Your search keyword '"lcsh:Q350-390"' showing total 79 results

1. Analysis of information security threats when processing confidential data in mobile systems

Author

Alexey V. Skrypnikov, Evgeniy A. Rogozin, Dmitriy G. Silka, Ludmila A. Obuhova, and Victor A. Khvostov

Subjects

mobile systems, mobile station, security gateway, mobile device manager, business.product_category, lcsh:T58.5-58.64, lcsh:Information technology, Computer science, Context (language use), General Medicine, Information security, Computer security, computer.software_genre, lcsh:Q350-390, Application security, lcsh:Information theory, Cellular network, Information system, Internet access, Mobile technology, business, Mobile device, computer

Abstract

The analysis of mobile technologies used to improve the quality of management in the banking sector, service and public administration is carried out. Based on the analysis of vulnerabilities of mobile stations (smartphones, tablets, smart devices, various peripheral devices of smart phones, etc.), technologies for providing Internet access for mobile systems (used in cellular networks, wireless access), as well as mobile services of information systems. A classification of information security threats is proposed and an analysis of the possibilities for implementing these threats is carried out. The aim of the work is to develop an up-to-date model of security threats to mobile technologies and to study the completeness and consistency of currently used mobile system protection tools, such as a mobile device manager, mobile application manager, trusted mobile application store, mobile application security gateway, etc. The paper discusses the sources of threats, vulnerabilities of technologies of mobile systems, the channels of exposure to threats, objects of exposure and the resulting damage from the implementation of threats that are characteristic of mobile systems and have different applications of threat implementations and vectors. The analysis of the context of the use of mobile medicine and the impact on the processes of providing medical services is carried out.

Published

2021

2. Topical issues of the problem of assessment of threats of cyber attacks on information resources of significant facilities of critical information infrastructure

Author

Victor V. Gaifulin, Vladimir M. Sychev, Dmitry V. Domrachev, Sergey V. Skryl, and Yulia V. Gracheva

Subjects

lcsh:T58.5-58.64, lcsh:Information technology, Computer science, Probabilistic logic, General Medicine, Information security, lcsh:Q350-390, Field (computer science), Information protection policy, Risk analysis (engineering), Critical information infrastructure, lcsh:Information theory, Relevance (information retrieval), Attack, Resilience (network), computer attack, critical information infrastructure objects, cyber stability of critical information infrastructure objects, the effectiveness of mechanisms for detecting, preventing and eliminating the consequences of computer attacks on information

Abstract

This paper opens a series of studies devoted to the problems of assessing the characteristics of measures to ensure the cyber resilience of information resources of critical information infrastructure objects. The paper substantiates the relevance of issues of increasing the efficiency of mechanisms for detecting, preventing and eliminating the consequences of computer attacks on the information resources of critical information infrastructure objects as a prerequisite for ensuring the cyber stability of these objects. A detailed analysis of the methodological apparatus of probabilistic assessment of the relevance of threats to information security is provided, the provisions of which are reflected in the regulatory and methodological documents of the FSTEC of Russia. The circumstances that do not allow characterizing the existing level of development of mathematical methods in the field of information protection against unauthorized access as high are analyzed. The necessity of solving the problems of adequate assessment of the effectiveness of mechanisms for detecting, preventing and eliminating the consequences of computer attacks on the information resources of critical information infrastructure objects is substantiated as a prerequisite for substantiating the requirements for measures to ensure the cyber stability of these segments.

Published

2021

3. Obfuscation of logic schemes of pseudo-random number generators based on linear and non-linear feedback shift registers

Author

Maria A. Stepanova, Michael A. Ivanov, Evgeniy A. Salikov, and Irina G. Konnova

Subjects

Pseudorandom number generator, Obfuscation (software), Nonlinear system, lcsh:T58.5-58.64, lcsh:Information technology, Computer science, lcsh:Information theory, obfuscation, linear feedback shift register, non-linear feedback shift register, (м + 1)-sequence, pseudo-random number generator, General Medicine, lcsh:Q350-390, Algorithm, Shift register

Abstract

The paper describes methods of protection against reverse engineering of logic circuits of pseudo-random number generators (PRNG) on linear and non-linear feedback shift registers. These methods are based on the use of additional logic elements in the structure of the generator to hide its original functionality. Obfuscation of the generator logic circuit changes its design such that the device works correctly only if the signals at the additional key inputs of the generator take on the correct values. It is shown that even with a small bit capacity of generators, it is possible to provide a huge number of PRNG implementations with different numbers of states and different properties. The concept of a (М + 1)-sequence generator is introduced. The possibility of transforming (M – 1)- and (M – 3)-sequences generators into (M + 1)-sequences generators is demonstrated. The proposed methods can be used to ensure the security of IoT devices.

Published

2021

4. Reengineering of business processes of a commercial bank in the information space

Author

Alexander A. Berdyugin

Subjects

010101 applied mathematics, lcsh:T58.5-58.64, lcsh:Information technology, lcsh:Information theory, reengineering of business processes, electronic banking technologies, the risk of cyberattacks, information security, high-speed printing method, 010103 numerical & computational mathematics, General Medicine, 0101 mathematics, lcsh:Q350-390, 01 natural sciences

Abstract

The need in this research arises since issues of labor reorganization in a financial institution has not been elaborated and studied scientifically and practically, considering development of technology and cybercrime. The article deals with reorganization of labor in a credit and financial institution. The object of research is the operations of a credit institution. The subject is reengineering of business processes of a Bank, which is an alternative to the “Six Sigma” and “Kaizen” methods. The purpose of these methods is to improve the quality of business processes of a commercial bank minimizing the number of operational errors. The review of sources made it possible to determine the requirements for ensuring cybersecurity and increasing customer confidence in electronic banking technologies. Development dynamics of the countries of the world according to their readiness of transition to e-government, depending on the value of the gross national product per capita, is analyzed. As a key performance indicator of the company, an assessment method has been developed for calculate the amount of fine for cybercriminals. An example of a quantitative assessment of the penalty is given. The studied reengineering of the business process of a commercial bank is aimed at improving the process of work of the client and the bank employee at the computer. The necessity of introducing the method of high-speed typing (a topic related to cybersecurity) in the educational program of Russia is investigated and justified. The research results may be of further use for the development of risk management in credit institutions using electronic banking technologies.

Published

2021

5. Analysis of the structure of construction and the main tactical and technical characteristics of automated security systems for stationary remote objects of increased security

Author

Vitaliy G. Ivanenko and Vladimir L. Evseev

Subjects

Physics, lcsh:T58.5-58.64, lcsh:Information technology, lcsh:Information theory, General Medicine, automated security system, structural diagram, objects of increased security, decomposition into subsystems, perimeter and local protection zones, efficiency indicator, reliability indicator, operational stability indicator, life cycle cost indicator, lcsh:Q350-390, Mathematical physics

Abstract

Для формализации математической постановки задачи исследования по обоснованию программ модернизации автоматизированных систем охраны был проанализирован их состав, структура построения и основные тактико-технические характеристики. Современные системы охраны стационарных удаленных объектов повышенной защищенности представляют собой сложные автоматизированные системы, включающие в свой состав несколько функционально завершенных и объединенных в единый комплекс подсистем и дежурные силы охраны. Анализ структурной схемы типовых автоматизированных систем охраны стационарных удаленных объектов повышенной защищенности показал, что в общем случае применительно к рассматриваемой задаче существующих систем охраны целесообразно использовать декомпозицию на подсистемы, как способ метода системного анализа. С помощью подсистем автоматизированных систем охраны формируются периметровая и локальные зоны охраны. Каждая из подсистем и входящие в нее составные части в процессе функционирования выполняют одну или несколько функций, возлагаемых на систему охраны в целом. Результаты анализа показывают, что существующие автоматизированные системы охраны не в полной мере соответствуют требованиям руководящих документов, указывая, таким образом, на возможные направления их модернизации, включая применение технических средств обнаружения, работающих на различных физических принципах действия, телевизионных средств наблюдения и средств проноса (провоза) запрещенных материалов. Причем, принципиально возможна частичная модернизация в виде замены одного из двух технических средств обнаружения на более совершенные. Результаты исследования показали, что основными характеристиками автоматизированных систем охраны, определяющими их качество, являются интегральные показатели: эффективности; надежности; устойчивости функционирования; стоимости создания и эксплуатации автоматизированных систем охраны. Объединение нескольких интегральных показателей в один комплексный показатель было осуществлено с помощью процедур их специальной логико-весовой обработки, предусматриваемых в методе расстановки приоритетов. С учетом проведенного анализа состава, структуры построения и основных тактико-технических характеристик автоматизированных систем охраны, в дальнейшем может быть сформулирована математическая постановка задачи исследования.

Published

2021

6. Protection of the data integrity in telemetry systems about the state of mobile objects

Author

Arkadıi I. Frıd, Viktoriya Berkholts, and Alekseı M. Vulfın

Subjects

aircraft engine, telemetry, data integrity, insider, time series, time series proximity, lcsh:T58.5-58.64, lcsh:Information technology, lcsh:Information theory, General Medicine, lcsh:Q350-390

Abstract

The paper presents a method for monitoring the integrity of telemetric data on the state of a mobile object, namely, an aircraft engine, based on a comparison of technological time series. The technological time series obtained from the mobile object are compared with the technological time series generated by the model of the mobile object at the developer (manufacturer). Comparison of time series is carried out in the selected time window by calculating the consistency parameters: the coefficient of determination, Euclidean distance and the average percentage of deviations. According to the calculated consistency parameters, the type of consistency in a given time window (7 types) is determined, and the type of dynamics of the mobile object is also determined: static or dynamic. The decision on data integrity is made according to the formulated rules of fuzzy logic, which are based on three parameters: the type of dynamics of the mobile object, the type of consistency of technological time series and the signal of the control system. Testing of the proposed method was carried out on the data generated by the automatic control system of the aircraft engine. The estimate of the probability of the correctness of the decision made was 0.85.

