Current Tasks in Identifying Invalid Events in Critical Information Infrastructure
The purpose of the study is to develop an approach for identifying and processing invalid events in critical information infrastructure (CII) based on the concepts of taxonomy and categorization. The approach aims to improve the efficiency of identifying, classifying, and managing information securi...
Saved in:
| Published in | Otkrytoe Obrazovanie Vol. 28; no. 4; pp. 33 - 42 |
|---|---|
| Main Authors | , |
| Format | Journal Article |
| Language | English |
| Published |
Plekhanov Russian University of Economics
01.09.2024
|
| Subjects | |
| Online Access | Get full text |
Cover
Loading…
| Abstract | The purpose of the study is to develop an approach for identifying and processing invalid events in critical information infrastructure (CII) based on the concepts of taxonomy and categorization. The approach aims to improve the efficiency of identifying, classifying, and managing information security (IS) incidents. The article addresses the current tasks of ensuring the required level of CII protection and minimizing the negative consequences of information security incidents resulting from invalid events. The identification of these events is associated with the complexity of detecting such events, the need to process large volumes of data, insufficient speed in detecting IS events, as well as technological limitations.The relevance of identifying and classifying invalid events in information security, especially for CII, is driven by the need for timely detection and response to incidents that could lead to negative consequences. Understanding the nature and characteristics of such events allows for effective system protection and prevention of significant damage. To enhance the effectiveness of ensuring security, it is necessary to identify the class of invalid events among the numerous information security events by considering the characteristics that define invalid events.The novelty of the proposed approach lies in solving the task of identifying the class of invalid information security events based on taxonomy methods, involving the use of event categorization tools with the attributes of invalid events. Materials and methods . The approach to identifying invalid events in CII, based on the principles of information security event taxonomy, was used to solve the task. It was shown that identifying invalid information security events is directly related to solving the problem of searching for and analyzing their attributes, which represent the characteristics or parameters used to describe and classify security incidents. Based on the key principles of taxonomy, a model of the structure of the set of invalid events was developed to determine the characteristics that can be the basis for classifying invalid events. The process of identifying invalid information security events includes a sequence of stages: taxonomy, categorization, and classification, with appropriate methods and tools implemented at each stage. Results. Approaches to identifying invalid events in CII have been analyzed. Problems related to large data volumes, the complexity of event processing, the considerable time required for their detection, and technological limitations were considered. It was shown that the concept of taxonomy and categorization allows for effective identification and classification of information security incidents, ensuring efficient processing and response. The feasibility of applying taxonomy for describing and identifying the attributes of invalid events was justified, contributing to the development of effective protection strategies and improving security levels. A generalized scheme for processing invalid events was proposed, including a set of interconnected stages of identification, categorization, impact assessment, response, documentation, and analysis. An algorithm for structured description and classification of incidents was developed, allowing for more accurate and timely responses to information security threats. Conclusion. The results obtained increase the effectiveness of solving the task of classifying information security incidents by identifying invalid events, which reduces the level of negative consequences of incidents and enhances the security of CII objects. |
