Mathematical Model of the Computer Attack Implementation Possibility by an Intruder

摘要

The article represents a substantiated mathematical model of the computer attack (CA) possibility by an intruder based on the theory of “defensible space” and the theory of cellular automata. A comparative analysis of mathematical approaches for describing the dynamics of the attacked IS and the cellular automata is carried out. The results of the analysis made it possible to draw a reasonable conclusion: the dynamics of the CA is similar to the dynamics of the cellular automata. Based on the analysis of the CA model, a reasonable list of quantitative indicators has been formed to determine the probability coefficient. The probabilistic coefficient is called the weighting factor of the transition (WFT) in the mathematical model of the CA implementation possibility. We show seven quantitative indicators. Two of them are the time required to develop protection method and the number of nodes potentially affected by CA; and (7) the total number of nodes. Other are coefficients. There are coefficient of availability / popularity of protection means against CA; coefficient of solution availability for CA monitoring; the coefficient of absence / presence of visible CA damage; the coefficient of the attack method popularity. Defines as active discussion (“explanation”) of the attack method on the DarkNet forums. For a specific attack method, the coefficient for all transitions is the same. The sufficiency of selected quantitative indicators list is confirmed by the results of the analysis of the Petya ransomware scenario on information system (IS) located on the territory of Ukraine.