Published

2020

7. Systematization of security characteristics of educational activities for training specialists in the field of information security

Author

Le Vu Huong Giang Le Vu Huong Giang, Alexandr V. Zaryaev, Sergey V. Skryl, Elena Smirnova, and Anzhelika S. Khmelina

Subjects

Structure (mathematical logic), Knowledge management, lcsh:T58.5-58.64, lcsh:Information technology, Computer science, business.industry, Process (engineering), Information processing, Context (language use), General Medicine, Information security, lcsh:Q350-390, training of specialists in the field of information security, security of educational activities, quantitative assessment methods, qualitative assessment methods, structure of characteristics of educational activity security, Scale (social sciences), lcsh:Information theory, Decision table, business, Qualitative research

Abstract

The possibility of extending the patterns characteristic of the information process to the educational process is substantiated in this paper. The features of the manifestation of information security properties in the context of educational activities related to the training of specialists in the field of information security are considered. The disadvantages of evaluating this property by quantitative methods are analyzed. It substantiates the possibility of assessing the security of educational activity by qualitative methods. Classification grounds for systematization of security characteristics are determined. The structure of the characteristics of the security of educational activities for the training of specialists in the field of information security is given. Methodological provisions for the implementation of the synthesis procedure of this structure are formulated. Variants of characteristic tables and an example of a decision table for assessing the values of the security characteristics of educational activities in terms of a linguistic scale are given. The results obtained will allow us to assess the feasibility of carrying out measures practically to ensure the information security of educational activities. The developed method can be considered as a methodological support for solving the practical problem of assessing the security of educational activities.

Published

2020

8. Investigation of information security issues for graph databases suitable for big data processing while detecting money laundering and terrorism financing cases

Author

Andrey Nikiforov, Lidiia L. Kulagina, Natalia Miloslavskaya, and Kirill Plaksiy

Subjects

money laundering, terrorism financing, ml/ft, information security, typology, big data, database management system (dbms), information security threats, vulnerabilities, lcsh:T58.5-58.64, lcsh:Information technology, lcsh:Information theory, General Medicine, lcsh:Q350-390

Abstract

The information security (IS) issues in the currently popular graph database management systems (DBMS), suitable for big data processing and storing information created during the generation of criminal cases on money laundering and financing of terrorism (ML/FT), are examined. This paper continues the previous authors’ research and aims to analyze IS threats and vulnerabilities of graph DBMS. These DBMS differ from the relational ones in the type of stored data and the principle of their storage; therefore the compiling of a list of IS threats is urgent due to its absence on a global scale. The original IS threat list and methods for protecting against them, as well as some recommendations for eliminating vulnerabilities used by IS threats are proposed. The obtained results are based on the analysis of IS threats for conventional DBMS and taking into account the peculiarities of graph DBMS, their structure as well as vulnerabilities of specific graph DBMS.

Published

2020

9. Features of the risk-based approach to ensure cyber security of industrial facilities

Author

Sergey E. Pareve, Dmitry I. Pravikov, and Vladimir G. Karataev

Subjects

cybersecurity, risk assessment, risk-oriented approach, iacs, ics, cyber physical systems, integrated safety and security, lcsh:T58.5-58.64, lcsh:Information technology, lcsh:Information theory, General Medicine, lcsh:Q350-390

Abstract

В статье анализируется взаимосвязь понятия «безопасность» с производными понятиями. Выделена объективная научно-практическая потребность в научном и регуляторном закреплении термина «кибербезопасность», дано его определение. В результате анализа перспективных подходов к обеспечению безопасности отмечена сохраняющаяся актуальность риск-ориентированного подхода. При этом в качестве методов оценки рисков кибербезопасности в ближайшей перспективе будут рассматриваться экспертные методы на основе возможного ущерба. Сделан вывод о необходимости развития инструментов автоматизации оценки рисков кибербезопасности при применении инженерных методик расчета cyberPHA, Security PHA Review и других. В академическом плане наиболее приоритетным направлением исследований остается проблема моделирования и разработки моделей вычисления вероятности наступления рисков кибербезопасности в киберфизических системах.

Published

2020

10. Adapted method for monitoring functional failures in NOR FLASH-memory during tests for resistance to heavy charged particles

Author

Sergey B. Shmakov, I. I. Shvetsov-Shilovskiy, and Roman I. Gvozdev

Subjects

Materials science, lcsh:T58.5-58.64, lcsh:Information technology, lcsh:Information theory, General Medicine, Composite material, lcsh:Q350-390, Flash memory, Charged particle, functional failures, heavy charged particles, resistance, chip, a hardware-software complex

Abstract

This study offers an adapted method for monitoring functional failures in NOR flash memory during tests for resistance to heavy charged particles. The experiment was conducted on the basis of the "U-400" cyclotron. Experimental results of approbation of the adapted method have shown the need to divide functional failures (FF) into 5 types depending on the nature of each FF and confirm the need to adapt the methodology and monitoring tools to assess the parameters of sensitivity to the effects of heavy charged particles (HCP) on single radiation effects (SRE) of the FF. The obtained results provide additional data on the parameters of the sensitivity of chips to the effects of HCP on the SRE to the equipment manufacturer for the development of a system for parrying the observed effects in the equipment in order to increase the security of stored information.

Published

2020

11. Network attacks main danger indicators formation in Internal Affairs Bodies automated systems

Author

Irina G. Drovnikova, Evgeni A. Rogozin, and Elena S. Ovchinnikova

Subjects

lcsh:T58.5-58.64, lcsh:Information technology, lcsh:Information theory, General Medicine, automated system, network attack, information risk, dynamic integral danger indicator, quantitative danger assessment, lcsh:Q350-390

Abstract

The purpose of this study is to analyze the existing indicators used in information security implementing threats risk assessing in automated systems. The goal is to identify its advantages, disadvantages and application possibilities, when conducting implementing danger network attacks quantitative assessment on automated systems operated in a secure execution at the Internal Affairs Bodies informatization objects. To achieve this goal we use the method of system analysis of threat hazard indicators based on research of open literature sources, international and industry standards of the Russian Federation for information protection in automated systems, methodological and guiding documents and orders of the Federal service for technical and expert control of Russia on the problem of assessing the risk of unauthorized access to automated systems, as well as the regulatory framework of the Ministry of internal Affairs of Russia, regulating the operation of automated systems of internal Affairs bodies in a protected version. The risk model of the automated system is analyzed to make a correct choice of adequate indicators when conducting a quantitative analysis of the risk of information security violations. To conduct network attacks danger quantitative assessment and study them in a dynamic mode, the main directions for improving the identified indicators are proposed, taking into account Internal Affairs Bodies protected automated systems operation actual features and disadvantages. Development of a dynamic integral attack hazard indicator that reflects the real dynamic properties of the process of implementing a set of typical network attacks on an automated system, and improvement of existing mathematical software for assessing the risk of network attacks by determining the probability-time characteristics of multiple parallel attacks implemented model-based simulation will allow to quantify risk and increase the real security of the automated systems in process of their operation on the objects of Informatization of Internal Affairs bodies.

Published

2020

12. Information security of state information systems

Author

Rustem V. Penerdji and Grigory P. Gavdan

Subjects

010101 applied mathematics, lcsh:T58.5-58.64, lcsh:Information technology, state information system, public administration, information system, information property, critical information system, lcsh:Information theory, 010103 numerical & computational mathematics, General Medicine, 0101 mathematics, lcsh:Q350-390, 01 natural sciences

Abstract

The purpose of the paper is to consider issues related to the security of state information systems in the Russian Federation. The relevance of these issues is primarily due to the fact that the number of cyber-attacks (causing significant damage to the state) on various areas of its economy, including its state information systems, is increasing every year in Russia. For example, the national initiative for Cybersecurity Education (NICE) was launched in the United States several years ago. This event has not escaped the attention of Russian and other experts in the field of information security (is). The main areas of information property protection include: protection (state, official, commercial, banking, tax, insurance, personal data (PD), etc.) of secrets and intellectual property. State information systems include information technology tools and systems that rely on advanced scientific research, such as knowledge, advanced technologies (know-how), etc. Today, state information systems are an integral part of a fairly complex system of public administration. It is also important to recall the role of the Russian FSTEC regulator in ensuring information security. The subject of the research is SIS as the basis of management of state bodies. The paper focuses on current trends in the field of SIS information security, a brief overview of SIS legislation, and the critical information infrastructure (CII) of Russia's main geopolitical opponent. The main arguments for the importance of the chosen direction of work are discussed. Further research is expected to be conducted in the field of SIS security in an uncertain environment.

Published

2020

13. Algorithm for matching physical and logical addressing in memory chips using laser sources

Author

Viacheslav A. Chepov, Sergey B. Shmakov, and I. I. Shvetsov-Shilovskiy

Subjects

Logical address, Matching (statistics), lcsh:T58.5-58.64, Computer engineering, lcsh:Information technology, Computer science, law, lcsh:Information theory, General Medicine, Laser, lcsh:Q350-390, ionizing radiation, physical memory addressing, logical memory addressing, law.invention

Abstract

The paper presents the developed algorithm for correlating the physical and logical addressing in memory chips using laser radiation sources to determine the nature of failures in radiation tests. A variant of the hardware-software implementation of the algorithm is proposed, key software tools are presented. The algorithm was tested using the focused laser facility with the ability to irradiate a separate memory cell. The patterns of location of the memory cells in single memory block were obtained, necessary to compose the full correlation between the physical and logical addressing. The main experimental results of the algorithm approbation are shown, which confirm the possibility of developing the tool for visualizing the map of failures with one-bit precision. The adaptation of the tool for analyzing the hardness of a static random-access memory (SRAM) IC under pulsed ionizing radiation is presented.

Published

2020

14. Simulation of organizational protection of a protected object based on the theory of automata and Petri nets

Author

Viktor V. Erokhin and Larisa Sergeevna Pritchina

Subjects

Discrete mathematics, lcsh:T58.5-58.64, lcsh:Information technology, lcsh:Information theory, Object based, General Medicine, information protection, petri nets, automata theory, lcsh:Q350-390, Mathematics

Abstract

The paper discusses the tasks of evaluating and modeling the actions of police units or other security structures for the organizational protection of a guarded object based on the theory of automata and Petri nets. The solution to the problem of creating a model of an attacker’s actions on a guarded object on the basis of the theory of automata is to determine the time of an attacker’s stay on a guarded object. The solution to the problem of modeling the organizational protection of a protected facility using Petri nets is to find parallel-to-work interconnected processes of security units during special operations. The methods of solving the protected object from the actions of an attacker are considered: a model of organizational protection of the protected object from the actions of an attacker based on the theory of automata; model of organizational protection based on Petri nets. This allows simulating the object’s protection system in time taking into account the specifics of threats both from the subjects of the criminal world and in emergency situations. In addition the presented approaches and modeling methods for the actions of security structures allow the most accurate assessment and optimization of their actions.

