Authors: 
Seryodkin Sergey Petrovich
Receipt date: 
28.02.2022
Section: 
4. Software and technical problems of information security
Year: 
2022
Journal number: 
1(13) 2022
УДК: 
004.056/053
DOI: 

10.26731/2658-3704.2022.1(13).43-54 

Article File: 
PDF icon scientific_approaches.pdf
Pages: 
43
54
Abstract: 

In the proposed article we describe a mechanism of modeling information security threats which based on data of the FSTEC security threat bank. The mechanism of implementation of requirements for modeling information security threats is described, based on a new methodology adopted by FSTEC 05.02.2021. An approach to build a model of information security threats taking into account the modern requirements of regulators, which are based on the FSTEC database is proposed. The important role of using the FSTEC threat database data to build an up-to-date threat model using techniques and tactics of a potential violator is emphasized. Special attention is paid to the mandatory application of this technique in modeling current threats to information security in state information systems, significant objects of critical information infrastructure, information systems of the military-industrial complex, as well as in personal data information systems. Modern approaches and capabilities of Internet resources for threat search and vulnerability analysis are analyzed, their advantages and disadvantages are currently relevant. Practical recommendations are given for the use of the FSTEC Internet resource by students of higher educational institutions and information security specialists of institutions and organizations in modeling information security threats.

Keywords: 
Threats to information security
vulnerabilities of information systems
threat data bank (TDB)
potential violator
information security threat model
negative consequences
violator model
state information systems (SIS)
Federal Service for Technical and Export Control (FSTEC)
Threat Data Bank (DBU)
information security (IS)
state information systems (GIS)
List of references: 
  1. Federal Law No. 149-FZ of July 27, 2006 "On Information, Information Technologies and Information Protection".
  2. Methodology for assessing security threats: methodological document / comp. FSTEC of Russia. - Moscow, 2021. - 83 p.
  3. Positive Technologies. Website. Moscow, 2002. Access mode: https://www.ptsecurity .
  4. Information and analytical journal "RUBEZH" [Electronic resource]. - Moscow. - 2013 - Access mode : https://ru-bezh.ru.
  5. Threat landscape for industrial automation systems. Kapersky ICS CERT. [Electronic resource] – Access mode: https://icscert.kaspersky.ru/media/H1_2019_kaspersky_ICS_REPORT_RUS.
  6. The Law of the Russian Federation of 27.07.2006 No. 152-FZ "On personal data".
  7. The Order of the FSTEC of Russia of February 11, 2013 No. 17 "On approval of requirements for the protection of information not constituting a state secret contained in state information systems".
  8. Order of the FSTEC of Russia No. 21 dated February 18, 2013 "On Approval of the composition and content of organizational and technical measures to ensure the security of personal data during their processing in personal data information systems".
  9. Decree of the Government of the Russian Federation No. 1119 dated 01.11.2012 "On Approval of requirements for the protection of personal data during their processing in information systems personal data".
  10. "Priority directions of development of science, technology and engineering in the Russian Federation and the list of critical technologies of the Russian Federation". Approved by Decree of the President of the Russian Federation No. 899. 11 of July 7, 2011
  11. Decree of the Government of the Russian Federation No. 861 of October 24, 2011 "On Federal State Information Systems Providing the provision of State and Municipal services in Electronic Form".
  12. https://attack.mitre.org/matrices/enterprise/
  13. https://mitre-attack.github.io/attack-navigator/
  14. https://apt.securelist.com
  15. https://fstec.ru/