International Journal of Mechanical Engineering and Technology (IJMET)
Volume 10, Issue 04, April 2019, pp. 750–759, Article ID: IJMET_10_04_074
Available online at http://www.iaeme.com/ijmet/issues.asp?JType=IJMET&VType=10&IType=4
ISSN Print: 0976-6340 and ISSN Online: 0976-6359
© IAEME Publication
Scopus Indexed
METHOD FOR DETERMINATION OF THE
PROBABILITIES OF FUNCTIONING STATES
OF INFORMATION OF PROTECTION ON
CLOUD COMPUTING
Gulomov Sherzod Rajaboevich
Department of Providing Information Security, Tashkent University of Information
Technologies named after Muhammad al-Khwarizmi, Tashkent, Uzbekistan
Abdullaev Dilmurod Gulamovich
Department of Providing Information Security, Tashkent University of Information
Technologies named after Muhammad al-Khwarizmi, Tashkent, Uzbekistan
Nasrullaev Nurbek Bakhtiyorovich
Department of Providing Information Security, Tashkent University of Information
Technologies named after Muhammad al-Khwarizmi, Tashkent, Uzbekistan
Zokirov Odiljon Yoqubjon ugli
Department of Providing Information Security, Tashkent University of Information
Technologies named after Muhammad al-Khwarizmi, Tashkent, Uzbekistan
ABSTRACT
In this article the work of the components of information of protection tools on the
occurring violations, their types and the elimination of these violations and the
possible trajectory of a change over time of the functioning states of information of
protection tools with a discrete time are researched. Schemes for the transition of
states of information protection tools and a graph of probabilities of transitions
between the functioning states of information of protection tools with discrete time,
allows for detecting the vulnerabilities of information of protection tools are
developed. Taking into account the above, a method for determining the probabilities
of states for the functioning information of protection tools with discrete time allows
describing a graph-scheme of transitions using a small dimensionality of sets of states,
to make a square transition matrix at a lower bit depth is offered.
Key words: Discrete-time, possible trajectory, vulnerability, discrete mode, transition
probabilities, content filtering systems
http://www.iaeme.com/IJMET/index.asp
750
editor@iaeme.com
Gulomov Sherzod Rajaboevich, Abdullaev Dilmurod Gulamovich, Nasrullaev Nurbek
Bakhtiyorovich, Zokirov Odiljon Yoqubjon ugli
Cite this Article: Gulomov Sherzod Rajaboevich, Abdullaev Dilmurod Gulamovich,
Nasrullaev Nurbek Bakhtiyorovich, Zokirov Odiljon Yoqubjon ugli, Method For
Determination of the Probabilities of Functioning States of Information of Protection
on Cloud Computing, International Journal of Mechanical Engineering and
Technology 10(4), 2019, pp. 750–759.
http://www.iaeme.com/IJMET/issues.asp?JType=IJMET&VType=10&IType=4
1. INTRODUCTION
Cloud computing represents to use a large of technologies without physical connections. But
problem appears with sending information over the open network securely. Knowing the
probabilities of finding information of protection tools in various states allows you to predict
their behavior over time and identify the most likely conditions, which helps to focus the
security administrator's attention on less reliable components of information protection tools
and make more informed decisions on how to correct the violations.
For determine the probabilities of the state of functioning of various information of
protection tools, various mathematical methods are further applied, which use data on the
reliability of the components included in their composition. In this case, the choice of a
specific method depends, first of all, on the type of the considered information of protection
tools - with discrete or with continuous operation time.
For example, records from the work logs of information of protection system components
with discrete-time work about occurring violations, their types and about these violations
(automatically or by the administrator) are the source of data for the subsequent determination
of the reliability indicators of these components [1], consequently, the means discrete time
information. Naturally, such data should be sufficient in order to be able to determine with
acceptable accuracy the statistical estimates of indicators, that is, the samples must be
representative.
