Abstract
In this article, the research of information system protection by analyzing the risks for identifying threats for information security is considered. The iRisk methodology was chosen for testing, which includes another CVSS v3 vulnerability assessment method, which is actively supported by the National Institute of Standards and Technology. The computer network was tested against the following vulnerabilities: Cisco IOS Arbitrary Command Execution Vulnerability (CVE-2012-0384), Cisco Access Control Bypass Vulnerability (CVE-2012-1342), EternalBlue (CVE-2017-0144), Meltdown (CVE-2017-5754), Specter (CVE-2017-5753) (CVE-2017-5715). Conclusions are made regarding the stability of the built network to specific threats using iRisk. The higher the value of iRisk, the more critical the vulnerability and has a greater priority to protect the computer network. The most critical vulnerability is EternalBlue.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Korniyenko, B.Y., Galata, L.P.: Design and research of mathematical model for information security system in computer network. Науковий журнал «Наукоємні технології» 2(34), 114–118 (2017)
Galata, L., Korniyenko, B., Yudin, A.: Research of the simulation polygon for the protection of critical information resources. In: CEUR Workshop Proceedings, Information Technologies and Security, Selected Papers of the XVII International Scientific and Practical Conference on Information Technologies and Security (ITS 2017), vol. 2067, pp. 23–31. Kyiv, Ukraine, urn:nbn:de:0074-2067-8, 30 Nov 2017
Корниенко Б.Я. Информационная безопасность и технологии компьютерных сетей: монография // ISBN 978-3-330-02028-3, LAMBERT Academic Publishing, Saarbrucken, Deutschland, 102 с (2016)
Korniyenko, B., Galata, L., Kozuberda, O.: Modeling of security and risk assessment in information and communication system. Sci. Europe 2(2), 61–63 (2016)
Clymer, C., Stasiak, K., Neely, M., Marchewitz, S.: iRisk equatuion. Available via https://securestate.en/iRisk-Equation-Whitepaper.pdf
Common Vulnerability Scoring System v3.0: User guide. Available via https://www.first.org/cvss/user-guide
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Galata, L., Korniyenko, B. (2020). Research of the Training Ground for the Protection of Critical Information Resources by iRisk Method. In: Zawiślak, S., Rysiński, J. (eds) Engineer of the XXI Century. EngineerXXI 2018. Mechanisms and Machine Science, vol 70. Springer, Cham. https://doi.org/10.1007/978-3-030-13321-4_21
Download citation
DOI: https://doi.org/10.1007/978-3-030-13321-4_21
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-13320-7
Online ISBN: 978-3-030-13321-4
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)