The concept of building security of the network with elements of the semiotic approach

Keywords: artificial intelligence, semiotic, zero trust security, information technologies

Abstract

The object of research: First, to identify and discuss the security problems of cyber-physical systems associated with the emergence of qualitatively new technologies and qualitatively new affordable artificial intelligence software. Secondly, building the concept of the security structure of a cyber-physical system based on the Zero Trust Security approach. Creation of a new secure load transfer structure based on the semiotic approach.

Investigated problem: Information system security problems continue to cause significant costs and damage to organizations. Sustainability requires comprehensive and integrated security platforms that reach customers, whether they work at headquarters, in a branch office, or individually from random touchpoints.

The main scientific results: the concept of a structured protection system with the Zero Trust Security approach has been developed. The structure of the semiotic analysis of the segmentation of the transmitted load on the blocks is proposed. Blocks by signs are subjected to individual analysis. According to the features, the blocks are transformed by the selected representation into an object/groups of objects. Groups for transmission in the load are tagged, have different coding severity (depth), depending on the risk assessment. Groups are transmitted through the network in different ways (paths) – VPN (different ESP), unencrypted tunnel, open access, etc.

This solution improves the throughput of malicious load analysis prior to transmission. The performance overhead for encoding/decoding the load and encapsulating/de-encapsulating during transmission is reduced. The transmission bandwidth is increased.

The area of practical use of the research results: businesses requiring secure access to on-premise resources and mission-critical cloud environments. Organizations using employees in distributed networks. Specialists in the deployment and analysis of the protection of cyber-physical systems.

Innovative technological product: The semiotic security concept extends the zero-trust security model, which focuses on protecting network traffic within and between organizations. This concept uses load traffic segmentation, which combines an advanced analysis and transfer load transformation framework.

This concept provides for integration with other cybersecurity technologies such as endpoint discovery and response (EDR) and security information and event management (SIEM) to provide a more comprehensive security solution.

This solution improves the throughput of malicious load analysis prior to transmission. Reduced performance resources for encode/decode load and encapsulate/deencapsulate in transit.

Scope of the innovative technological product: this concept can be applied to enterprises that already have some elements of zero trust in their corporate infrastructure, but cannot strictly control the state of the requested assets, are limited in implementing security policies for certain classes of users. This deployment model can also be applied to enterprises that use cloud services for individual business processes.

It can be useful for researchers and administrators in the development of corporate cybersecurity plans, which uses the concepts of zero-trust and covers relationships between components, workflow planning, and access policies.

Downloads

Download data is not yet available.

Author Biographies

Serhii Yevseiev, National Technical University "Kharkiv Poltechnic Institute"

Department of Cybersecurity

Maksym Tolkachov, National Technical University "Kharkiv Poltechnic Institute"

Department of Information System named after V. O. Kravets

Darshan Shetty, Technical University of Graz

Department of Photonics

Vladyslav Khvostenko, National Technical University "Kharkiv Poltechnic Institute"

Department of Cybersecurity

Anna Strelnikova, National Technical University "Kharkiv Poltechnic Institute"

Department of Cybersecurity

Stanislav Milevskyi, National Technical University "Kharkiv Poltechnic Institute"

Department of Cybersecurity

Sergii Golovashych, National Technical University "Kharkiv Poltechnic Institute"

Department of Software Engineering and Management Intelligent Technologies

References

Riordan, A. O., Fagas, G., O’Flynn, B., Rohan Galvin, J. P., Mathúna, C. Ó. (2022). More Than Moore. International Roadmap for Devices and Systems (IRDS) white paper.

NISTIR 8413 – Status Report on the Third Round of the NIST Post-Quantum Cryptography Standardization Process (2022). Available at: https://csrc.nist.gov/publications/detail/nistir/8413/final

Mosca, M., Piani, M. (2022). Quantum threat timeline report 2021. Available at: https://globalriskinstitute.org/publication/2021-quantum-threat-timeline-report-global-risk-institute-global-risk-institute/

Shor, P. W. (1994). Algorithms for quantum computation: discrete logarithms and factoring. Proceedings 35th Annual Symposium on Foundations of Computer Science, 124–134. doi: https://doi.org/10.1109/sfcs.1994.365700

Grover, L. K. (1996). A fast quantum mechanical algorithm for database search. Proceedings of the Twenty-Eighth Annual ACM Symposium on Theory of Computing – STOC ’96, 212–219. doi: https://doi.org/10.1145/237814.237866

Hao, K. (2020). OpenAI is giving Microsoft exclusive access to its GPT-3 language model. MIT Technology Review. Available at: https://www.technologyreview.com/2020/09/23/1008729/openai-is-giving-microsoft-exclusive-access-to-its-gpt-3-language-model/

Tabassi, E. (2023). AI Risk Management Framework. doi: https://doi.org/10.6028/nist.ai.100-1