2. CLOUD SECURITY SERVICES
Cloud security specialists indicate that the report reflects the consensus of experts on the most
significant security threats in the cloud and focuses on threats stemming from the sharing of
common cloud resources and access to them by multiple users on demand. In Fig.1 is shown
main barriers to implement cloud services.
Financial barrier
No barriers to implement
No work of cloud services for IT-personal
Important to improve personal qualification
Difficulty to explain opportunity of the cloud services
No prepare to send confidential information
No control on the channel and API for third party
0%
10%
20%
30%
40%
50%
60%
70%
80%
Figure 1 The main barriers to implement cloud services
http://www.iaeme.com/IJMET/index.asp
751
editor@iaeme.com
Method For Determination of the Probabilities of Functioning States of Information of Protection
on Cloud Computing
In figure 1, we can see that cloud security specialists have more present of barriers and
problems on the information sending channel and cloud API. All cloud services have
fallowing threats: Data theft, data lost, account theft, hacking, unprotected interfaces and
APIs, DDoS attack, malicious insider, using of cloud resources by hackers, lacking of
foresight, related vulnerability, and cloud services can be slow.
To eliminate from these threats are used fallowing security services: Identity and access
management, data loss prevention, web security, e-mail security, security assessments,
intrusion management, security information and event management, encryption, business
continuity and disaster recovery, network security.
Also, for data exchanging over the network, we need to develop protected scheme. We
offer following recommendations:
As more companies store their data in the cloud and their employees use cloud services
more and more. IT specialists need to pay more attention to implementing more effective
mechanisms to control user access, such as multi-factor authentication. This is especially true
for companies that provide third parties and vendors with access to their data in the cloud.
Multi-factor authentication solutions can be centrally managed and provide more secure
access to all applications and data, whether they are hosted in the cloud or on the company's
own hardware.
IT specialists are able to fulfil their mission to protect corporate data and at the same time
act as a tool in the implementation of "Shadow it", implementing measures to ensure data
security, for example, introducing the approach “encryption-as-a-service”. This approach
allows to IT specialists to centrally manage data protection in the cloud, enabling other
business units to find and use cloud services as needed.
3. FORMULATION OF THE PROBLEM
The trajectory of the change in time of the functioning state
information of protection
] in connection with the
tools with discrete-time work at a selected observation interval [
appearance or elimination of a certain type of error, it can be represented as shown in Fig.2.
Figure 2 Possible trajectory of change in time of the functioning state
protection tools with discrete-time work
http://www.iaeme.com/IJMET/index.asp
752
information of
editor@iaeme.com
Gulomov Sherzod Rajaboevich, Abdullaev Dilmurod Gulamovich, Nasrullaev Nurbek
Bakhtiyorovich, Zokirov Odiljon Yoqubjon ugli
Here:
- state of normal operation information of protection tools with discrete-time work;
- the state of the malfunction information of protection tools with discrete-time work due
to the th occurrence
th error
types;
- the moment of occurrence of the
th error of the
th type, taken from the first record
of the i-th error of the
th type in the log;
- the moment of the end of the search (detection) by the administrator of the
th
type
error and the start of its elimination, which is taken from the last entry in the log about the
th j-type error;
- the end of the elimination of the
th error of the j-th type, taken from the record
characterizing the recovery of the component after the
th error of the th;
- random time between
th and
th errors of the
th type, equal to
- random search time (detection) of the
th error of the
th type, equal to
- random time to eliminate the
th error of the th type, equal to
- random recovery time (search for errors and its elimination) component after the
th
error in the th type, equal to
.
At the same time, in the information security tools with discrete operating time, the
system [2] behaviour (or, something the same, the system trajectory in phase space) is
described by a sequence of states.
For the effective functioning of vulnerability detection systems and content filtering
systems, it is necessary to monitor the information security of the protective equipment,
which determines the state changes at any time in the information-communication system. At
the same time, to identify the functioning states of information of protection tools with
discrete-time work, the following states are introduced
(i=0…n) functioning, in which
information of protection tools with discrete-time work can be at an arbitrary point in time.
