A method for assessing risk with accounting for the structure of threat and vulnerability relationships in a complex system
Вантажиться...
Файли
Дата
2025
Науковий керівник
Назва журналу
Номер ISSN
Назва тому
Видавець
Igor Sikorsky Kyiv Polytechnic Institute
Анотація
The article presents a novel approach to risk assessment in complex information systems, which takes into account the structural relationships between threats, vulnerabilities, and system components. The primary focus is on developing a formalized model that enables the construction of a simplicial complex of dependencies among potential threats and vulnerabilities, as well as identifying their impact pathways on the integrity, availability, and confidentiality of the system. The use of a simplicial complex model is proposed to represent these interconnections and to determine critical nodes that are most vulnerable to compound attacks. The methodology allows for quantitative risk evaluation by calculating threat levels, the probabilities of vulnerability exploitation, and their impact on the system. A key feature of the approach is the consideration of not only individual vulnerabilities but also their interactions, which significantly enhances the accuracy of risk assessment. The results of modeling and applied analysis confirm the effectiveness of the proposed method in identifying the most critical security elements and in justifying protection priorities under limited resource conditions. The proposed method can be integrated into information security management systems to improve the protection level of complex technical infrastructures.
Опис
Ключові слова
cyber system, risk assessment, vulnerabilities, threats, Bayesian methods, Q-analysis, simplex complex, cybersecurity
Бібліографічний опис
Polutsyhanova, V. A method for assessing risk with accounting for the structure of threat and vulnerability relationships in a complex system / Viktoriia Polutsyhanova, Serhii Smyrnov // Theoretical and Applied Cybersecurity: scientific journal. – 2025. – Vol. 7, No. 1. – P. 57-64. – Bibliogr.: 6 ref.