Yevseiev, S., Ponomarenko, V., Laptiev, O., Milov, O., Korol, O., Milevskyi, S. et. al.; Yevseiev, S., Ponomarenko, V., Laptiev, O., Milov, O. (Eds.) (2021). Synergy of building cybersecurity systems. Kharkiv: РС ТЕСHNOLOGY СЕNTЕR, 188. doi: http://doi.org/10.15587/978-617-7319-31-2

Nevliudov, I., Yevsieiev, V., Maksymova, S., Filippenko, I. (2020). Development of an architectural-logical model to automate the management of the process of creating complex cyber-physical industrial systems. Eastern-European Journal of Enterprise Technologies, 4 (3 (106)), 44–52. doi: https://doi.org/10.15587/1729-4061.2020.210761

Rose, S., Borchert, O., Mitchell, S., Connelly, S. (2020). Zero Trust Architecture. National Institute of Standards and Technology (NIST) Special Publication 800-207. Gaithersburg. doi: https://doi.org/10.6028/nist.sp.800-207

National Vulnerability Database. Available at: http://nvd.nist.gov

Shmatko, O., Balakireva, S., Vlasov, A., Zagorodna, N., Korol, O., Milov, O. et al. (2020). Development of methodological foundations for designing a classifier of threats to cyberphysical systems. Eastern-European Journal of Enterprise Technologies, 3 (9 (105)), 6–19. doi: https://doi.org/10.15587/1729-4061.2020.205702

Andersen, P. B. (2000). What Semiotics Can and Cannot Do for HCI. Position paper for the CHI’2000 Workshop on Semiotic Approaches to User Interface Design.

Marx, P. W. (1999). The Paradise of Immediacy is closed. Some Remarks Concerning a Semiotics of Culture Rooting in Cassirerean Philosophy and Greimassian Semiotics. S. European Journal for Semiotic Studies, 11 (1-3), 327–352.

Talcott, C.; Wirsing, M., Banâtre, J. P., Hölzl, M., Rauschmayer, A. (Eds.) (2008). Cyber-Physical Systems and Events. Software-Intensive Systems and New Computing Paradigms. Lecture Notes in Computer Science. Vol. 5380. Berlin, Heidelberg: Springer, 101–115. doi: https://doi.org/10.1007/978-3-540-89437-7_6

Zhang, M., Wang, L., Jajodia, S., Singhal, A. (2021). Network Attack Surface: Lifting the Concept of Attack Surface to the Network Level for Evaluating Networks’ Resilience Against Zero-Day Attacks. IEEE Transactions on Dependable and Secure Computing, 18 (1), 310–324. doi: https://doi.org/10.1109/tdsc.2018.2889086

Tabassi, E. (2023). AI Risk Management Framework. doi: https://doi.org/10.6028/nist.ai.100-1

Cassottana, B., Roomi, M. M., Mashima, D., Sansavini, G. (2023). Resilience analysis of cyber-physical systems: A review of models and methods. IET Cyber-Physical Systems: Theory & Applications, 6 (3), 139–150. doi: https://doi.org/10.1111/risa.14089

Sheyner, O., Haines, J., Jha, S., Lippmann, R., Wing, J. M. (2002). Automated generation and analysis of attack graphs. Proceedings 2002 IEEE Symposium on Security and Privacy, 273–284. doi: https://doi.org/10.1109/secpri.2002.1004377

Wang, L., Noel, S., Jajodia, S. (2006). Minimum-cost network hardening using attack graphs. Computer Communications, 29 (18), 3812–3824. doi: https://doi.org/10.1016/j.comcom.2006.06.018

Wang, L., Albanese, M., Jajodia, S. (2014). Network Hardening: An Automated Approach to Improving Network Security. Springer Publishing Company, Incorporated, 60. doi: https://doi.org/10.1007/978-3-319-04612-9

Grassi, P. A., Garcia, M. E., Fenton, J. L. (2017). Digital Identity Guidelines. (National Institute of Standards and Technology, Gaithersburg, MD), NIST Special Publication (SP) 800-63-3. doi: https://doi.org/10.6028/NIST.SP.800-63-3

Shang, L., Lu, Z., Li H. (2015). Neural Responding Machine for Short-Text Conversation. Proceedings of the 53rd Annual Meeting of the Association for Computational Linguistics and the 7th International Joint Conference on Natural Language Processing (Vol. 1: Long Papers). Beijing: Association for Computational Linguistics, 1577–1586. doi: https://doi.org/10.3115/v1/p15-1152

The concept of building security of the network with elements of the semiotic approach

👁 153
⬇ 113
Published
2023-02-28
How to Cite
Yevseiev, S., Tolkachov, M., Shetty, D., Khvostenko, V., Strelnikova, A., Milevskyi, S., & Golovashych, S. (2023). The concept of building security of the network with elements of the semiotic approach. ScienceRise, (1), 24-34. https://doi.org/10.21303/2313-8416.2023.002828
Section
Innovative technologies in industry