The article reflects the views of the authors on the method for the operational calculation of the indicator of the functioning of special-purpose information and telecommunication networks of the tactical level of control according to the criterion of "network availability". Improvement of weapons and military equipment, forms and methods of combat, as well as a change in views on command and control, put forward ever more stringent requirements for the information and telecommunication system in general and for its elements in particular. The problems of development, planning of combat use and operation of information and telecommunication networks of the tactical control level are their heterogeneity, since they use heterogeneous transmission systems (radio and wire) together. The characteristic features of the planning, deployment and operation of information and telecommunication networks of the tactical control level are a high degree of uncertainty in the characteristics of their functioning and the lack of initial data in planning, which necessitates the improvement of the methodological basis for conducting operational calculations. Based on the analysis of ITU-T recommendations, scientific publications and the practice of combat use of the defense forces, it becomes clear that the operational calculation of individual criteria and indicators of the functioning of information and telecommunication systems of the tactical control level needs to be improved, since these systems have their own characteristic features. The material presented in the article makes it possible to develop new approaches to solving the problem of a reasonable calculation of the required bandwidth of the access node of the information and telecommunications network of the tactical control link. The significance and value of this study lies in the fact that in the conditions of continuous improvement of the forms and methods of warfare, high dynamism of changes in the states of information and telecommunication systems of the tactical control level, the correct choice of the apparatus for assessing the decisions made should play a decisive role in shortening the deployment planning cycle and sustainable functioning of the system management.

In this paper the method of network-centric monitoring of cyberincidents was developed, which is based on network-centric concept and implements in 8 stages. This method allows to determine the most important objects for protection, and predict the category of cyberincidents, which will arise as a result of cyberattack, and their level of criticality.

Continuous growth of using the information technologies in the modern world causes gradual accretion amounts of data that are circulating in information and telecommunication system. That creates an urgent need for the establishment of large-scale data storage and accumulation areas and generates many new threats that are not easy to detect. Task of accumulation and storing is solved by datacenters – tools, which are able to provide and automate any business process. For now, almost all service providers use quite promising technology of building datacenters – Cloud Computing, which has some advantages over its traditional opponents. Nevertheless, problem of the provider’s data protection is so huge that risk to lose all your data in the “cloud” is almost constant. It causes the necessity of processing great amounts of data in real-time and quick notification of possible threats. Therefore, it is reasonable to implement in data centers’ network an intellectual system, which will be able to process large datasets and detect possible breaches. Usual threat detection methods are based on signature methods, the main idea of which is comparing the incoming traffic with databases of known threats. However, such methods are becoming ineffective, when the threat is new and it has not been added to database yet. In that case, it is more preferable to use intellectual methods that are capable of tracking any unusual activity in specific system – anomaly detection methods. However, signature module will detect known threats faster, so it is logical to include it in the system too. Big Data methods and tools (e.g. distributed file system, parallel computing on many servers) will provide the speed of such system and allow to process data dynamically. This paper is aimed to demonstrate developed anomaly detection system in secure cloud computing environment, show its theoretical description and conduct appropriate simulation. The result demonstrate that the developed system provides the high percentage (>90%) of anomaly detection in secure cloud computing environment.