RU2408928C1 - Method for comparative assessment of information computer network - Google Patents

Abstract

FIELD: information technologies. ^ SUBSTANCE: alternative routes of message packets are extracted from topological circuit of data-computing network and memorised for each pair of alternative connections to data-computing networks of subscribers. Value of complex index of safety IKi of i unit of data-computing network, where i=1, 2, 3,Ç, is compared with previously specified minimum permissible value of Imin. Following comparison results, unit is memorised as "dangerous" or "safe". Critical ratio of "dangerous" and "safe" units pjÇèk is calculated for each j version of subscribers connection, at which adjacent "dangerous" units form circuits that exclude exchange between subscribers. For this purpose, pj part of units is chosen randomly from each previously memorised version of subscribers connection out of their total number, and those are memorised as "dangerous". Joint circuits are formed from adjacent "dangerous" units, and they are memorised, share of "dangerous" units is increased serially by value öp, and formation of joint circuit is repeated until condition pj= pjÇèk is met. Alternative options of data-computing network subscribers connection are ranged by pjÇèk value, and an option with maximum pjÇèk value is selected from them. ^ EFFECT: improved validity of results of comparative assessment of data-computing structures in case of communication units quantity increase and under conditions of effect at communication channels, and units of data-computing network for accidental and deliberate noise. ^ 11 dwg

Description

The invention relates to the field of information security of information and computer networks (IVS) and communication systems and can be used in a comparative assessment of the structures of an IVS for their resistance to failures caused by the effects of random and deliberate interference.

The claimed technical solution expands the arsenal of funds for this purpose.

There is a method of assessing the IVS in accordance with the conditions of employment of network resources, implemented in the "Method and system for promoting traffic flows with guaranteed quality of service (QoS) in a network operating with IP protocol" according to RF patent No. 2271614, IPC H06L 12/38, publ. 03/10/2006

The method consists in the fact that the choice of the route for delivering packets in communication networks is performed by the resource managers of the delivery network at the control level of the transmission channel, similarly to the functions for services that require guaranteed quality of QoS service. To pass traffic flows according to the path designated by the resource manager in the delivery network, the border routers are monitored in accordance with the busy conditions of network resources. At the same time, the paths of the flows are assigned using the technology of a multi-level label stack.

The disadvantage of this method is the lack of adaptation to changes in the structure of the communication network, as well as the incomplete use of the qualities and conditions of network resources to choose the path of flows.

There is also a method of providing adjustment of routes to subscribers of the network, implemented in the "Method of adjusting routes in the data network" according to the patent of the Russian Federation No. 2220190, IPC H04L 12/28, publ. 10/10/1998

The method consists in the fact that the search for message delivery routes to the subscriber is carried out at the network address of the switching node of its current binding. The choice of routes to the subscriber is carried out at the switching nodes by an official corrective message containing the network addresses of the subscriber, the switching node and the code of the sign of adjustment “record”, “erase”.

The disadvantage of this method is the lack of adaptation to changes in the structure of the communication network. This is because the adjustment of the implementation of routes is decentralized and does not cover the entire communication network, but its individual local sections. The lack of options for choosing routes to the subscriber often leads to the choice of a route of poor quality.

There is also known a method of selecting a route in the IVS, implemented in the "Method of choosing the expediently used route in the router for uniform distribution in the switching network" according to the application for the invention of the Russian Federation No. 2004111798, IPC H04L 1/00, publ. 05/10/2005

The method consists in pre-setting the initial data containing the quality criteria of the routes. The information about the structure of the communication network, including the addresses of the network nodes and the presence of communication between them, is stored in the router. Form a set of possible communication routes. After receiving the message, one route is selected for the target network address, in accordance with the predefined criteria for the quality of routes and messages are sent along the selected route.

The disadvantage of this method is the relatively low stealth of communication when using the selected route of information exchange of subscribers in the communication network. The presence of transit network nodes with a low level of security creates the prerequisites for interception by cybercriminals of the information exchange of network subscribers.