Published

2020

15. Trust Model for the Russian Federation Digital Economy

Author

Dmitry A. Melnikov, Yury F. Releev, and Leonid D. Kvaratskheliya

Subjects

public key infrastructure, trust, integrity, nonrepudiation, certificate authority, validation authority, public key certificate, digital signature, lcsh:T58.5-58.64, lcsh:Information technology, lcsh:Information theory, General Medicine, lcsh:Q350-390

Abstract

В статье представлено исследование современных моделей доверия на основе инфраструктуры открытых криптографических ключей ( Public Key Infrastructure – PKI), целью которого является разработка российской национальной модели доверия. Для достижения поставленной цели была обоснована необходимость создания национальной инфраструктуры доверия в условиях перехода к цифровой экономике. Вместе с тем, в работе проведён анализ текущего состояния российской PKI, которое характеризуется отсутствием единой структуры удостоверяющих центров (УЦ) и единого федерального органа регулирования в области обеспечения криптографическими ключами (сертификатами открытых ключей). Анализ зарубежных PKI-моделей доверия позволил сделать вывод о том, что ни одна из таких моделей не может быть эталонной, и не может быть реализована в Российской Федерации. Основу предлагаемой модели составляет концепция распределённой системы центров подтверждения подлинности, которая имеет иерархическую структуру и позволит объединить все государственные и частные УЦ в единую динамическую систему, способную удовлетворить самые разнообразные потребности цифровой экономики и граждан Российской Федерации по обеспечению информационной безопасности. Реализация разработанной авторами модели доверия позволит, в первую очередь, предотвратить многие киберпреступления и попытки нанесения финансово-экономического ущерба субъектам информационного взаимодействия.

Published

2020

16. On the issue of categorization of objects of critical information infrastructure of seaports

Author

Kristina V. Natashova, Sergey S. Sokolov, Oleg N. Gubernatorov, Anatoliy P. Nyrkov, and Anton V. Kirikov

Subjects

lcsh:T58.5-58.64, lcsh:Information technology, lcsh:Information theory, General Medicine, lcsh:Q350-390, information security, critical information infrastructure, categorization, water transport, seaport

Abstract

The purpose of the article is to consider the problematic issues that arise during the categorization of CII objects. Seaports are of strategic importance for the development of the Russian Federation's economy and transport support for foreign trade. In accordance with Federal law No. 187-FZ of July 26, 2017 "on security of critical information infrastructure of the Russian Federation", seaports are subjects of CII in the field of transport. Compliance with the requirements of this law, in particular, addressing issues related to the categorization of CII objects in accordance with Russian Government Resolution No. 127 of February 8, 2018 "on approval of the rules for categorizing critical information infrastructure objects of the Russian Federation, as well as the list of indicators of the criteria for the significance of critical information infrastructure objects of the Russian Federation and their values", requires careful study and evaluation, because, that CI subjects are increasingly faced with the complexity of processes and the need to take into account the specifics of a particular area of their activities. This article considers the subject of the Kaliningrad commercial sea port CII and categorizes one of the information systems as the author's recommendations for the implementation of the Decree of the Government of the Russian Federation No. 127 of February 8, 2018 for information systems of seaports. In conclusion, the authors note the importance of developing industry regulations for categorizing and ensuring the security of CII, the importance of developing standard models of violators that would take into account industry characteristics, and the need to attract narrowly focused specialists to the work of the Commission, both from the organization and from outside.

Published

2020

17. Assessment of probabilities of computer attacks based on function

Author

Olga Makarova and Sergey V. Porshnev

Subjects

lcsh:T58.5-58.64, lcsh:Information technology, Computer science, lcsh:Information theory, General Medicine, Function (mathematics), Attack, lcsh:Q350-390, Algorithm, information system, information security, computer attack, intruder, probability of threats, expected utility, computer attack, expected utility function, key attack criteria of computer attack, criminology theory

Abstract

An objective assessment of the level of protection of an organization’s information system provided by an appropriate information security system (ISS), both at the stage of its design and at the operation stage, is possible based on the use of estimates of current and predicted probabilities of computer attacks of intruder of this IS using vulnerabilities ISS. To assess the probability of a computer attack by an intruder, this study proposes to use the expected utility function that takes into account key attack criteria of the possibility of a computer attack (criteria for choosing an object of a computer attack by an intruder, stages and methods of implementing an attack, methods of obtaining information about an object, skills of an intruder) and the expected usefulness of the attack (motives the offender, the state of the offender before a computer attack, in particular, his income, the principles for deciding on the conduct / continuation / termination of a computer attack intruder), modernized taking into account the characteristics of this type and crimes in the computer sphere. The proposed solution is based on the theory of provisions in criminology, which states that an attack is implemented by an intruder in cases where it is possible to implement an attack and, at the same time, the expected utility of the attack from the point of view of the offender is sufficient. It is demonstrated that the selected utility function adequately describes the relationship between the probability of a computer attack and the key attack criteria of a computer attack. The analysis of the modernized utility function, the results of which showed that: 1) the value of the expected utility, ceteris paribus, for the offender prone to risk, is determined by the probability of exposing it (which is equivalent to the likelihood of an inconspicuous computer attack), for the offender not prone to risk, - the severity of the punishment, therefore it is necessary to build a differentiated protection system depending on the type of intruder; 2) there is the possibility of a significant reduction in the number of potential violators by increasing revenues from the legal activities of security experts; 3) there is a dependence of the number of computer attacks for a certain period of time on the probability of an inconspicuous computer attack, the severity of the punishment, the presence and magnitude of alternative income (benefits).

Published

2020

18. Аnalysis of the process of functioning of subsystems of access control systems to protect information from unauthorized access and basic aspects their perfection in automated systems of internal affairs bodies

Author

Anna V. Batskih, Evgeni A. Rogozin, and Irina G. Drovnikova

Subjects

lcsh:T58.5-58.64, lcsh:Information technology, business.industry, Computer science, Process (engineering), media_common.quotation_subject, Perfection, Access control, General Medicine, Computer security, computer.software_genre, lcsh:Q350-390, information protection, information security system, access control subsystem, unauthorized access, authenticate users, keyboard handwriting, lcsh:Information theory, business, computer, media_common

Abstract

The paper presents the results of the analysis of scientific and technical literature and open regulatory and administrative documents of the international, Federal and departmental levels devoted to the process of functioning of information protection systems (SPI) from unauthorized access (UA) in automated systems (AS) at the objects of Informatization of internal Affairs bodies (ATS). Using the example of a typical certified SPI from UA «Strazh NT 4.0» the functionality of SPI from UA operating in protected ATS is analyzed, shortcomings are identified and the key aspects of improving subsystems of access control systems based on the use of new information and telecommunication technologies related to improving real security as on the objects of Informatization Department are defined. As a promising technology additional biometric authentication based on realization of recognition of the access subject on individual dynamics of a keyboard set (keyboard handwriting) is offered.

Published

2020

19. Software implementation of a DLP-system module for monitoring and controlling corporate network traffic using machine learning

Author

Anton A. Nedogarok, Nikolai V. Fedorov, Vitaly S. Shvychkov, and Maxim I. Kalayda

Subjects

lcsh:T58.5-58.64, Artificial neural network, lcsh:Information technology, Computer science, Control (management), Data classification, Process (computing), Array data type, General Medicine, Construct (python library), computer.software_genre, lcsh:Q350-390, Convolutional neural network, Software implementation, lcsh:Information theory, Data mining, computer, dlp-system, machine learning, neural network, confidential information, text classification, dataset

Abstract

The subject of this work is a neural network, the parameters of its architecture and the data array (dataset) for its training. The aim of the work is the software implementation of part of the DLP-system (Data Leak Prevention), which allows to monitor the traffic of a corporate network and to control the transfer of confidential data over this network using a neural network. The entire development process is represented by five stages: theory, design, preparation of data for training the neural network, training the neural network and testing the implemented system. There is a brief overview of the market for such solutions in the article. The parameters used to construct the neural network architecture used to solve the problem of text data classification are described in detail. The result of the work is a functioning part of the DLP system, which allows monitoring the traffic of a corporate network via a web-interface and controlling the transfer of confidential data over this network using a one-dimensional convolutional neural network 1D CNN.

Published

2020

20. Single event effects qualificatoin of integrated circuits

Author

Anatoly A. Smolin, Alexander I. Chumakov, and A.V. Sogoyan

Subjects

Physics, lcsh:T58.5-58.64, lcsh:Information technology, Mathematical analysis, Linear energy transfer, Cosmic ray, General Medicine, Integrated circuit, Radiation, single event effects, heavy ions, test requirements, radiation hardness parameters, qualification testing, integral circuits, Chip, lcsh:Q350-390, Charged particle, law.invention, Set (abstract data type), law, lcsh:Information theory, Radiation hardening

Abstract

The goal of qualification or monitoring of electronic device radiation testings is to ensure that devices meet the set of requirements. In some cases, this can be achieved without full characterization of radiation behavior, which leads to significant cost reduction of radiation testing. In this paper, we propose an approach to determining the test standards for evaluating the compliance of integrated circuits with the requirements for radiation hardness under heavy charged particle fluxes in outer space, set as restrictions on the frequency of single radiation effects (SER). The SER calculation is based on the known cosmic rays spectrum and effect’s cross-section dependence on linear energy transfer (LET) obtained during radiation testing. The SEE qualification based on test results for just one LET value is performed using additional conservative limits on saturated cross-section and threshold LET values. Analysis of compendium of experimental data has shown that for main SEE types these limiting values can be set as 3 MeVcm 2 /mg for threshold LET and 30% of chip surface area for saturated cross-section. Those assumptions allows us to calculate fluence and ion LET value required for part qualification for the required SER values. The proposed approach can be used to justify test requirements for SEE testing of integrated circuits.