An example:
Table 1 Possible functioning state of information of protection tools with discrete-time work
State Description
the normal functioning of information of protection tools with discrete-time work
associated with the inability to obtain updates of the knowledge base of information of
protection tools with discrete-time work.
associated with the lack of information of protection tools with discrete-time work of
the rights to network access to servers, performed special procedures for detecting
events that affect in the information-communication system.
failure of information of protection tools with discrete-time work associated with a
malfunction of the physical server on which information of protection tools with
discrete-time work are deployed.
failure of information of protection tools with discrete-time work due to the
impossibility of saving the results of special procedures performed.
a condition characteristic of an incorrectly completed operation of the index server.
the state is characteristic of the ceased to respond to the controls of the indexing server.
the state is characteristic of information of protection tools with discrete-time work,
when the agent cannot copy files from the information security database with
continuous operation time in the storage of information of protection tools with discretetime work due to unavailability of the network drive on which it is located.
http://www.iaeme.com/IJMET/index.asp
753
editor@iaeme.com
Method For Determination of the Probabilities of Functioning States of Information of Protection
on Cloud Computing
…
the state characterizes the work of information of protection tools with discrete-time
work, when the agent cannot copy information of protection tools with discrete-time
work of files from the database of other information of protection tools into the storage
due to unsuccessful authentication of the module into the information of protection tools
database.
…
4. SCHEMES FOR THE TRANSITION OF STATES OF INFORMATION
OF PROTECTION TOOLS
In Fig.3 is shown an exemplary scheme transition of states of information of protection tools,
where
– is the initial and normal functioning state and
– is a state when a violation
occurs in the process of functioning of the funds.
ℎ𝐷𝑇
P
ℎ𝐷𝑇
P
ℎ𝐷𝑇
…
…
P
P𝑖
ℎ𝑖𝐷𝑇
Figure 3 The scheme transition from one state to another
Furthermore, it can also enter . the functioning states of information of protection tools
with discrete-time work [3], in which the transition from the states
(in this case
), characterized by the violation of the functions of one of the components , to the states
associated with the violation as well the functions of the other component (Fig.4).
ℎ𝐷𝑇
P
ℎ𝐷𝑇
.
P.
P
ℎ𝐷𝑇
Figure 4 The scheme of the emergence of new united events
http://www.iaeme.com/IJMET/index.asp
754
editor@iaeme.com
Gulomov Sherzod Rajaboevich, Abdullaev Dilmurod Gulamovich, Nasrullaev Nurbek
Bakhtiyorovich, Zokirov Odiljon Yoqubjon ugli
Here, for the above example of states in table 1
states:
.
.
.
.
.
.
.
.
.
.
.
.
.
may include the following combined
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
It can be noted that in the elimination of any violation of information of protection tools with
discrete-time work, it proceeds from such states of operation as
in one of the state
(in this case
).
Thus, the set of possible functioning states of information of protection tools with
discrete-time work, due to disruptions in the operation of its components or the restoration of
their operability, has the following form:
.
{
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
}
Under eliminating some previously occurring violation of information of protection tools
with discrete-time work, it goes into a state of proper operation
.
The change of the functioning states of information of protection tools with discrete-time
work occurs at random times, in those periods when, according to their work schedule, this
security tool performs its functions. Violations in the work and elimination of errors that
occur are possible without participation, as well as with human participation.
5. GRAPH OF PROBABILITIES OF TRANSITIONS BETWEEN THE
FUNCTIONING STATES OF INFORMATION OF PROTECTION
TOOLS WITH DISCRETE TIME
Using lots of H_DT, it is possible to describe the behavior of information of protection tools
with discrete-time work, as an object with discrete operating time, in the form of a directed
graph presented in Figure 5.
Figure 5 Graph of transition probabilities between the functioning states of information of protection
tools with discrete-time work
http://www.iaeme.com/IJMET/index.asp
755
editor@iaeme.com
Method For Determination of the Probabilities of Functioning States of Information of Protection
on Cloud Computing
The vertices of the graph characterize possible states of information of protection tools
with discrete-time work [4] and the weights of arcs of the graph indicate the corresponding
probabilities of transitions from one state to another for a certain period of time ∆t,
determining the discrete mode of its operation.