Closest in its technical essence to the claimed one is a method for a comparative assessment of the structures of temporary detention facilities described in RF patent No. 2331158, IPC H04L 12/28, publ. 08/10/2008

The prototype method consists in pre-setting the parameters of the IVS and forming its topological scheme, calculating a comprehensive safety indicator for each node of the IVS. Connected to the IVS of subscribers, which form messages including the addresses of subscribers and their identifiers. The generated messages are transmitted, received, the identifiers and addresses of the subscribers are allocated and stored from the received messages, and information about the existence of communication between the subscribers and the IVS nodes through which information is exchanged is stored and stored. Using the results obtained, the most secure routes in the IVS are selected from the totality of all possible communication routes between the subscribers and the safe routes are brought to the IVS subscribers.

The known prototype method eliminates the disadvantages of analogues by taking into account transit nodes of the network that have a low level of security according to the criterion for the possibility of interception by cybercriminals of the information exchange of network subscribers, and choosing the most secure route from among the alternative ones.

The disadvantage of this prototype method is the relatively low reliability of the results of a comparative assessment of the structures of the IVS with an increase in the number of communication nodes. Low reliability is due to: large time and resource costs necessary to obtain the source data for a large number of IVS nodes; an increase in the combinatorial complexity of solving the problem of finding a safe route with a large number of IVS nodes; a decrease in the sensitivity of the route safety indicator, due to the fact that with an increase in the number of TDF nodes, the number of routes with a close value of the route safety indicator will increase.

In addition, the prototype method has a narrow scope, since it does not provide for adaptation of the route to changes in the structure of the IVS. The need for adaptation is due to the fact that under the influence of interference on the structure of the IVS, the values of the complex safety indicators of nodes can change.

The purpose of the claimed technical solution is to develop a method for the comparative assessment of IVS structures, which provides an increase in the reliability of the results of a comparative assessment of the IVS structures with an increase in the number of communication nodes and under the influence of random and intentional interference on the communication channels and IVS nodes by taking into account the long-term reduction in the values of the complex safety indicators of communication nodes.

This goal is achieved by the fact that in the known method of comparative assessment of the structure of the IVS, which consists in pre-setting the parameters of the IVS and form its topological scheme, and also do the following. Calculate the complex index of security _PK for each node IVS. Connected to the IVS of subscribers, which form messages including the addresses of subscribers and their identifiers. Transmit formed messages, receive them. From the received messages, identifiers and addresses of the subscribers are allocated and stored, as well as information about the existence of communication between the subscribers and the IVS nodes through which information is exchanged. In the predefined initial data as parameters of the IVS additionally set: the minimum acceptable value of a comprehensive safety indicator P _min for nodes of the IVS, alternative options for connecting subscribers to the IVS. Arrays of memory are allocated for storing their identifiers and alternative routes for message packets. Alternative routes of message packets for each pair of alternative connections to the IVS of subscribers are selected from the generated topological scheme of the IVS and the alternative routes of message packets for each j-th connection variant of subscribers are stored, where j = 1, 2, .... The value of the complex safety indicator P _Ki , the i-th IVS node, where i = 1, 2, 3, ..., is compared with the predetermined minimum acceptable value P _min . At П _Ki <П _{min, the} i-th node is remembered as “dangerous”, and otherwise, at П _Ki ≥ П _{min, the} node is remembered as “safe”. After that, the critical ratio of “dangerous” and “safe” nodes p ^j _{k is} calculated for each j-th connection option for subscribers, in which adjacent “dangerous” nodes form chains that exclude exchange between subscribers.

To do this, randomly select from each previously remembered connection option of the subscribers the p ^jth part of the nodes from their total number and store them as “dangerous”. Connected chains are formed from adjacent “dangerous” nodes and stored. Then successively increase the share of “dangerous” nodes by Δp and repeat the formation of a connected chain until the conditions p ^j = p ^j _k are satisfied. Alternative options for connecting IVS subscribers are ranked by the value of p ^j _k and a variant with the maximum value of p ^j _{k is} selected from them.

