Methodology Development Of Models And Methodology For Assessing The Invader's Awareness Of The Attacked Elements Of A Distributed Information System

Computer intelligence is the main source of data for the formation of the strategy of complex computer attacks (CCA) by the intruder. However, the issue of assessing the structure and dynamics of changes in this data, affecting the choice of tactics and techniques for implementing the subsequent stage of the CCA has not been sufficiently studied. The paper analyzed scientific research, standards and methods devoted to CCA modeling, distributed information systems penetration testing. The order and tools used by the intruder to conduct reconnaissance at the stages of the CCA were determined. Based on the use of black, gray, and white box methods and fuzzy set theory, a model and methodology for assessing an attacker's awareness of attacked objects, as well as a symmetric model and methodology for assessing intelligence security, were developed. Available arrays of intelligence data at each of these stages were determined, which were structured by levels of determining the objects of destructive impact. This technique significantly simplifies the task of proactive modeling of CCA scenarios.