Moscow, Russian Federation
Russian Federation
Moscow, Russian Federation
BISAC COM053000 Security / General
The main trend relating to state structures and large corporations is to build Information Security Monitoring Centers the key elements of which being SIEM-systems and SOC-Centers. Speaking about SOC-Centers the task of human resources optimal allocation among information security incident reporting lines taking into consideration staff competency and line capacity seems to be urgent. This task is solved in the article given. In general, the formulation of the task presented means the functioning of SOC-Center as a new mathematical model making use of “input – resources – output” terms. The target function of SOC-Center is built in an assumption of stationarity and independency of service reporting lines as a sum of their target functions. The main idea of human resources management in this case is the aspiration to achieve maximum significance of SOC-Center system aim, i.e. its general target function when organizing the fight with computer attacks. The problem was solved by Lagrange multiplier method. The expressions for optimal allocation of human resources on SOC-center service lines leading to maximum processing of message flow related to computer attacks have been received. The conclusion about this model being useful for transferring from stationary flows to their dynamic changes in SOC-Center resource provision including new different critical situations in computer system has been made.
SOC-center, modeling, computer attack, human resources, optimal allocation
1. Minaev V.A., Bondar K.M., Vaits Ye.V., Belyakov I.A. Discrete and event modelling of monitoring and management processes of information security // Vestnik of Russian New University. 2019. № 3. - Pp. 32-39.
2. Shaburov A.S., Borisov V.I. Developing the model of corporate network information protection based on the implementation of SIEM-System // Vestnik of PSTU. 2016. № 19. - Pp.111-124.
3. Zimmerman C. Ten Strategies of a World-Class Cybersecurity Operations Center. The MITRE Corporation, US. 2014. - 334 s.
4. Novikov D.A., Petrakov S.N. The course of active systems theory. M.: SINTEG, 1999. - 104 p.
5. Burkov V.N. Foundations of mathematical theory of active systems. - M.: Nauka, 1977. - 255 p.
6. Burkov V.N., Kondratiev V.V. Mechanisms of organization system functioning. - M.: Nauka, 1981. - 333 p.
7. Minaev V.A. Human Resources of the Internal Affairs Bodies: Modern Management Approaches: Monograph. M.: Academy of the Ministry of Internal Affairs of the USSR, 1991. - 163 p.
8. Burkov V.N., Burkova I.V. Network programming method in target programs management // Automation and telemechanics. 2014. № 3. - Pp. 73-86.
9. Bessonov V.A. Problems of production functions formation in Russian transitional economy. M.: Institute for the economy in transition, 2002. - 89 p.
10. V.A. Minaev, N.G. Topolskij, T.A. Kjeu. Criteria management of territorial allocation of the fire service staff resources in Vietnam // Vestnik of Russian New University. Series: Complex systems: models, analysis and control. 2019. № 2. - Pp. 94-103.
11. V.A. Minaev, N.G. Topolskij, T.A. Kjeu. Efficiency of territorial allocation of the fire service staff resources in Vietnam // Technologies of technosphere security. 2019. № 2. - Pp. 63 - 71.
12. Klimov S.M., Sychyov M.P., Astrakhov A.V. Counteraction to computer attacks. Methodical bases: E-learning edition. M.: Publishing House of MSTU named after N.E. Bauman, 2013. - 108 p.
13. ShaburovA.S., Mironova A.A. The detection of computer attacks based on the functional approach // Vestnik of Perm university. Series: Mathematics. Mechanics. Informatics. 2015. Issue 4 (31). - Pp. 110-115.
14. Klimov S.M., Polovnikov A.Yu. Method to detect computer attacks on critically important information systems // Issues of information security. 2016. № 1 (112). - Pp. 48-55.
15. Shlyapkin A.V. Methods and means to counteract attacks on computer networks // Information systems and technologies: control and security. 2014. № 3. - Pp. 325-338.
16. Drobotun Ye.B. Theoretical foundations of building security systems from computer attacks on automated control systems: Monograph. - Saint Petersburg: High technologies, 2017. - 120 p.
