Оцінювання ймовірності реалізації загроз інформаційній системі на різних рівнях стеку ТСР/ІР. EVALUATION OF THE POSSIBILITY OF REALIZING OF THREATS TO THE INFORMATION SYSTEM AT DIFFERENT STAGES OF TCP / IP

Thumbnail Image
Journal Title
Journal ISSN
Volume Title
In the paper the basic classical models of security informational systems and their description are given. Statistical analysis of attempts of information threats in information systems with open architecture is carried out. The simulation of the probability of threats to information at different levels of the protocol stack TCP/IP is conducted, the simulation results are analyzed. In order to determine the effectiveness of the implementation of information threats to information systems with open architecture, the task is to carry out a statistical analysis of the attempts to implement information threats in such information systems, to simulate the probability of implementing threats of information in information systems at different levels of the TCP / IP protocol stack, to analyze the obtained probability of implementation threats to information in TCP / IP-based information systems. Graphs of time series are constructed that correspond to changes in the relative frequency of attempts to realize information threats from the registered time values and graphs of the experimental and theoretical normal distribution of the probabilities of realization of threats. It is resulted that the obtained average value as a whole (for network, transport and application levels) meets the criteria of reliability.It has also been shown that the non-compliance with the validity criteria of an assessment obtained on the basis of data on attempts to implement threats at the channel level is due to the large number of null values of relative frequencies, which is due to the very rare implementation of information threats at this level of the stack. As a result of the simulation, the significance of the statistical probability of realizing information threats in IP for each level of the TCP / IP protocol stack is obtained. It is established that the obtained values of the statistical probability of realization of information threats in general coincide with the theoretical values, which gives grounds to assert about the sufficient accuracy of an approximation and its applicability to assess the statistical probability of realizing the information threats at different levels of the TCP / IP protocol stack. In addition, since the likelihood of the implementation of information threats increases with each next higher level of the stack, it is obviously relevant for further development and implementation of security protocols at the higher levels of the TCP / IP stack.
моделі безпеки, інформаційні системи, система з відкритою архітектурою, інформаційна безпека, математична модель, стек протоколів ТСР/ІР, security models, information systems, open architecture system, information security, mathematical model, TCP / IP protocol stack