|---|---|
| AbstractList | The purpose of the study is to develop an approach for identifying and processing invalid events in critical information infrastructure (CII) based on the concepts of taxonomy and categorization. The approach aims to improve the efficiency of identifying, classifying, and managing information security (IS) incidents. The article addresses the current tasks of ensuring the required level of CII protection and minimizing the negative consequences of information security incidents resulting from invalid events. The identification of these events is associated with the complexity of detecting such events, the need to process large volumes of data, insufficient speed in detecting IS events, as well as technological limitations.The relevance of identifying and classifying invalid events in information security, especially for CII, is driven by the need for timely detection and response to incidents that could lead to negative consequences. Understanding the nature and characteristics of such events allows for effective system protection and prevention of significant damage. To enhance the effectiveness of ensuring security, it is necessary to identify the class of invalid events among the numerous information security events by considering the characteristics that define invalid events.The novelty of the proposed approach lies in solving the task of identifying the class of invalid information security events based on taxonomy methods, involving the use of event categorization tools with the attributes of invalid events. Materials and methods . The approach to identifying invalid events in CII, based on the principles of information security event taxonomy, was used to solve the task. It was shown that identifying invalid information security events is directly related to solving the problem of searching for and analyzing their attributes, which represent the characteristics or parameters used to describe and classify security incidents. Based on the key principles of taxonomy, a model of the structure of the set of invalid events was developed to determine the characteristics that can be the basis for classifying invalid events. The process of identifying invalid information security events includes a sequence of stages: taxonomy, categorization, and classification, with appropriate methods and tools implemented at each stage. Results. Approaches to identifying invalid events in CII have been analyzed. Problems related to large data volumes, the complexity of event processing, the considerable time required for their detection, and technological limitations were considered. It was shown that the concept of taxonomy and categorization allows for effective identification and classification of information security incidents, ensuring efficient processing and response. The feasibility of applying taxonomy for describing and identifying the attributes of invalid events was justified, contributing to the development of effective protection strategies and improving security levels. A generalized scheme for processing invalid events was proposed, including a set of interconnected stages of identification, categorization, impact assessment, response, documentation, and analysis. An algorithm for structured description and classification of incidents was developed, allowing for more accurate and timely responses to information security threats. Conclusion. The results obtained increase the effectiveness of solving the task of classifying information security incidents by identifying invalid events, which reduces the level of negative consequences of incidents and enhances the security of CII objects. |
| Author | Mikryukov, A. A. Evdokimova, D. A. |
| Author_xml | – sequence: 1 givenname: D. A. orcidid: 0009-0003-1387-3177 surname: Evdokimova fullname: Evdokimova, D. A. organization: Plekhanov Russian University of Economics – sequence: 2 givenname: A. A. surname: Mikryukov fullname: Mikryukov, A. A. organization: Plekhanov Russian University of Economics |
| BookMark | eNo9UNtKw0AQXaSCtfYbzA-s7i2bzaOEqoGCIPV5mWQnZTVNZDct9O_dttKnOZfhMHPuyWwYByTkkbMnwbXRz9xwQ5VQkgomFFVUykRvyFywoqR5KcsZmV-X7sgyRt8wpYo8FyWbk89qHwIOU7aB-BMzP2S1S9R3Rz9ss3o4QO9dtjok7exWwU--hT5Z3Rh2MPlxOOEAcQr7dtoHfCC3HfQRl_9zQb5eV5vqna4_3urqZU1bzpWmWjiNxjWcJ8SMyJlhgqFKf5iy1E0roDEdSwhUmRcCMeeKta7jGgzvUC5Ifcl1I3zb3-B3EI52BG_Pwhi2FkI6tkfrtHbYSFAcnQIhAaVWuSqAad4i6pRVXLLaMMYYsLvmcWbPTdtTifZUoj01bZWVMlH5B9x0cx0 |