Published

2020

21. Analysis and classification of the main threats to information security of automated systems at the objects of informatization of internal affairs bodies

Author

Evgeni A. Rogozin, Anna V. Batskih, Irina G. Drovnikova, and Elena S. Ovchinnikova

Subjects

Hierarchy, Service (systems architecture), lcsh:T58.5-58.64, lcsh:Information technology, Computer science, 010103 numerical & computational mathematics, General Medicine, Scientific literature, Information security, Computer security, computer.software_genre, lcsh:Q350-390, 01 natural sciences, Field (computer science), Information protection policy, 010101 applied mathematics, Documentation, information protection, information security, automated system, unauthorized access, vulnerability, information threat, network attack, lcsh:Information theory, 0101 mathematics, Informatization, computer

Abstract

The paper presents the results of the analysis of threats implemented through remote unauthorized access (UA) (network attacks) to the information resource of automated systems (AS) at the objects of Informatization of internal Affairs bodies (ATS), presented on the official website of the Federal service for technical and export control (FSTEC) of Russia (bdu.fstec.ru). Based on the analysis of international and sectoral standards of the Russian Federation, as well as regulatory documents of the FSTEC of Russia, and departmental documentation of the MIA of Russia, and the fiducial requirements on information security (IS), and scientific literature in the field of information protection (IP) it is developed a three-tiered hierarchy and classification scheme of the threats related to unauthorized access to the information resource as ATS. The analysis of the data Bank of information security threats developed by FSTEC of Russia, as well as vulnerabilities of components and software (SW) of ATS at ATS Informatization objects in terms of implementation of network attacks determined by the results of a survey of experts in the field of information security, allowed to reveal the content of the stages of a typical network attack and to classify attacks on ATS, using seven classification criteria. In accordance with the classification it was developed a list of the main attacks on ATS, including eight types of the most dangerous and often implemented at the present time network attacks, also taking into account the possible consequences of their implementation. The presented results are planned to be used in further quantitative assessment of the danger of the implementation of selected attacks and to develop a private model of actual attacks for a specific AU, taking into account the peculiarities of its functioning in a protected version at the ATS Informatization facility. This will allow making a number or proposals for the existing regulatory and administrative documents on IP in ATS in order to increase the real security of existing and prospective (developed) ACS at ATS Informatization facilities.

Published

2020

22. Approach to steganography storage in removable media file system

Author

Pavel V. Slipenchuk and Mihail V. Malahov

Subjects

File system, business.product_category, lcsh:T58.5-58.64, Steganography, lcsh:Information technology, Computer science, Data_CODINGANDINFORMATIONTHEORY, General Medicine, computer.software_genre, lcsh:Q350-390, Removable media, information security, data security, steganography, cryptography, file systems, perfectly secure steganography systems, lcsh:Information theory, Operating system, business, computer

Abstract

Problems of hidden storage and transmission of information are successfully solved by using steganography. The most common steganographic maskers for transmitting and storing information at a given time are media files, such as photos, videos, and audio files. The use of such maskers imposes a number of restrictions, one of which is a limit on the size of the embedded information. Thus, increasing the amount of hidden data changes the entropy properties of the masker and allows you to detect the fact of steganography. One of the alternative ways to ensure the possibility of steganographic concealment of large amounts of information is to use a fundamentally different method of concealment. In this regard, it becomes relevant to develop a method for steganographic storage of information in the file system, as a masker, in which you can secretly store quite large amounts of data. This paper presents an approach to steganographic storage of information in the file system of the extracted data carrier, which is usually an electronic data carrier with the FAT32 file system. During the analysis of existing steganography tools designed to hide information in file systems, their weaknesses and strengths were identified, on the basis of which the requirements for the developed tool were put forward. The paper presents a detailed description of the algorithms used in the new approach. Its main advantages and the situations in which its application is justified are described, as well as its perfection by the Cachin method is proved.

Published

2020

23. Hardness assurance levels and requirements for single event effects testing of integrated circuits

Author

Alexey O. Ahmetov, Anatoly A. Smolin, Vladimir F. Gerasimov, A.V. Ulanova, A.V. Sogoyan, Vitaly V. Khaustov, Evgeny V. Churilin, Nikolai V. Ryasnoy, Alexander A. Sashov, Dmitry V. Boychenko, Andrey V. Yanenko, D. V. Bobrovsky, Konstantin A. Chumakov, and Alexander I. Chumakov

Subjects

single event effects, hardness assurance levels, test requirements, Physics, lcsh:T58.5-58.64, Spacecraft, Basis (linear algebra), lcsh:Information technology, business.industry, Isotropy, General Medicine, Integrated circuit, Topology, lcsh:Q350-390, law.invention, law, lcsh:Information theory, Geostationary orbit, business, Event (particle physics), Energy (signal processing), Electronic circuit

Abstract

The paper presents an analysis of existing approaches to estimation of single event rate (SER) in integrated circuits under effects of charged particles of space radiation environment. These issues are of significant importance in the light of the expansion of the scope of practical application of cyber-physical control systems for space objects, since it is mainly due to the SER that information is lost in the register elements and in the memory cells of the electronic blocks of spacecraft. It is shown that existing models based on energy deposition in fixed sensitive volume are not applicable for SER estimations in case of high threshold linear energy transfer (LET) values. An alternative approach is proposed. It is based on diffusion charge collection model, which can be used to estimate the SER cross-sections in isotropic particle field. A universal dependence for SER estimation in integral circuits (ICs) at geostationary orbit is proposed and used as a basis for establishing classification of devices based on hardness assurance levels. The obtained results provide the grounds for setting test requirements that has to be met during single event effects testing of ICs.

Published

2020

24. A methodological approach to identifying destructive information actions on a distributed process control system

Author

Irina S. Gefner, Alexandr S. Sukhoverkhov, Sergey V. Solovyov, and Sergey M. Kovalenko

Subjects

an emergency situation, information actions sequence, lcsh:T58.5-58.64, Risk analysis (engineering), lcsh:Information technology, Computer science, lcsh:Information theory, Process control, industrial facility, General Medicine, lcsh:Q350-390, distributed control system

Abstract

The aim of this study is to improve the methodological support for evaluating a possibility of implementing a sequence of information actions on a distributed control system leading to emergency situations. The problem of evaluating a possibility of implementing a sequence of information actions on a distributed control system leading to emergency situations is solved. A methodological approach is proposed to identify information actions sequences leading to an emergency situation at industrial facilities, based on the use of the method of time differences of machine learning with reinforcement. The effectiveness of the considered methodological approach in comparison with the method of equal probability search is estimated. An example of the implementation of the methodological approach in relation to the technological process used at industrial facilities is given.

Published

2020

25. Approaches to measuring the risk of cyberattacks in remote banking services of Russia

Author

Pavel V. Revenkov and Alexander A. Berdyugin

Subjects

lcsh:T58.5-58.64, lcsh:Information technology, lcsh:Information theory, General Medicine, Business, Computer security, computer.software_genre, Cyberspace, Risk assessment, cyberspace, risk of cyberattacks, remote banking services, cybersecurity, risk assessment, information security incident, lcsh:Q350-390, computer

Abstract

Purpose.Due to the use of technology in banks their risks of information security breach are rising significantly. In the context of active introduction of remote banking services (RBS) in banking business of Russia, additional study of issues of assessing the risk of cyberattacks on banking automated systems was required. Methods.The methods of financial management, probability theory, system analysis of scientific literature on fundamental and applied research, and a method of graphical interpretation of analyzed phenomena are used. The paper gives a detailed analysis of the concepts of “cyberspace” and “cybersecurity”. Remote banking is considered from the point of view of financial management. Attention is drawn to the factors of work in cyberspace that increase the levels of banking risks. The relationship of cyberattacks on bankingautomated systems and possible consequences for the bank is analyzed. Novelty.Given the wide spread of social engineering methods when committing fraudulent activities on the Internet the measures to increase the cyber literacy of population are needed. The method for assessing the risk of cyberattacks on RBS for use by risk department specialists and employees of internal control services is developed. As a result, considering innovative systems and technologies that await us in the future, the effectiveness of risk assessment for solving current challenges is increased. Results.Attempts are made to formulate the mathematical model of the probabilistic analysis of information security incidents to optimize the algorithm for responding to incidents. Calculations based on the proposed model made it possible to determine the duration of exploitation of vulnerability of RBS, when the probability of preventing an incident exceeds probability of its realization. The findings may be useful for scientific research on the risks of information security breach in RBS.

Published

2019

26. Security of significant objects of critical information infrastructure

Author

Grigory P. Gavdan, Vitaliy G. Ivanenko, and Alexei A. Salkutsan

Subjects

lcsh:T58.5-58.64, lcsh:Information technology, lcsh:Information theory, critical information infrastructure, significant objects of critical information infrastructure, infor-mation resources, cyberattack, cyberspace, structural units, staffing, General Medicine, lcsh:Q350-390

Abstract

The issues related to the security of significant objects of critical information infrastructure are considered. The relevance of these problems is primarily due to the fact that the number of cyberattacks on various sectors of the Russian economy and primarily on significant objects of critical information infrastructure (state, defense, oil and gas industry, etc.) is increasing. Unfortunately, the limited access to the available information in this area does not allow today the researchers in the field of information security to conduct a proper analysis. In addition the corresponding media and Internet resources are incomplete. The tasks of ensuring the security of significant objects of critical information infrastructure in order to ensure their sustainable functioning under the destructive impact of computer attacks are regulated by a number of fundamental normative legal acts, primarily the Federal law No. 187-FZ "on security of critical information infrastructure of the Russian Federation" (2017) and the Doctrine of information security of the Russian Federation (2016). Currently at the stage of formation of the digital economy the creation of national information resources and the protection of significant objects of critical information infrastructure is one of the major sources of economic, political, social and military power of the state, the basis of socio-economic and socio-political development of the Russian Federation. The subject of the study is significant objects of critical information infrastructure as the basis of stability and existence of the state, the Russian Federation. The work pays considerable attention to the requirements for structural units to ensure the security of significant objects of critical information infrastructure. Thus, the risk of computer attacks for the subjects of critical information infrastructure has serious consequences, ranging from damage to the reputation and to the paralyzation of enterprise with the subsequent disruption of defense orders for the army and Navy. The requirements to structural units of security of significant objects of critical information infrastructure as well as to their staffing are considered.

