Your search keyword '"lcsh:Q350-390"' showing total 939 results

1. Features of information security of computer systems

Author

Dmitry P. Zegzhda and Igor Y. Zhukov

Subjects

computer system architecture, hardware protection technologies, virtualization, malicious impacts, technological independence, import substitution, lcsh:T58.5-58.64, lcsh:Information technology, lcsh:Information theory, General Medicine, lcsh:Q350-390

Abstract

Цель статьи – комплексный анализ вопросов технологической независимости и информационной безопасности вычислительных систем. Применение системного подхода предполагает анализ технологий защиты на всех уровнях архитектуры и их взаимодействие между собой. Рассматриваются аппаратные технологии защиты на уровне процессора и системы команд. Аппаратная поддержка виртуализации, которая обеспечивает поддержку со стороны аппаратного обеспечения такой функции как виртуализация операционных систем, становится необходимой функцией защиты и не уступает в важности уже классическим функциям: управление доступом, идентификация, аутентификация, аудит и контроль безопасности. Помимо аппаратной поддержки виртуализации рассмотрены реализации в современных процессорах группы технологий аппаратной поддержки обособленной доверенной среды. Проведен анализ возможности использования аппаратных технологий защиты злоумышленниками для вредоносных воздействий. По результатам исследований предложен подход по созданию отечественной защищенной архитектуры средств вычислительной техники (СВТ) с использованием зарубежных аппаратных технологий защиты. При этом импортозамещение не должно сводиться исключительно к репликации зарубежных решений, т.к. зарубежные СВТ содержат массу недокументированных возможностей и, как следствие, несут угрозу информационной безопасности.

Published

2021

2. Simulation of the dynamics of network attacks in automated systems of internal affairs bodies in the 'CPN Tools' software environment

Author

Evgeni A. Rogozin, Elena S. Ovchinnikova, and Irina G. Drovnikova

Subjects

lcsh:T58.5-58.64, lcsh:Information technology, lcsh:Information theory, General Medicine, information protection system, unauthorized access, network attack, information conflict, petri-markov network, probabilistic-time characteristics, simulation modeling, "cpn tools" software environment, lcsh:Q350-390

Abstract

The paper presents the results of simulation modeling of the dynamics of the implementation of a network attack in its conflict interaction with the information protection system from unauthorized access of an automated system in the form of quantitative values of the probabilistic and time characteristics of the attack. The aim of simulation modeling is to identify the possibility of using the results obtained in calculating the implementation probability and conducting an accurate quantitative assessment of the risk of network attacks on the information resource of automated systems operated in a protected version at the objects of Informatization of internal Affairs bodies. A generalized formal model of the functioning of a destabilizing influence is presented and a Petri-Markov network is constructed that reflects the dynamics of the information conflict, taking into account the differences in the capabilities of the conflicting parties. A simulation model describing the mechanism of information conflict "Network attack – protection system" was developed, and simulation was performed using the "CPN Tools" software environment. The results of simulation modeling are presented in the form of time statistics of the process of implementing a network attack in the dynamics of conflict interaction with the protection system. The average implementation times of typical network attacks on the information resource of protected automated systems of internal Affairs bodies, obtained by simulating these attacks using the Petri-Markov network in the "CPN Tools" software environment, are given. The prospects of using the results obtained to improve the real security of automated systems in their development and operation at the objects of Informatization of internal Affairs bodies are outlined.

Published

2021

3. Analysis of information security threats when processing confidential data in mobile systems

Author

Alexey V. Skrypnikov, Evgeniy A. Rogozin, Dmitriy G. Silka, Ludmila A. Obuhova, and Victor A. Khvostov

Subjects

mobile systems, mobile station, security gateway, mobile device manager, business.product_category, lcsh:T58.5-58.64, lcsh:Information technology, Computer science, Context (language use), General Medicine, Information security, Computer security, computer.software_genre, lcsh:Q350-390, Application security, lcsh:Information theory, Cellular network, Information system, Internet access, Mobile technology, business, Mobile device, computer

Abstract

The analysis of mobile technologies used to improve the quality of management in the banking sector, service and public administration is carried out. Based on the analysis of vulnerabilities of mobile stations (smartphones, tablets, smart devices, various peripheral devices of smart phones, etc.), technologies for providing Internet access for mobile systems (used in cellular networks, wireless access), as well as mobile services of information systems. A classification of information security threats is proposed and an analysis of the possibilities for implementing these threats is carried out. The aim of the work is to develop an up-to-date model of security threats to mobile technologies and to study the completeness and consistency of currently used mobile system protection tools, such as a mobile device manager, mobile application manager, trusted mobile application store, mobile application security gateway, etc. The paper discusses the sources of threats, vulnerabilities of technologies of mobile systems, the channels of exposure to threats, objects of exposure and the resulting damage from the implementation of threats that are characteristic of mobile systems and have different applications of threat implementations and vectors. The analysis of the context of the use of mobile medicine and the impact on the processes of providing medical services is carried out.

Published

2021

4. Topical issues of the problem of assessment of threats of cyber attacks on information resources of significant facilities of critical information infrastructure

Author

Victor V. Gaifulin, Vladimir M. Sychev, Dmitry V. Domrachev, Sergey V. Skryl, and Yulia V. Gracheva

Subjects

lcsh:T58.5-58.64, lcsh:Information technology, Computer science, Probabilistic logic, General Medicine, Information security, lcsh:Q350-390, Field (computer science), Information protection policy, Risk analysis (engineering), Critical information infrastructure, lcsh:Information theory, Relevance (information retrieval), Attack, Resilience (network), computer attack, critical information infrastructure objects, cyber stability of critical information infrastructure objects, the effectiveness of mechanisms for detecting, preventing and eliminating the consequences of computer attacks on information

Abstract

This paper opens a series of studies devoted to the problems of assessing the characteristics of measures to ensure the cyber resilience of information resources of critical information infrastructure objects. The paper substantiates the relevance of issues of increasing the efficiency of mechanisms for detecting, preventing and eliminating the consequences of computer attacks on the information resources of critical information infrastructure objects as a prerequisite for ensuring the cyber stability of these objects. A detailed analysis of the methodological apparatus of probabilistic assessment of the relevance of threats to information security is provided, the provisions of which are reflected in the regulatory and methodological documents of the FSTEC of Russia. The circumstances that do not allow characterizing the existing level of development of mathematical methods in the field of information protection against unauthorized access as high are analyzed. The necessity of solving the problems of adequate assessment of the effectiveness of mechanisms for detecting, preventing and eliminating the consequences of computer attacks on the information resources of critical information infrastructure objects is substantiated as a prerequisite for substantiating the requirements for measures to ensure the cyber stability of these segments.

Published

2021

5. Obfuscation of logic schemes of pseudo-random number generators based on linear and non-linear feedback shift registers

Author

Maria A. Stepanova, Michael A. Ivanov, Evgeniy A. Salikov, and Irina G. Konnova

Subjects

Pseudorandom number generator, Obfuscation (software), Nonlinear system, lcsh:T58.5-58.64, lcsh:Information technology, Computer science, lcsh:Information theory, obfuscation, linear feedback shift register, non-linear feedback shift register, (м + 1)-sequence, pseudo-random number generator, General Medicine, lcsh:Q350-390, Algorithm, Shift register

Abstract

The paper describes methods of protection against reverse engineering of logic circuits of pseudo-random number generators (PRNG) on linear and non-linear feedback shift registers. These methods are based on the use of additional logic elements in the structure of the generator to hide its original functionality. Obfuscation of the generator logic circuit changes its design such that the device works correctly only if the signals at the additional key inputs of the generator take on the correct values. It is shown that even with a small bit capacity of generators, it is possible to provide a huge number of PRNG implementations with different numbers of states and different properties. The concept of a (М + 1)-sequence generator is introduced. The possibility of transforming (M – 1)- and (M – 3)-sequences generators into (M + 1)-sequences generators is demonstrated. The proposed methods can be used to ensure the security of IoT devices.

Published

2021

6. Reengineering of business processes of a commercial bank in the information space

Author

Alexander A. Berdyugin

Subjects

010101 applied mathematics, lcsh:T58.5-58.64, lcsh:Information technology, lcsh:Information theory, reengineering of business processes, electronic banking technologies, the risk of cyberattacks, information security, high-speed printing method, 010103 numerical & computational mathematics, General Medicine, 0101 mathematics, lcsh:Q350-390, 01 natural sciences

Abstract

The need in this research arises since issues of labor reorganization in a financial institution has not been elaborated and studied scientifically and practically, considering development of technology and cybercrime. The article deals with reorganization of labor in a credit and financial institution. The object of research is the operations of a credit institution. The subject is reengineering of business processes of a Bank, which is an alternative to the “Six Sigma” and “Kaizen” methods. The purpose of these methods is to improve the quality of business processes of a commercial bank minimizing the number of operational errors. The review of sources made it possible to determine the requirements for ensuring cybersecurity and increasing customer confidence in electronic banking technologies. Development dynamics of the countries of the world according to their readiness of transition to e-government, depending on the value of the gross national product per capita, is analyzed. As a key performance indicator of the company, an assessment method has been developed for calculate the amount of fine for cybercriminals. An example of a quantitative assessment of the penalty is given. The studied reengineering of the business process of a commercial bank is aimed at improving the process of work of the client and the bank employee at the computer. The necessity of introducing the method of high-speed typing (a topic related to cybersecurity) in the educational program of Russia is investigated and justified. The research results may be of further use for the development of risk management in credit institutions using electronic banking technologies.

