Igor Kotenko is a professor of computer science and Head of Research Laboratory of Computer Security Problems of the St. Petersburg Institute for Informatics and Automation of the Russian Academy of Science. He graduated with honors from St.Petersburg Academy of Space Engineering and St.Petersburg Signal Academy, obtained the Ph.D. degree in 1990 and the National degree of Doctor of Engineering Science in 1999. He is the author of more than 150 refereed publications, including 12 study books and monographs. Igor Kotenko has a high experience in the research on computer network security and participated in several projects on developing new security technologies. For example, he was a project leader in the research projects from the US Air Force research department, via its EOARD (European Office of Aerospace Research and Development) branch, EU FP7 and FP6 Projects, HP, Intel, F-Secure, etc. The research results of Igor Kotenko were tested and implemented in more than fifty Russian research and development projects. The research performed under these contracts was concerned with innovative methods for network intrusion detection, simulation of network attacks, vulnerability assessment, security protocols design, verification and validation of security policy, etc. Igor V. Kotenko is a laureate of the St. Petersburg Government award for outstanding scientific achievements in the field of science and technology in 2012, a laureate of the program “Outstanding Scientists. Doctors of Sciences of the Russian Academy of Sciences” in 2007-2008, and a winner of many grants of the Public Science Support Foundation, the Russian Foundation of Basic Research, the Program of fundamental research of the Department for Nanotechnologies and Informational Technologies of the Russian Academy of Sciences and several State contracts, a winner of the best works in the field of artificial intelligence in 2004-2006. The main results of his research from 2002 to 2011 have been included many times in the list of major scientific achievements of the Russian Academy of Sciences. He has chaired several conferences and workshops, and serves as editor on multiple editorial boards.
A Cyber Attack Modeling and Impact Assessment Framework
Co-author: Andrey Chechulin (SPIIRAS)
The paper suggests a framework for cyber attack modeling and impact assessment. It is supposed that the common approach to attack modeling and impact assessment is based on representing malefactors’ behavior, generating attack graphs, calculating security metrics and providing risk analysis procedures. The main aspects outlined are achieving near-real time mode, event analysis and prognosis mechanisms, security and impact assessment. To optimize the attack graph generation and security evaluation we apply an anytime approach to have the result at any time by applying a set of algorithms with different timelines and precision. The architecture of the Cyber Attack Modeling and Impact Assessment Component (CAMIAC) is proposed. We present the prototype of the component, the results of experiments carried out, and comparative analysis of the techniques used.