The problem of developing new methods and vectors of attacks on critical infrastructure and responding to emerging threats through the implementation of recognized standards in the field of information security such as ISO 27001 was considered. The updated edition of the international standard ISO/IEC 27001 of 2022 and in particular the main changes in the structure of controls were analyzed. A detailed analysis of the new security control from Appendix A - A.8.9 - Configuration Management was conducted. The study focuses on the Center for Internet Security (CIS) benchmarks as a resource to guide organizations in meeting the stringent requirements of ISO 27001:2022. Through the study of the CIS benchmarks this article shows how organizations can leverage these guidelines to achieve compliance improve their security posture and protect critical infrastructure from evolving threats. Key words: ISO/IEC 27001:2022 CIS benchmarks information security critical infrastructure security controls configuration management.
通过实施信息安全领域的公认标准(如 ISO 27001),审议了开发攻击关键基础设施的新方法和新载体以及应对新威胁的问题。分析了 2022 年国际标准 ISO/IEC 27001 的更新版本,特别是控制结构的主要变化。对附录 A - A.8.9 - 配置管理中的新安全控制进行了详细分析。研究重点是将互联网安全中心(CIS)基准作为指导组织满足 ISO 27001:2022 严格要求的资源。通过对 CIS 基准的研究,本文展示了组织如何利用这些准则来实现合规性,改善其安全态势并保护关键基础设施免受不断变化的威胁。关键字ISO/IEC 27001:2022 CIS 基准 信息安全 关键基础设施 安全控制 配置管理。
{"title":"OVERVIEW OF THE CIS BENCHMARKS USAGE FOR FULFILLING THE REQUIREMENTS FROM INTERNATIONAL STANDARD ISO/IEC 27001:2022","authors":"Y. Kurii, I. Opirskyy","doi":"10.23939/csn2024.01.089","DOIUrl":"https://doi.org/10.23939/csn2024.01.089","url":null,"abstract":"The problem of developing new methods and vectors of attacks on critical infrastructure and responding to emerging threats through the implementation of recognized standards in the field of information security such as ISO 27001 was considered. The updated edition of the international standard ISO/IEC 27001 of 2022 and in particular the main changes in the structure of controls were analyzed. A detailed analysis of the new security control from Appendix A - A.8.9 - Configuration Management was conducted. The study focuses on the Center for Internet Security (CIS) benchmarks as a resource to guide organizations in meeting the stringent requirements of ISO 27001:2022. Through the study of the CIS benchmarks this article shows how organizations can leverage these guidelines to achieve compliance improve their security posture and protect critical infrastructure from evolving threats. Key words: ISO/IEC 27001:2022 CIS benchmarks information security critical infrastructure security controls configuration management.","PeriodicalId":504130,"journal":{"name":"Computer systems and network","volume":"41 5","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141395913","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The impact of electromagnetic interference on the operation of communication and radar systems is discussed. In modern military conflicts the effectiveness of communication and reconnaissance is crucial for success. Through precise research and experiments conducted in this article the fundamental aspects of how electromagnetic interference affects the ability of communication and radar systems to operate in combat conditions are revealed. Various types of interference their effects and interaction with communication systems as well as methods of management and mitigation of interference effects are also examined. The results obtained serve as a valuable addition to understanding the issues of the radio frequency spectrum and ensuring the reliability of communication and radar systems in the electromagnetic environment of contemporary theaters of war. The article aims to investigate and systematize knowledge regarding the impact of electromagnetic interference on communication and radar systems and provide readers with information that can serve as a basis for further research and development in this area. A wide range of literature and articles providing information on the impact of electromagnetic interference on radar systems were analyzed to support the research. Key words: Electromagnetic Interference (EMI) Electronic Warfare (EW) Electronic Support (ES) Electronic Suppression (ES) Electronic Protection (EP) Jamming Radar.