Published

2021

7. Analysis of the structure of construction and the main tactical and technical characteristics of automated security systems for stationary remote objects of increased security

Author

Vitaliy G. Ivanenko and Vladimir L. Evseev

Subjects

Physics, lcsh:T58.5-58.64, lcsh:Information technology, lcsh:Information theory, General Medicine, automated security system, structural diagram, objects of increased security, decomposition into subsystems, perimeter and local protection zones, efficiency indicator, reliability indicator, operational stability indicator, life cycle cost indicator, lcsh:Q350-390, Mathematical physics

Abstract

Для формализации математической постановки задачи исследования по обоснованию программ модернизации автоматизированных систем охраны был проанализирован их состав, структура построения и основные тактико-технические характеристики. Современные системы охраны стационарных удаленных объектов повышенной защищенности представляют собой сложные автоматизированные системы, включающие в свой состав несколько функционально завершенных и объединенных в единый комплекс подсистем и дежурные силы охраны. Анализ структурной схемы типовых автоматизированных систем охраны стационарных удаленных объектов повышенной защищенности показал, что в общем случае применительно к рассматриваемой задаче существующих систем охраны целесообразно использовать декомпозицию на подсистемы, как способ метода системного анализа. С помощью подсистем автоматизированных систем охраны формируются периметровая и локальные зоны охраны. Каждая из подсистем и входящие в нее составные части в процессе функционирования выполняют одну или несколько функций, возлагаемых на систему охраны в целом. Результаты анализа показывают, что существующие автоматизированные системы охраны не в полной мере соответствуют требованиям руководящих документов, указывая, таким образом, на возможные направления их модернизации, включая применение технических средств обнаружения, работающих на различных физических принципах действия, телевизионных средств наблюдения и средств проноса (провоза) запрещенных материалов. Причем, принципиально возможна частичная модернизация в виде замены одного из двух технических средств обнаружения на более совершенные. Результаты исследования показали, что основными характеристиками автоматизированных систем охраны, определяющими их качество, являются интегральные показатели: эффективности; надежности; устойчивости функционирования; стоимости создания и эксплуатации автоматизированных систем охраны. Объединение нескольких интегральных показателей в один комплексный показатель было осуществлено с помощью процедур их специальной логико-весовой обработки, предусматриваемых в методе расстановки приоритетов. С учетом проведенного анализа состава, структуры построения и основных тактико-технических характеристик автоматизированных систем охраны, в дальнейшем может быть сформулирована математическая постановка задачи исследования.

Published

2021

8. Universal triple encoding for compression and protecting binary data

Author

Igor M. Yadykin and Victor A. Shurygin

Subjects

Lossless compression, Sequence, lcsh:T58.5-58.64, business.industry, Computer science, lcsh:Information technology, Binary number, General Medicine, data compression, encoding, data storage, data protection, recurrence relation, lossless compression, lcsh:Q350-390, Binary data, Computer data storage, lcsh:Information theory, business, Algorithm, Row, Block (data storage), Data compression

Abstract

The paper is devoted to the actual problem of compression of processed and transmitted data, as well as of the data storage and protection. The analysis and features of data compression methods are presented. The method of universal coding by triples of binary sets (CT) is considered. The method is intended for lossless compression of binary data under conditions of unknown message source statistics. The method is based on dividing the original sequence of binary data into blocks of length n . Based on the analysis of the contents of the n–block, three parameters are assigned to each block: the number of units in the block, the sum of the unit position numbers, and the number of this particular combination in the corresponding prefix class. Approaches to reducing the complexity of procedures for calculating the parameters of CT are considered. A tabular algorithm for calculating coefficients and an algorithm for filling table rows using a recursive relation for elements of sets and an estimate of the amount of memory for storing tables as well as the ways to reduce the memory capacity are presented. The dependence of the bit width of the QT codewords on the bit width of n -blocks is considered. The approaches and features of the use of coding by triplets for information protection are analyzed.

Published

2021

9. Assessing the resilience of critical information infrastructures to information security threats

Author

Alexander S. Mosolov, Andrey Evgenievich Krasnov, and Nataliya A. Feoktistova

Subjects

lcsh:T58.5-58.64, lcsh:Information technology, lcsh:Information theory, threat, risk, resilience, stability, graph, relationships, independence, weak dependence, strong dependence, feedback, General Medicine, Humanities, lcsh:Q350-390, Mathematics

Abstract

This paper describes the methodology for comprehensive assessment of the vulnerability of critical information infrastructure (CII) and its critical elements at hazardous production facilities, including those of the fuel and energy production. The elements of CII at such enterprises, first of all, include automated control systems for technological processes. The smooth operation of complex technological and production processes based on critical elements depends on the normal functioning of the CII. Therefore, the assessment of vulnerabilities in the information security system, as well as the study of the security system stability at the facilities as a whole, will allow taking preventive measures against various types of threats. The following methods were used in this study. Methods of system analysis (decomposition and synthesis): when assessing the resilience of an information system as a whole, its hierarchical structure is considered using the example of a graph with possible structural connections of the components (assets) of the system. Four types of asset relationships are considered (their complete independence, weak dependence, strong dependence, feedback). Assessing the resilience of the system as a whole is based on calculating the resilience of its paired assets and information technology of recurrent recalculation when new components are connected. The method of simulation modeling, in particular, for modeling the impact of information security risks on CII in conditions of incomplete and ambiguous data on their components, logical and probabilistic methods - for assessing the impact of risks both on the components (assets) of the information system, and the system as a whole, taking into account the hierarchical relationship of these assets. The Monte Carlo method was used to assess the impact of the basic threat of "technical impact" (information security and physical protection systems) on the security risks of production facilities. The implementation of measures to assess the resilience of information systems and the security systems stability is focused on critical objects in medicine, education, industry, and public administration.

Published

2021

10. Protection of the data integrity in telemetry systems about the state of mobile objects

Author

Arkadıi I. Frıd, Viktoriya Berkholts, and Alekseı M. Vulfın

Subjects

aircraft engine, telemetry, data integrity, insider, time series, time series proximity, lcsh:T58.5-58.64, lcsh:Information technology, lcsh:Information theory, General Medicine, lcsh:Q350-390

Abstract

The paper presents a method for monitoring the integrity of telemetric data on the state of a mobile object, namely, an aircraft engine, based on a comparison of technological time series. The technological time series obtained from the mobile object are compared with the technological time series generated by the model of the mobile object at the developer (manufacturer). Comparison of time series is carried out in the selected time window by calculating the consistency parameters: the coefficient of determination, Euclidean distance and the average percentage of deviations. According to the calculated consistency parameters, the type of consistency in a given time window (7 types) is determined, and the type of dynamics of the mobile object is also determined: static or dynamic. The decision on data integrity is made according to the formulated rules of fuzzy logic, which are based on three parameters: the type of dynamics of the mobile object, the type of consistency of technological time series and the signal of the control system. Testing of the proposed method was carried out on the data generated by the automatic control system of the aircraft engine. The estimate of the probability of the correctness of the decision made was 0.85.

Published

2020

11. Using a virtual laboratory environment for penetration-testing skills training

Author

Nikita S. Zhdanov and Andrey V. Materukhin

Subjects

Physics, Skills training, lcsh:T58.5-58.64, lcsh:Information technology, virtual laboratory environment, penetration-testing skills, information security, distance learning, ComputingMilieux_COMPUTERSANDEDUCATION, lcsh:Information theory, General Medicine, Humanities, lcsh:Q350-390

Abstract

В статье описывается разработанная авторами виртуальная лабораторная среда для обучения навыкам тестирования на проникновение с обоснованием принятых проектных решений, а также результаты проведенного исследования применимости разработанной виртуальной лабораторной среды для обучения навыкам тестирования на проникновение в учебном процессе по направлению подготовки 10.03.01 «Информационная безопасность». Показано, что виртуальная лабораторная среда для обучения навыкам тестирования на проникновение вполне может быть реализована с использованием программного обеспечения с открытым исходным кодом. Реализованная программная среда предъявляет достаточно умеренные требования к аппаратной платформе (конкретизированные в тексте статьи), на которой она должна выполняться. Проведенное исследование применимости показало, что разработанная виртуальная лабораторная среда может быть использована в учебном процессе с применением дистанционных образовательных технологий и позволяет сформировать у студентов практические навыки использования методов тестирования на проникновение на примерах объектов различных уровней сложности.

Published

2020

12. Ensuring the security of state information systems in conditions of uncertainty

Author

Grigory P. Gavdan and Rustem V. Penerdji

Subjects

lcsh:T58.5-58.64, lcsh:Information technology, lcsh:Information theory, General Medicine, information security, state information system, state management bodies, information system, object of computer attacks, information security threat assessment, management, lcsh:Q350-390

Abstract

Целью написания статьи является рассмотрение вопросов связанных с обеспечением безопасности информации информационных систем (ИС). Актуальность работы обусловлена, прежде всего, тем, что число кибератак на различные сферы экономики российского государства не уменьшается, а с каждым годом продолжает расти. Наблюдается растущий интерес к информации, циркулирующей в государственных органах управления (всех уровней) и государственных информационных систем (ГИС). Порой важные стратегические (государственные) задачи зачастую приходится отодвигать на «задний» план перед необходимостью решения срочных (важных сиюминутных) тактических задач. ГИС это неотъемлемая часть достаточно сложной системы управления, а (само) управление (фактически) становится ситуационным, а значит, и роль структур государственного управления, и ГИС, в этих условиях не утратила своей актуальности. Предметом исследования в работе является обеспечение безопасности ГИС в условиях неопределенности. Для достижения поставленной цели в работе проводится анализ нормативно правовых актов Российской Федерации. ГИС рассмотрены, как объекты компьютерных атак в условиях неопределенности. Разработана методика категорирования ГИС. В статье рассмотрены основные определения, аргументы и приведены источники, подтверждающие важность оценки угроз безопасности информации ГИС. В результате проведенных в работе исследований подтверждены возрастающая значимость защиты и актуальность разработки методики по оценке угроз безопасности информации. Вывод: правильно поставленная работа (с исходными данными) для проведения исследования в условиях высокой степени их неопределенности является ключевым моментом в решении любых задач, связанных с обеспечением информационной безопасности, в том числе и ГИС. Результаты исследования могут быть использованы при разработке методики оценки угроз безопасности государственных информационных систем.

