The tasks of modelling and the components of the basic model of applied task protection of a distributed information system have been considered. The measurement and relationship of security parameters, protection, new and reference attacks, anomalies, and threat environments have been proposed. The conditions of threats, attacks and, consequently, inconsistencies in the results of applied tasks are proved. At the beginning of the article the concept of a distributed information system, system of applied tasks, modern trends of zero-trust architecture in building information security systems are discussed. Further, it gives an overview of existing methods of detection and counteraction to attacks based on reference knowledge bases. To improve the level of security it is proposed to analyze the causes of attacks, namely hazards and threats to the system.

Attacks, hazards and threats are considered as structured processes that affect the internal and external environment of the system of the applied tasks with a further impact on the output of these tasks. The concepts of security level and security level of a distributed information system are introduced, as well as the concepts of applied task, environment, and user contradictions. As the logical metrics of discrepancy detection the apparatus of semantic analysis is proposed, which (based on the reference knowledge base, the apparatus of text transformations) should be applied at the stage of loading of applied task and describe the input and output data, requirements to the environment of the task solution.
The result of the research is the proposed method for identifying additional data about hazards, threats, attacks, countermeasures to attacks, applied task-solving. This data is generated from the reference and augmented textual descriptions derived from the proposed contradictions. By building additional reference images of threats, attacks, countermeasures, it becomes possible to prevent the activation of new attacks on the distributed information system.

Problems in programming 2021; 2: 016-023

information; security; anomaly; attack; model; application problem; distributed system; semantics

Risk Adaptive Approach, Gartner. (2018). https://www.gartner.com/teamsiteanalytics/servePDF?g=/imagesrv/media-products/pdf/Forcepoint/Forcepoint-1-4YCDU8P.pdf.

Joint Task Force. (2018). Risk Management Framework for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy. (National Institute of Standards and Technology, Gaithersburg, MD), NIST Special Publication (SP) 800-37, Rev. 2. CrossRef

Lukatsky, A. I. (2001). Detection of attacks. SPb.: BHV-St Petersburg, 624. (In Russian)

Zaytsev, O. I. (2006). ROOTKITS, SPYWARE/ADWARE, KEYLOGGERS & DACKDOORS: detecting and protecting. SPb.: BHV-St-Petersburg, 304. (In Russian)

Guide for Conducting Risk Assessments. (2012). NIST SP 800-30, Rev. 1. National Institute of Standards and Technology. September, 2012.https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-30r1.pdf

Kleene, Stephen. (1973). Mathematical Logic: monogr. Мoskva: Mir, 1973. (In Russian)

IOTW: World’s Third Largest Music Company Falls Prey To Magecart Attack. (2020). 2020/11/09, 1–2. https://www.cshub.com/attacks/articles

Korostil, Olga, Korostil, Yurii. (2015). Usin text models in systems of control of social objects. Scientific Journals Maritime University of Szczecin: Akademia Morska w Szczecinie, 42(114), 112–117. ISSN 1733-8670.

Common Criteria for Information Technology Security Evaluation. (2017). CCMB-2017-04-001. https://www.commoncriteriaportal.org/

files/ccfiles /CCPART1V3.1R5.pdf

Zagorodnyy, A., Borovska, O., Svistunov, S., Sinitsyn, I., Rodin, Y. (2014). Сreation of an integrated information resource protection system in the national grid infrastructure. Kyiv: Stal, 373. (In Ukrainian)

CISO Strategies & Tactics For Incident Response. (2020). August, 2020, 7–11. https://www.cshub.com/executive-decisions/reports/

ciso-strategies-tactics-for-incidentresponse.

Scott, Rose, Oliver, Borchert, Stu, Mitchell, Sean, Connelly. (2020). Zero Trust Architecture. NIST Special Publication 800-207. August, 2020, 6–35. https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-207.pdf