Ganna Yarovenko, Larisa Perkhun, Natalia Nebaba, Olha Bulhakova, Victoria Kostenko
{"title":"开发银行内部网络威胁检测过程正规化模型:本体论方法","authors":"Ganna Yarovenko, Larisa Perkhun, Natalia Nebaba, Olha Bulhakova, Victoria Kostenko","doi":"10.32752/1993-6788-2023-1-268-71-83","DOIUrl":null,"url":null,"abstract":"The article is devoted to developing an ontological model of the formalization of detecting insider cyber threats for banking institutions. This model's general requirements and criteria, elements and stages of construction were defined. As part of the model implementation, the structure of classes, relationships between them, characteristics of rules and restrictions, states of objects, temporal and spatial aspects, and aspects of authentication, access control, encryption and other areas of cyber security were proposed. In the modern realities of constantly growing cyber threats, developing effective means of their detection and countermeasures becomes a critical task for ensuring the cyber security of banking systems. The specificity of banking, where sensitive financial information is at constant risk, makes this problem particularly relevant. This is especially felt when solving tasks related to abuse of trust by internal users, so identifying insider threats becomes a significant challenge for banks. The difficulty of their detection is determined by several factors, such as the internal privileges of individuals with access to confidential information, as well as various traffic and intrusion methods. Therefore, this article aims to create a model for formalising the process of detecting insider cyber threats in banks based on an ontological approach. The development of an ontological model seeks to analyse and standardise knowledge about insider threats to improve the possibilities of their timely detection and reduce the reaction time to security events. Applying such an approach allows us to systematise and standardise knowledge about insider threats, defining relationships between concepts and objects in this context. As part of the research goal, the general requirements and criteria, elements and stages of building an ontological model of the formalisation of the process of detecting insider cyber threats in banks were determined. The structure of classes, relationships between them, characterisation of rules and restrictions, states of objects, temporal and spatial aspects, and aspects of authentication, access control, encryption and other areas of cyber security were proposed. The developed model is designed to solve the problems of identification, analysis and response to insider threats in the banking sector, contributing to increasing cyber security and responsibility in this crucial sector.","PeriodicalId":115867,"journal":{"name":"Actual Problems of Economics","volume":"59 1","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2023-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"DEVELOPMENT OF A MODEL FOR THE FORMALIZATION OF THE PROCESS OF DETECTING INSIDER CYBER THREATS IN BANKS: AN ONTOLOGICAL APPROACH\",\"authors\":\"Ganna Yarovenko, Larisa Perkhun, Natalia Nebaba, Olha Bulhakova, Victoria Kostenko\",\"doi\":\"10.32752/1993-6788-2023-1-268-71-83\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The article is devoted to developing an ontological model of the formalization of detecting insider cyber threats for banking institutions. This model's general requirements and criteria, elements and stages of construction were defined. As part of the model implementation, the structure of classes, relationships between them, characteristics of rules and restrictions, states of objects, temporal and spatial aspects, and aspects of authentication, access control, encryption and other areas of cyber security were proposed. In the modern realities of constantly growing cyber threats, developing effective means of their detection and countermeasures becomes a critical task for ensuring the cyber security of banking systems. The specificity of banking, where sensitive financial information is at constant risk, makes this problem particularly relevant. This is especially felt when solving tasks related to abuse of trust by internal users, so identifying insider threats becomes a significant challenge for banks. The difficulty of their detection is determined by several factors, such as the internal privileges of individuals with access to confidential information, as well as various traffic and intrusion methods. Therefore, this article aims to create a model for formalising the process of detecting insider cyber threats in banks based on an ontological approach. The development of an ontological model seeks to analyse and standardise knowledge about insider threats to improve the possibilities of their timely detection and reduce the reaction time to security events. Applying such an approach allows us to systematise and standardise knowledge about insider threats, defining relationships between concepts and objects in this context. As part of the research goal, the general requirements and criteria, elements and stages of building an ontological model of the formalisation of the process of detecting insider cyber threats in banks were determined. The structure of classes, relationships between them, characterisation of rules and restrictions, states of objects, temporal and spatial aspects, and aspects of authentication, access control, encryption and other areas of cyber security were proposed. The developed model is designed to solve the problems of identification, analysis and response to insider threats in the banking sector, contributing to increasing cyber security and responsibility in this crucial sector.\",\"PeriodicalId\":115867,\"journal\":{\"name\":\"Actual Problems of Economics\",\"volume\":\"59 1\",\"pages\":\"\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-10-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Actual Problems of Economics\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.32752/1993-6788-2023-1-268-71-83\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Actual Problems of Economics","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.32752/1993-6788-2023-1-268-71-83","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
DEVELOPMENT OF A MODEL FOR THE FORMALIZATION OF THE PROCESS OF DETECTING INSIDER CYBER THREATS IN BANKS: AN ONTOLOGICAL APPROACH
The article is devoted to developing an ontological model of the formalization of detecting insider cyber threats for banking institutions. This model's general requirements and criteria, elements and stages of construction were defined. As part of the model implementation, the structure of classes, relationships between them, characteristics of rules and restrictions, states of objects, temporal and spatial aspects, and aspects of authentication, access control, encryption and other areas of cyber security were proposed. In the modern realities of constantly growing cyber threats, developing effective means of their detection and countermeasures becomes a critical task for ensuring the cyber security of banking systems. The specificity of banking, where sensitive financial information is at constant risk, makes this problem particularly relevant. This is especially felt when solving tasks related to abuse of trust by internal users, so identifying insider threats becomes a significant challenge for banks. The difficulty of their detection is determined by several factors, such as the internal privileges of individuals with access to confidential information, as well as various traffic and intrusion methods. Therefore, this article aims to create a model for formalising the process of detecting insider cyber threats in banks based on an ontological approach. The development of an ontological model seeks to analyse and standardise knowledge about insider threats to improve the possibilities of their timely detection and reduce the reaction time to security events. Applying such an approach allows us to systematise and standardise knowledge about insider threats, defining relationships between concepts and objects in this context. As part of the research goal, the general requirements and criteria, elements and stages of building an ontological model of the formalisation of the process of detecting insider cyber threats in banks were determined. The structure of classes, relationships between them, characterisation of rules and restrictions, states of objects, temporal and spatial aspects, and aspects of authentication, access control, encryption and other areas of cyber security were proposed. The developed model is designed to solve the problems of identification, analysis and response to insider threats in the banking sector, contributing to increasing cyber security and responsibility in this crucial sector.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
