Pub Date : 1900-01-01DOI: 10.21681/2311-3456-2019-3-51-56
Timofey Komarov, Nadezhda Chepik, M. Ivanov
{"title":"Developing a High-Performance OS Kernel Safe in Terms of Working with Memory","authors":"Timofey Komarov, Nadezhda Chepik, M. Ivanov","doi":"10.21681/2311-3456-2019-3-51-56","DOIUrl":"https://doi.org/10.21681/2311-3456-2019-3-51-56","url":null,"abstract":"","PeriodicalId":422818,"journal":{"name":"Voprosy kiberbezopasnosti","volume":"40 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127519974","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 1900-01-01DOI: 10.21681/2311-3456-2019-3-57-62
D. Chukova, Dmitry A. Medvedev, M. Litvinenko
{"title":"Model for Building Competencies of a Computer Crime Investigator","authors":"D. Chukova, Dmitry A. Medvedev, M. Litvinenko","doi":"10.21681/2311-3456-2019-3-57-62","DOIUrl":"https://doi.org/10.21681/2311-3456-2019-3-57-62","url":null,"abstract":"","PeriodicalId":422818,"journal":{"name":"Voprosy kiberbezopasnosti","volume":"143 4","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114017731","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 1900-01-01DOI: 10.21681/2311-3456-2019-1-10-17
Roman V. Maximov, A. Krupenin, Sergey Sharifullin, S. Sokolovsky
{"title":"Innovative Development of Tools and Technologies to Ensure the Russian Information Security and Core Protective Guidelines","authors":"Roman V. Maximov, A. Krupenin, Sergey Sharifullin, S. Sokolovsky","doi":"10.21681/2311-3456-2019-1-10-17","DOIUrl":"https://doi.org/10.21681/2311-3456-2019-1-10-17","url":null,"abstract":"","PeriodicalId":422818,"journal":{"name":"Voprosy kiberbezopasnosti","volume":"10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114785902","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 1900-01-01DOI: 10.21681/2311-3456-2023-1-93-99
S. Kapitsyn, Konstantin Ryumshin, V. Varenitsa
Purpose of the work consists in the analysis of approaches to the representation of the integrity of the seman- tics of knowledge of the information need of the target object of influence and the development of a logical-linguis- tic method for the formation of “paper” bullets based on phrase-structural grammar.Research method: the mechanism of the formation of «paper» bullets in the form of semantic-syntactic con- structions and a set of required semantic conclusions (inferences, the basis for the formation of a model of social behavior of the «defeated») of the target object of influence in the form of logical-linguistic models are illustrated. Research results: the technology of presenting logical-linguistic models (semantic-syntactic constructions) of «paper» bullets can be used in the development of the foundations of information weapons (information and recon- naissance strike systems) for selective impact on an object and a guaranteed change in its information needs in the interests of covert formation the required model of social behavior (the model of social behavior of the «van- quished»). Scientific novelty: representation of the integrity of the meaning of the required information needs in the form of semantic-syntactic constructions based on logic - the law of maintaining the integrity of the object.