Thanks to the new set of essential features in the claimed method, it is possible to take into account a prospective decrease in the values of the complex safety indicators of communication nodes caused by the impact of random and deliberate interference on communication channels and IVS nodes, which ensures the achievement of the formulated technical result - increasing the reliability of the results of a comparative assessment of the structures of the IVS with an increase in the number of nodes communication and in conditions of exposure to communication channels and nodes of the IVS random and deliberate interference.

The claimed objects of the invention are illustrated by drawings, which show:

figure 1 is an example of a fragment of the topological scheme of the IVS;

figure 2 is an example of a set of alternative routes of message packets in the IVS between the corresponding subscribers;

figure 3 is a variant of the regular structure of the IVS with a different number of "dangerous" nodes;

figure 4 - illustration of structures formed from interconnected "dangerous" nodes, on the example of the structure of the IVS dimension L = 1,000,000 communication nodes (1000 per 1000 communication nodes);

5 is an illustration of the dependence of the likelihood of communication failure between IVS subscribers on the share of “dangerous” IVS nodes in their total number.

The implementation of the claimed method is explained as follows. Information exchange between subscribers of information and computer networks (IVS) and communication networks is carried out by routing message packets through a sequence of transit nodes of the network.

Determining a route is a difficult task, especially when there are many alternative routes between a pair of subscribers. In this case, the route selection is carried out in network nodes (routers) of telecom operators. At each of the network nodes, the route is determined independently. The criteria for selecting routes are, for example, the nominal bandwidth; congestion of communication channels; delays introduced by channels; number of intermediate transit network nodes; reliability of channels and transit network nodes.

The set of alternative routes of message packets between corresponding subscribers makes up the structure of the IVS. To ensure the information security of IVS and communication networks, it is necessary to carry out a comparative assessment of alternative structures of IVS for their resistance to failures caused by the effects of random and intentional interference.

Thus, a contradiction arises between the need to ensure the reliability of the results of a comparative assessment of the structures of the IVS and the increase in the resource consumption of the assessment task under the conditions of an increase in the number of nodes of the IVS and the connections between them subject to the influence of interference. Exposure to IVS interference requires taking into account the prospective decrease in the values of complex safety indicators of communication nodes. To eliminate this contradiction, the claimed method is directed.

To do this, in the claimed method, as well as in the prototype, pre-set the parameters of the IVS and form its topological scheme. The identifiers of network nodes, the presence of communication lines between them, the security parameters of network nodes (such as the type of its equipment, the version of the software installed on it, the accessory of a public or private organization node, and others) are set as IVS parameters. Figure 1 presents an example of a fragment of the topological scheme of the IVS indicating the identifiers of the communication nodes and corresponding subscribers. Calculate the complex index of security _PK for each node IVS. Under the integrated indicator of the i-th, where i = 1, 2, 3, ..., of the IVS node _{Ki, we} mean the normalized numerical value of the convolution of security parameters characterizing the ability of the IVS node to withstand security threats. The calculation procedure P _Ki is known and described, for example, in the patent of the Russian Federation No. 2331158. Calculation P _{Ki is} calculated by summing or multiplying, or as the arithmetic mean of its safety parameters. In addition, the predefined initial data as parameters of the IVS additionally sets the minimum acceptable value of the integrated safety indicator P _min for the nodes of the IVS and alternative options for connecting subscribers to the IVS. The value of P _{min is} set by directive, taking into account the implemented security functions, as it is regulated in GOST R ISO / IEC 15408-3 - 2002 “Information technology. Security methods and tools. Criteria for assessing the security of information technology. Part 3. Requirements of trust in security ”as the minimum level of trust in the equipment manufacturer. Experimental studies and the experience of operating the IVS showed that the value of P _min should be set in the range of 0.5 <P _min <1.

Alternative routes of message packets between subscribers of the IVS, the nodes of which are characterized by identifiers, are distinguished from the generated topological scheme of the IVS. For each pair of alternative connections to the IVS of corresponding subscribers, there is a finite set of alternatives of message packet routes between them. The set of alternative routes of message packets in the IVS between the corresponding subscribers is the structure of the IVS (figure 2). Alternative routes of message packets for each j-th option of connecting subscribers, where j = 1, 2, ..., and identifiers of subscribers are stored in predefined arrays of memory.