Published

2019

27. Development of EPC-Models of threats to information security of the automated process control system

Author

Irina V. Mashkina and Ildar R. Garipov

Subjects

lcsh:T58.5-58.64, Automatic control, lcsh:Information technology, Computer science, Process (engineering), ics, epc model, information security, pc, erp, mes, information system, opc, scada, General Medicine, Information security, Business process modeling, lcsh:Q350-390, Information protection policy, Risk analysis (engineering), Threat model, lcsh:Information theory, Process control, Data Protection Act 1998

Abstract

The purpose of this study is to develop threat models specific to the object of protection-automated process control systems. When developing the threat models, we propose a method of constructing graphical notations of events (Event-driven Process Chain), the main elements of which are events and functions associated with logical operations. We present the results of the analysis of threats of violation of information security of automated control systems of technological processes. The EPC-models of threats of information security violation of modern information and control systems of industrial enterprises are presented. The EPC-models allow to describe in detail ways of realization of the threats that, in turn, gives the chance to the experts working in the field of information security to design systems of information protection matched to potential threats and taking into account specifics of production. Modeling threats of violation of information security allows the specialist for data protection obtaining sufficient arguments about the feasibility of a violator of the threats to specific automated control systems of technological processes, which contributes to the financing of the project. This paper is not limited to the consideration of only business process models as the only means of creating threat models in the field of information security, and offer EPC-modeling as one of the methods of building information security threats for automated control systems. The EPC models allow to describe ways of realization of the threats actual for modern automated control systems and to estimate probabilities of their realization.

Published

2019

28. Possibilities and limitations of focused laser technique application for SEE sensitivity parameters estimation

Author

Alexander I. Chumakov

Subjects

Very-large-scale integration, Physics, lcsh:T58.5-58.64, lcsh:Information technology, business.industry, Ambipolar diffusion, Linear energy transfer, General Medicine, Radiation, Laser, lcsh:Q350-390, single event effects, focused picosecond laser beam, SEE sensitivity parameters, Charged particle, law.invention, Computer Science::Hardware Architecture, Optics, law, Ionization, lcsh:Information theory, Irradiation, business

Abstract

The paper analyzes the applicability of methods for estimating the parameters of the VLSI sensitivity by single radiation effects (SEE) using focused laser radiation of picosecond duration in order to expand their application for submicron VLSI. A comparison of ionization track structure from a heavy charged particle and the ionization region of a semiconductor structure under focused laser radiation is made. It is shown that the comparison of geometric dimensions should be carried out during the ionization reaction, when the ionization region of the track expands due to ambipolar diffusion. Limitations due to the influence of optical inhomogeneities located on the surface of the VLSI chip, as well as under irradiation from the bottom side of the chip are determined. It is shown that laser methods can be applied to estimate the dependences of cross sections of single radiation effects as a function of linear energy transfer (LET) for semiconductor structures with sizes significantly smaller than the diameter of the focused laser radiation. Additional features of laser methods are presented to determine the SEE location on chip surface and to study the influence of the electrical mode and the effectiveness of SEE parry methods. The presented results allow the use of laser technique to estimate SEE sensitivity parameters estimation for deep submicron VLSI.

Published

2019

29. Information security systematics of software supply chains

Author

Alexey Markov, Alexander Barabanov, and Valentin Tsirlov

Subjects

lcsh:T58.5-58.64, lcsh:Information technology, Computer science, business.industry, Supply chain, Supply chain attack, General Medicine, Information security, lcsh:Q350-390, Software development process, Software, Risk analysis (engineering), lcsh:Information theory, Information system, Software system, Attack, logistics chain, supply chain, supply chain attacks, information security, software delivery, secure supply chain management, threat taxonomy, controls systematics, business

Abstract

The results of the systematization of measures to protect information resources from attacks on the supply chain of software and computer systems are presented. The phenomena, relevance and popular topics of protecting the supply chains of IT products are noted. Statistics on borrowed components of software products and software systems are presented. Examples of computer attacks on resources and processes of the software supply chain are given. The analysis of the existing terminological base in the field of security of supply chains of software is carried out. The features of the terms for supply chain and supply chain attack are formulated. The analysis of existing models of information security threats associated with computer attacks on the supply chain of software products is done. Limitations of models of threats to information security of the software supply chain are revealed. A review and systematization of measures to protect information from threats in the information sphere related to computer attacks on the software supply chain has been carried out. Known regulatory and methodological documents in the field of the supply chain of IT products are considered. It is concluded that it is necessary to develop the Russian legislative and regulatory framework for information security on the subject of software supply chains. A version of the systematics of information security measures in the life cycle of software delivery of information systems is proposed. Classification signs such as the used controls, information security methods, phases of the software development process are proposed. Possible directions of improving measures to protect information from computer attacks on the supply chain of software in the national and international information security are formulated.

Published

2019

30. Cold multi-currency wallet on the platform MKT

Author

Roman A. Sharapov

Subjects

Commerce, lcsh:T58.5-58.64, lcsh:Information technology, Currency, lcsh:Information theory, General Medicine, Business, New Harward architecture, dynamically variable architecture, blockchain, offline transaction signature, HD wallet, lcsh:Q350-390

Abstract

The paper is exploring the concept of implementing multi-currency secure cold wallet on the basis of the microcomputer with dynamically variable architecture MKT. This device is based on the new Harvard architecture, a modification of the classic Harvard architecture, using immutable memory (to ensure the integrity and immutability of the operating system) and session memory blocks (to ensure the correct operation of the software). The paper describes the work mechanism of blockchain and blockchain transactions, the basic principles of cryptocurrency storage. The implementation of the system algorithm for offline signing of transactions and protocols that provide a hierarchical key generation based on HD Wallet technology are reviewed. It is proposed to divide the functionality of the multi-currency wallet into two groups intended for execution either in the operating system that is read-only or available both for reading and writing. The scenario of execution of the working cycle of the designed system is described.

Published

2019

31. Investigation of graph databases suitable for work with big data while detecting money laundering and terrorism financing cases

Author

Natalia Miloslavskaya, Andrey Nikiforov, and Kirill Plaksiy

Subjects

lcsh:T58.5-58.64, lcsh:Information technology, lcsh:Information theory, General Medicine, money laundering, terrorism financing, ML/FT, information security, typology, Big Data, Database Management System (DBMS), lcsh:Q350-390

Abstract

В статье рассматриваются популярные в настоящее время графовые системы управления базами данных (СУБД), способные работать с большими данными, с помощью которых можно реализовать хранение информации, полученной в ходе генерации преступных дел по отмыванию доходов, полученных преступным путем, и финансированию терроризма (ОД/ФТ). Цель работы заключается в выборе защищенной графовой СУБД, подходящей для работы с большими данными финансовых расследований. Для этого решаются следующие задачи: рассматриваются имеющиеся графовые СУБД, проводится их анализ и сравнение друг с другом с особым акцентом на методы защиты, используемые для обеспечения безопасности хранимых данных. Были изучены достоинства и недостатки программных продуктов, а также было проведено сравнение по ряду параметров, характеризующих защиту информации в них. Каждый критерий сравнения имеет развёрнутые комментарии, на основе которых был выбран наиболее удобный, гибкий и современный вариант СУБД для использования при поиске случаев ОД/ФТ. По полученным результатам было установлено, что графовые СУБД подходят для работы с большими данными, а также по ряду параметров была выбрана одна из рассмотренных СУБД, а именно Janus Graph.

Published

2019

32. Development of an imitation model of information protection system from unauthorized access using the cpn tools software

Author

Sergey A. Kukharev, Oksana I. Bokova, Anton D. Popov, and Dmitry I. Korobkin

Subjects

lcsh:T58.5-58.64, lcsh:Information technology, Simulation modelling, 010103 numerical & computational mathematics, General Medicine, Petri net, lcsh:Q350-390, 01 natural sciences, 010101 applied mathematics, CPN Tools, Colored petri, Technical university, lcsh:Information theory, CPN Tools, Petri nets, information protection system, unauthorized access, simulation model, automated system, strongly connected components, 0101 mathematics, Humanities, Mathematics

Abstract

[1] SZI «Strazh NT». Rukovodstvo administratora. URL: http://www.guardnt.ru/download/doc/admin_guide_nt_3_0.pdf (accessed: 25.05.2019) (in Russian). [2] Sistema zashchity informacii ot nesankcionirovannogo dostupa «Strazh NT». Opisanie primeneniya. URL: http://www.rubinteh.ru/public/opis30.pdf (accessed: 25.05.2019) (in Russian). [3] Popov A.D. Modeli i algoritmy ocenki effektivnosti sistem zashchity informacii ot nesankcionirovannogo dostupa s uchyotom ih vremennyh harakteristik v avtomatizirovannyh sistemah organov vnutrennih del: dis kand. tekhn. nauk. Voronezh / 2018. URL: https://vi.mvd.rf/Nauka/Dissovety/sostojavshiesja_zashhiti_dissertacij (accessed: 25.05.2019) (in Russian). [4] Ventcel' E.S. Teoriya veroyatnostej. – М.: Nauka, 1969. – 576 s. (in Russian). [5] Jensen K. and Kristensen L.M. Coloured Petri Nets Modeling and Validation of Concurrent Systems. Berlin: Springer-Verlag 2009. [6] Sinegubov S.V. Modelirovanie sistem i setej telekommunikacij. Voronezh: VI MVD RF, 2016. – 336 s. (in Russian). [7] Zaitsev D.A., Shmeleva T.R. Simulating Telecommunication Systems with CPN Tools: Students' book. – Odessa: ONAT, 2006. – 60 p. [8] Grigor'ev V.A., Karpov A.V. Imitacionnaya model' sistemy zashchity informacii. Programmnye produkty i sistemy. Tver': MNIIPU i NII «Centrprogrammsistem», 2005. №2. S. 26–30 (in Russian). [9] Piterson D.ZH. Teoriya setej Petri i modelirovanie sistem: Per. s angl. – M.: Mir, 1984. – 264 s. (in Russia). [10] Kotov V.E. Seti Petri. Moskva: Nauka. Glavnaya redakciya fiziko-matematicheskoj literatury, 1984. – 160 s. (in Russian). [11] Drovnikova I.G., Zmeev A.A., Popov A.D., Rogozin E.A. Methodology for investigating the probability-time characteristics of network attacks in the simulation modelling software environment. Herald of dagestan state technical university. Technical sciences. 2017. 44 (4). P. 99–113. DOI: https://doi.org/10.21822/2073-6185-2017-44-4-99-113 (in Russian). [12] Meedeniya D. A. Indika Perera Model based software design: Tool support for scripting in immersive environments. IEEE 8th International Conference on Industrial and Information Systems, 2013. P. 248–253. [13] Lukaszewski R., Winiecki W. Petri Nets in Measuring Systems Design. IEEE Instrumentation and Measurement Technology Conference Proceedings, 2006. P. 1564–1569. [14] Gehlot V., Nigro C. An introduction to systems modeling and simulation with Colored Petri Nets. 2010. P 104–118. [15] Shang Guan Wei [et. al.] Research of System Modeling and Verification Method Combine with UML Formalization Analysis and Colored Petri Net Third International Symposium on Intelligent Information Technology Application, 2009. P. 488–491.