{"title":"Logical-Linguistic Mechanism of Formation of “Paper” Bullets in the Information confrontation","authors":"S. Kapitsyn, Konstantin Ryumshin, V. Varenitsa","doi":"10.21681/2311-3456-2023-1-93-99","DOIUrl":"https://doi.org/10.21681/2311-3456-2023-1-93-99","url":null,"abstract":"Purpose of the work consists in the analysis of approaches to the representation of the integrity of the seman- tics of knowledge of the information need of the target object of influence and the development of a logical-linguis- tic method for the formation of “paper” bullets based on phrase-structural grammar.Research method: the mechanism of the formation of «paper» bullets in the form of semantic-syntactic con- structions and a set of required semantic conclusions (inferences, the basis for the formation of a model of social behavior of the «defeated») of the target object of influence in the form of logical-linguistic models are illustrated. Research results: the technology of presenting logical-linguistic models (semantic-syntactic constructions) of «paper» bullets can be used in the development of the foundations of information weapons (information and recon- naissance strike systems) for selective impact on an object and a guaranteed change in its information needs in the interests of covert formation the required model of social behavior (the model of social behavior of the «van- quished»). Scientific novelty: representation of the integrity of the meaning of the required information needs in the form of semantic-syntactic constructions based on logic - the law of maintaining the integrity of the object.","PeriodicalId":422818,"journal":{"name":"Voprosy kiberbezopasnosti","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123996289","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 1900-01-01DOI: 10.21681/2311-3456-2021-5-36-44
V. Varenitsa, Jsc Npo Echelon, A. Markov, V. Savchenko, V. Tsirlov, Bauman Moscow State Technical Universit
Purpose: analysis of various techniques and techniques for identifying defects and vulnerabilities during certification tests. Research method: comparative analysis. Result: the conclusion is made about the relevance and priority of the study of open-source web applications. The study is given and the shortcomings of directive methods for identifying vulnerabilities and undeclared capabilities in software products are shown. The author’s statistics of the identified vulnerabilities are given with detailing by classes of computer attacks, manufacturers of information security tools, programming environments and methods for identifying vulnerabilities. A comparative analysis of author’s methods with known directive testing methods is given. The relevance of the implementation of the concept of developing secure software is shown. Recommendations on improving the security of software tools for information protection are given.
{"title":"Practical Aspects of Vulnerability Detection During Certification Tests of Information Security Software","authors":"V. Varenitsa, Jsc Npo Echelon, A. Markov, V. Savchenko, V. Tsirlov, Bauman Moscow State Technical Universit","doi":"10.21681/2311-3456-2021-5-36-44","DOIUrl":"https://doi.org/10.21681/2311-3456-2021-5-36-44","url":null,"abstract":"Purpose: analysis of various techniques and techniques for identifying defects and vulnerabilities during certification tests. Research method: comparative analysis. Result: the conclusion is made about the relevance and priority of the study of open-source web applications. The study is given and the shortcomings of directive methods for identifying vulnerabilities and undeclared capabilities in software products are shown. The author’s statistics of the identified vulnerabilities are given with detailing by classes of computer attacks, manufacturers of information security tools, programming environments and methods for identifying vulnerabilities. A comparative analysis of author’s methods with known directive testing methods is given. The relevance of the implementation of the concept of developing secure software is shown. Recommendations on improving the security of software tools for information protection are given.","PeriodicalId":422818,"journal":{"name":"Voprosy kiberbezopasnosti","volume":"8 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115450505","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 1900-01-01DOI: 10.21681/2311-3456-2021-6-36-45
Igor Kotenko, Maxim Kolomeec, K. Zhernova, A. Chechulin
The purpose of the article: to identify and systematize information security problems that are solved using visual analytics methods, applied data visualization models and methods for assessing the effectiveness of visualization models. Research method: a systematic analysis of the application of visual analytics methods for solving information security problems. Analysis of relevant work in the field of information security and data visualization, as well as methods for assessing visualization. The objects of research are: solving information security problems through visual analysis and methods for assessing the effectiveness of visualization models. The result obtained: an interactive map of visualization models and their areas of application is presented, which will allow researchers and developers to choose the visualization models that are most appropriate for specific applied information security problems. A classification of methods for assessing visualization is presented. The scope of the proposed approach is the creation of visualization models that can be used to increase the efficiency of operator interaction with information security applications. The proposed article will be useful both for students studying in the direction of training “Information Security”, and for specialists who develop information security systems.