Here:
P
– the state saving probabilities;
P
.
.
on time
. . .
. . . . . . . . .
- the transition probabilities from the state
.
. .
в
.
.
.
. . . .
in time .
.
.
.
.
. .
The specific type of the graph of transition probabilities is due to the limited mode of
maintenance of information of protection tools with discrete-time work in the process of
occurring violations, that is, in practice this device is serviced by one repairman.
Probabilities P
, describe transitions associated with the occurrence of violations
of a certain type or their elimination in time . In accordance with the comment made earlier,
the normal operation time of individual components of information of protection tools with
discrete-time work and the time for elimination of violations arising in them are random
variables that have exponential distribution laws.
Accordingly, when determining the specific transition probabilities P formulas are used
that characterize specific violations or their elimination, that is, the probability that during
will happen
th error:
)=
or in time
(1),
th error will eliminated:
P
.
Here the intensity of occurrence
following formula:
violation
th type is calculated according to the
,
(3)
it evaluates the average time
uptime.
Error recovery rates
is calculated as follows:
,
(2)
(4)
estimated average recovery time
.
as arithmetic means of previously obtained values
and
Probabilities P
are defined with the use of transition probability diagrams
characterizing transitions of information of protection tools with discrete-time work from
different functioning states to others in time , taking into account the fact that the events
take place form a complete group, since they determine the fact that information of protection
tools with discrete-time work at any time are in one of the possible functioning states.
Based on the foregoing, it is proposed to modify the method for determining probabilities
with the separation of violation conditions by belonging to protective means with discrete
operation time [5-6]. Note that it was mentioned above that to determine the functioning states
http://www.iaeme.com/IJMET/index.asp
756
editor@iaeme.com
Gulomov Sherzod Rajaboevich, Abdullaev Dilmurod Gulamovich, Nasrullaev Nurbek
Bakhtiyorovich, Zokirov Odiljon Yoqubjon ugli
of information of protection tools with discrete-time work, the following states are introduced
(i=0…n) functioning, in which information of protection tools with discrete-time work
can be at an arbitrary point in time. For this case, enter the following value:
Here: –
…
the index state of information of protection tools with discrete-time
work (Table 2);
k – is a type of discrete time protection, discrete time protection means include vulnerability
detection systems and content filtering systems. Wherein in this case takes two values, such
accordingly (Table 2).
Table 2 The index
state of information of protection tools with discrete-time work
Type of information of protection tools with
discrete-time work
i – (i=0,…n) the index state of information of
protection tools with discrete-time work
(vulnerability detection systems)
(content filtering systems)
For example, if the information security monitoring system will analyze the vulnerability
detection system, then the states belonging to this system will be less than the above proposed
method, i.e.:
{
}
Using this set
, it is possible to describe the probabilities of transitions between the
states of functioning of a vulnerability detection system, as an object with discrete time of
operation, in the form of a directed graph presented in Figure 6.
Figure 6 – Graph of probabilities of transitions between states of the system functioning and detection
of vulnerabilities
At the same time, the vertices of the graph characterize the possible states of the
vulnerability detection systems and the weights of the arcs of the graph indicate the
http://www.iaeme.com/IJMET/index.asp
757
editor@iaeme.com
Method For Determination of the Probabilities of Functioning States of Information of Protection
on Cloud Computing
corresponding probabilities of transitions from one state to another for a certain period of time
, determining the discrete mode of its operation.
Here: P
- state saving probabilities;
P
in time
. .
.
- the transition probabilities from the state
in time
.
Accordingly, under determining the specific transition probabilities P formulas are used
that characterize specific violations or their elimination, that is, the probability that during
will happen
th the error is determined by the formula (1), or in time
th error will be
eliminated by the formula (2). In this case, the vector function of probability
,
characterizing the change in states
. . . .