Published

2020

13. Analysis vulnerabilities of user authentication process using Active Directory

Author

Daniil A. Pokhachevskiy

Subjects

lcsh:T58.5-58.64, lcsh:Information technology, lcsh:Information theory, General Medicine, lcsh:Q350-390, directory service, active directory, user authentication, threat model, object-oriented approach, safety requirements

Abstract

В статье представлены результаты анализа и синтеза научно-технической литературы, нормативных актов, стандартов в области обеспечения информационной безопасности информационных систем (ИС), использующих сторонние сервисы аутентификации пользователей. Вводится контекст рассматриваемой ИС. Описываются уязвимости, возникающие при аутентификации пользователей с использованием службы каталогов Active Directory. На основе функциональных особенностей клиентского приложения, входящего в ИС, проводится построение концептуальной модели угроз информационной безопасности ИС, которая применяется для выявления и исследования возможных атак на процесс аутентификации пользователей. В результате выявления критических мест безопасности системы, формируются основные требования, соблюдение которых позволит повысить состояние защищенности систем, а именно: необходимость обеспечения подлинности и целостности ЭВМ, принимающих участие в процессе аутентификации пользователей в приложении, необходимость обеспечения конфиденциальности передаваемых и хранимых аутентифицирующих данных пользователей. Результаты данной работы позволяют обезопасить процесс аутентификации с использованием технологии Active Directory, а также проводить дальнейшие исследования в области аутентификации пользователей в распределенных системах. Проведенный анализ позволяет сделать вывод о безопасности применения предложенного способа аутентификации при соблюдении выявленных требований.

Published

2020

14. The distributed ledgers ensuring privacy-preserving transactions

Author

Sergey V. Zapechnikov

Subjects

Security properties, Cryptographic primitive, lcsh:T58.5-58.64, Computer science, lcsh:Information technology, Homomorphic encryption, General Medicine, Computer security, computer.software_genre, Mathematical proof, lcsh:Q350-390, distributed ledger, blockchain technologies, cryptocurrency, consensus, state machine replication, confidentiality, Development (topology), Ring signature, lcsh:Information theory, Database transaction, computer

Abstract

The paper is devoted to the actual problem of ensuring privacy during performing transactions in distributed ledgers. We discuss various aspects of transaction privacy, as well as the specifics of setting the problem for distributed ledgers with two main models for representing participants' balances: the UTXO-model and the account model. Based on these results, we outline definitions and consider security properties of the main cryptographic primitives used for preserving the privacy of transactions: mixers, ring signatures, homomorphic encryption, and zero-knowledge proofs. We analyze well-known solutions for distributed ledgers based on the UTXO-model, such as Zcash, Monero, Zcoin, Dash, CoinShuffle, Verge, Grin, and others, as well as for systems based on the account model: DSC, Zether, Zeth, BlockMaze. Based on the comparison of advantages, disadvantages, and limitations for existing solutions, conclusions are drawn about the future development of distributed ledgers that ensure the privacy of transactions, and new research tasks are outlined.

Published

2020

15. Systematization of security characteristics of educational activities for training specialists in the field of information security

Author

Le Vu Huong Giang Le Vu Huong Giang, Alexandr V. Zaryaev, Sergey V. Skryl, Elena Smirnova, and Anzhelika S. Khmelina

Subjects

Structure (mathematical logic), Knowledge management, lcsh:T58.5-58.64, lcsh:Information technology, Computer science, business.industry, Process (engineering), Information processing, Context (language use), General Medicine, Information security, lcsh:Q350-390, training of specialists in the field of information security, security of educational activities, quantitative assessment methods, qualitative assessment methods, structure of characteristics of educational activity security, Scale (social sciences), lcsh:Information theory, Decision table, business, Qualitative research

Abstract

The possibility of extending the patterns characteristic of the information process to the educational process is substantiated in this paper. The features of the manifestation of information security properties in the context of educational activities related to the training of specialists in the field of information security are considered. The disadvantages of evaluating this property by quantitative methods are analyzed. It substantiates the possibility of assessing the security of educational activity by qualitative methods. Classification grounds for systematization of security characteristics are determined. The structure of the characteristics of the security of educational activities for the training of specialists in the field of information security is given. Methodological provisions for the implementation of the synthesis procedure of this structure are formulated. Variants of characteristic tables and an example of a decision table for assessing the values of the security characteristics of educational activities in terms of a linguistic scale are given. The results obtained will allow us to assess the feasibility of carrying out measures practically to ensure the information security of educational activities. The developed method can be considered as a methodological support for solving the practical problem of assessing the security of educational activities.

Published

2020

16. Investigation of information security issues for graph databases suitable for big data processing while detecting money laundering and terrorism financing cases

Author

Andrey Nikiforov, Lidiia L. Kulagina, Natalia Miloslavskaya, and Kirill Plaksiy

Subjects

money laundering, terrorism financing, ml/ft, information security, typology, big data, database management system (dbms), information security threats, vulnerabilities, lcsh:T58.5-58.64, lcsh:Information technology, lcsh:Information theory, General Medicine, lcsh:Q350-390

Abstract

The information security (IS) issues in the currently popular graph database management systems (DBMS), suitable for big data processing and storing information created during the generation of criminal cases on money laundering and financing of terrorism (ML/FT), are examined. This paper continues the previous authors’ research and aims to analyze IS threats and vulnerabilities of graph DBMS. These DBMS differ from the relational ones in the type of stored data and the principle of their storage; therefore the compiling of a list of IS threats is urgent due to its absence on a global scale. The original IS threat list and methods for protecting against them, as well as some recommendations for eliminating vulnerabilities used by IS threats are proposed. The obtained results are based on the analysis of IS threats for conventional DBMS and taking into account the peculiarities of graph DBMS, their structure as well as vulnerabilities of specific graph DBMS.

Published

2020

17. Features of the risk-based approach to ensure cyber security of industrial facilities

Author

Sergey E. Pareve, Dmitry I. Pravikov, and Vladimir G. Karataev

Subjects

cybersecurity, risk assessment, risk-oriented approach, iacs, ics, cyber physical systems, integrated safety and security, lcsh:T58.5-58.64, lcsh:Information technology, lcsh:Information theory, General Medicine, lcsh:Q350-390

Abstract

В статье анализируется взаимосвязь понятия «безопасность» с производными понятиями. Выделена объективная научно-практическая потребность в научном и регуляторном закреплении термина «кибербезопасность», дано его определение. В результате анализа перспективных подходов к обеспечению безопасности отмечена сохраняющаяся актуальность риск-ориентированного подхода. При этом в качестве методов оценки рисков кибербезопасности в ближайшей перспективе будут рассматриваться экспертные методы на основе возможного ущерба. Сделан вывод о необходимости развития инструментов автоматизации оценки рисков кибербезопасности при применении инженерных методик расчета cyberPHA, Security PHA Review и других. В академическом плане наиболее приоритетным направлением исследований остается проблема моделирования и разработки моделей вычисления вероятности наступления рисков кибербезопасности в киберфизических системах.

Published

2020

18. Adapted method for monitoring functional failures in NOR FLASH-memory during tests for resistance to heavy charged particles

Author

Sergey B. Shmakov, I. I. Shvetsov-Shilovskiy, and Roman I. Gvozdev

Subjects

Materials science, lcsh:T58.5-58.64, lcsh:Information technology, lcsh:Information theory, General Medicine, Composite material, lcsh:Q350-390, Flash memory, Charged particle, functional failures, heavy charged particles, resistance, chip, a hardware-software complex

Abstract

This study offers an adapted method for monitoring functional failures in NOR flash memory during tests for resistance to heavy charged particles. The experiment was conducted on the basis of the "U-400" cyclotron. Experimental results of approbation of the adapted method have shown the need to divide functional failures (FF) into 5 types depending on the nature of each FF and confirm the need to adapt the methodology and monitoring tools to assess the parameters of sensitivity to the effects of heavy charged particles (HCP) on single radiation effects (SRE) of the FF. The obtained results provide additional data on the parameters of the sensitivity of chips to the effects of HCP on the SRE to the equipment manufacturer for the development of a system for parrying the observed effects in the equipment in order to increase the security of stored information.