Next, the value of the previously calculated complex safety indicator P _Ki , the i-th IVS node, where i = 1, 2, 3, ..., is compared with the predetermined minimum permissible value P _min . When P _Ki <P _{min, the} i-th node is remembered as “dangerous”, and otherwise, that is, when P _Ki ≥ P _min , the node is remembered as “safe”. With a large number of communication nodes in the IVS structure, as a rule, there are alternative routing options for message packets, which provide both redundant communication channels and well-known adaptive routing methods implemented in the equipment of telecom operators.

Let, for example, a variant of the IVS structure is a regular structure, in the nodes of which there are communication nodes (Fig. 3), and the p ^jth part of the total number of nodes is “dangerous” (black nodes in Fig. 3a), excluding the possibility of passing message packets between subscribers No. 1 and No. 2. The number p of the ^jth part of the nodes is equal to the total number of nodes remembered as “dangerous” at the stage of comparing the values of the calculated complex safety indicators of the i-nodes of the IVS with a predetermined minimum acceptable value of P _min . Connected chains are formed from adjacent “dangerous” nodes and stored (nodes and black links between them in Fig. 3b). From the above example, where p ^j = 0.3, it can be seen that with the p ^j th part of the “dangerous” nodes in FIG. 3 a and FIG. 3 b, there are a large number of alternative options for routing message packets between subscribers of the ITT ( nodes of white color and the connections between them in fig.3b), three of which are shown in the figure by arrows.

In order to take into account the prospective decrease in the values of complex safety indicators of communication nodes caused by the effect of random and deliberate interference on communication channels and TDF nodes, it is necessary to increase the share of “dangerous” nodes by Δp. The value Δp is set based on the required accuracy of the calculation results in the interval Δp = 0.01 ÷ 0.2. From FIG. 3c, it can be seen that with the p ^j th part of “dangerous” nodes presented in FIG. 3 c, where p ^j = 0.5, out of the total number of them, there are only 4 alternative options for routing message packets between IVS subscribers (nodes and communications between them white in figg), shown by arrows.

In order to calculate the critical ratio of “dangerous” and “safe” nodes p ^j _k for each j-th option of connecting subscribers, in which adjacent “dangerous” nodes form chains that exclude exchange between subscribers, it is necessary to consistently increase the share of “dangerous” nodes by Δp value (where, for example, Δp = 0.01) until the condition p _j = p ^j _{k is} fulfilled, in which adjacent “dangerous” nodes form chains that exclude exchange between subscribers. Figure 4 shows the formation of structures from interconnected “hazardous” nodes using an example of an IVS structure implemented as a regular structure, with dimension L = 1,000,000 communication nodes (1000 per 1000 communication nodes) and a connection of each node of four. At the same time, in Fig. 4, the conditions P _i = p ^j _k = 0.593 (Fig. 4a) and p ^j _k > p ^j _k = 0.594 (Fig. 4b) are fulfilled.

Random iterations carried out in the course of experiments using numerical modeling using the Monte Carlo statistical test method lead to the formation of various structures from interconnected “dangerous” nodes (shown in black in FIG. 4) that have the same regularity, namely : the critical ratio p ^j _{k of} “dangerous” and “safe” nodes for the IVS structures shown in FIGS. 3 and 4, in which adjacent “dangerous” nodes form chains that exclude exchange between subscribers, first occurs when p _j = p ^j _k ≈0 , 6.

The results of numerical simulations for the IVS structures shown in Figs. 3 and 4 (see the graph in Fig. 5), for seven experiments, where L = 144, 625, 2500, 10000, 40,000, 160,000, and 640,000 nodes (produced in 1000 independent tests) made it possible to assess the likelihood of the formation of structures in which adjacent “dangerous” nodes form chains that exclude exchange between subscribers. The graph illustrates the dependence of the probability of communication failure P _HC between IVS subscribers on the share p ^{j of} “dangerous” IVS nodes in the total number of IVS nodes.

