A model that implements a method for assessing the security of a special purpose automated information system is considered in the article. The model takes into account both the intensity of the load on the system and the number of channels as a means of protecting information from DDoS attacks based on the combination of theoretical and empirical approaches to assessing security of special purpose automated information system. The transition from a theoretical model using empirical states and continuous time to a discrete time model is applied to build a new model. The purpose of the work is to develop a model that implements a method for assessing the security of a special purpose automated information system against DDoS attacks based on a theoretical-empirical approach to modeling information protection means against DDoS attacks.The following tasks are solved in the article: analysis of known models that implement the method for assessing the security of special purpose automated information system from DDoS attacks; the model which implements a method for assessing the security of special purpose automated information system based on a theoretical-empirical approach to modeling information protection against DDoS attacks is being developed. The use of the new model makes it possible to apply both empirical values obtained as a result of measurements or modeling, and a theoretical basis for modeling information protection means under the influence of DDoS attacks, taking into account their characteristics, which will be reflected by the income function and the choice of the optimal mode of functioning of the special purpose automated information system in discrete moments in time. When synthesizing the models presented in the article, the lack of the static nature of the assessment of the security of the special purpose automated information system was eliminated, the intensity of computer attacks such as DDoS, which dynamically changes both the parameters evaluating the means of protection and the probability of the system being in critical states, was taken into account.
Keywords: automated system, modeling, security assessment, queuing system, probabilistic assessment, DDoS attack