Published

2020

19. Measurement of criteria parameters of analog-to-digital converters and monitoring of their changes during the radiation experiment

Author

D. V. Bobrovsky, Anastasya V. Ulanova, Alexander A. Demidov, Georgy S. Sorokoumov, and Roman S. Torshin

Subjects

lcsh:T58.5-58.64, Computer science, lcsh:Information technology, Electronic engineering, lcsh:Information theory, General Medicine, analog to digital converter, histogram test, dynamic parameters adc, static parameters adc, testing microchips, absorbed dose, Radiation, Converters, lcsh:Q350-390

Abstract

The paper presents a method for testing ADC, intended for measurement the basic parameters of converters by histogram test (or code density test). This method is ideally suited for modern wide bandwidth high precision ADCs and is universally accepted, especially with the proliferation of standard PC-based software and ADC manufacturer’s evaluation boards. The histogram and Fast Fourier transform (FFT) tests use essentially the same hardware, both are normally part of a comprehensive ADC test plan [1]. Modular Instrumentation System PXI of NI and Signal Generator SMA100B (ROHDE & SCHWARZ) were used as test equipment for the tests. The basic static and dynamic parameters of the ADC AD7888 were calculated using this method. The degradation of the main parameters of the ADC AD7888 under the influence of the absorbed dose at the «RIK-0401» x-ray unit is presented in the paper.

Published

2020

20. Network attacks main danger indicators formation in Internal Affairs Bodies automated systems

Author

Irina G. Drovnikova, Evgeni A. Rogozin, and Elena S. Ovchinnikova

Subjects

lcsh:T58.5-58.64, lcsh:Information technology, lcsh:Information theory, General Medicine, automated system, network attack, information risk, dynamic integral danger indicator, quantitative danger assessment, lcsh:Q350-390

Abstract

The purpose of this study is to analyze the existing indicators used in information security implementing threats risk assessing in automated systems. The goal is to identify its advantages, disadvantages and application possibilities, when conducting implementing danger network attacks quantitative assessment on automated systems operated in a secure execution at the Internal Affairs Bodies informatization objects. To achieve this goal we use the method of system analysis of threat hazard indicators based on research of open literature sources, international and industry standards of the Russian Federation for information protection in automated systems, methodological and guiding documents and orders of the Federal service for technical and expert control of Russia on the problem of assessing the risk of unauthorized access to automated systems, as well as the regulatory framework of the Ministry of internal Affairs of Russia, regulating the operation of automated systems of internal Affairs bodies in a protected version. The risk model of the automated system is analyzed to make a correct choice of adequate indicators when conducting a quantitative analysis of the risk of information security violations. To conduct network attacks danger quantitative assessment and study them in a dynamic mode, the main directions for improving the identified indicators are proposed, taking into account Internal Affairs Bodies protected automated systems operation actual features and disadvantages. Development of a dynamic integral attack hazard indicator that reflects the real dynamic properties of the process of implementing a set of typical network attacks on an automated system, and improvement of existing mathematical software for assessing the risk of network attacks by determining the probability-time characteristics of multiple parallel attacks implemented model-based simulation will allow to quantify risk and increase the real security of the automated systems in process of their operation on the objects of Informatization of Internal Affairs bodies.

Published

2020

21. The use of microelectronics radiation behavior asphysical uncloned function to find counterfeit

Author

Anatoly P. Durakovskiy, Leonid N. Kessarinskiy, and Alexey O. Shirin

Subjects

electronics, counterfeit, radiation, chips, physical uncloned function, lcsh:T58.5-58.64, lcsh:Information technology, lcsh:Information theory, General Medicine, lcsh:Q350-390

Abstract

Статья посвящена проблеме подделки электронных устройств. Постоянно растущие требования к характеристикам и функциональным возможностям изделий электронной компонентной базы (ЭКБ), применяющимся в ответственной аппаратуре (космических аппаратах, технике двойного и специального назначения, транспорте и т.д.), приводят к применению продукции коммерческой категории качества иностранного производства. Таким образом, возникает риск применения ЭКБ контрафактного происхождения, что определяет необходимость проводить испытания и исследования, подтверждающие аутентичность изделий. Но даже применение всего арсенала методов исследований не гарантирует 100% достоверности результата, подтверждающего аутентичность изделия. Кроме того, глобальная тенденция заключается в том, что количество поддельных микросхем (и не только микросхем) увеличивается, но эффективность методов обнаружения падает. Одним из методов борьбы с контрафакцией является маркировка подлинных компонентов. И самый безопасный для маркировки метод, основанный на физически неклонируемых функциях (ФНФ) т.е. таких свойств изделия, которые невозможно воспроизвести в следствие естественного разброса характеристик паразитных структур, неопределенности результатов случайных процессов технологии производства. Распределение амплитуд ионизационных откликов и радиационная деградация параметров по мере накопления поглощенной дозы является одной из таких ФНФ т.к. обладает нужными свойствами: невозможностью воспроизведения с одной стороны, и однородностью результатов в рамках одной партии микросхем или транзисторов с другой стороны. Поэтому предлагается использовать различные признаки ухудшения радиационного поведения в качестве ФНФ. Несколько примеров такого использования представлены в статье.

Published

2020

22. The influence of high ionizing dose rate on CMOS IC radiation hardness used in da-ta transmission elements

Author

Vladislav D. Kalashnikov, Pavel A. Balamutov, A.V. Sogoyan, Alexey Yu. Egorov, Andrey B. Karakozov, and A.V. Ulanova

Subjects

Materials science, lcsh:T58.5-58.64, business.industry, lcsh:Information technology, information security, radiation hardness, cmos vlsi, total dose effect, dose-rate, General Medicine, lcsh:Q350-390, Ionizing radiation, CMOS, Transmission (telecommunications), lcsh:Information theory, Optoelectronics, Dose rate, business, Radiation hardening

Abstract

In this work, the effect of the irradiation intensity on the radiation hardness of CMOS integrated circuits (ICs) was studied. We investigated 3 types of ICs manufactured according to design rules from 0.8 to 3 microns, and used in various information transmission systems: 1586IN4, HEF4093BT and MC14504B. The U-31/33 accelerator of electrons has been used for the study in both gamma-ray mode (for moderate intensity) and pulse electron generation mode (for high intensity). As a result, it was revealed that an increase in the intensity of exposure by 4 orders of magnitude might result in a radiation hardness decrease up to factor of 30. This circumstance has to be taken into account when testing CMOS ICs for radiation hardness to high intensity effects. The obtained experimental data confirm theoretical understanding of the influence of increased irradiation intensity on the dose hardness of CMOS ICs.

Published

2020

23. The knowledge graph concept of decision support system in preliminary investigation

Author

Andrey Trufanov and Sergey V. Duga

Subjects

Decision support system, Information retrieval, informatization of investigations, knowledge graph, graph data model, complex networks, network analysis, Knowledge graph, lcsh:T58.5-58.64, Computer science, lcsh:Information technology, lcsh:Information theory, General Medicine, lcsh:Q350-390

Abstract

Particular definitions of the concept of "Knowledge Graph" (knowledge network) are considered, and a generalizing author's definition of the concept of "knowledge networks" is given. The position of the knowledge network in the General context of network science is revealed. Real-world examples show how network (graph) data models can be effectively used in the subject area of preliminary investigation. The levels of implementation and the main advantages of the concept are discussed.

Published

2020

24. Evaluating CMOS chip sensitivity parameters to single event upsets under influence of neutrons by the burst generation rate function

Author

Nikolay D. Kravchenko, Alexander I. Chumakov, Dmitry O. Titovets, D. V. Bobrovsky, and Andrey B. Karakozov

Subjects

Physics, Cmos chip, information security, single event upset (seu), neutrons, cmos very large-scale integration (vlsi), burst generation rate (bgr), microprocessors (mpu), microcontrollers (mcu), field-programmable gate array (fpga), lcsh:T58.5-58.64, lcsh:Information technology, Event (relativity), General Medicine, Function (mathematics), Generation rate, Hardware_PERFORMANCEANDRELIABILITY, lcsh:Q350-390, Electronic engineering, lcsh:Information theory, Neutron, Sensitivity (control systems)

Abstract

The development of the technological process in electronics has led to the problem of single event upsets (SEU) in microchips when exposed to neutrons causing loss of information and errors. To evaluate sensitivity of CMOS VLSI to SEU caused by neutrons we propose BGR method. To test this approach we apply BGR method to the data obtained by irradiation of several types of ICs:Artix and Spartan FPGAs (Xilinx) and STM32 microcontroller (ST Microelectronics). Test setup was built using modular devices by National Instruments. In this study, we also consider the areas for which neutron influence evaluation is relevant and present an overview of the available data on neutron induced SEU in CMOS chips. A description of the BGR method and experimental results are given.

Published

2020

25. Information security of state information systems

Author

Rustem V. Penerdji and Grigory P. Gavdan

Subjects

010101 applied mathematics, lcsh:T58.5-58.64, lcsh:Information technology, state information system, public administration, information system, information property, critical information system, lcsh:Information theory, 010103 numerical & computational mathematics, General Medicine, 0101 mathematics, lcsh:Q350-390, 01 natural sciences

Abstract

The purpose of the paper is to consider issues related to the security of state information systems in the Russian Federation. The relevance of these issues is primarily due to the fact that the number of cyber-attacks (causing significant damage to the state) on various areas of its economy, including its state information systems, is increasing every year in Russia. For example, the national initiative for Cybersecurity Education (NICE) was launched in the United States several years ago. This event has not escaped the attention of Russian and other experts in the field of information security (is). The main areas of information property protection include: protection (state, official, commercial, banking, tax, insurance, personal data (PD), etc.) of secrets and intellectual property. State information systems include information technology tools and systems that rely on advanced scientific research, such as knowledge, advanced technologies (know-how), etc. Today, state information systems are an integral part of a fairly complex system of public administration. It is also important to recall the role of the Russian FSTEC regulator in ensuring information security. The subject of the research is SIS as the basis of management of state bodies. The paper focuses on current trends in the field of SIS information security, a brief overview of SIS legislation, and the critical information infrastructure (CII) of Russia's main geopolitical opponent. The main arguments for the importance of the chosen direction of work are discussed. Further research is expected to be conducted in the field of SIS security in an uncertain environment.

Published

2020

26. Algorithm for matching physical and logical addressing in memory chips using laser sources

Author

Viacheslav A. Chepov, Sergey B. Shmakov, and I. I. Shvetsov-Shilovskiy

Subjects

Logical address, Matching (statistics), lcsh:T58.5-58.64, Computer engineering, lcsh:Information technology, Computer science, law, lcsh:Information theory, General Medicine, Laser, lcsh:Q350-390, ionizing radiation, physical memory addressing, logical memory addressing, law.invention

Abstract

The paper presents the developed algorithm for correlating the physical and logical addressing in memory chips using laser radiation sources to determine the nature of failures in radiation tests. A variant of the hardware-software implementation of the algorithm is proposed, key software tools are presented. The algorithm was tested using the focused laser facility with the ability to irradiate a separate memory cell. The patterns of location of the memory cells in single memory block were obtained, necessary to compose the full correlation between the physical and logical addressing. The main experimental results of the algorithm approbation are shown, which confirm the possibility of developing the tool for visualizing the map of failures with one-bit precision. The adaptation of the tool for analyzing the hardness of a static random-access memory (SRAM) IC under pulsed ionizing radiation is presented.

Published

2020

27. The methodology for critical processes identifying at information infrastructure facilities

Author

Alexei A. Salkutsan, Grigory P. Gavdan, and Andrey A. Poluyanov

Subjects

Process management, lcsh:T58.5-58.64, Computer science, lcsh:Information technology, General Medicine, lcsh:Q350-390, Federal law, Order (exchange), State policy, significant objects, object categorization, critical processes, critical information infrastructure (cii), national information resources, cii subjects, Critical information infrastructure, lcsh:Information theory, Russian federation, State (computer science), Information infrastructure, Set (psychology)

Abstract

The aim of the study is to develop a methodology for determining critical processes in order to simplify the activities of critical information infrastructure (CII) entities for categorizing information infrastructure objects on the example of the chemical industry. The actuality of the problems under consideration is based on the fact that the number of cyber attacks in various areas of state activity, including significant objects (ZO) of CII, is not decreasing. To protect the national information resources of the Russian Federation in 2017, the actions have been chosen in the direction of protecting CII objects with the adoption of the Federal law "on the security of critical information infrastructure of the Russian Federation", which defined important directions of the Russian state policy in the information sphere for the next decade. Thus during its implementation, many subjects of critical information infrastructure have already had to face difficulties of various levels. The paper analyzes some fragments of solving the tasks set in the development of methods for determining critical processes at information infrastructure facilities, the sustainable functioning of which is regulated by a number of fundamental regulatory legal documents of the Russian Federation. In the course of the study, some features of determining critical processes at CII facilities, for example, in the chemical industry, were established. These features were later used in the development of a unique methodology for determining critical processes in the information infrastructure.

Published

2020

28. Simulation of organizational protection of a protected object based on the theory of automata and Petri nets

Author

Viktor V. Erokhin and Larisa Sergeevna Pritchina

Subjects

Discrete mathematics, lcsh:T58.5-58.64, lcsh:Information technology, lcsh:Information theory, Object based, General Medicine, information protection, petri nets, automata theory, lcsh:Q350-390, Mathematics

Abstract

The paper discusses the tasks of evaluating and modeling the actions of police units or other security structures for the organizational protection of a guarded object based on the theory of automata and Petri nets. The solution to the problem of creating a model of an attacker’s actions on a guarded object on the basis of the theory of automata is to determine the time of an attacker’s stay on a guarded object. The solution to the problem of modeling the organizational protection of a protected facility using Petri nets is to find parallel-to-work interconnected processes of security units during special operations. The methods of solving the protected object from the actions of an attacker are considered: a model of organizational protection of the protected object from the actions of an attacker based on the theory of automata; model of organizational protection based on Petri nets. This allows simulating the object’s protection system in time taking into account the specifics of threats both from the subjects of the criminal world and in emergency situations. In addition the presented approaches and modeling methods for the actions of security structures allow the most accurate assessment and optimization of their actions.

Published

2020

29. Approaches to online handwritten signature verification

Author

Anastasia Beresneva and Anna Epishkina

Subjects

lcsh:T58.5-58.64, business.industry, Computer science, lcsh:Information technology, lcsh:Information theory, Pattern recognition, General Medicine, Artificial intelligence, verification, authentication, biometric authentication, handwritten signature, machine learning, neural network, business, lcsh:Q350-390, Signature (logic)

Abstract

Handwritten signature is one of the most common methods of biometric authentication, where static and dynamic signature characteristics are used to confirm the user's identity. The existing developments are based on various technologies, such as the neural network, the hidden Markov model, and machine learning algorithms. This topic is rapidly developing, new approaches and algorithms for solving the problem improve the accuracy of verification and learning speed. The purpose of this study is to analyze existing approaches to the signature verification. The most promising algorithm will be used as the basis for the developed authentication system based on a handwritten signature.

Published

2020

30. Trust Model for the Russian Federation Digital Economy

Author

Dmitry A. Melnikov, Yury F. Releev, and Leonid D. Kvaratskheliya

Subjects

public key infrastructure, trust, integrity, nonrepudiation, certificate authority, validation authority, public key certificate, digital signature, lcsh:T58.5-58.64, lcsh:Information technology, lcsh:Information theory, General Medicine, lcsh:Q350-390

Abstract

В статье представлено исследование современных моделей доверия на основе инфраструктуры открытых криптографических ключей ( Public Key Infrastructure – PKI), целью которого является разработка российской национальной модели доверия. Для достижения поставленной цели была обоснована необходимость создания национальной инфраструктуры доверия в условиях перехода к цифровой экономике. Вместе с тем, в работе проведён анализ текущего состояния российской PKI, которое характеризуется отсутствием единой структуры удостоверяющих центров (УЦ) и единого федерального органа регулирования в области обеспечения криптографическими ключами (сертификатами открытых ключей). Анализ зарубежных PKI-моделей доверия позволил сделать вывод о том, что ни одна из таких моделей не может быть эталонной, и не может быть реализована в Российской Федерации. Основу предлагаемой модели составляет концепция распределённой системы центров подтверждения подлинности, которая имеет иерархическую структуру и позволит объединить все государственные и частные УЦ в единую динамическую систему, способную удовлетворить самые разнообразные потребности цифровой экономики и граждан Российской Федерации по обеспечению информационной безопасности. Реализация разработанной авторами модели доверия позволит, в первую очередь, предотвратить многие киберпреступления и попытки нанесения финансово-экономического ущерба субъектам информационного взаимодействия.

Published

2020

31. On the issue of categorization of objects of critical information infrastructure of seaports

Author

Kristina V. Natashova, Sergey S. Sokolov, Oleg N. Gubernatorov, Anatoliy P. Nyrkov, and Anton V. Kirikov

Subjects

lcsh:T58.5-58.64, lcsh:Information technology, lcsh:Information theory, General Medicine, lcsh:Q350-390, information security, critical information infrastructure, categorization, water transport, seaport

Abstract

The purpose of the article is to consider the problematic issues that arise during the categorization of CII objects. Seaports are of strategic importance for the development of the Russian Federation's economy and transport support for foreign trade. In accordance with Federal law No. 187-FZ of July 26, 2017 "on security of critical information infrastructure of the Russian Federation", seaports are subjects of CII in the field of transport. Compliance with the requirements of this law, in particular, addressing issues related to the categorization of CII objects in accordance with Russian Government Resolution No. 127 of February 8, 2018 "on approval of the rules for categorizing critical information infrastructure objects of the Russian Federation, as well as the list of indicators of the criteria for the significance of critical information infrastructure objects of the Russian Federation and their values", requires careful study and evaluation, because, that CI subjects are increasingly faced with the complexity of processes and the need to take into account the specifics of a particular area of their activities. This article considers the subject of the Kaliningrad commercial sea port CII and categorizes one of the information systems as the author's recommendations for the implementation of the Decree of the Government of the Russian Federation No. 127 of February 8, 2018 for information systems of seaports. In conclusion, the authors note the importance of developing industry regulations for categorizing and ensuring the security of CII, the importance of developing standard models of violators that would take into account industry characteristics, and the need to attract narrowly focused specialists to the work of the Commission, both from the organization and from outside.

Published

2020

32. Integrity monitoring of virtual machines components based on the KVM hypervisor

Author

Denis O. Stasyev

Subjects

lcsh:T58.5-58.64, Computer science, Virtual machine, lcsh:Information technology, virtualization, hypervisor, kvm, virtual machine, integrity, integrity control, components of virtual machines, Operating system, lcsh:Information theory, Hypervisor, General Medicine, computer.software_genre, computer, lcsh:Q350-390

Abstract

Today, virtualization is widely used to provide scalable resources. Since this technology means sharing resources using some abstract layer, the placement and processing of information of various access levels in such systems poses a security risk. To solve this problem, it is necessary to create additional systems for monitoring the integrity of the virtual infrastructure. Objective of the article: to isolate the components of VMs created on the basis of the KVM hypervisor for which integrity monitoring is necessary, describe existing methods for ensuring integrity monitoring and choose the best one for use in centralized systems. Research methods are plausible reasoning method, system analysis, formalization. The article identifies the components of virtual machines created on the basis of the KVM hypervisor for which integrity control is required, and existing methods for ensuring integrity control are described. The result of the article was the determination of the best method for use in centralized systems.