A small fraction of “dangerous” nodes (p ^j <p ^j _k ) provides a negligible probability of disruption of communication between IVS subscribers, while with increasing p ^{j the} probability of disruption increases sharply near p ^j _k ≈0.6, and as p ^j → 1 (p ^j > p ^j _k see the graph in FIG. 5) increases linearly to the value P _HC (p ^j ) = 1.

The above steps for calculating the value of p ^j _k are performed for each alternative structure of the IVS. 6 is a fragment of an alternative regular IVS structure. The results of numerical simulation for the structure of the IVS shown in Fig. 6 (see the graph in Fig. 7), for the dimension L = 625 nodes (1000 independent tests were performed) made it possible to estimate the probability of the formation of structures in which adjacent "dangerous" nodes form chains that exclude exchange between subscribers. The graph illustrates the dependence of the probability of communication failure P _HC between IVS subscribers on the share p ^{j of} “dangerous” IVS nodes in the total number of IVS nodes.

Next, alternative options for connecting IVS subscribers are ranked according to the criterion of increasing the value of p ^j _k and choose from them the option with the maximum value of p ^j _k . For example, for the structure shown in FIG. 6, p ^j _k ≈ 0.8. This means that this structure is more resistant to the effects of random and deliberate interference. That is, from the structures shown in the examples of calculations (Fig. 3 and Fig. 6), in order to ensure communication of the corresponding subscribers under the influence of random and deliberate interference on the communication channels and the IVS nodes and, therefore, taking into account the prospective reduction of the complex safety indicators of the communication nodes, choose the structure shown in Fig.6.

Thus, an increase in the reliability of the results of a comparative assessment of the IVS structures is achieved with an increase in the number of communication nodes and under the influence of random and deliberate interference on the communication channels and IVS nodes by taking into account the prospective decrease in the values of the complex safety indicators of communication nodes, which ensures the achievement of the formulated technical result. Moreover, the comparison of the IVS structures is carried out by assessing the likelihood of the formation of structures in which adjacent “dangerous” nodes form chains that exclude exchange between subscribers, which allows you to take into account the adaptation of the message packet routes between the corresponding subscribers to changes in the structure of the IVS.

Claims (1)

Method comparative evaluation structure information network, comprising the steps that a pre-set parameters information network and form its topological diagram is calculated integrated security parameter _PK for each node of the computer network connected to the information network subscribers, y which generate messages, including the addresses of subscribers and their identifiers, transmit the generated messages, receive them, select and remember the id from the received messages identifiers and addresses of subscribers, as well as information on the existence of communication between subscribers and nodes of the information and computer network through which information is exchanged, characterized in that the parameters of the information and computer network are preliminarily set the minimum acceptable value of the complex safety indicator P _min for nodes information -computing network, they set alternative options for connecting subscribers to the information-computer network and allocate arrays of memory to store their identifier alternators of alternative message packages for each pair of alternative connections to the computer network of subscribers and remember alternative routes of message packages for each j-th connection option for subscribers, where j = 1 , 2, ..., compared to the value of the complex index of safety P _Ki i-th node of the computer network, where i = 1, 2, 3, ..., a predetermined minimal nym allowable value P _min, and P _Ki <P _min stored i-th node as "dangerous", otherwise, if P _Ki ≥P _min storing unit as "safe", and then calculated the critical ratio "dangerous" and " safe "nodes p ^j _k for each j-th option of connecting subscribers, in which adjacent" dangerous "nodes form chains that exclude exchanges between subscribers, for which randomly choose from each previously remembered option connecting subscribers p ^{j j-} part of the nodes from the total their quantities and remember them as “dangerous”, from adjacent "Dangerous" nodes form associated chains and storing them, and then successively increases the proportion of "dangerous" nodes by the amount Ap is repeated formation associated chain to the conditions p ^j = p ^j _k, rank the alternative subscriber connection information network on the value of p ^j _k and choose from their version with a maximum value of p ^j _k .

Images