Journal
Scientific and Technical Journal of Information Technologies, Mechanics and Optics
UDK004.056
Issue:3 (149)
Download PDF0 Kbyte
Criterion of the network infrastructure security
Annotation
The problem of assessing the security of a network infrastructure is considered. The aim of the work is to formalize a fast computable network security metric intended for use in optimization problems aimed at rebuilding the network according to security requirements. Three metrics with varying degrees of detail are proposed to achieve this goal. To do this, a set of essential features of the network infrastructure has been formed. The level of detail of the metric allows taking into account the terminal access as well as the actual structure of the network path from the subject to the accessobject. The proposed base metric was compared with previously published metrics by other authors. It is shown that the metric is sensitive to changes in essential network parameters, and the results of its calculation are consistent with the results of calculation of other metrics. Using the metric, the network segmentation method based on the grouping of subjects and objects was evaluated. It is shown that this method can significantly increase the security of the network by combining similar subjects and objects into groups even in the absence of firewall rules. The proposed metrics can be used as a basis for methods of segmenting the network infrastructure and rebuilding the existing network according to security requirements. They do not depend on a subjective assessment, and also do not take into account the presence of known vulnerabilities the closing of which affect security in general, but does not reflect the security of the network interaction. The most significant advantage can be considered as much faster calculation in comparison with analogues.
Keywords
Постоянный URL
Articles in current issue
- Analysis of frequency-robust multivariable dynamical systems
- Fractal micro- and nanodendrites of silver, copper and their compounds for photocatalytic water splitting
- Mathematical modelling of tri-layer dielectric OTFT based on pentacene semiconductor for enhancing the electrical characteristics
- Researching carbon dioxide hydrates in thin films via FTIR spectroscopyat temperatures of 11–180 K
- Method for increasing the information value of video data based on the removal of redundant frames and entropy estimation
- Attacker group detection method based on HTTP payload analysis
- Facial keypoints detection using capsule neural networks
- Review of national and international standards for categorizing of critical information infrastructure objects
- A novel approach to feature collection for anomaly detection in Kubernetes environment and agent for metrics collection from Kubernetes nodes
- Time parameters linear approximation method in elastic systems
- Role discovery in node-attributed public transportation networks: the study of Saint Petersburg city open data
- Exploring the possibility of predicting users’ career guidance preferences based on analysis of community topics and the gender in the online social network users’ profiles
- Blindness detection in diabetic retinopathy using Bayesian variant-based connected component algorithm in Keras and TensorFlow
- Joint recognition of text and layout in historical Russian documents
- Intelligent clinical decision support for small patient datasets
- Assessment of the readiness of a computer system for timely servicing of requests when combined with information recovery of memory after failures
- Buckling analysis of an orthotropic cylindrical shell structure in the ANSYS Mechanical APDL software package
- Justification of the choice of mobile broadband access technology for building radio communication networks of railway transport
- Comparative performance analysis of DVR & DSTATCOM for distributed generation with gravitational search algorithm
- Estimation of the moments of a quantized random variable
- Experimental method for estimating the dynamic error of devices and sensors under their operating conditions
- Method of type-C liquified natural gas tank modeling based on volume optimization for future “milk-run” exploitation
- Optical properties of borate family nonlinear crystals and their application in sources of intense terahertz radiation
- A model of a refractive fiber optic sensor sensing element based on MMF-SMF-MMF structure using surface plasmon resonance