Published

2020

33. Development of secure architectures for process control systems

Author

Yan A. Sukhikh, Dmitry I. Pravikov, and Alexey A. Kuzichkin

Subjects

lcsh:T58.5-58.64, Computer science, lcsh:Information technology, Control system, Systems engineering, Key (cryptography), lcsh:Information theory, System safety, General Medicine, Industrial control system, Architecture, lcsh:Q350-390, ics/scada, information security, cybersecurity, secure ics/scada architecture, design methodology

Abstract

The IEC 62443 standard is the main document describing the requirements for building secure industrial control systems. However, a number of aspects are not properly described or not sufficiently detailed in the standard, and require additional detail for a proper implementation. In particular, the paper highlights main stages of secure industrial control systems architecture development. Secure architecture development approach is based on the “zones and conduits” concept and includes detailed description of inventory stage and zones and conduits determination. Considering that emergency shutdown systems (safety systems) are the key element preventing assets from major accidents, special attention is paid to its integration with control systems. Several integration methods are described with its advantages and disadvantages noted. Recommendations for the practical implementation of the proposed methodology are given.

Published

2020

34. Assessment of probabilities of computer attacks based on function

Author

Olga Makarova and Sergey V. Porshnev

Subjects

lcsh:T58.5-58.64, lcsh:Information technology, Computer science, lcsh:Information theory, General Medicine, Function (mathematics), Attack, lcsh:Q350-390, Algorithm, information system, information security, computer attack, intruder, probability of threats, expected utility, computer attack, expected utility function, key attack criteria of computer attack, criminology theory

Abstract

An objective assessment of the level of protection of an organization’s information system provided by an appropriate information security system (ISS), both at the stage of its design and at the operation stage, is possible based on the use of estimates of current and predicted probabilities of computer attacks of intruder of this IS using vulnerabilities ISS. To assess the probability of a computer attack by an intruder, this study proposes to use the expected utility function that takes into account key attack criteria of the possibility of a computer attack (criteria for choosing an object of a computer attack by an intruder, stages and methods of implementing an attack, methods of obtaining information about an object, skills of an intruder) and the expected usefulness of the attack (motives the offender, the state of the offender before a computer attack, in particular, his income, the principles for deciding on the conduct / continuation / termination of a computer attack intruder), modernized taking into account the characteristics of this type and crimes in the computer sphere. The proposed solution is based on the theory of provisions in criminology, which states that an attack is implemented by an intruder in cases where it is possible to implement an attack and, at the same time, the expected utility of the attack from the point of view of the offender is sufficient. It is demonstrated that the selected utility function adequately describes the relationship between the probability of a computer attack and the key attack criteria of a computer attack. The analysis of the modernized utility function, the results of which showed that: 1) the value of the expected utility, ceteris paribus, for the offender prone to risk, is determined by the probability of exposing it (which is equivalent to the likelihood of an inconspicuous computer attack), for the offender not prone to risk, - the severity of the punishment, therefore it is necessary to build a differentiated protection system depending on the type of intruder; 2) there is the possibility of a significant reduction in the number of potential violators by increasing revenues from the legal activities of security experts; 3) there is a dependence of the number of computer attacks for a certain period of time on the probability of an inconspicuous computer attack, the severity of the punishment, the presence and magnitude of alternative income (benefits).

Published

2020

35. Аnalysis of the process of functioning of subsystems of access control systems to protect information from unauthorized access and basic aspects their perfection in automated systems of internal affairs bodies

Author

Anna V. Batskih, Evgeni A. Rogozin, and Irina G. Drovnikova

Subjects

lcsh:T58.5-58.64, lcsh:Information technology, business.industry, Computer science, Process (engineering), media_common.quotation_subject, Perfection, Access control, General Medicine, Computer security, computer.software_genre, lcsh:Q350-390, information protection, information security system, access control subsystem, unauthorized access, authenticate users, keyboard handwriting, lcsh:Information theory, business, computer, media_common

Abstract

The paper presents the results of the analysis of scientific and technical literature and open regulatory and administrative documents of the international, Federal and departmental levels devoted to the process of functioning of information protection systems (SPI) from unauthorized access (UA) in automated systems (AS) at the objects of Informatization of internal Affairs bodies (ATS). Using the example of a typical certified SPI from UA «Strazh NT 4.0» the functionality of SPI from UA operating in protected ATS is analyzed, shortcomings are identified and the key aspects of improving subsystems of access control systems based on the use of new information and telecommunication technologies related to improving real security as on the objects of Informatization Department are defined. As a promising technology additional biometric authentication based on realization of recognition of the access subject on individual dynamics of a keyboard set (keyboard handwriting) is offered.

Published

2020

36. Software implementation of a DLP-system module for monitoring and controlling corporate network traffic using machine learning

Author

Anton A. Nedogarok, Nikolai V. Fedorov, Vitaly S. Shvychkov, and Maxim I. Kalayda

Subjects

lcsh:T58.5-58.64, Artificial neural network, lcsh:Information technology, Computer science, Control (management), Data classification, Process (computing), Array data type, General Medicine, Construct (python library), computer.software_genre, lcsh:Q350-390, Convolutional neural network, Software implementation, lcsh:Information theory, Data mining, computer, dlp-system, machine learning, neural network, confidential information, text classification, dataset

Abstract

The subject of this work is a neural network, the parameters of its architecture and the data array (dataset) for its training. The aim of the work is the software implementation of part of the DLP-system (Data Leak Prevention), which allows to monitor the traffic of a corporate network and to control the transfer of confidential data over this network using a neural network. The entire development process is represented by five stages: theory, design, preparation of data for training the neural network, training the neural network and testing the implemented system. There is a brief overview of the market for such solutions in the article. The parameters used to construct the neural network architecture used to solve the problem of text data classification are described in detail. The result of the work is a functioning part of the DLP system, which allows monitoring the traffic of a corporate network via a web-interface and controlling the transfer of confidential data over this network using a one-dimensional convolutional neural network 1D CNN.

Published

2020

37. Single event effects qualificatoin of integrated circuits

Author

Anatoly A. Smolin, Alexander I. Chumakov, and A.V. Sogoyan

Subjects

Physics, lcsh:T58.5-58.64, lcsh:Information technology, Mathematical analysis, Linear energy transfer, Cosmic ray, General Medicine, Integrated circuit, Radiation, single event effects, heavy ions, test requirements, radiation hardness parameters, qualification testing, integral circuits, Chip, lcsh:Q350-390, Charged particle, law.invention, Set (abstract data type), law, lcsh:Information theory, Radiation hardening

Abstract

The goal of qualification or monitoring of electronic device radiation testings is to ensure that devices meet the set of requirements. In some cases, this can be achieved without full characterization of radiation behavior, which leads to significant cost reduction of radiation testing. In this paper, we propose an approach to determining the test standards for evaluating the compliance of integrated circuits with the requirements for radiation hardness under heavy charged particle fluxes in outer space, set as restrictions on the frequency of single radiation effects (SER). The SER calculation is based on the known cosmic rays spectrum and effect’s cross-section dependence on linear energy transfer (LET) obtained during radiation testing. The SEE qualification based on test results for just one LET value is performed using additional conservative limits on saturated cross-section and threshold LET values. Analysis of compendium of experimental data has shown that for main SEE types these limiting values can be set as 3 MeVcm 2 /mg for threshold LET and 30% of chip surface area for saturated cross-section. Those assumptions allows us to calculate fluence and ion LET value required for part qualification for the required SER values. The proposed approach can be used to justify test requirements for SEE testing of integrated circuits.

Published

2020

38. Analysis and classification of the main threats to information security of automated systems at the objects of informatization of internal affairs bodies

Author

Evgeni A. Rogozin, Anna V. Batskih, Irina G. Drovnikova, and Elena S. Ovchinnikova

Subjects

Hierarchy, Service (systems architecture), lcsh:T58.5-58.64, lcsh:Information technology, Computer science, 010103 numerical & computational mathematics, General Medicine, Scientific literature, Information security, Computer security, computer.software_genre, lcsh:Q350-390, 01 natural sciences, Field (computer science), Information protection policy, 010101 applied mathematics, Documentation, information protection, information security, automated system, unauthorized access, vulnerability, information threat, network attack, lcsh:Information theory, 0101 mathematics, Informatization, computer

Abstract

The paper presents the results of the analysis of threats implemented through remote unauthorized access (UA) (network attacks) to the information resource of automated systems (AS) at the objects of Informatization of internal Affairs bodies (ATS), presented on the official website of the Federal service for technical and export control (FSTEC) of Russia (bdu.fstec.ru). Based on the analysis of international and sectoral standards of the Russian Federation, as well as regulatory documents of the FSTEC of Russia, and departmental documentation of the MIA of Russia, and the fiducial requirements on information security (IS), and scientific literature in the field of information protection (IP) it is developed a three-tiered hierarchy and classification scheme of the threats related to unauthorized access to the information resource as ATS. The analysis of the data Bank of information security threats developed by FSTEC of Russia, as well as vulnerabilities of components and software (SW) of ATS at ATS Informatization objects in terms of implementation of network attacks determined by the results of a survey of experts in the field of information security, allowed to reveal the content of the stages of a typical network attack and to classify attacks on ATS, using seven classification criteria. In accordance with the classification it was developed a list of the main attacks on ATS, including eight types of the most dangerous and often implemented at the present time network attacks, also taking into account the possible consequences of their implementation. The presented results are planned to be used in further quantitative assessment of the danger of the implementation of selected attacks and to develop a private model of actual attacks for a specific AU, taking into account the peculiarities of its functioning in a protected version at the ATS Informatization facility. This will allow making a number or proposals for the existing regulatory and administrative documents on IP in ATS in order to increase the real security of existing and prospective (developed) ACS at ATS Informatization facilities.

Published

2020

39. Approach to steganography storage in removable media file system

Author

Pavel V. Slipenchuk and Mihail V. Malahov

Subjects

File system, business.product_category, lcsh:T58.5-58.64, Steganography, lcsh:Information technology, Computer science, Data_CODINGANDINFORMATIONTHEORY, General Medicine, computer.software_genre, lcsh:Q350-390, Removable media, information security, data security, steganography, cryptography, file systems, perfectly secure steganography systems, lcsh:Information theory, Operating system, business, computer

Abstract

Problems of hidden storage and transmission of information are successfully solved by using steganography. The most common steganographic maskers for transmitting and storing information at a given time are media files, such as photos, videos, and audio files. The use of such maskers imposes a number of restrictions, one of which is a limit on the size of the embedded information. Thus, increasing the amount of hidden data changes the entropy properties of the masker and allows you to detect the fact of steganography. One of the alternative ways to ensure the possibility of steganographic concealment of large amounts of information is to use a fundamentally different method of concealment. In this regard, it becomes relevant to develop a method for steganographic storage of information in the file system, as a masker, in which you can secretly store quite large amounts of data. This paper presents an approach to steganographic storage of information in the file system of the extracted data carrier, which is usually an electronic data carrier with the FAT32 file system. During the analysis of existing steganography tools designed to hide information in file systems, their weaknesses and strengths were identified, on the basis of which the requirements for the developed tool were put forward. The paper presents a detailed description of the algorithms used in the new approach. Its main advantages and the situations in which its application is justified are described, as well as its perfection by the Cachin method is proved.

Published

2020

40. Hardness assurance levels and requirements for single event effects testing of integrated circuits

Author

Alexey O. Ahmetov, Anatoly A. Smolin, Vladimir F. Gerasimov, A.V. Ulanova, A.V. Sogoyan, Vitaly V. Khaustov, Evgeny V. Churilin, Nikolai V. Ryasnoy, Alexander A. Sashov, Dmitry V. Boychenko, Andrey V. Yanenko, D. V. Bobrovsky, Konstantin A. Chumakov, and Alexander I. Chumakov

Subjects

single event effects, hardness assurance levels, test requirements, Physics, lcsh:T58.5-58.64, Spacecraft, Basis (linear algebra), lcsh:Information technology, business.industry, Isotropy, General Medicine, Integrated circuit, Topology, lcsh:Q350-390, law.invention, law, lcsh:Information theory, Geostationary orbit, business, Event (particle physics), Energy (signal processing), Electronic circuit

Abstract

The paper presents an analysis of existing approaches to estimation of single event rate (SER) in integrated circuits under effects of charged particles of space radiation environment. These issues are of significant importance in the light of the expansion of the scope of practical application of cyber-physical control systems for space objects, since it is mainly due to the SER that information is lost in the register elements and in the memory cells of the electronic blocks of spacecraft. It is shown that existing models based on energy deposition in fixed sensitive volume are not applicable for SER estimations in case of high threshold linear energy transfer (LET) values. An alternative approach is proposed. It is based on diffusion charge collection model, which can be used to estimate the SER cross-sections in isotropic particle field. A universal dependence for SER estimation in integral circuits (ICs) at geostationary orbit is proposed and used as a basis for establishing classification of devices based on hardness assurance levels. The obtained results provide the grounds for setting test requirements that has to be met during single event effects testing of ICs.

Published

2020

41. Terms and definitions base development for counterfeit electronics test for critical information infrastructure objects

Author

Anatoly P. Durakovskiy, Leonid N. Kessarinskiy, and Alexey O. Shirin

Subjects

lcsh:T58.5-58.64, lcsh:Information technology, authentication, counterfeit, electronics components, microelectronics, lcsh:Information theory, General Medicine, lcsh:Q350-390

Abstract

Целью статьи является разработка предложений по формированию нормативного поля систем защиты от фальсификаций и контрафактной продукции, однозначно понимаемого набора терминов, сокращений и определений на основе гармонизированных отечественных и зарубежных стандартов в этой области. В программе цифровизации экономик развитых стран выделяется относительно новое направление развития так называемых киберфизических систем управления, в частности, промышленными технологическими процессами, что мотивирует постановку нетрадиционных задач по обеспечению безопасности критически важных объектов информационной инфраструктуры. Очевидной угрозой потери устойчивости технологических процессов является использование контрафактной элементной базы в условиях наблюдаемого общего увеличения доли контрафактной продукции, в том числе и в изделиях электронной компонентной базы. Поэтому появляется объективный запрос на системное решение проблемы выявления контрафакта не только с позиций охраны объектов интеллектуальной собственности, но и в аспекте обеспечения промышленной безопасности в ходе сертификации соответствующих технических решений. Учитывая, что для испытательных центров и лабораторий такая постановка связана с организацией достаточно нового вида деятельности в условиях недостаточности соответствующей нормативной базы. В работе проведен обзор зарубежных нормативных документов, определяющих методы и средства выявления контрафакта в радиоизделиях, который может быть использован в качестве начальной основы для формирования отечественной нормативной базы.

Published

2020

42. A methodological approach to identifying destructive information actions on a distributed process control system

Author

Irina S. Gefner, Alexandr S. Sukhoverkhov, Sergey V. Solovyov, and Sergey M. Kovalenko

Subjects

an emergency situation, information actions sequence, lcsh:T58.5-58.64, Risk analysis (engineering), lcsh:Information technology, Computer science, lcsh:Information theory, Process control, industrial facility, General Medicine, lcsh:Q350-390, distributed control system

Abstract

The aim of this study is to improve the methodological support for evaluating a possibility of implementing a sequence of information actions on a distributed control system leading to emergency situations. The problem of evaluating a possibility of implementing a sequence of information actions on a distributed control system leading to emergency situations is solved. A methodological approach is proposed to identify information actions sequences leading to an emergency situation at industrial facilities, based on the use of the method of time differences of machine learning with reinforcement. The effectiveness of the considered methodological approach in comparison with the method of equal probability search is estimated. An example of the implementation of the methodological approach in relation to the technological process used at industrial facilities is given.

Published

2020

43. Models and algorithms of privacy-preserving machine learning

Author

Sergey Zapechnikov

Subjects

Cryptographic primitive, lcsh:T58.5-58.64, business.industry, Computer science, Process (engineering), lcsh:Information technology, data mining, machine learning, deep learning, federated learning, transfer learning, privacy, secure multi-party computations, secret sharing scheme, homomorphic encryption, Cryptography, 010103 numerical & computational mathematics, General Medicine, Adversary, Computer security model, Machine learning, computer.software_genre, 01 natural sciences, lcsh:Q350-390, Field (computer science), Test (assessment), 010101 applied mathematics, Privacy preserving, lcsh:Information theory, Artificial intelligence, 0101 mathematics, business, computer

Abstract

The paper is devoted to the recent scientific problem of privacy-preserving machine learning. The problem actuality is determined by the growing need to use machine learning for personal data, as well as for data that make up commercial, medical, financial and other types of information protected by law. The aim of the study is to systematize the security models of machine learning, to identify algorithmic tools that can be used to ensure the privacy of the learning process and application of models, as well as to analyze the privacy-preserving machine learning systems. The paper presents the major concepts and definitions related to machine learning, provides a systematization of machine learning problems and methods of their solution, and pays attention to the modern and promising areas of development of machine learning. Among the tasks of machine learning are those for which it is important to ensure the privacy of data from training, test and work samples. Special cryptographic methods and protocols are correlated to the problems solved. A brief description of the known privacy-preserving machine learning systems is given. The machine learning methods supported by these systems, as well as the type of adversary that the system can resist, and the cryptographic primitives used for the implementation are described in the paper. Unsolved problems in the field of privacy-preserving machine learning and prospects for the development of this scientific field are considered.

Published

2020

44. Approaches to measuring the risk of cyberattacks in remote banking services of Russia

Author

Pavel V. Revenkov and Alexander A. Berdyugin

Subjects

lcsh:T58.5-58.64, lcsh:Information technology, lcsh:Information theory, General Medicine, Business, Computer security, computer.software_genre, Cyberspace, Risk assessment, cyberspace, risk of cyberattacks, remote banking services, cybersecurity, risk assessment, information security incident, lcsh:Q350-390, computer

Abstract

Purpose.Due to the use of technology in banks their risks of information security breach are rising significantly. In the context of active introduction of remote banking services (RBS) in banking business of Russia, additional study of issues of assessing the risk of cyberattacks on banking automated systems was required. Methods.The methods of financial management, probability theory, system analysis of scientific literature on fundamental and applied research, and a method of graphical interpretation of analyzed phenomena are used. The paper gives a detailed analysis of the concepts of “cyberspace” and “cybersecurity”. Remote banking is considered from the point of view of financial management. Attention is drawn to the factors of work in cyberspace that increase the levels of banking risks. The relationship of cyberattacks on bankingautomated systems and possible consequences for the bank is analyzed. Novelty.Given the wide spread of social engineering methods when committing fraudulent activities on the Internet the measures to increase the cyber literacy of population are needed. The method for assessing the risk of cyberattacks on RBS for use by risk department specialists and employees of internal control services is developed. As a result, considering innovative systems and technologies that await us in the future, the effectiveness of risk assessment for solving current challenges is increased. Results.Attempts are made to formulate the mathematical model of the probabilistic analysis of information security incidents to optimize the algorithm for responding to incidents. Calculations based on the proposed model made it possible to determine the duration of exploitation of vulnerability of RBS, when the probability of preventing an incident exceeds probability of its realization. The findings may be useful for scientific research on the risks of information security breach in RBS.

Published

2019

45. Speech-like signal system modeling and its application in the field of security, communication and control access

Author

Nikita S. Dvoryankin, Sergey V. Dvoryankin, Sergei V. Ulengov, Anton O. Antipenko, and Roman A. Ustinov

Subjects

Physics, lcsh:T58.5-58.64, lcsh:Information technology, lcsh:Information theory, speech-like signals, security, model, biometrics, General Medicine, lcsh:Q350-390, Mathematical physics

Abstract

Speech-like signals (SLS), along with the original speech, are actively used in security, communication and control systems, increasingly replacing the latter one in them. The aim of the work is to refine the modeling tools for the formation of speech-like signals with specified characteristics in the construction of effective systems for processing and protection of acoustic (speech) information. Methods.Methods of formation of speech-like signals on the given images of their spectrograms with separate or joint processing of their harmonic and formant structures corresponding to the system model of SLS chosen for a specific application are considered. Results.It is proposed in various applications to consider SLS as a complex of real models of direct, indirect and conditional similarity of the system display of the original speech. Summary.The main areas of application of such system models of SLS are considered. The possibilities and prospects of using SLS for transmission of graphic information in speech communication channels, including biometric characteristics of legitimate remote users of protected information resources, are estimated.

Published

2019

46. Algorithm for creation of automated systems in protected performance

Author

Aizhana M. Kadnova, Oleg Yu. Makarov, Sergey A. Mishin, and Evgeniy A. Rogozin

Subjects

Financial costs, information security system, automated system, information security, information resource, unauthorized access, Mathematical model, lcsh:T58.5-58.64, Process (engineering), Computer science, business.industry, lcsh:Information technology, 010103 numerical & computational mathematics, General Medicine, 01 natural sciences, lcsh:Q350-390, 010101 applied mathematics, High resistance, Set (abstract data type), Reduction (complexity), Work (electrical), lcsh:Information theory, 0101 mathematics, Software engineering, business, Time range

Abstract

The article analyzes the regulatory documentation governing the creation of automated systems in secure execution, as well as open literature on the problems of designing automated systems in secure execution, their optimization and the development of mathematical models of these systems. Based on the analysis of these sources, an algorithm has been developed that represents the process of creating automated systems in a secure execution in the form of a set of interconnected and time-ordered stages that include the necessary work to create automated systems of the specified type. The creation of automated systems in secure execution in accordance with the algorithm developed in the article will allow us to investigate the automated system being created in secure execution in the time range, reduce the likelihood of errors by developers, resulting in a reduction in time and financial costs, as well as high resistance to security threats to information created as a result system.

Published

2019

47. Distributed ledger as a tool to ensure trust among business process participants

Author

Sergey Zapechnikov

Subjects

Scope (project management), lcsh:T58.5-58.64, Business process, Computer science, lcsh:Information technology, General Medicine, Data science, lcsh:Q350-390, Business relations, Distributed ledger, Ledger, lcsh:Information theory, Architecture, Throughput (business)

Abstract

The paper is devoted to the problem of using distributed ledgers as a tool to ensure trust among business process participants. The purpose of the paper is to offer a systematic review of the applied aspects of modern distributed ledger technologies, based on the experience of studying the technical and algorithmic concepts of the most famous and popular blockchain platforms. We analyze the main ideas underlying distributed ledgers, discuss in general the architecture of distributed ledger platforms, and classify existing systems. The principles of operation and features of permissionless and permissioned blockchain platforms are considered. An overview of the scope and capabilities of distributed ledgers from the perspective of a potential consumer of this technology is given. The actual problems of distributed ledgers are analyzed. Predictions are made about promising and unpromising applications of distributed registry systems. It is concluded that distributed ledger technologies, as an attempt to create a universal tool to solve the problem of trust in the remote implementation of business relations, have great potential for growth. However, they are characterized by a number of unresolved problems related to improving throughput and ensuring the business partners’ privacy.

Published

2019

48. Security of significant objects of critical information infrastructure

Author

Grigory P. Gavdan, Vitaliy G. Ivanenko, and Alexei A. Salkutsan

Subjects

lcsh:T58.5-58.64, lcsh:Information technology, lcsh:Information theory, critical information infrastructure, significant objects of critical information infrastructure, infor-mation resources, cyberattack, cyberspace, structural units, staffing, General Medicine, lcsh:Q350-390

Abstract

The issues related to the security of significant objects of critical information infrastructure are considered. The relevance of these problems is primarily due to the fact that the number of cyberattacks on various sectors of the Russian economy and primarily on significant objects of critical information infrastructure (state, defense, oil and gas industry, etc.) is increasing. Unfortunately, the limited access to the available information in this area does not allow today the researchers in the field of information security to conduct a proper analysis. In addition the corresponding media and Internet resources are incomplete. The tasks of ensuring the security of significant objects of critical information infrastructure in order to ensure their sustainable functioning under the destructive impact of computer attacks are regulated by a number of fundamental normative legal acts, primarily the Federal law No. 187-FZ "on security of critical information infrastructure of the Russian Federation" (2017) and the Doctrine of information security of the Russian Federation (2016). Currently at the stage of formation of the digital economy the creation of national information resources and the protection of significant objects of critical information infrastructure is one of the major sources of economic, political, social and military power of the state, the basis of socio-economic and socio-political development of the Russian Federation. The subject of the study is significant objects of critical information infrastructure as the basis of stability and existence of the state, the Russian Federation. The work pays considerable attention to the requirements for structural units to ensure the security of significant objects of critical information infrastructure. Thus, the risk of computer attacks for the subjects of critical information infrastructure has serious consequences, ranging from damage to the reputation and to the paralyzation of enterprise with the subsequent disruption of defense orders for the army and Navy. The requirements to structural units of security of significant objects of critical information infrastructure as well as to their staffing are considered.

Published

2019

49. The Okinawa Charter and the Congress of the United Nations: cybercrime countering issues

Author

Anatoly M. Tarasov

Subjects

lcsh:T58.5-58.64, lcsh:Information technology, lcsh:Information theory, General Medicine, lcsh:Q350-390

Abstract

Цель статьи – на основе анализа положений Окинавской хартии «Глобального информационного общества», решений Конгрессов ООН по предупреждению преступности и уголовному правосудию, а также соответствующих резолюций Генассамблеи ООН установить состояние организационного и нормативно-правового обеспечения противодействия кибервызовам и угрозам, а также киберпреступности в глобальном информационном пространстве. Об актуальности рассмотрения данной темы свидетельствует возрастающий уровень кибевызовов и угроз, рост их масштабности. Так, спецслужбами России в ходе проведения Чемпионата мира по футболу (2018 г.) было отражено около 25 млн различного рода кибератак. Выводы: Рассмотренные в статье вопросы и внесенные предложения по дальнейшему развитию норм международного права, особенно касающиеся разработки технологий искусственного интеллекта, а также использования робототехники, полагаем, могут быть учтены и найти отражение в проекте Конвенции ООН по информационной безопасности.

Published

2019

50. Development of EPC-Models of threats to information security of the automated process control system

Author

Irina V. Mashkina and Ildar R. Garipov

Subjects

lcsh:T58.5-58.64, Automatic control, lcsh:Information technology, Computer science, Process (engineering), ics, epc model, information security, pc, erp, mes, information system, opc, scada, General Medicine, Information security, Business process modeling, lcsh:Q350-390, Information protection policy, Risk analysis (engineering), Threat model, lcsh:Information theory, Process control, Data Protection Act 1998

Abstract

The purpose of this study is to develop threat models specific to the object of protection-automated process control systems. When developing the threat models, we propose a method of constructing graphical notations of events (Event-driven Process Chain), the main elements of which are events and functions associated with logical operations. We present the results of the analysis of threats of violation of information security of automated control systems of technological processes. The EPC-models of threats of information security violation of modern information and control systems of industrial enterprises are presented. The EPC-models allow to describe in detail ways of realization of the threats that, in turn, gives the chance to the experts working in the field of information security to design systems of information protection matched to potential threats and taking into account specifics of production. Modeling threats of violation of information security allows the specialist for data protection obtaining sufficient arguments about the feasibility of a violator of the threats to specific automated control systems of technological processes, which contributes to the financing of the project. This paper is not limited to the consideration of only business process models as the only means of creating threat models in the field of information security, and offer EPC-modeling as one of the methods of building information security threats for automated control systems. The EPC models allow to describe ways of realization of the threats actual for modern automated control systems and to estimate probabilities of their realization.

Published

2019