Модель информационного воздействия на объекты телекоммуникационной сети

Тип работы:
Реферат
Предмет:
Общие и комплексные проблемы технических и прикладных наук и отраслей народного хозяйства


Узнать стоимость

Детальная информация о работе

Выдержка из работы

72
Общетехнические задачи и пути их решения
^ ОБЩЕТЕХНИЧЕСКИЕ ЗАДАЧИ И ПУТИ ИХ РЕШЕНИЯ
УДК 004. 056. 53
N. V. Evglevskaya, A. A. Privalov
Petersburg State Transport University
INFORMATION IMPACT MODEL
AT THE TELECOMMUNICATION NETWORK OBJECTS
In the article information impact model at the telecommunication network objects is observed. The novelty of the proposed model consists in complex recognition of hacker’s possibilities to provide information attack, based on data got by agent of technical and computer intelligence services. The model allows to define in number criteria the requirements for completeness and periodicity of information safety control at the objects of information, considering characteristic of their construction and functioning.
telecommunication network objects, organized hacker, method of topological transformation, stochastic network, equivalent function.
Introduction
It is known, that efficient and trouble-free functioning of telecommunication network objects provides security for main technological processes. That is why these objects are created by using an extracted, protected and inaccessible to other users information resource. However, the complexity of providing the normal operation of modern telecommunication network objects appeared in these latter days, due to increasing incidents of piracy and terrorist acts, realized by organized hackers in order to demonstrate the strength and/or horrification. Often hackers use not only the ways and means of physical destruction, but also new information impact means at technological processes [1]. According to leading experts of antiterrorist organizations, realization of such (information) influences at social significant objects will have more destructive consequences of economic shocks and human losses, compared to means of physical destruction. Usually the aim of the information impact is the main production
process- it is realized at the assailable object. For the first time the possibilities of this new type of terrorist weapons were demonstrated in 2010 at the private telecommunication network of nuclear center in Natanz (Iran), it led to the disruption of regular management at nuclear reactor and initiation of previously embedded accident-prone programs [1]. Moreover, specialists note [2] that successfully realized information influence can increase the efficiency of using physical destruction means.
Because telecommunication network object is an object realizing the technological production process, so it should be supposed that this object can be under the threat of this kind of impact although it is not available to other users seemingly.
Authors' analysis has showed that the information impacts at technological processes are organized by using data got by hacker from the information circulating in communication networks and processed at the objects of informatization. So organized hacker must realize a number of pri-
2015/1
Proceedings of Petersburg Transport University
Общетехнические задачи и пути их решения
73
vate processes to achieve his aims and to implement the information impact:
— getting of data about the informatization object, i. e. the detection of its belonging to the chosen institution, its place and role in the implementation of the production technological process, the extent of the use of computing technics etc. -
— breaking, i. e. fact-finding of the information leakage channels existence and discovery of the most «informative» ones-
— hidden installation of information pickup equipment from the identified leakage channels-
— breaking the communication network used for the realization of the main technological process-
— embedding potentially dangerous programs providing unauthorized access to processed and transmitted information for its theft, modification, blocking etc. -
— choice of the most effective type of information influence and its implementation.
We note that the first three of these processes are implemented by hacker using forces and means of agent and agent-technical intelligence service and subsequent ones — using computer intelligence service.
For difficult implementing agent technical and computer intelligence services known methods are used which are described in the literature [3,
4]. However, the estimate methods of realization possibility of information impact kinds based on data received from various sources are not described in known literature.
In order to define and estimate of necessary time for organized hacker to realize an information impact at the telecommunication network objects we’ll consider the following problem statement.
1 Task statement
Let’s suppose that there is an telecommunication network object and it is the information influence subject for organized hacker, who obtains data about its elements using agent intelligence
service for random time t with distribution func-
Д
