R.V. Lebedev - Head of Sector, JSC Academician M.F. Reshetnev «Information Satellite Systems» (Zheleznogorsk). E-mail: rl@iss-reshetnev.ru V.E. Kosenko - Dr. Sc. (Eng.), Professor, Deputy General Director - Deputy General Product Engineer, JSC Academi-cian M.F. Reshetnev «Information Satellite Systems» (Zheleznogorsk). E-mail: oris@iss-reshetnev.ru I.V. Poturemskiy - Ph. D. (Eng.), Head of Department, JSC Academician M.F. Reshetnev «Information Satellite Systems» (Zheleznogorsk). E-mail: oris@iss-reshetnev.ru

The article reviews the issues of modeling computer networks from the point of view of the its functional elements interconnections. A mathematical model of a computer network, based on predicate logic, which is seen as the basis for the development of methods for the automated analysis of data about network vulnerabilities, network nodes. The creation of these methods, in turn, aims to assess the effectiveness of the hanging of information risk in the difficulties of applying traditional methods of peer reviews. As the software platform for the implementation of the model uses the development environment SWI-Prolog v.6 on the basis of the logical programming language Prolog. The model implements the basic rules of interconnections between network nodes as relations on some set of terminal nodes and subnets taking into account routing rules and firewall. The computer network is represented as a set of objects characterized by address and subnet mask in complete analogy with IP networks. Address is an identifier of the object, and the subnet mask allows to group objects into subsets (subnet). The article describes the data format of this parameters and their processing algorithms for generating predicates. The model is the basic logical unit for analyzing information about the properties of the nodes (vulnerabilities, operating modes, etc.), allowing a natural way to associate it with the rules of interconnection between these nodes. Thanks to the chosen methods of modeling the further development of the proposed model and its complexity can be achieved by introducing new relations on the same set of nodes without interfering with the existing.

 

1. RFC: 791. Internet protocol (Internetprotokol) / Information Sciences Institute University of Southern California. MarinadelRey. 1981.
2. Upravlenie setevojj infrastrukturojj HPOpenViewNetworkNodeManager// HP-Software.ru Proekt kompanii Ajj Teko Dostupa (svobodnyjj): www.openview.ru/nnm_2.htm.
3. SWI-Prologreferencemanual (Spravochnoe rukovodstvoSWI-Prolog) // http://www.swi-prolog.org/pldoc/refman/. svobodnyjj.
4. Lebedev R.V. Metodika formirovanija iskhodnykh dannykh dlja modelirovanija setevykh atak // Materialy XVIMezhdunar. nauch. konf. «Reshetnevskie chtenija». Krasnojarsk: Sibirskijj gos. aehrokosm. un‑t. 2012. T. 2. S. 663−665.
5. Kolegov D.N. Modelirovanie setevykh kompjuternykh sistem s ujazvimostjami // Prikladnaja diskretnaja matematika. Tomsk: Tomskijj gos. un‑t. 2009. № 3(5). S. 91−99.
6. Gudov A.M., Semekhina M.V. Imitacionnoe modelirovanie processov peredachi trafika v vychislitelnykh setjakh // Upravlenie bolshimi sistemami: sb. trudov. Kemerovo: Kemerovskijj gos. un‑t. 2010. № 31. S. 130−161.
7. Kutuzov O.I., Tatarnikova T.M. Modelirovanie telekommunikacionnykh setejj: uchebnoe posobie [ehlektronnyjj resurs]. SPb: SPb. gos. un‑t telekommunikacijj. Dostup (svobodnyjj): http://dvo.sut.ru/libr/ius/w101kutu (data obrashhenija: 01.10.2013).