9004

Problems of information security. Computer systems

Проблемы информационной безопасности. Компьютерные системы

2071-8217

10.48612/jisp/rta5-a8v5-13vu

Presentation of graph-based model for use in automated security analysis systems

Представление данных на основе графа атак для использования в автоматизированных системах анализа защищенности

Moskvin

Dmitry

moskvin_da@spbstu.ru

0009-0001-1385-8028

Orel

Eugeniy

orel_em@ibks.spbstu.ru

0009-0006-7223-4326

Lyashenko

Andrey

lyashenko.aa@edu.spbstu.ru

Peter the Great St. Petersburg Polytechnic University Peter the Great St. Petersburg Polytechnic University

25 03 2024

1 28 35

This paper presents a mathematical graph-based model for use in automated security analysis systems. The model allows to link information about the system obtained by a specialist in the process of security analysis with a set of attack scenarios in which it may be involved. Executing each scenario results in new portion of data, that describes some system component and contributes to the expansion of the attack graph.

attack graph graph-based model security analysis attack scenarios heterogenic systems security assessment penetration testing