Determination of parameters affecting the possibility of computer attack implemented by an intruder

One of the urgent tasks of information security (IS) is to predict the probabilities of IS threats to an organization that are implemented due to a computer attack (CA). Existing methodologies for assessing CA are Cyber Kill Chain, Mitre Att&ck, NIST 800-115, Certified Ethical Hacker (CEH), FSTEC of Russia and ISO 27001/ They offer approaches to the analysis of CA from the organization point of view. The article offers a completely new approach to CA predicting from the intruder point of view. The analysis of the CA from the intruder point of view is carried out. The methods of CA discussed by intruder s in the DarkNet and their structuring are highlighted. The stages of the implementation of the SC from the intruder point of view are justified: theoretical training, practical training, achieving the goal of the CA. The conclusion about the possibility of using the mathematical apparatus of cellular automata in the simulation of the CA is justified, since the dynamics of the CA is similar to the dynamics of a cellular automaton. The parameters that affect the possibility of implementing the CA by the intruder are determined, in particular, the popularity of the CA method, the availability/sufficiency of means of protection against this CA, and others. The quantitative characteristics of the CA that determine the weighting factor of the transition (WCP) are justified. The sufficiency of the list of selected quantitative characteristics of the CA is confirmed by the results of the analysis of the CA, implemented with the help of the malicious software Petya, on the nodes of the information infrastructure of organizations located on the territory of Ukraine.