{"title":"RESEARCH ON THE IMPACT OF ELECTROMAGNETIC INTERFERENCE ON THE FUNCTIONING OF COMMUNICATION AND RADAR SYSTEMS","authors":"R.T. Bybyk, Y.M. Nakonechnyi","doi":"10.23939/csn2024.01.001","DOIUrl":"https://doi.org/10.23939/csn2024.01.001","url":null,"abstract":"The impact of electromagnetic interference on the operation of communication and radar systems is discussed. In modern military conflicts the effectiveness of communication and reconnaissance is crucial for success. Through precise research and experiments conducted in this article the fundamental aspects of how electromagnetic interference affects the ability of communication and radar systems to operate in combat conditions are revealed. Various types of interference their effects and interaction with communication systems as well as methods of management and mitigation of interference effects are also examined. The results obtained serve as a valuable addition to understanding the issues of the radio frequency spectrum and ensuring the reliability of communication and radar systems in the electromagnetic environment of contemporary theaters of war. The article aims to investigate and systematize knowledge regarding the impact of electromagnetic interference on communication and radar systems and provide readers with information that can serve as a basis for further research and development in this area. A wide range of literature and articles providing information on the impact of electromagnetic interference on radar systems were analyzed to support the research. Key words: Electromagnetic Interference (EMI) Electronic Warfare (EW) Electronic Support (ES) Electronic Suppression (ES) Electronic Protection (EP) Jamming Radar.","PeriodicalId":504130,"journal":{"name":"Computer systems and network","volume":"18 5","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141403271","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The paper examines the problems of ensuring the authenticity of messages as well as analyzes the modern requirements for hash functions and the problems of designing algorithms for calculating hash functions. The common MD5 hashing algorithm was investigated. These days its level of security is considered insufficient for protecting high-level data confidentiality. However it is an effective and fast algorithm for hashing messages and is successfully used to protect commercial information. The paper examines the main computational transformations of the MD5 hashing algorithm. It is shown that variable constants are used in the MD5 algorithm to improve stability. A sweep of the sine function is used to calculate these variable constants. The paper examines the feasibility of using number-pulse computing structures for the calculation of variable trigonometric constants of the MD5 hashing algorithm. It is shown that the use of classical number-pulse computing structures is impractical due to the insufficient range of reproduction of the necessary trigonometric functions. Advanced wide-band digital-pulse structures provide the necessary conversion function range and accuracy. However the speed of such calculators is critically insufficient to calculate all the trigonometric coefficients of the MD5 hashing algorithm. The paper developed a mathematical and software model of the structure of the sine function expansion for the MD5 algorithm. The mathematical model is based on the relations for the sine and cosine of the sum of the arguments which are adapted for the MD5 hashing algorithm. The use of the developed differential computing structure allows saving memory when implementing the algorithm on devices with limited memory resources. Key words: cryptography message authenticity hash function.
{"title":"RESEARCH AND IMPROVEMENT OF COMPUTING ALGORITHMS FOR CALCULATING THE TRIGONOMETRICAL COEFFICIENTS OF THE HASHING ALGORITHM MD5","authors":"A. Horpenyuk, N. Luzhetska, M. Horpenyuk","doi":"10.23939/csn2024.01.026","DOIUrl":"https://doi.org/10.23939/csn2024.01.026","url":null,"abstract":"The paper examines the problems of ensuring the authenticity of messages as well as analyzes the modern requirements for hash functions and the problems of designing algorithms for calculating hash functions. The common MD5 hashing algorithm was investigated. These days its level of security is considered insufficient for protecting high-level data confidentiality. However it is an effective and fast algorithm for hashing messages and is successfully used to protect commercial information. The paper examines the main computational transformations of the MD5 hashing algorithm. It is shown that variable constants are used in the MD5 algorithm to improve stability. A sweep of the sine function is used to calculate these variable constants. The paper examines the feasibility of using number-pulse computing structures for the calculation of variable trigonometric constants of the MD5 hashing algorithm. It is shown that the use of classical number-pulse computing structures is impractical due to the insufficient range of reproduction of the necessary trigonometric functions. Advanced wide-band digital-pulse structures provide the necessary conversion function range and accuracy. However the speed of such calculators is critically insufficient to calculate all the trigonometric coefficients of the MD5 hashing algorithm. The paper developed a mathematical and software model of the structure of the sine function expansion for the MD5 algorithm. The mathematical model is based on the relations for the sine and cosine of the sum of the arguments which are adapted for the MD5 hashing algorithm. The use of the developed differential computing structure allows saving memory when implementing the algorithm on devices with limited memory resources. Key words: cryptography message authenticity hash function.","PeriodicalId":504130,"journal":{"name":"Computer systems and network","volume":"10 