Abstract:
The research is devoted to solving the problem of synthesizing a model of a critical information infrastructure cloud platform with cyber immunity. The relevance of the research is due to the need to resolve a problematic situation characterized by contradictions in science and practice. The contradiction in practice is observed between increased requirements for the resilience of critical information infrastructure cloud platforms and the growth of threats associated with the exploitation of previously unknown vulnerabilities and the overcoming of protective measures. The contradiction in science is that it is impossible to ensure the required resilience of such platforms using existing models and methods. Thus, existing approaches do not fully account for the specific features of critical information infrastructure cloud platforms, such as hierarchical architecture, the presence of undetected vulnerabilities, operation under targeted cyberattacks, increased requirements for resilience, and the need for rapid restoration of normal operation. This paper aims to synthesize a new model of a critical information infrastructure cloud platform with cyber immunity. A hypothesis has been formulated that endowing cloud platforms with the property of cyber immunity has a positive effect on their resilience when subjected to cyberattacks. Research methods include methods of system analysis, probability theory, theory of formal semantics, theory of similarity and dimensional analysis, as well as cyber immunology methods. The concept of cyber immunity has been substantiated, which involves providing cloud platforms with the ability to counteract known and previously unknown cyberattacks, quickly restore normal operation, and memorize malicious input data, thereby preventing their processing in the future. The indicators of the resilience of critical information infrastructure cloud platforms have also been substantiated. A new model of a critical information infrastructure cloud platform with cyber immunity has been developed. The scientific novelty of the proposed model lies in the introduction, for the first time, of components such as a semantic violation detector, a normal operation restorer, and cyber immune memory. These components collectively implement a new emergent property of cyber immunity. Theoretical and experimental studies of the model have been conducted, confirming the proposed hypothesis. The practical significance of the research results lies in providing technical recommendations on the architecture of the software complex, which can be applied in the development of means for protecting critical information infrastructure cloud platforms, in particular, the GosTech cloud platform, against cyberattacks.
Fulltext:
PDF file (2429 kB)