Published

2019

33. A comparative analysis of software identifying approaches

Author

Kseniya I. Salakhutdinova, Vladislav V. Malkov, and Irina E. Krivtsova

Subjects

lcsh:T58.5-58.64, Relation (database), lcsh:Information technology, business.industry, Computer science, Decision tree, General Medicine, computer.file_format, computer.software_genre, lcsh:Q350-390, Identification (information), Software, lcsh:Information theory, Alternating decision tree, Executable, Gradient boosting, Data mining, business, Cluster analysis, computer, information security, program identification, machine learning, gradient boosting of decision trees, XGBoost, LightGBM

Abstract

The aim of the study is to provide a test of various well-known gradient boosted decision trees libraries, which are used here in relation to the software identification problem with limited set of executable files belonged to different versions of the same program in the training sample. The importance of software audit for business processes is substantiated. The paper considers the control means of installed software on personal computers of automated systems users. The disadvantages of such software solutions are substantiated with crawling examples for algorithms of program identification and the developed approach to the identification of executable files using the machine learning algorithm – gradient boosting of decision trees, based on the libraries XGBoost, LightGBM, CatBoost is presented. An experiment to identify executable files with the help of XGBoost, LightGBM is performed. On the basis of bicubic measure of clustering quality, a comparative analysis of the results between previously proposed program identification approach based on the CatBoost library, and the results presented in other studies, is performed. The results show that the developed approach allows identifying violations of the established security policy in automated systems information processing.

Published

2019

34. Development of algorithm for assessment risk of cyber attacks in electronic banking

Author

Alexander A. Berdyugin

Subjects

cyberspace, cybersecurity, cyberattacks, electronic banking, risk assessment, Basel Committee on Banking Supervision, lcsh:T58.5-58.64, lcsh:Information technology, lcsh:Information theory, General Medicine, lcsh:Q350-390

Abstract

The main task of bank risk management is to streamline banking business processes. This subject arises from the need to study assessment of risk of cyberattacks impact on e-banking systems. The purpose of this paper is to formalize the algorithm for assessing risk of cyberattacks impact in organizations of credit and financial sphere. The problems solved in this work are aimed at improving the development of risk assessment for addressing of existing and potential challenges and considering the new systems and innovations that have already arrived in our lives as well as those are coming. The definition of risk of cyberattacks impact on e-banking systems is formulated. Attention is given to employ mathematical models for evaluating the effectiveness of information security management system (ISMS). Some methods of risk assessment are discussed, also considering the ever-increasing computational capabilities and cyberattacks accessibility. The paper analyzes the calculation of capital requirements reserved to cover losses in the course of the Bank's operations, proposed by the agreement of the Basel Committee on banking supervision (Basel II). The options of quantitative risk assessment by different experts are considered. It describes in detail the quantitative assessment of the effectiveness of cyber weapons, which depends on the circumstances aggravating the responsibility of the attacker. The purpose of risk assessment is to provide objective information necessary to make a decision on risk treatment. Conclusions are drawn about the excesses of the safety function, which reduce the quality of safety. Examples of rudimentary components of ISMS are given. The differences between the non-embossed plastic card "The Golden crown" and the cards of other payment systems are emphasized. In conclusion, it is said about the construction of the management structure. The results of the work can be used for more detailed studies of the risk of cyberattacks impact inherent in electronic banking.

Published

2019

35. About approaches to a universal distributed trusted registry to ensure confidentiality of system information

Author

Natalya I. Kasperskaya, Vasily V. Kuzmenko, Rustem N. Khairetdinov, and Andrey Yu. Shcherbakov

Subjects

lcsh:T58.5-58.64, lcsh:Information technology, lcsh:Information theory, General Medicine, blockchain, distributed registries, transaction, tracking, security, zero disclosure, lcsh:Q350-390

Abstract

Currently, under the current international sanctions, the task of building a system of distributed registries with high transactional speed and using symmetric cryptographic algorithms, as well as providing minimal or controlled disclosure of data about the architecture of the system and the transactions carried out in it, is very important. To solve this problem, the concept of "information black box" technologies for the system is formulated, the triplicity of which is such that the external observer has no information about the structure of the system, its participants and the data stored and processed in it, and the technology of "information gray box" for the system, in which the composition of information transmitted to external systems is fixed, the rest of the information refers to the undisclosed. Based on the system-analytical approach, the formulation of the model of the offender and the allocation of essential requirements for the information system containing the distributed registry, the article solves the problem of creating a universal trusted distributed registry, resistant to external attacks, including transaction tracking and ensuring non-disclosure of data on the architecture of the registry, the protocol of placing information in a distributed registry, obtaining information from distributed registry and access rights management, also considered an example of practical implementation of the described solution. The formulated concept of creating a trusted secure distributed register can be a methodological basis for the formulation of departmental or national regulatory requirements in the field of digital economy, as well as serve as a technical basis for the development of specific projects in the field of secure systems using distributed registers in the field of public administration, finance and accounting and service systems.

Published

2019

36. Development trends and safety of language in terms of globalization

Author

Sayyar Gabib oglu Abdullayev, Sudaba Eybali qizi Abasova, and Tofig Hasanaga oglu Kazimov

Subjects

Globalization, linguistic sovereignty, lcsh:T58.5-58.64, language safety, lcsh:Information technology, Political science, Development economics, sociolinguisfics, lcsh:Information theory, General Medicine, lcsh:Q350-390, globalization, terminography

Abstract

The article discusses the security trends of development and the protection of the national identity of the language in the context of globalization. The features of the influence of various factors on the development of a language, its negative and positive aspects within a national culture are studied; customs and traditions in the context of globalization. The role of terms and problems of terminology building in the development of the national language is emphasized. The main reasons for the penetration of foreign terms and their functioning within the language are revealed and analyzed. It also examines the problems of preserving national languages (in particular, the Azerbaijani language), with the aim of ensuring the continuity of cultural traditions - the connection with its historical roots, the preservation of its national identity. The connection and the essence of the interconnectedness of tolerance with the security of the national language are revealed. Recommendations and measures to ensure reliable security of the Azerbaijani language in the context of globalization are offered. The importance of standardized and acceptable terminology and the creation of a terminology commission under the Cabinet of Ministers of the Republic of Azerbaijan, the purpose of which is to develop the Azerbaijani language in general and linguistics in the country, was noted. The basic principles and ways are given to ensure the security of languages in the framework of the state program on the use of the Azerbaijani language in accordance with the requirements of globalization.

Published

2019

37. Building an analytical system for event analysis to ensure information security of the enterprise

Author

Svetlana A. Kuzmicheva and Olesya V. Tarabrina

Subjects

lcsh:T58.5-58.64, lcsh:Information technology, Computer science, General Medicine, Information security, Object (computer science), Computer security, computer.software_genre, lcsh:Q350-390, Telecommunications network, Task (project management), Information security management, analytical system, user behavior analytics, source of informational security events, analyze of events, machine learning, neural networks, lcsh:Information theory, Information system, State (computer science), Attack, computer

Abstract

The task of ensuring information security of critical information structures in the Russian Federation is brought to the state level. It requires ensuring the security of information systems, communication networks and technological systems. To prevent possible incidents and meet the requirements of the state the organizations should create a security system for the critical information structures, ensure its functionality, and connect it to National coordination center for computer incidents in order to collect and exchange information about computer attacks. In this paper the authors present an approach to the development of an analytical system for information security based on machine learning, which allow analyzing a large number of events and making informed decisions on information security management. A list of the main sources of information security events of systems and networks was worked out, and a classification of events for further analysis using machine learning was proposed. By classifying the events obtained from different systems, as well as applying an integrated approach to assessing the situation, it is possible to draw a conclusion about the state of the entire object to be protected in real time.

Published

2019

38. System analysis for evaluating the effectiveness of tools for information security

Author

Sergey Kulik

Subjects

Optimization problem, lcsh:T58.5-58.64, lcsh:Information technology, business.industry, Process (engineering), Computer science, system analysis, system, indicator of effectiveness, criterion of effectiveness, information system, information security, General Medicine, Information security, lcsh:Q350-390, Field (computer science), Software, Systems analysis, Risk analysis (engineering), Work (electrical), lcsh:Information theory, Performance indicator, business

Abstract

The paper focuses on important elements of system analysis such as principles, indicators and criteria of system efficiency. The aim of this work is to show the possibility of applying system analysis and system approach in the field of information security. In this field the 3rd principle of the theory of systems and systems analysis (the maximum efficiency of the system) and the 15th principle of the systems approach, associated with optimal efficiency, are specially highlighted. The main focus is on the effectiveness of the system, which can be assessed using special indicators. We have used the necessary principles and methods of system analysis, as well as special software for applying the elements of system analysis for the performance indicators. In this case special software is considered as a tool for solving problems of system analysis in the field of information security. We introduced an indicator and criterium of system efficiency associated with the difference in reduced costs. The result of the optimization of the information security effectiveness indicator is demonstrated on a special example. The researchers use the system analysis elements. Researchers solve optimization problems. Recommendations were developed for solving typical educational problems. It is concluded that it is necessary to pay more attention in the framework of the educational process to the elements of system analysis.