| ContentType | Journal Article |
| DBID | AAYXX CITATION DOA |
| DOI | 10.21686/1818-4243-2024-4-33-42 |
| DatabaseName | CrossRef DOAJ Directory of Open Access Journals |
| DatabaseTitle | CrossRef |
| DatabaseTitleList | CrossRef |
| Database_xml | – sequence: 1 dbid: DOA name: DOAJ Directory of Open Access Journals url: https://www.doaj.org/ sourceTypes: Open Website |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Education |
| EISSN | 2079-5939 |
| EndPage | 42 |
| ExternalDocumentID | oai_doaj_org_article_d66deb3a41ed4a23ae364547a061cee6 10_21686_1818_4243_2024_4_33_42 |
| GroupedDBID | 5VS AAYXX ALMA_UNASSIGNED_HOLDINGS CITATION GROUPED_DOAJ |
| ID | FETCH-LOGICAL-c1146-62d6e8db1162d082508020e42028996bc2ab8f096ba49572ee5140cdf16a81fe3 |
| IEDL.DBID | DOA |
| ISSN | 1818-4243 |
| IngestDate | Mon Oct 21 19:39:06 EDT 2024 Thu Sep 26 20:26:46 EDT 2024 |
| IsDoiOpenAccess | true |
| IsOpenAccess | true |
| IsPeerReviewed | true |
| IsScholarly | true |
| Issue | 4 |
| Language | English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-c1146-62d6e8db1162d082508020e42028996bc2ab8f096ba49572ee5140cdf16a81fe3 |
| ORCID | 0009-0003-1387-3177 |
| OpenAccessLink | https://doaj.org/article/d66deb3a41ed4a23ae364547a061cee6 |
| PageCount | 10 |
| ParticipantIDs | doaj_primary_oai_doaj_org_article_d66deb3a41ed4a23ae364547a061cee6 crossref_primary_10_21686_1818_4243_2024_4_33_42 |
| PublicationCentury | 2000 |
| PublicationDate | 2024-09-01 |
| PublicationDateYYYYMMDD | 2024-09-01 |
| PublicationDate_xml | – month: 09 year: 2024 text: 2024-09-01 day: 01 |
| PublicationDecade | 2020 |
| PublicationTitle | Otkrytoe Obrazovanie |
| PublicationYear | 2024 |
| Publisher | Plekhanov Russian University of Economics |
| Publisher_xml | – name: Plekhanov Russian University of Economics |
| References | ref8 ref7 ref12 ref9 ref4 ref3 ref6 ref11 ref5 ref10 ref2 ref1 |
| References_xml | – ident: ref1 – ident: ref4 – ident: ref2 – ident: ref3 – ident: ref5 – ident: ref6 – ident: ref7 – ident: ref9 – ident: ref8 – ident: ref10 – ident: ref11 – ident: ref12 |
| SSID | ssib044755290 ssib015894855 ssj0001862428 |
| Score | 2.3127906 |
| Snippet | The purpose of the study is to develop an approach for identifying and processing invalid events in critical information infrastructure (CII) based on the... |
| SourceID | doaj crossref |
| SourceType | Open Website Aggregation Database |
| StartPage | 33 |
| SubjectTerms | critical information infrastructure event categorization incident classification information security incident response invalid events taxonomy |
| Title | Current Tasks in Identifying Invalid Events in Critical Information Infrastructure |
| URI | https://doaj.org/article/d66deb3a41ed4a23ae364547a061cee6 |
| Volume | 28 |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwrV07T8MwELZQJxbEU5SXPLBa9StuPAJqVZBgQK3UzbJrR6qQAmph5bdzZ4eqnVhYIseJouS7S-4uvvuOkFvwcnkjhGJKG820kENmgxWgy5Xl3giTmpwg-2ImM_00r-Zbrb4wJ6zQAxfgBtGYCAGf1yJF7aXySWUSKg-GCD7whWyb261gCjRJVPUO6wmy2lWyWw_Kf19yXUSukwOLxbTUqiR_SWFqM9hMghJJeASmFNNyx3RtMfxnUzQ-JAedD0nvyr0fkb3UHmP75S5V44S8dqxLdOrXb2u6bGmpx801TfSxBe1aRjrCVMd89LffAe2Kk_AqOF75Qi_7tUqnZDYeTR8mrGuewBZYaMyMjCbVMQgBI4wDsaiWJy1xadGasJA-1A0EMMFDjDSUKYHrxBexEcbXoknqjPTa9zadE2qiTV5W8O5DLGist5p71SgRVFMPg7V9wn9xcR-FI8NBbJGhdAilQygdQum0Uwp2--Qe8ducjiTXeQJE7zrRu79Ef_EfF7kk-1nGOW3sivQA1nQNfsZnuMkqBdvn79EPlHXHrg |
| link.rule.ids | 315,783,787,867,2109,27938,27939 |
| linkProvider | Directory of Open Access Journals |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=Current+Tasks+in+Identifying+Invalid+Events+in+Critical+Information+Infrastructure&rft.jtitle=Otkrytoe+Obrazovanie&rft.au=Evdokimova%2C+D.+A.&rft.au=Mikryukov%2C+A.+A.&rft.date=2024-09-01&rft.issn=1818-4243&rft.eissn=2079-5939&rft.volume=28&rft.issue=4&rft.spage=33&rft.epage=42&rft_id=info:doi/10.21686%2F1818-4243-2024-4-33-42&rft.externalDBID=n%2Fa&rft.externalDocID=10_21686_1818_4243_2024_4_33_42 |
| thumbnail_l | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=1818-4243&client=summon |
| thumbnail_m | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=1818-4243&client=summon |
| thumbnail_s | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=1818-4243&client=summon |