Klenin D.V., Maksimova E.A. The Model of Intrusion into the Information System

THE MODEL OF INTRUSION INTO THE INFORMATION SYSTEM

Dmitriy V. Klenin

Student, Department of Information Security,

Volgograd State University

This email address is being protected from spambots. You need JavaScript enabled to view it.

Prosp. Universitetsky, 100, 400062 Volgograd, Russian Federation

Elena A. Maksimova

Candidate of Sciences (Engineering), Associate Professor, Head of Department of Information Security,

Volgograd State University

This email address is being protected from spambots. You need JavaScript enabled to view it.

Prosp. Universitetsky, 100, 400062 Volgograd, Russian Federation

Abstract. Categories ‘attack’, ‘intrusion’ and ‘incident’ of information security are defined. The types of intrusions into the information system are revealed, and their brief analysis is given. The proposed model of intrusion into the information system will allow to increase its efficiency at almost all stages of the information security system life cycle. The use of the proposed model is associated with the solution of specific practical problems in the field of information security, including the definition of vulnerabilities of the information system. The latter, in turn, is necessary to determine the elements of the protection system. For example, at the design stage of the information security system, when choosing software protection you need to take into account the location of the intruder relative to the attacked object.

When working with functioning systems of information protection, i.e. at the solution of questions of modernization or optimization, changes in the system of information security are resolved in accordance with statistical data for the intrusion into the information system with available results of information security incidents, with the forecast data.

Thus, the proposed model of intrusion into the information system is one of the external conditions when working with the information system of the organization (enterprise) may well determine (set) the level of risk of information security of the enterprise.

Key words: intrusion, information security, information system, design, model.

This work is licensed under a Creative Commons Attribution 4.0 International License.