.
.
.
…
(5)
and stationary probability vector , characterizing their steady state values under
,
(6)
.
.
.
Using the above reasoning, you can create transition matrices corresponding to the graph
of transition probabilities between the states of the functioning of the vulnerability detection
system.
P P P P P
P P P. P.
|P
|
P
|
|
P
P
P
P.
P
(7)
Also, the (7) matrix is square (5x5), the number of its rows and columns is determined by
the number of possible states of operation of the vulnerability detection system, forming a set
of
. The column determines the probability of saving
th state and transition into it
from other states when triggered in one cycle from (m-1) to m. The line determines the
probability distribution of each of the states of information security tools with a discrete
operating time, that is, the probability
th states and transition probabilities from
th
states to others [7-8]. The sum of the members of each row is 1, i.e. matrix М is stochastic.
Initial probability distribution
functioning states
, characterizing the
possibility of finding a vulnerability detection system at the initial moment of time
in any state, it is defined in the general form by a row vector
‖
‖
(8)
A modified method for determining the probabilities of states for vulnerability detection
systems, which is included in the type of discrete-time protection tools, makes it possible to
describe
the
system
of
equations
in
general
form
as
P
P
P
P
P
P
P
P
P . .
P
P . .
follows:
(9)
P
P . .
P
P
P
.
{
At that
http://www.iaeme.com/IJMET/index.asp
758
editor@iaeme.com
Gulomov Sherzod Rajaboevich, Abdullaev Dilmurod Gulamovich, Nasrullaev Nurbek
Bakhtiyorovich, Zokirov Odiljon Yoqubjon ugli
where
- sought limit probabilities.
6. CONCLUSIONS
This method allows for describing a graph-scheme of transitions using a small dimension of
the sets of states, to make a square matrix of transitions of lower bit ness, on the basis of
which one can easily describe the system of equations for other information of protection
systems that are included in the type information of protection tools with discrete-time work
on cloud computing.
REFERENCES
[1]
S. Chen, B. Mulgrew, and P. M. Grant, “A clustering technique for digital
communications channel equalization using radial basis function networks,” IEEE Trans.
on Neural Networks, vol. 4, pp. 570-578, July 1993.
[2]
Miller D.R., Harris Sh., Harper A.A., VanDyke S., Black Ch. Security Information and
Event Management (SIEM) Implementation. McGraw–Hill Companies. 2011. 430 p.
[3]
Ingols K., Chu M., Lippmann R., Webster S., Boyer S. Modeling modern network attacks
and countermeasures using attack graphs // Proceedings of the 2009 Annual Computer
Security Applications Conference (ACSAC ’09), Washington, D.C., USA, IEEE
Computer Society, 2009. P.117–126.
[4]
Badger, M. Zenoss Core Network and System Monitoring / M. Badger. - Birmingham:
Packt Publising, 2008. - 261 p.
[5]
Igor Kotenko, Elena Doynikova. Security Assessment of Computer Networks based on
Attack Graphs and Security Events // Lecture Notes in Computer Science (LNCS),
Vol.8407. 2014, P.462-471.
[6]
Igor Kotenko, Evgenia Novikova. Visualization of Security Metrics for Cyber Situation
Awareness // International Conference on Availability, Reliability and Security September
8nd – 12th, 2014. Fribourg, Switzerland. IEEE Computer Society. 2014. P.506-513.
[7]
S.K. Ganiev, Sh.R. Gulomov, A.A.Abdurahmonov, N.B.Nasrullaev. Methods monitoring
of network traffics for intrusion detection and special filtering traffic on «E-Government».
ISSN 1815-4840. International scientific-technical journal. 2017, №5(77). Tashkent,
Uzbekistan, -P.76-84.
[8]
Distributed and network based Processing (PDP 2015). Turku, Finland. 4 6 March 2015.
Los Alamitos, California. IEEE Computer Society. 2015. P.567-574.
http://www.iaeme.com/IJMET/index.asp
759
editor@iaeme.com