{"title":"Visual Analytics for Information Security: Efficiency Assessment and Analysis of Visualization Methods","authors":"Igor Kotenko, Maxim Kolomeec, K. Zhernova, A. Chechulin","doi":"10.21681/2311-3456-2021-6-36-45","DOIUrl":"https://doi.org/10.21681/2311-3456-2021-6-36-45","url":null,"abstract":"The purpose of the article: to identify and systematize information security problems that are solved using visual analytics methods, applied data visualization models and methods for assessing the effectiveness of visualization models. Research method: a systematic analysis of the application of visual analytics methods for solving information security problems. Analysis of relevant work in the field of information security and data visualization, as well as methods for assessing visualization. The objects of research are: solving information security problems through visual analysis and methods for assessing the effectiveness of visualization models. The result obtained: an interactive map of visualization models and their areas of application is presented, which will allow researchers and developers to choose the visualization models that are most appropriate for specific applied information security problems. A classification of methods for assessing visualization is presented. The scope of the proposed approach is the creation of visualization models that can be used to increase the efficiency of operator interaction with information security applications. The proposed article will be useful both for students studying in the direction of training “Information Security”, and for specialists who develop information security systems.","PeriodicalId":422818,"journal":{"name":"Voprosy kiberbezopasnosti","volume":"18 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129542552","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 1900-01-01DOI: 10.21681/2311-3456-2019-6-37-48
S. Klimov, Sergey Polikarpov, Boris Rizhov, R. Tihonov, Igor Shpirnya
{"title":"Procedure for Assuring the Continuity of Critical Information Infrastructure under Conditions of Information Influence","authors":"S. Klimov, Sergey Polikarpov, Boris Rizhov, R. Tihonov, Igor Shpirnya","doi":"10.21681/2311-3456-2019-6-37-48","DOIUrl":"https://doi.org/10.21681/2311-3456-2019-6-37-48","url":null,"abstract":"","PeriodicalId":422818,"journal":{"name":"Voprosy kiberbezopasnosti","volume":"20 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129101604","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 1900-01-01DOI: 10.21681/2311-3456-2021-4-16-24
Y. Starodubtsev, P. Zakalkin, S. Ivanov
Abstract. The aim of the research is to develop a structural and functional model of cyberspace as an element of its mathematical (analytical and simulation) model, which allows us to study the properties of cyberspace. Formation of the terminological basis of the research area. Research methods: theory of complex systems, synergetics. Research result: a structural and functional model has been developed that describes the process of forming information services based on cyberspace resources. In relation to cyberspace, the concept of “symbiont” is introduced as a universal concept that allows describing any element of cyberspace and its resources. The following terms are defined: cyberspace, information, computing and telecommunications resource. In addition, the formalization of resources and information services provided by cyberspace is presented. An example of forming an information service based on cyberspace resources is shown.
{"title":"Structural and Functional Model of Cyberspace","authors":"Y. Starodubtsev, P. Zakalkin, S. Ivanov","doi":"10.21681/2311-3456-2021-4-16-24","DOIUrl":"https://doi.org/10.21681/2311-3456-2021-4-16-24","url":null,"abstract":"Abstract. The aim of the research is to develop a structural and functional model of cyberspace as an element of its mathematical (analytical and simulation) model, which allows us to study the properties of cyberspace. Formation of the terminological basis of the research area. Research methods: theory of complex systems, synergetics. Research result: a structural and functional model has been developed that describes the process of forming information services based on cyberspace resources. In relation to cyberspace, the concept of “symbiont” is introduced as a universal concept that allows describing any element of cyberspace and its resources. The following terms are defined: cyberspace, information, computing and telecommunications resource. In addition, the formalization of resources and information services provided by cyberspace is presented. An example of forming an information service based on cyberspace resources is shown.","PeriodicalId":422818,"journal":{"name":"Voprosy kiberbezopasnosti","volume":"3 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129920552","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 1900-01-01DOI: 10.21681/2311-3456-2019-3-33-38
A. Shcherbakov, Aleksandr Buligin, A. Elizarova, V. Ryabkov
{"title":"Studing the Issues of Applying Protected Digitalization Technologies as Exemplified by the Digital Student Rating","authors":"A. Shcherbakov, Aleksandr Buligin, A. Elizarova, V. Ryabkov","doi":"10.21681/2311-3456-2019-3-33-38","DOIUrl":"https://doi.org/10.21681/2311-3456-2019-3-33-38","url":null,"abstract":"","PeriodicalId":422818,"journal":{"name":"Voprosy kiberbezopasnosti","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128676844","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 1900-01-01DOI: 10.21681/2311-3456-2022-6-22-39
