METHOD OF MODELING DAMAGE EVALUATION CAUSED BY NETWORK AND COMPUTER ATTACKS TO VIRTUAL PRIVATE NETWORKS Russian patent published in 2017 - IPC G05B23/00 G06F17/50 

FIELD: radio engineering, communication.

SUBSTANCE: method of modeling the damage caused by network and computer attacks to virtual private networks is that a communication system including N structural elements and connections between them, where n=1, 2,…, N, unfold to the working state, fix destabilizing effects on its structural elements, according to the obtained data, a simulation model of the communication system is formed, destabilizing effects are modelled thereon; according to the simulation results, the imitation model of the communication system is reconfigured and the probability of its functioning disturbing from destabilizing effects is calculated; the functioning of the system under conditions of exogenous destructive effect also the data are counted and stored on the m_n number of actions to the n-th element of the communication system, the number N_b of the communication system elements subjected to destructive external effects, and the simulation model is formed by the data obtained, reconfiguring it after each effect, the calculated reliability value of the communication system opening structure affecting a party with a predefined threshold confidence level is compared, when exceeding the values of the calculated reliability above the threshold a functioning network connection is proactively reconfigured. The parameters of the network traffic of the subscribers of the "White" List of IP addresses are measured, the parameters of functioning the virtual private network element are determined, in which it is possible to provide the subscriber with the required communication services, the measured parameter values are stored in memory cells, the maximum deviation from the statistical values of the measured parameters is set and the values of parameters of normal subscriber behavior from the "White" List of IP addresses are described, physical models of normal subscriber behavior of virtual private network, computer and network attacks and attack detection systems are created, the models in the database are stored, the places are determined and the sensors of the attack detection systems are placed, the desired values are defined for the speed attack detection systems, the "White" Lists of IP addresses of the virtual private network subscribers are defined and supplemented, the rules of the network traffic filtration are defined and supplemented, based on behavioral criteria, including analysis of the measured parameters of the attacks, options for reconfiguration of the virtual private network are developed, simultaneous effects of several different computer and network attacks of the virtual private network are simulated with different load network traffic of the virtual private network subscribers, the performance of the detection system is measured, the system performance of the effecr detection is evaluated.

EFFECT: increasing the reliability of simulation results by simultaneous simulating the destructive effects of several network and computer attacks, increasing the security of VPN elements, by evaluating the projected damage to the VPN element and conducting a proactive VPN reconfiguration based on this evaluation.

5 dwg