Результаты исследований: Глава в книге, отчете, сборнике статей › Материалы конференции › Рецензирование
Результаты исследований: Глава в книге, отчете, сборнике статей › Материалы конференции › Рецензирование
}
TY - GEN
T1 - Modeling Features Threats to the Security of Information in the Process Threat Hunting
AU - Ponomareva, Olga a.
AU - Stepanenko, Dmitry v.
AU - Chernova, Olga v.
PY - 2023/5/15
Y1 - 2023/5/15
N2 - The article provides an analysis of techniques and approaches for modeling information security threats using the example of proactive search for threats that are not detected by traditional means of ensuring information security. The main stages and processes of the threat hunting method based on the basic maturity model 'Hunting Maturity Model' are considered. In addition, the MITRE ATT&CK framework is briefly reviewed using the example of 'technological domains' with a group classification of related actions, including when implementing targeted attacks on critical information infrastructure objects. The article concludes with a brief comparative review of information security threat modeling using the methodology of the Federal Service for Technical and Export Control of Russia (FSTEC of Russia) and MITRE ATT&CK matrices. In the discussion context, emphasis is placed on considering the possibility of integrating these two techniques for a more practice-oriented approach to modeling information security threats at the stage of creating information security systems and at the stage of its operation.
AB - The article provides an analysis of techniques and approaches for modeling information security threats using the example of proactive search for threats that are not detected by traditional means of ensuring information security. The main stages and processes of the threat hunting method based on the basic maturity model 'Hunting Maturity Model' are considered. In addition, the MITRE ATT&CK framework is briefly reviewed using the example of 'technological domains' with a group classification of related actions, including when implementing targeted attacks on critical information infrastructure objects. The article concludes with a brief comparative review of information security threat modeling using the methodology of the Federal Service for Technical and Export Control of Russia (FSTEC of Russia) and MITRE ATT&CK matrices. In the discussion context, emphasis is placed on considering the possibility of integrating these two techniques for a more practice-oriented approach to modeling information security threats at the stage of creating information security systems and at the stage of its operation.
UR - http://www.scopus.com/inward/record.url?partnerID=8YFLogxK&scp=85164911528
U2 - 10.1109/USBEREIT58508.2023.10158844
DO - 10.1109/USBEREIT58508.2023.10158844
M3 - Conference contribution
SP - 305
EP - 308
BT - Proceedings - 2023 IEEE Ural-Siberian Conference on Biomedical Engineering, Radioelectronics and Information Technology, USBEREIT 2023
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 2023 IEEE Ural-Siberian Conference on Biomedical Engineering, Radioelectronics and Information Technology (USBEREIT)
Y2 - 15 May 2023 through 17 May 2023
ER -
ID: 41994768