Privacy. – Berkeley, CA. 1999.
12.
13. Yuill J. Intrusion-detection for incident-response, using a military battlefield-intelligence process / J. Yuill, F. Wu, J. Settle, F. Gong, R. Forno, M. Huang, J. Asbery // Comput. Networks. – – No. 34.
14.
15. Huang M.-Y. A Large-scale Distributed Intrusion Detection Framework Based on Attack Strategy Analysis / M.-Y. Huang, T. M. Wicks // First Int. Workshop on the Recent Advances in Intrusion Detection, Raid’– Louvain-la-Neuve, Belgium, 1998.
16.
17. Schneier B. Attack Trees / B. Schneier // Dr. Dobb’s J. – –Vol. 12.
18.
19. Kotenko I. V. Primenenie grafov atak dlya ocenki zaschischennosti komp'yuternyh setey i analiza sobytiy bezopasnosti / I. V. Kotenko, A. A. Chechulin // Sistemy vysokoy dostupnosti. – – T. 9, No – S. 103–110.
20.
21. Abramov E. S. Primenenie grafov atak dlya modelirovaniya vredonosnyh setevyh vozdeystviy / E. S. Abramov, A. V. Andreev, D. V. Mordvin // Izv. YuFU. Tehnicheskie nauki. – – No – S. 165–174.
22.
23. Moitra S. D. A Simulation Model for Managing Survivability of Networked Information Systems / S. D. Moitra, S. L. Konda // Tech. Rep. CMU/SEI-2000-TR-020 ESC-TR-2000-– – 47 p.
24.
25. Chi S.-D. Network Security Modeling and Cyber Attack Simulation Methodology / S.-D. Chi, J. S. Park, K.-C. Jung, J.-S. Lee // Lecture Notes in Computer Sci. – Carnegie Mellon Univ., – Vol. 2119.
26.
27. Templeton S. J. A Requires/Provides Model for Computer Attack / S. J. Templeton, K. Levitt // NSPW 2000 : Proc. of the 2000 Workshop on New Security Paradigms. – NY : ACM, – P. 31–38.
28.
29. Morin B. M2d2 : A formal data model for ids alert correlation / B. Morin, L. Me, H. Debar, M. Ducasse // Lecture Notes in Comput. Sci. – Berlin : Springer-Verlag, – Vol. – P. 115–137.
30.
31. Mery zaschity informacii v gosudarstvennyh informacionnyh sistemah : metodicheskiy dokument (utv. FSTEK RF 11.02.2014).
32.
33. Peltier T. R. How to complete a risk assessment in 5 days or less / T. R. Peltier // Auerbach publ. – – P. 1–55.
34.
35. http://cve.mitre.org (data obrascheniya 25.11.2015).
36.
37. Bank dannyh ugroz bezopasnosti informacii FSTEK RF – URL : http://bdu.fstec.ru/threat (data obrascheniya 25.11.2015).
38.
39. http://capec.mitre.org (data obrascheniya 25.11.2015).
40.
41. http://bdu.fstec.ru/calc (data obrascheniya 25.11.2015)
