Abstract [eng] |
The Government encourages the use of public electronic services through centralised electronic gates, banks promote the use of e-banking services and health care institutions promote the use of electronic health systems, moreover, the business opens its online stores in trade or relations today. Currently, secure information resources are as important as the security of assets. There is a growing need to evaluate available IT&T resources and resilience to cyber-attacks in order to protect all of the information from unauthorized use or modification nowadays. This final work examines the cyber security evaluation algorithms, intrusion detection systems architectures, techniques used to detect intrusions, their advantages and disadvantages. It is noted that the intrusion detection system includes all elements of the IT&T network and is used for the detection of hacking techniques. Algorithms range by the simple collection of information from sensors and agents to profiles or models of detection and identification through the use of artificial intelligence capabilities. An algorithm that evaluates cyber security of information in IT&T network was developed in this work. This algorithm was tested by a real network cyber security inspection. During the experiments, which have been carried out in real network, the network‘s vulnerabilities have been detected, their analysis have been carried out with the determination the location of the vulnerabilities in the cyber-attack vector. Moreover, the calculation of identified vulnerabilities have also been made, which allow assessing the critical degree of the vulnerability. At the final work a review of the algorithm which evaluates cyber security of information in IT&T network was made and developed by possible cyber-attack prediction model, which allows to set up most probable path of cyber-attack and calculates the probability of it. Cyber-attack prediction model was made using Markov chains and graph theories. During the final work, the cyber-attack prediction model was tested using data obtained from a real network cyber security inspection, the matrices of cyber-attack vulnerability exploits and cyber-attack vector, cyber-attack graphs, cyber-attack vulnerabilities and cyber-attack vector transition matrices were also formed. It has been noted that with the help of the cyber-attack prediction model, it is possible to determine not only the probability of cyber-attack, but also to identify those violations that could be used most effectively by malicious people in preparing a cyber-attack. |