A. Basan, E. Basan, O. Peskova, Nikita Sushkin, M. Shulika
38Адаптивная система защиты сенсорных сетей от активных атак Вопросы кибербезопасности. 2022. No 6(52) Architecture of AdAptiVe protection system for sensor netWorK Basan A.S.6 , Basan E.S.7 , Peskova O.Yu.8 , Sushkin N.A.9 , Shulika M.G.10 Purpose: Development of the adaptive protection system architecture for sensor networks and cyber-physical systems for anomaly detection based on the collection and analysis of cyber-physical parameters. Method: The method is based on the use of probability theory, mathematical statistics, and information theory. The entropy measure and normalization of the raw data make it possible to unify the data and evaluate it in terms of anomaly detection. Results: The existing solutions for the protection of cyber-physical systems from external active attacks were analyzed. The architecture of an adaptive system for a cyber-physical system protection is proposed. As part of the representation of the node data collection and analysis subsystem, a method for estimating cyber-physical parameters to detect intrusions is proposed. Three parameter changes for four behavioral scenarios were analyzed in detail in this study. Even by three parameters, you can determine the difference between attacks and normal behaviors. It is possible to evaluate not only the fact of parameter change, but also the degree of its change. At the same time, the node autonomously compared changes in its parameters with changes in the parameters of the neighboring node and could identify the impact of the attack on the neighboring node. The scientific novelty primarily consists in the fact that for the first time a method for determining the abnormal activity of a cyber-physical system based on the evaluation of system parameters using a measure of entropy and normalization of raw data has been developed, which makes it possible to achieve a high level of detection of known and unknown attacks. This method can be effectively used also for autonomous systems. The original architecture of the adaptive system for protecting the cyber-physical system is also proposed, its main components are worked out. When implementing an attack in a distributed system, this development will allow the node to detect anomalies not only autonomously, but also distributed, that is, to detect the impact on neighboring nodes.
{"title":"ARCHITECTURE OF ADAPTIVE PROTECTION SYSTEM FOR SENSOR NETWORK","authors":"A. Basan, E. Basan, O. Peskova, Nikita Sushkin, M. Shulika","doi":"10.21681/2311-3456-2022-6-22-39","DOIUrl":"https://doi.org/10.21681/2311-3456-2022-6-22-39","url":null,"abstract":"38Адаптивная система защиты сенсорных сетей от активных атак Вопросы кибербезопасности. 2022. No 6(52) Architecture of AdAptiVe protection system for sensor netWorK Basan A.S.6 , Basan E.S.7 , Peskova O.Yu.8 , Sushkin N.A.9 , Shulika M.G.10 Purpose: Development of the adaptive protection system architecture for sensor networks and cyber-physical systems for anomaly detection based on the collection and analysis of cyber-physical parameters. Method: The method is based on the use of probability theory, mathematical statistics, and information theory. The entropy measure and normalization of the raw data make it possible to unify the data and evaluate it in terms of anomaly detection. Results: The existing solutions for the protection of cyber-physical systems from external active attacks were analyzed. The architecture of an adaptive system for a cyber-physical system protection is proposed. As part of the representation of the node data collection and analysis subsystem, a method for estimating cyber-physical parameters to detect intrusions is proposed. Three parameter changes for four behavioral scenarios were analyzed in detail in this study. Even by three parameters, you can determine the difference between attacks and normal behaviors. It is possible to evaluate not only the fact of parameter change, but also the degree of its change. At the same time, the node autonomously compared changes in its parameters with changes in the parameters of the neighboring node and could identify the impact of the attack on the neighboring node. The scientific novelty primarily consists in the fact that for the first time a method for determining the abnormal activity of a cyber-physical system based on the evaluation of system parameters using a measure of entropy and normalization of raw data has been developed, which makes it possible to achieve a high level of detection of known and unknown attacks. This method can be effectively used also for autonomous systems. The original architecture of the adaptive system for protecting the cyber-physical system is also proposed, its main components are worked out. When implementing an attack in a distributed system, this development will allow the node to detect anomalies not only autonomously, but also distributed, that is, to detect the impact on neighboring nodes.","PeriodicalId":422818,"journal":{"name":"Voprosy kiberbezopasnosti","volume":"23 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121074425","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: