M.M. Monakhova – Ph. D. (Eng.), Senior Lecturer, Department of Informatics and Information Security, Vladimir State University named after A.&N. Stoletovs
G.V. Putintsev – Student, Engineer, Department of Informatics and Information Security, Vladimir State University named after A.&N. Stoletovs
In process of development and complication of means, methods and forms of automation of processing and information transfer the vulnerability of system processes and resources directly influencing a possibility of destruction, blocking or distortion of information and appearance in system of the «emergency» processes creating a situation of impossibility of effective implementation of basic functions increases. Politicians of support of information security (IS), and the system of information security (SIS) created on their basis, cannot guarantee protection of an information and telecommunication network completely. After implementation of protective measures and means there are always weak spots on a network, which can make support of IS ineffective. Besides, there can be failures and failures of the SIS, to become known the new, earlier not identified threats. The situations connected to note violations of a policy IS and failures of SIS in execution of the functions define a concept of an incident of IS. Despite integration into telecommunication networks of the modern hardware and software of protection and control of networks, processes of monitoring of incidents of IS are automated only partially, there are no effective models and algorithms of their detection and identification as a part of a single system that often is a basic reason to continuous lowering of efficiency of functioning of a telecommunication network. Thus, the researches directed to creation of models and algorithms of monitoring of incidents are urgent and have practical value in a solution of the problem of support of quality of functioning of networks of telecommunications of the enterprises.
The conducted researches consisted in detection of time slots of different standard network activity, creation of a reference configuration of corporative information-telecommunication network (CITN) and condition monitoring of a network in the course of the experiments with detection and localization of critical areas based on comparing of the turned-out results with reference values of statuses.
The main results of scientific operation consist in creation of essentially new technique of localization of a segment of CITN with the arisen safety incident. Practical results consist in development based on a technique of a final software product, which can be built in the existing network for monitoring of a network and detection of incidents of IS.
The developed technique will allow to localize timely a section with the arisen incident of IS or a probable incident and not to allow further distribution of negative consequences of an incident on CITN in general.