ALGORITHM FOR AUTOMATIC SELECTION OF INFORMATION PROTECTION MEASURES DEPENDING ON THE RESULTS OF THE VULNERABILITY SCANNER REPORT
Keywords:
Security scanner, vulnerability, vulnerability vector, metric, information protection measures, automation algorithmAbstract
Effective protection of information in an information system implies regular diagnostics and
monitoring of the network, computers, and applications to detect possible problems in the security
system. There are vulnerability scanners certified by the Federal Service for Technical and Export
Control for security scanning. As a result of scanning, vulnerabilities of the information system
can be identified, the elimination of which requires an immediate response, since attackers can
take advantage of the vulnerability of the information system and carry out an attack. However,
the selection of protection measures is a laborious process and requires a large amount of time,
then the problem of automating the selection of information protection measures arises. The development
of an algorithm for the automatic selection of information security measures is the main
goal in automating the work process of an information security specialist. The main tasks in the
development of the algorithm: selection of the fundamental characteristics of the vulnerability,
generation of a list of protection measures taking into account the security class of the information
system, comparison of protection measures with the selected characteristic. After analyzing the
information about vulnerabilities, the main indicator is chosen the vulnerability vector, which
includes the main metrics, the assessment of which allows the choice of protection measures. A set
of information protection measures was compared to each metric by means of expert assessment.
During the operation of the algorithm, the employee sets the vulnerability vector and the security
class of the information system as input parameters and as a result receives a list of necessary
protection measures. Thus, the automatic selection algorithm assumes a comparison of vulnerability
metrics with information protection measures, which will allow an employee to quickly select
measures based on the identified vulnerabilities.
