Assessment of Current Threats to Information Security Using Transformer Technology

Voprosy kiberbezopasnosti Pub Date : 1900-01-01 DOI:10.21681/2311-3456-2022-2-27-38

V. Vasilyev, A. Vulfin, Nailya Kuchkarova

{"title":"Assessment of Current Threats to Information Security Using Transformer Technology","authors":"V. Vasilyev, A. Vulfin, Nailya Kuchkarova","doi":"10.21681/2311-3456-2022-2-27-38","DOIUrl":null,"url":null,"abstract":"Purpose: development of an automated system for assessing current threats to the security of software of industrial automation systems based on the technology of Transformers. Methods: comparison of the set of identified software vulnerabilities, corresponding tactics (techniques) and relevant threats to information security by assessing the semantic proximity metrics of their text descriptions using Text Mining technology based on transformers models. Practical relevance: an automated system for assessing current software security threats has been developed, which makes it possible to compare and rank information and cyber security threats for identified vulnerabilities from the FSTEC of Russia Information Security Threats Databank, to automate the selection of techniques and tactics for constructing threat scenarios. The results of the comparative analysis show that the use of this system makes it possible to simplify the procedure for selecting potential threats and comparing vulnerabilities to them, in addition, a possible set of tactics and techniques is automatically generated, which makes it possible to reduce the time spent on building scenarios for the implementation of threats.","PeriodicalId":422818,"journal":{"name":"Voprosy kiberbezopasnosti","volume":"26 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Voprosy kiberbezopasnosti","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.21681/2311-3456-2022-2-27-38","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

Purpose: development of an automated system for assessing current threats to the security of software of industrial automation systems based on the technology of Transformers. Methods: comparison of the set of identified software vulnerabilities, corresponding tactics (techniques) and relevant threats to information security by assessing the semantic proximity metrics of their text descriptions using Text Mining technology based on transformers models. Practical relevance: an automated system for assessing current software security threats has been developed, which makes it possible to compare and rank information and cyber security threats for identified vulnerabilities from the FSTEC of Russia Information Security Threats Databank, to automate the selection of techniques and tactics for constructing threat scenarios. The results of the comparative analysis show that the use of this system makes it possible to simplify the procedure for selecting potential threats and comparing vulnerabilities to them, in addition, a possible set of tactics and techniques is automatically generated, which makes it possible to reduce the time spent on building scenarios for the implementation of threats.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

利用变压器技术评估当前对信息安全的威胁

目的:开发基于变压器技术的自动化系统，用于评估当前工业自动化系统软件安全威胁。方法:利用基于变形模型的文本挖掘技术，通过评估文本描述的语义接近度量，比较已识别的软件漏洞集、相应的策略(技术)和相关的信息安全威胁。实际意义:开发了用于评估当前软件安全威胁的自动化系统，该系统可以对俄罗斯FSTEC信息安全威胁数据库中已识别漏洞的信息和网络安全威胁进行比较和排名，从而自动选择构建威胁场景的技术和策略。对比分析结果表明，该系统的使用可以简化潜在威胁的选择和漏洞的比较过程，并自动生成一套可能的战术和技术，从而可以减少构建威胁实施场景所花费的时间。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

Voprosy kiberbezopasnosti

自引率

0.00%

发文量