Dependence Analysis of Theat Risk Level of Fraud Security Within NGN Using Experimantal Data During Calculation by Analytic Hierarchy Process and Set Pairs Analysis

The article analyzes the dependence of expert data versus threat level of fraud security being used by Session Initiation Protocol (SIP) signaling ofservice provider of New Generation Network (NGN). Analytic Hierarchy Process (AHP) and Set Pairs Analysis (SPA) are the base of ranking security threats. They are proposed by Head Laboratory specialized in networks, information attacks and protection technology located in Beijing University of Posts and Telecommunications for ranking threats DoS within softswitch networks (networks Softswitch). Using the methods of AHP and SPA the authors calculated maximum capacity of each threat, based on the values which made the ranking analyzed security threats. The calculation is provided by six examples offraud threats of alarm system SIP. Fraud threat feature is taken into account during using AHP and SPA for making another hierarchical model of threat consequences and making threat consequences indicators of the same dimension while forming the matrix of pairwise comparisons. A significant difference between the results of ranking fraud security threats at various variants of expert data contents is presented. Matrix value of pairwise comparisons and value characteristics of loss level are considered as the above data in expert survey. The calculation results in showing that the priority measures for the protection can appear ineffective and would not relate to threats of a higher risk level of Information Security.

References

[1] Matveev V.A., Morozov A.M., Bel’fer R.A. The assessment of the risk level for threat of security fraud in the VoIP network under the SIP. Elektrosvyaz’ [Telecommunications], 2014, no. 6, pp. 35-38 (in Russ.).

[2] Bel’fer R.A., Kalyuzhnyy D.A., Tarasova D.V. Analysis of dependence of risk level of safety of communication networks on expert data during calculations with the use of a model of the illegible sets. Voprosy kiberbezopasnosti [Questions of cybersecurity], 2014, no. 1(2), pp. 61-67 (in Russ.).

[3] Jiang Y., Zheng K., Luo S., Zhao J. Evaluation Model for DoS Attack Effect in Softswitch Network. Proc. Int. Conf. on Communications and Intelligence Inform. Security (ICCIIS), 2010, pp. 88-91. DOI: 10.1109/ICCIIS.2010.30

[4] Global Fraud Loss Survey, 2013. Proc. Communications Fraud Control Association (CFCA). Available at: www.cfca.org (accessed 01.09.2014).

[5] Global Fraud Loss Survey, 2011. Proc.Communications Fraud Control Association (CFCA). Available at: www.cfca.org (accessed 01.09.2014).

[6] Sisalem D., Floroiu J., Kuthan J., Abend U. SIP security. New York, Wiley, 2009. 352 p.

[7] Matveev V.A., Morozov A.M., Bel’fer R.A. Fraud and threats in IP-telephony network under the SIP. Vestn. Mosk. Gos. Tekh. Univ. im. N.E. Baumana, Priborostr. Spetsvyp. "Informatika i sistemy upravleniya" [Herald of the Bauman Moscow State Tech. Univ., Instrum. Eng. Spec. Iss. "Informatics and control systems"], 2012, iss. 5, pp. 236-248.

[8] Saaty T.L. Decision making with dependence and feedback: the analytic network process. Rws Publications, 2001. 370 p. (Russ. ed.: Saati T.L Prinyatie resheniy pri zavisimostyakh i obratnykh svyazyakh. Per. s angl. Moscow, LKI Publ, 2008, 360 p.).

[9] Denisova O.K. Application of a method of the analysis of hierarchies for ranging of business processes (on the example of higher education institution). Nauchno-tehnicheskie vedomosti SPbGPU. Ser. "Ekonomicheskie nauki" [Scientific and technical sheets. Economic sciences], 2013, 173 p. (in Russ.).

[10] Morozov A.M. The analysis of vulnerabilities of the SIP network to threats of a frod. Elektrosvjaz’ [Telecommunications], 2013, no. 7, pp. 10-13 (in Russ.).