INFORMATION CHANGE THE WORLD

International Journal of Computer Network and Information Security(IJCNIS)

ISSN: 2074-9090 (Print), ISSN: 2074-9104 (Online)

Published By: MECS Press

IJCNIS Vol.9, No.6, Jun. 2017

Method for Cyberincidents Network-Centric Monitoring in Critical Information Infrastructure

Full Text (PDF, 946KB), PP.30-43


Views:104   Downloads:6

Author(s)

Zhengbing Hu, Viktor Gnatyuk, Viktoriia Sydorenko, Roman Odarchenko, Sergiy Gnatyuk

Index Terms

Cyberincident;ICT;ITS;network-centric concept;monitoring;criticality;KDD 99 base;CERT/CSIRT

Abstract

In this paper the method of network-centric monitoring of cyberincidents was developed, which is based on network-centric concept and implements in 8 stages. This method allows to determine the most important objects for protection, and predict the category of cyberincidents, which will arise as a result of cyberattack, and their level of criticality.

Cite This Paper

Zhengbing Hu, Viktor Gnatyuk, Viktoriia Sydorenko, Roman Odarchenko, Sergiy Gnatyuk,"Method for Cyberincidents Network-Centric Monitoring in Critical Information Infrastructure", International Journal of Computer Network and Information Security(IJCNIS), Vol.9, No.6, pp.30-43, 2017.DOI: 10.5815/ijcnis.2017.06.04

Reference

[1]Gnatyuk V., «Analysis of "incident" definitions and its interpretation in cyberspace» Ukrainian Scientific Journal of Information Security, 2013, vol. 19, issue 3, pp. 175-180.

[2]ISO/IEC 27035:2011 — Information technology — Security techniques — Information security incident management, 2011., p. 69.

[3]Gnatyuk V., Volyanska V. Gizun A., «Review of intrusion detection systems based on honeypot technology» Ukrainian Scientific Journal of Information Security, 2012, vol. 18, issue 2, pp. 75-79.

[4]Gizun A., Korchenko A., Skvortsov S., «Analysis of modern crisis management systems», Ukrainian Scientific Journal of Information Security, 2015, vol. 21, issue 1, pp. 86-99.

[5]Sinyavskiy V., «Influence of the content and principles of "network-centric warfare" in the command and control processes», Science and Military Security, 2010, vol. 4, pp. 36-45.

[6]The paradigm of network-centric management and its impact on the command and control processes [Electronic resource]. – Access to resources: http://agat.by/pres/statia%20nayka-3.pdf.

[7]Network-centric warfare and wireless communications: [Electronic resource]. — Access to resources: http://www.meshdynamics.com/military-mesh-networks.html

[8]Zatuliveter Y., «Computer basis of network-centric management, Proceedings of Russian Conference with international participation "Hardware and software in the control system, the control and measurement"», Moscow pp. 17-37, 18-20 October 2010.

[9]Shershakov V., Trahtenherts E., Kamaev D., «Computer support network-centric management practices emergencies», Moscow: Lenand, 2015, p.160.

[10]Gnatyuk S., Hohlachova Y., Ohrimenko A., Grebenkova A., «The theoretical basis of construction and operation of information security incident management», Ukrainian Information Security Research Journal, 2012, vol. 54, issue 1, pp. 121-126.

[11]Gnatyuk S. «Cyberterrorism: development history, current trends & countermeasures», Ukrainian Scientific Journal of Information Security, 2013, vol. 19, issue 2, pp. 118-129.

[12]Grischuk R., Okhrimchuk V., Akhtyrtseva V., «The sources of primary data for the development potentially dangerous patterns of cyber-attacks», Ukrainian Information Security Research Journal, 2016. vol. 18, issue 1, pp. 21-29.

[13]KDD CUP99 [Electronic resource]. — Access to resources: https://kdd.ics.uci.edu/databases/kddcup99/task.html

[14]Official site Common Attack Pattern Enumeration and Classification [Electronic resource]. — Access to resources: https://capec.mitre.org

[15]CERT-UA. Basic course of Information Security [Electronic resource]. — Access to resources: http://cert.gov.ua

[16]The Law of Ukraine «Information security in telecommunication systems»: № 80/94-BP July 5, 1994, Parliament of Ukraine, vol. 31, p. 286.

[17]Karpinski M., Korchenko А., Akhmetova S., «The method of developmentof basic detection rules for intrusion detection systems», Ukrainian Information Security Research Journal, 2015, vol. 17, issue 4, pp. 312-324.

[18]Gizun A., Gnatyuk V., Suprun О., «Formalized model of construction heuristic rules to detect incidents», Journal of Engineering Academy of Ukraine, 2015. vol. 1, pp. 110-115.

[19]Korchenko А., Gizun A., Volyanska V., Gavrylenko О., «Heuristic rules based on logical & linguistic connection to detect and identify information security intruders», Ukrainian Information Security Research Journal, 2013, vol. 60, issue 3, pp. 251-257.

[20]Gizun A., Gnatyuk V., Balyk N., Falat P., «Approaches to Improve the Activity of Computer Incident Response Teams», Proceedings of the 2015 IEEE 8th International Conference on «Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications», (IDAACS'2015), Warsaw, Poland, September 24-26, 2015, vol. 1, pp. 442-447.

[21]Zhengbing Hu, Vadym Mukhin, Heorhii Loutskii, Yaroslav Kornaga "Stochastic RA-Network for the Nodes Functioning Analysis in the Distributed Computer Systems". International Journal of Computer Network and Information Security(IJCNIS), Vol. 8, No. 6, June 2016, PP.1-8, DOI: 10.5815/ijcnis.2016.06.01

[22]Rasmi M., Al-Qerem A. PNFE: «A proposal approach for proactive network forensics evidence analysis to resolve cyber crimes». International Journal of Computer Network and Information Security (IJCNIS), Vol. 7, No. 2, January 2015, PP.25-32. DOI: 10.5815/ijcnis.2015.02.03.

[23]Karuppanchetty C., Edmonds W., Kim S.-il, Nwanze N. Artificially augmented training for anomaly-based network intrusion detection systems. International Journal of Computer Network and Information Security (IJCNIS), Vol. 7, No. 10, September 2015, PP. 1-14. DOI: 10.5815/ijcnis.2015.10.01

[24]Govindarajan M. Hybrid Intrusion Detection Using Ensemble of Classification Methods. International Journal of Computer Network and Information Security (IJCNIS), Vol. 6, No. 2, January 2014, PP.45-53, DOI: 10.5815/ijcnis.2014.02.07 

[25]Gornitska D., Volyanska V., Korchenko А. «Determining factors of importance for expert evaluation in the field of information security», Ukrainian Information Security Research Journal, 2012, vol.54, issue 1, pp. 108-121.