Published

2019

39. Assessment of threats to the security of the cryptographic authentication mechanisms of the monitor devices of vehicles

Author

Oleg N. Murashov, Victor Sergeevich Gorbatov, and I Yu Zhukov

Subjects

Authentication, lcsh:T58.5-58.64, lcsh:Information technology, Computer science, business.industry, Control (management), Legislation, Cryptography, General Medicine, transport security, control device, cryptographic protocol, authentication mechanisms, security threats, Computer security, computer.software_genre, lcsh:Q350-390, Electronic signature, Order (business), Threat model, lcsh:Information theory, Key (cryptography), business, Protocol (object-oriented programming), computer

Abstract

In accordance with the legislation on transport security, a number of vehicles must be equipped with on-Board control devices containing a cryptographic means of authentication, registration and storage of control data, including key information of the electronic signature. This paper presents a solution to the problem of justification of the adequacy of measures to counter known attacks and methods of discrediting the suggested cryptographic mechanisms and the corresponding protocol, drawn up in the form of a draft national standard and presented in the previous work of the authors devoted to study of its security properties. The solution presented is limited to the consideration of attacks divided into two large classes: passive and active attacks, including temporary attacks based on the study of the response time of one or more participants of the protocol. The analysis of the security threat model of the Protocol generating a common key with the authentication of subscribers intended for use in tachographs installed on vehicles shows that the protocol provides sufficient measures to counter known attacks. The found possible attacks are of a formal nature, not allowing the offender to obtain any additional information in order to discredit the protocol.

Published

2019

40. Coordinate hiding in solving the generalized dangerous proximity problem

Author

Oleg V. Kazarin

Subjects

autopilot transport systems, geographic coordinates hiding, secure computation, secure function evaluation, two-party and multi-party protocols of secure computation, lcsh:T58.5-58.64, lcsh:Information technology, lcsh:Information theory, General Medicine, lcsh:Q350-390

Abstract

In connection with the rapid development of autopilot transportation systems (driverless cars, unmanned aerial vehicles – drones) all the more urgent becomes the problem of collision avoidance (the problem of dangerous proximity), especially in conditions of a large number of members of the traffic and its high intensity. If there is an attacker who is able to control one or more participants in the traffic, which strategy is to create an emergency on the road or collisions of unmanned vehicles there is a need to protect against such malicious behavior. One of the options of such protection is the use of the concept of multilateral confidential calculations to solve this particular problem. The future autopilot systems assume in some local traffic control zone the possibility of interaction of participants according to the "everyone-with-everyone" scheme, which is a necessary condition for multilateral confidential computing systems in conditions of various unauthorized actions. In contrast to the previously published results using this concept in the model with the so-called semi-honest enemy, this article for the first time proposes some solutions to protect the traffic participants from the malicious actor, who, having revealed the coordinates of moving objects, tries to drive them to collision. It is also considered the expansion of this problem to three dimensions. At the same time, it is shown that the implementation of these systems in practice, most likely, does not help to avoid the problematic situations that are not solved only by mathematical methods. There is a large set of problems that must be solved by various organizational, technical and managerial methods. Nevertheless, the prospects of using the methods of provably safe coordinate hiding look, in the author's opinion, quite attractive for experts in the field of information security, communications, transport, and distributed systems.

Published

2018

41. Model of the life cycle of the information security system

Author

Tatiana E. Mineeva, Aleksander A. Shelupanov, Mikhail L. Soloviev, Anton Konev, and Mariya P. Silich

Subjects

Authentication, lcsh:T58.5-58.64, Relation (database), lcsh:Information technology, Computer science, business.industry, General Medicine, Information security, lcsh:Q350-390, Documentation, Software, Information security management, Risk analysis (engineering), Human resource management, lcsh:Information theory, Key (cryptography), business, information protection system, life cycle, management processes, classification

Abstract

When building an information security system, one of the key problems is the creation of regulatory documents. Regulators in the field of information security determine the list of necessary documentation mainly in relation to protection mechanisms (authentication, anti-virus protection, etc.) and practically do not take into account the stages of the life cycle of information security tools and personnel of the organization. The article proposes an approach to formalization of the list of information security management processes that need regulation. This approach allows the formation of information security policy to take into account the processes of personnel management and the complex of software and hardware information security, which is necessary to ensure a high level of security of critical information infrastructure.

Published

2018

42. The structure and content of the convention on combating cybercrime

Author

Anatoly M. Tarasov

Subjects

lcsh:T58.5-58.64, lcsh:Information technology, Legislation, General Medicine, Drug trafficking, Criminal procedure, lcsh:Q350-390, Convention, Cybercrime, Council of Europe Convention, law enforcement and judicial authorities, law enforcement, cybercrime, international cooperation, privacy, computer technology, investigation, software, passwords and access codes, child pornography, copyright, Consolidation (business), Law, Political science, Terrorism, lcsh:Information theory

Abstract

Consolidation of international efforts plays a crucial role in combating cybercrime the same way as in counteracting to terrorism, drug trafficking and other offenses of cross-border nature. The results of a critical analysis of the structure and content of the major provisions of the Budapest European Convention of 23 November 2001 (ETS No. 185) are presented. The paper provides a comparative analysis of the Convention and the Russian legislation from the point of view of organizational and legal regulation of fight against computer crime. The accent is made on terminological aspects of criminal and criminal procedure law in the field of computer information. Particular attention is drawn to the critical consideration of issues of international cooperation in the light of new challenges and threats of an increasingly confrontational inter-state relations. The conclusion substantiates the need for the adoption of the relevant United Nations Convention with proposals on the content of its main statements.

Published

2018

43. Some information security problems of cloud data storage

Author

Oleg Y. Madatov

Subjects

Physics, Cloud data, lcsh:T58.5-58.64, lcsh:Information technology, cloud data storage, information privacy, data storage, computer security, data storage security, lcsh:Information theory, General Medicine, lcsh:Q350-390, Humanities

Abstract

В последние годы широкое распространение получили системы удаленного хранения данных, реализуемые с помощью технологий «Облачного хранения». Их популярность обусловлена существенными преимуществами, предоставляемыми пользователям, по сравнению с другими способами хранения данных и доступа к ним. Действительно, возможность удаленного доступа к информации, размещенной в облачном хранилище, посредством компьютеров, смартфонов, планшетов и других подобных устройств предоставляет возможность ее владельцу в любое время и практически в любом месте (при наличии сети Интернет) воспользоваться нужными данными. Однако указанное преимущество несет в себе и определенные риски. Размещение информации на удаленных носителях неминуемо снижает уровень ее защищенности, связанной как с техническими и программными сбоями, так противоправной деятельностью других лиц, в результате действий которых возможна утрата, хищение, изменение данных, необходимость предотвращения которых и определяет актуальность проводимого исследования. Целью исследования является выявление возможных проблем обеспечения информационной безопасности облачного хранения данных и нахождение путей их устранения. Объектом исследования являются уязвимости информационной безопасности наиболее популярных в России облачных хранилищ данных. Теоретическая база исследования представлена трудами ведущих ученых, таких как И.Ю. Гришин, А.В. Еськов, В.С. Симанков, А.Б. Сизоненко и др. В процессе проведенного анализа наиболее популярных облачных хранилищ была выявлена проблема, создающая серьезные угрозы информационной безопасности данных, – загрузка файлов на сервер в незашифрованном виде, что создает возможность несанкционированного доступа, как на стадии передачи информации, так и в результате неправомерных действий владельцев программного обеспечения или серверов (их сотрудников), оперативников иностранных спецслужб, а также хакерских группировок. С целью решения указанной проблемы обоснована необходимость разработки специализированного независимого программного обеспечения, позволяющего зашифровать информацию до момента ее передачи с компьютера в облачное хранилище.

Published

2018

44. A network traffic analysis for critical automation system state detection in industrial networks

Author

Evgeny V. Andryukhin and Mihail K. Ridli

Subjects

lcsh:T58.5-58.64, lcsh:Information technology, lcsh:Information theory, industrial networks, traffic analysis, information security, machine learning, anomalies detection, General Medicine, lcsh:Q350-390

Abstract

Промышленные сети являются одной из важнейших частей системы управления производственными процессами - MES-системы. Используя такие сети, MES-системы решают задачи синхронизации, координации процессов, а также оптимизируют выпуск продукции в рамках производства. Задачи назначаются в соответствии с загруженностью на исполнительных объектах - программируемых логических контроллерах (ПЛК), чья основная цель функционирования состоит в качественном выполнении поставленной задачи. Каждый ПЛК обладает набором значений, которые могут быть как прочитаны, так и перезаписаны. Процесс чтения и перезаписи выполняется часто, например, каждые 50-150 миллисекунд, что позволяет получать большие наборы данных для исследования за короткий промежуток времени. Наборы данных представляются в виде временного ряда, таким образом, состояния системы оказываются упорядочены относительно выбранных моментов времени через равные промежутки. Информация, полученная в такие моменты времени, может предоставить возможность как для построения предположений о текущем состоянии системы, так и о возможных изменениях состояния в течение нескольких следующих шагов. Предлагаемый подход позволяет выявить критические состояния на основе анализа сетевого трафика с целью предотвращения возможности появления аномалий во всей системе и помочь оператору индустриальных систем минимизировать ущерб, который мог быть вызван отказом системы. Целью работы являлось выделение характеристик промышленного трафика, на основе которых выявление состояний системы в различные моменты времени при помощи алгоритмов кластеризации наиболее эффективно. Используя набор данных, полученный в течение работы тестового стенда процесса АСУ ТП по переработке нефти, а также набора аномальных событий, полученных вследствие атак на стенд АСУ ТП, была разработана тестовая выборка для обучения системы. В результате работы были выделены ключевые характеристики трафика, которые позволяют разделять состояния системы наиболее точно.

Published

2018

45. Method for investigating computer incidents based on attribute clustering

Author

Lev S. Titov, Igor Pantiukhin, Nikita Druzhinin, Alexandr A. Kapitonov, and Alisa A. Vorobeva

Subjects

File system, Statement (computer science), lcsh:T58.5-58.64, lcsh:Information technology, Computer science, General Medicine, Interval (mathematics), computer.software_genre, lcsh:Q350-390, Hierarchical clustering, Reduction (complexity), Task (computing), сlustering, internal audit, computer forensics, computer incident, information security, lcsh:Information theory, Data mining, Cluster analysis, computer, Access time

Abstract

A reduction of the amount of stored and processed information is an important task for internal audit. It is required to select groups of informational objects with similar parameters and to analyze them separately. Optimal clustering of the data is a suitable method to solve this problem. This paper presents a method of files grouping on the hard disk, based on the Lance Williams algorithm of hierarchical clustering. Files with the same computer incident will belong to the same cluster. This statement is based on the assumption that the user has performed series of actions interrelated in time or in another external attribute or a group of attributes (for example, scanning a row of images in succession, compiling and then sending an email) on the device under investigation. As a result of clustering, these data are grouped together into one cluster and further on they can be presented to a computer forensic scientist as a potential computer incident. Thus, there is no need to analyze the files itself, since the external file attributes such as creation time, access time, time of change, etc. are used as the meaningful parameters. This method also helps to specify the number of clusters manually for a rather flexible investigation of the tested file system. Experiment was carried on in order to test the presented method. The results of the experiment show that the files created and scanned within the same time interval ended up in the same cluster for both large and small number of the output data in the cluster.

