Analysis of time of committing nearest malicious attack in information security system using apparatus of rare regenerating processes

The paper analyzes the model that describes the process of attacking the protected object, where closed information is stored, the model built on the basis of the apparatus of regenerating sequences of the successful completion of malicious attacks. The moments of the attacks are considered in detail. It is assumed that attacks originating from a single source are rare enough, have an isolated singled character and are quite distant in time, that is, the event of a successful attack is a rare event, but the losses upon its successful completion can be huge. For the studied characteristic there is chosen a nearest moment when the next attack is successful: this characteristic is very important with relation to the information security. Knowing the parameters of this characteristic will help, at appropriate time intervals, to take additional actions that increase the level of protection. Studies are conducted under the assumption that all characteristics of the model are heterogeneous, which more adequately corresponds to the real state in information security systems. There has been obtained an asymptotic relation for the moment of the next successful malicious attack under conditions when the time interval for analyzing the attack is constantly rising and the probability of attack is becoming less common, both values changing consistently.