articles

The research is devoted to solving the problem of developing a method for protecting cloud platforms of critical information infrastructure based on cyber immunity. The analysis of existing approaches to protecting various digital systems has been conducted. It has been established that current approaches do not fully account for the specific characteristics of critical information infrastructure cloud platforms, namely: complex multi-layered architectures; the potential presence of undetected vulnerabilities leading to previously unknown threats of violation of computational semantics; elevated requirements for resilience; and the necessity for restoration of normal operation. The research sets out the objective of developing a new method for protecting cloud platforms of critical information infrastructure based on cyber immunity. A hypothesis has been formulated, stating that ensuring the required level of resilience for cloud platforms under cyberattacks is possible by adjusting the countermeasure parameters within a range of necessary and sufficient values, defined with consideration of the aforementioned requirements. The idea has been substantiated and the method for protecting cloud platforms of critical information infrastructure with cyber immunity has been developed. The method ensures the resilience of cloud platforms under computer attacks by varying the cyber immunity coverage ratio, taking into account the probability of achieving operational goals and the full execution time of program cycles. The scientific novelty of the proposed method lies in the fact that a modified bisection method has been applied to find the required value of the cyber immunity coverage coefficient. Furthermore, a criterion for verifying the existence of a necessary and sufficient value of this coefficient has been substantiated and implemented for the first time. Theoretical and experimental studies of the developed method have been conducted, confirming the proposed hypothesis.