Model of the information protection system against leakage through the material-material channel based on Markov chains

Abstract

The growth in the volume of confidential data processed in organizations and the increased risk of their leakage due to imperfect control of physical access and the use of technical devices makes it urgent to study the counteraction to information leakage through the material-material channel. Modern threats are associated with the manipulation of material media, mobile devices, portable drives, as well as with the theft of information through printed documents. The development of technologies complicates the identification of such leakage channels, which requires improving the methods of their detection, monitoring and neutralization. The article investigates the problem of countering information leakage through the material-material channel by creating a time-balanced security system in the organization. The authors propose a basic model of interaction in the “organization – attacker” system based on a Markov chain with discrete states and continuous time. The article analytically determines the relationship between the attack time and the time during which the organization’s security system can neutralize it. In addition, the authors explore the concept of a multi-level organization protection system, which takes into account the resources involved and the skills of security service employees to counter cyberattacks. At the end of the article, it is concluded that the proposed concept of an organization protection system will be effective against information leakage through a material channel. Effective countermeasures will contribute not only to preserving the information security of enterprises, but also to ensuring trust in organizations from partners, customers and regulators.

Keywords: Cybersecurity, information leakage, material leakage channel, Markov chain, Markov model.