tion B (t). Then a hacker breaks the informatization objects and communication network. These processes are realized by hacker agent technical and computer intelligence service for random time tK and tp with distribution functions K (t) and R (t) respectively. Distribution functions K (t) and R (t) are defined, using known models developed previously [5]. In the case of successful breaking telecommunication network, object elements and existence of software and hardware and the probability of these events equals P2 and P1, respectively, a hacker embeds potentially dangerous programs for random time tn with distribution function P (t) and installs the information pickup equipment from identified information leakage channels for random time ta with distribution function A (t). If the extracted information is not enough for embedding potentially dangerous programs and for installing information pickup equipment, thus processes described above are renewed with probabilities (1 — P1) and (1 — P2), respectively. We note that the probabilities Р1 and P2 characterize software and hardware availability of information network and existing technical information leakage channels at the telecommunication network object.
We need to determine the average time T and the distribution function F (t) of hacker readiness time to realize the information influence at the telecommunication network object elements.
2 Decision
Let’s present the process described in the task statement in the form of stochastic network (fig. 1).
It is denoted in the figure:
от
b (s) = J exp (-s • t) b (t)dt — Laplace transfor-
0
mation of probabilities distribution density function of data reception time about telecommunication network object elements b (t) —
от
r (s) = J exp (-s • t) r (t)dt — Laplace transfor-
0
mation of probabilities distribution density func-
ISSN 1815−588Х. Известия ПГУПС
2015/1
74
Общетехнические задачи и пути их решения
Fig. 1. Stochastic network of hacker preparing process for realization of information impact
at the telecommunication network object
tion of the time for breaking telecommunication network r (t) —
от
k (5) = J exp (-s • t) k (t)dt — Laplace transfor-
0
mation of probabilities distribution density function of the time for breaking information leakage channels at the telecommunication network object k (t) —
от
p (s) = J exp (-s • t) p (t)dt — Laplace trans-
0
formation of probabilities distribution density function of the time for embedding potentially harmful programs in terminal, server and telecommunication equipment of telecommunication network object p (t) —
от
a (s) = J exp (-s • t) a (t)dt — Laplace transfor-
0
mation of probabilities distribution density function of the time for information pickup equipment installation from leakage channels at the telecommunication network object a (t).
Using the Mason equation and the result [5], we'-ll define the equivalent network function:
x
Q (s) = b (s) x P (s)r (s) Pi +
1 — (1 — Pi) r (s)
+ k (s)a (5) P2
1 — (1 — P& gt-) к (s)
(1)
p (s + у) r (s + у) P1 1 — (1 — P) r (s + у) к (s + x) a (s + x) p 1 — (1 — p) k (s + x)
/ Q (0),
where: x =
d p (s)r (s) P
ds 1 — (1 — P1) r (s)
к (s)a (s) P2 1 — (1 — P2) k (s) Js_o.
Let’s suppose that the time distribution functions of private processes realization belong to the exponential class with parameters: b=1/t, r=1/t- k=1/t, — p=1/t- a=1/t. Here: t- t- t- t and ta — an average data reception time about telecommunication network object elements- of breaking telecommunication network- of breaking information leakage channels- of embedding potentially harmful programs and information pickup equipment installation respectively.
It is not difficult to see that expression (1) contains a number of functions summands. Applying the Heaviside expansion to each of them and realizing term by term transition from Laplace images to the space of originals including mentioned above assumption we’ll receive probabilities distribution density function of the hacker readiness
d_
ds
2015/1
Proceedings of Petersburg Transport University
Общетехнические задачи и пути их решения
75
time to realize the information influence at the telecommunication network object:
f (t) = [ф^) -фзО) +
+ ф2(/) -ф40″)]/ Q (0)
where:
(2)
() = к PPM exp (sy1,t) — ф1() к 3sф1,2 + 2V. 51 + 52'
(t) = к bp2 ka exp (sy2,t) '
ф2() к 3Sф 2,.2 + 2Sф 2i A1 + A2'
() = к Ppbr exP (s, p3, t) '
Фз ()3sp3,2 + 2 Sp3i 53 + b4'
3 kp1ba exp (sp4 ^)
ф4 (t) = к-----2----------------.
i=1 3Sф 4,-2 + 2Sф 4i A3 + A4 A1 = b + a + kP) '
A2 = ba + bkP2 + akP2 '
A3 = b + a + 3x + kP2 '
1 3 Ф1
F (t)=- **'-)
Q (0) i=1 -sфl i
3 Ф3
-к — (1 — eVi) +
i=1 Sф3i
3 Ф2 s
+k -^ (1 — e2*) —
i=1 -s
ф2г
-к — (1 —)]
i=1 Sф4i•
(3)
and the average time required for hacker for realization an information influence at the telecommunication network object:
1 3 Ф1
T =-----[к —
Q (0) Й Sфli.2 3 -3'- 3 -2
-k 2+k-
i=1 s
ф3г
i=1 S,
ф2г
3 Ф4
-к -2 ],
i=1 s
ф4г
Ф1 ' Ф3 ' Ф4, — coefficients of a number of deductions corresponding to functions summands (1) numerically equal to:
A4 = ab + 2bx + bkP2 + 2 xa + + akP& gt- + 3x + 2 xkP2 '
51 = b + p + rPx
52 = bp + brP1 + prP1 '
53 = b + p + 3 y + rP1-
54 = pb + 2by + bpP1 + 2 yp + +prP1 + 3 y2 + 2 yrP1
-1i = -2(. = -3i = -4(. =
pP1br
3Sф1i !+ 2Sфli51 + 5 2'
bP2 ka
3^2г 2 + 2 Sф 2iA1 + A2-
pPfir
3Sф3i2 '- + 2i53 + 5 4
kP1ba
4 4i: l+ 2 Sф 4, A3 + A4
functions summands expansion coefficients (1) — So the task is solved.
