MULTILEVEL MODELING AND STATE IDENTIFICATION OF NODES IN PUBLIC INFORMATION AND TELECOMMUNICATION NETWORKS USING AN INFORMATION SECURITY MONITORING SUBSYSTEM

Abstract

The article examines a multilevel approach to analyzing complex technical systems for modeling hazardous and critical information security (IS) events in the elements and nodes of public information and telecommunication networks (ITN). A methodology is proposed to enhance the effectiveness of the IS monitoring subsystem at various logical levels of the ITN structure. Methods of general systems theory, game theory, reliability theory, fuzzy set theory, probability theory, mathematical statistics, classification theory, and graph theory are utilized to formalize the processes of threat modeling and risk assessment. A multilevel model of critical IS events is proposed for both the entire system and its individual components. The model considers attack scenarios, threat propagation, and vulnerabilities that can be exploited by adversaries with different levels of capability and intent. A probabilistic graph of unauthorized access realization is developed, accounting for different types of intruders, including external and internal actors with varying degrees of privilege escalation. The study analytically describes four IS state classes, considering Type I and Type II control errors, and introduces a refined classification of IS incidents based on their severity and impact on network functionality. Mathematical expressions for evaluating the probabilities of network compromise, system resilience, and normal operation under different threat conditions are derived. The proposed approach enables the assessment of ITN security levels even under incomplete information about the intruder’s strategies and available resources. The impact of threats at different system levels is considered without linking to a specific entry point, which allows for a more comprehensive analysis of network resilience. Additionally, practical recommendations are provided for improving IS monitoring through adaptive security policies and automated response mechanisms. The effectiveness of the proposed methodology is validated through simulation experiments, demonstrating its applicability in real-world network environments. The findings contribute to the development of proactive IS strategies aimed at minimizing risks and ensuring ITN stability under various cyber threat conditions.