Feasibility study for the selection of optimal attack (intrusion) detection tools for the needs of monitoring centers of the Russian Federation
Abstract
Feasibility study for the selection of optimal attack (intrusion) detection tools for the needs of monitoring centers of the Russian Federation
Incoming article date: 11.10.2023The subject of the study is the technical and economic characteristics of attack detection tools that affect the effectiveness of their use for the system for detecting, preventing and eliminating the consequences of computer attacks on critical information infrastructure facilities of the Russian Federation. An analysis of approaches to selecting the best solutions is presented, the result of which formed the basis of the proposed solution. The article contains a study of approaches to solving the problem of feasibility study of choice, formalizing the formulation of the problem and a mathematical model for solving the problem of choosing the optimal attack detection tool for implementing the corresponding tasks. The research methods used include systems analysis, modeling and peer review methods. The purpose of developing the methodology is to increase the level of validity of decision-making on choosing the best of the proposed attack detection tools. The research results presented in the article can be used to carry out a feasibility study of decisions made when choosing attack detection tools for the needs of monitoring centers of the Russian Federation. The proposed methodology for conducting competitive analysis can be used as the basis for conducting appropriate research for each means of the system for detecting, preventing and eliminating the consequences of computer attacks on the information resources of the Russian Federation.
Keywords: attack detection tools, intrusion detection tools, feasibility study, competitive analysis, information security tools, decision support system, information security system, optimization, integer linear programming