Published

2018

46. Safety assessment functional model of distance learning system

Author

Vladlena S. Vladlena S. Oladko

Subjects

Functional safety, lcsh:T58.5-58.64, Scope (project management), lcsh:Information technology, Computer science, media_common.quotation_subject, Distance education, 010103 numerical & computational mathematics, General Medicine, Information security, Educational institution, lcsh:Q350-390, 01 natural sciences, 010101 applied mathematics, Risk analysis (engineering), lcsh:Information theory, security, risk assessment, security threat, pen test, damage, educational institution, web application, Relevance (information retrieval), 0101 mathematics, Function (engineering), IDEF0, media_common

Abstract

The article analyzes the scope of the distance learning system and considers architecture and typical subsystems. Conclude that educational institution distance learning system is a distributed heterogeneous system with a web interface and round-the-clock access to the global network. The distance learning system processes, in addition to publicly available information, various types of confidential data, for example, personal data, electronic payments, author's training courses. Intentional and unintentional threats affect this information during storage, processing and transmission, which leads to violation of the information security components: accessibility, integrity and confidentiality. Therefore, it is necessary to apply protection measures to counter threats. Security specialists use systematic and expert approaches to evaluate the measures effectiveness. The measures effectiveness indicators are safety risk registers, penetration tests, indicators of the system current security and their deviation from targeted security or regulatory safety requirements. The purpose of the work is the development of an approach to assessing the distance learning system current safety state. To achieve the goal, the author proposes a functional model for the safety investigation. The model describes the current system security as a function of the many implemented protection measures, the results of penetration testing and security risks. To calculate the risks, the author proposed to use a three-factor model that takes into account the threat frequency, damage and the protection measures effectiveness factor to counteract the threat. A qualitative scale evaluates the value of the resulting safety function. The value of the function is calculated using the ball-rating scale and the normalized value of the safety risk for each distance learning functional subsystem. The results of the work are a list of security threats for four distance learning functional subsystems, a functional safety assessment model in the IDEF0 notation and a mathematical description of the safety function. In conclusion, the author describes the scope of the model possible application and the relevance of automation in the form of a software.

Published

2018

47. Precision’s calculation of the security assessment of wireless alarm

Author

Aleksandr P. Zhuk and Aleksei A. Gavrishev

Subjects

lcsh:T58.5-58.64, lcsh:Information technology, business.industry, Computer science, General Medicine, Security assessment, Computer security, computer.software_genre, lcsh:Q350-390, fuzzy logic, alarm, precision, security assessment, stealth assessment, radio channel, ALARM, lcsh:Information theory, Wireless, business, computer

Abstract

In this article, the authors evaluate the quantitative gain in the precision of the security assessment methodology based on the fuzzy logic, presented in previous works of the authors, in comparison with the probabilistic stealth assessment by the example of wireless fire alarm systems. For this purpose, on the basis of probabilistic stealth assessment and analysis of the known literature, stealth assessment of known technologies of protection of the radio channel of fire alarm systems was carried out. Energy and structural stealth were used as the main probabilistic stealth assessment. To obtain an estimate of the quantitative gain, the "affinity" of the concepts of "stealth of communication" and "security of communication" is precisely shown. As a result of the calculations based on the average error index of the MAPE approximation, it was found that the quantitative security estimates obtained by the method of security assessment based on fuzzy logic are 25% more accurate than the quantitative estimates obtained by the probability stealth assessment. For the reliability of the calculations, the R2 determination coefficient, the mean and confidence intervals of the sample means (graphical chart "box and whiskers"), which confirmed the obtained calculations, were additionally calculated. Due to the calculated quantitative gain in accuracy by assessing the security based on fuzzy logic, it is possible to calculate a more accurate quantitative assessment of the security of wireless fire alarm systems, as well as to build their ranked list by the security criterion. The proposed approach, after appropriate adaptation, can be used to quantify the security of other communication channels of fire alarm systems, for example, for wired communication channels, as well as for a wide class of wireless security systems.

Published

2018

48. Development of the security monitoring system for cluster of information systems based on the Ruby on Rails framework

Author

Ivan K. Egorov, David A. Khotelov, Alyona Y. Parushkina, Victor Y. Radygin, and Anastasia S. Merkusheva

Subjects

Web server, monitoring system, Ruby on Rails, cluster, gem package, security, server load, Nginx, cluster failures, lcsh:T58.5-58.64, lcsh:Information technology, business.industry, Application server, Computer science, Interface (computing), General Medicine, Information security, computer.software_genre, lcsh:Q350-390, Applications architecture, lcsh:Information theory, Information system, Web application, Application firewall, business, Software engineering, computer

Abstract

Currently, the information environment of many large organizations is represented by a cluster of web-oriented information systems. Often these information systems are based on the Ruby on Rails framework. One of the most important tasks of complex information security in such organizations is monitoring of all cluster components in real-time. The review of modern monitoring tools carried out in this work has shown two important points. There are many effective programs for monitoring the separate components of the web environment. But there is no one complex tool that supports interaction with DBMS, an application server, a web server, a web application firewall and system or hardware resources. Thus, this paper is devoted to the development of a complex monitoring system for a cluster of web applications. The created system is based on free software and can be used by administrators to operational detection of failures or potentially dangerous situations. Analysis of existed development technologies is carried out. Application architecture is based on a combination of the following tools: Nginx, ModSecurity, puma, Ruby on Rails, PostgreSQL, Redis, Sidekiq. The Nginx web server and WAF ModSecurity provide primary processing of requests. Puma, PostgreSQL and Ruby on Rails are used to create the application core. Sidekiq and Redis implement the mechanism of delayed jobs. The web interface of the developed centralized system provides various integrated infographic tools that allow the administrators to control current status of the system and investigate the states of all components in past. The created software was successfully tested on the NRNU MEPhI ERP-system. It has proved to be an effective tool for the complex monitoring of a cluster of web applications. Its implementation does not involve significant financial costs.

Published

2018

49. JPEG digital watermarking for copyright protection

Author

Vitaliy G. Ivanenko and Nikita V. Ushakov

Subjects

lcsh:T58.5-58.64, lcsh:Information technology, Computer science, Data_MISCELLANEOUS, ComputingMilieux_LEGALASPECTSOFCOMPUTING, Watermark, General Medicine, computer.software_genre, lcsh:Q350-390, Image (mathematics), Robustness (computer science), Container (abstract data type), digital watermarks, differential energy watermarking, images, embedding information, algorithm modification, lcsh:Information theory, Embedding, Data mining, Differential (infinitesimal), Digital watermarking, computer, Energy (signal processing)

Abstract

With the rapid growth of the multimedia technology, copyright protection has become a very important issue, especially for images. The advantages of easy photo distribution are discarded by their possible theft and unauthorized usage on different websites. Therefore, there is a need in securing information with technical methods, for example digital watermarks. This paper reviews digital watermark embedding methods for image copyright protection, advantages and disadvantages of digital watermark usage are produced. Different watermarking algorithms are analyzed. Based on analysis results most effective algorithm is chosen – differential energy watermarking. It is noticed that the method excels at providing image integrity. Digital watermark embedding system should prevent illegal access to the digital watermark and its container. Requirements for digital watermark are produced. Possible image attacks are reviewed. Modern modifications of embedding algorithms are studied. Robustness of the differential energy watermark is investigated. Robustness is a special value, which formulae is given further in the article. DEW method modification is proposed, it’s advantages over original algorithm are described. Digital watermark serves as an additional layer of defense which is in most cases unknown to the violator. Scope of studied image attacks includes compression, filtration, scaling. In conclusion, it’s possible to use DEW watermarking in copyright protection, violator can easily be detected if images with embedded information are exchanged.

Published

2018

50. How the ecosystem of digital assistants can ensure the security of personal data

Author

Alexandr V. Mamaev and Kristina V. Mamaeva

Subjects

virtual assistants, blockchain, personal data, e-commerce, Short Message Service, lcsh:T58.5-58.64, lcsh:Information technology, business.industry, Commodity, Internet privacy, Commercial law, General Medicine, lcsh:Q350-390, Lawsuit, lcsh:Information theory, media_common.cataloged_instance, Confidentiality, Business, European union, Internet users, media_common

Abstract

Number of cybercrimes is constantly rising both in Europe, and around the world. The costs incurred from such malicious activities are rising correspondingly. According to the data collected by Jupiter Research these costs increased from $1.5 trillion in 2015 to $2 trillion in 2019. That is why European Union is expected to introduce major changes to the Personal Data Protection Acts which stayed mostly unchanged since the 1990s. The consequences of those changes will be felt in countries beyond the European Union. The personal data of internet users have long become a commodity on the e-commerce market. Yet the manipulations with the personal data cause concerns among both the users, who do not fully realize how and to what purposes their data are used, and governments, who try to protect the confidentiality remains by the law. Despite that the number of incidents with data leaks continues to rise exponentially. In December 2017 the lawyers from Hill Dickinson, a UK commercial law firm, filed a lawsuit against Google regarding unlawful collection of the iPhone users’ data. Another company that is about to have problems with law is Uber Technologiesm, which sent SMS messages to its clients without obtaining formal permissions for that. Finally, in March 2018 it was Facebook which had to explain the way the personal data on more than 80 million users have leaked and ended up in the hands of a third party. The authors of this article assessed the possibilities for introducing the ecosystem of virtual assistants and blockchain technology for safe and depersonalized data processing as well as its further use. This system opens broad unexpected opportunities for the machine-to-machine-marketing.

Published

2018