v=-b' V2=-p- v=-b' Sp13=-rP1' v=-b'
Sp22 = -a' V = -kP2' Sp31 = - (b+y)' V = -(p+y)'
s& lt-p33 = -(P1r+y)' sф4l = -(b+x)' Sф32 = -(a+x)' Sф3з = 3 Simulation results
= -(P2k+x) — functions summands poles (1).
Integrating each of the summands (2) on t According to equations (3) and (4) calcula-with variable upper limit we'-ll receive the re- tions are made and their results are represented quired distribution function: graphically in the figures 2 and 3.
ISSN 1815−588Х. Известия ПГУПС
2015/1
76
Общетехнические задачи и пути их решения
F (t) 1
0.8 0.6 0.4 0.2 0
0 600 1200 1800 2400 3000 3600 4200 4800 5400 6000 t (min.)
Fig. 2. Distribution functions family of hacker readiness time to realize the impact with different hardware and software availabilities
F (t) 1 0.8 0.6 0.4 0.2 0
0 600 1200 1800 2400 3000 3600 4200 4800 5400 6000 t (min.)
Fig. 3. Distribution functions family of hacker readiness time to realize an impact with different average time of breaking telecommunication network and information leakage technical channels
It was supposed in the calculations that the average time for embedding potentially harmful programs tn and information pickup equipment installation from leakage channels ta is no more than 3 minutes and 50 minutes, respectively [3, 4].
The values of software and hardware availability probabilities P1 of telecommunication network and hardware availability P2 of technical information leakage channels at the telecommunication network object changed from 0.2 to
0. 95. The average time value of breaking telecommunication network t and information leak-
p
age channels tk at the telecommunication network
object was determined, using intermediate simulation data of these processes, and it was variable from 50 minutes to 300 minutes.
Conclusion
Analysis of the received results allows to provide the following conclusions:
— despite the fact, that telecommunication network objects use an extracted, protected and inaccessible to other users information resource, there is a real danger of information impact at its elements by organized hacker, for example, using
2015/1
Proceedings of Petersburg Transport University
Общетехнические задачи и пути их решения
77
«fighting viruses» [1, 2] and not declared software and hardware possibilities (embeddings) —
— the developed model is efficient, sensitive to input data change, reflects the hacker preparation process for information impact at the telecommunication network object adequately, and allows to determine its probabilistic temporal characteristics. For example, using potential possibilities of existing information pickup equipment and software and hardware means of telecommunication networks breaking [3, 4], a hacker can embed «fighting virus» into telecommunication network object for a time, not exceeding 10 hours with probability at least 0,9-
— in contrast to previously known models designed one allows to estimate hacker abilities comprehensively in implementing information influence, using data got by various types of intelligence service. Also, there is the possibility of comparative analysis and estimate of information security threats using potential, described in the special literature hacker’s possibilities and the time of their appearance-
— used as the known distribution functions of the time for breaking informatization objects, telecommunication network and technical information leakage channels correspond with reasonable algorithms of hacker agent, agent-technical and computer intelligence services. This allows to implement quantitative reasonable distribution of protection and control means of information security at the telecommunication network object technical design stage, taking into account potential hacker possibilities, construction features and conditions of system elements functioning.
These functions can be defined, using models developed by the authors previously e. g. [5]-
— received from the simulation values of the average time and hacker readiness probability for information influence to given point of time allow to define reasonable frequency and control depth of information security at the telecommunication network object operation stage, using the calculated values as criteria ones-
— using the developed model as part of decision acceptance support subsystem for telecommunications networks management will allow to predict the time of conditions change of their operation due to information influence and to take reasonable measures previously to prevent it (neutralization).
Bibliography list
1. Sanger D. To resist and hide: the secret wars of Obama and the surprising use of American power. -URL: http: //ru. wikipedia. org/wiki/Stuxnet.
2. Langner R. 5 facts about the most dangerous computer virus today. — URL: http: //www. factroom. ru/facts/Stuxnet. 4459.
3. Khalyapin D. B. Safety of information. Are you eavesdroped? Protect yourself! — M.: NOU SHO «Bayard», 2004. — 432 p.
4. Biyachuev T. A. Security of corporate networks. — St. Petersburg: SUI Inf. Technol., 2004. -
161 p.
5. Privalov A. A. The method of topological transformation of stochastic networks and its use for the analysis of Navy communication systems. — St. Petersburg: BMA, 2001. — 186 p.
ISSN 1815−588Х. Известия ПГУПС
2015/1

ПоказатьСвернуть
Заполнить форму текущей работой