4","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141393928","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The methods for identifying persons of interest (POI) based on mobile device data has been considered. The problem is relevant and unresolved in the activities of law enforcement intelligence and other agencies involved in operational search activities due to the large amount of data stored on mobile devices. Given the complexity and volume of mobile data traditional analysis methods are often insufficiently effective. The authors propose use of artificial intelligence (AI) including machine learning and natural language processing to improve the efficiency and speed of mobile device data analysis. This approach aims to overcome the limitations of manual data analysis and enhance the process of identifying POIs while adhering to the principles of forensic integrity. The research specifically demonstrates how machine learning can be utilized to search for persons of interest in WhatsApp messenger data. A method has been developed for decentralized control of adaptive data collection processes using the principle of equilibrium and reinforcement learning using the normalized exponential function method. The developed method allows for efficient operation of autonomous distributed systems in conditions of dynamic changes in the number of data collection processes and limited information interaction between them. The results of the experiment indicate that using artificial intelligence for facial recognition may result in false positive outcomes implying that humans cannot be entirely replaced at the current stage of AI evolution. However the application of deep learning showed an 88% success rate in facial recognition. These findings underscore the transformative potential of artificial intelligence in mobile forensics highlighting its capacity to enhance the accuracy and efficiency of data analysis in mobile devices. Key words: artificial intelligence mobile forensics data analysis ios whatsapp
{"title":"ARTIFICIAL INTELLIGENCE TECHNIQUES APPLICATION IN THE MOBILE DEVICE DATA ANALYSIS TO IDENTIFY PERSON-OF-INTEREST","authors":"T. Fedynyshyn, O. Mykhaylova","doi":"10.23939/csn2024.01.165","DOIUrl":"https://doi.org/10.23939/csn2024.01.165","url":null,"abstract":"The methods for identifying persons of interest (POI) based on mobile device data has been considered. The problem is relevant and unresolved in the activities of law enforcement intelligence and other agencies involved in operational search activities due to the large amount of data stored on mobile devices. Given the complexity and volume of mobile data traditional analysis methods are often insufficiently effective. The authors propose use of artificial intelligence (AI) including machine learning and natural language processing to improve the efficiency and speed of mobile device data analysis. This approach aims to overcome the limitations of manual data analysis and enhance the process of identifying POIs while adhering to the principles of forensic integrity. The research specifically demonstrates how machine learning can be utilized to search for persons of interest in WhatsApp messenger data. A method has been developed for decentralized control of adaptive data collection processes using the principle of equilibrium and reinforcement learning using the normalized exponential function method. The developed method allows for efficient operation of autonomous distributed systems in conditions of dynamic changes in the number of data collection processes and limited information interaction between them. The results of the experiment indicate that using artificial intelligence for facial recognition may result in false positive outcomes implying that humans cannot be entirely replaced at the current stage of AI evolution. However the application of deep learning showed an 88% success rate in facial recognition. These findings underscore the transformative potential of artificial intelligence in mobile forensics highlighting its capacity to enhance the accuracy and efficiency of data analysis in mobile devices. Key words: artificial intelligence mobile forensics data analysis ios whatsapp","PeriodicalId":504130,"journal":{"name":"Computer systems and network","volume":"18 5","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141405314","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The problem of modeling threats in the creation of a comprehensive information security system in multi-level intelligent control systems is considered. Existing approaches to creating a threat model are described. It is proposed to consider a multi-level intelligent control system as a type of automated system according to the classification of Ukrainian normative documentation. The process of creating threat models for automated systems is analyzed. To select the optimal methodology for threat modeling the main criteria are determined which are taken into account when developing threat models. The proposed approach allows for the development of effective and reliable threat models for multi-level intelligent control systems providing a high level of information security. Keywords: threat modeling information security system intelligent control systems multi-level systems.
{"title":"APPROACHES TO THREAT MODELING IN THE CREATION OF A COMPREHENSIVE INFORMATION SECURITY SYSTEM FOR A MULTI-LEVEL INTELLIGENT CONTROL SYSTEMS","authors":"T. Kret","doi":"10.23939/csn2024.01.081","DOIUrl":"https://doi.org/10.23939/csn2024.01.081","url":null,"abstract":"The problem of modeling threats in the creation of a comprehensive information security system in multi-level intelligent control systems is considered. Existing approaches to creating a threat model are described. It is proposed to consider a multi-level intelligent control system as a type of automated system according to the classification of Ukrainian normative documentation. The process of creating threat models for automated systems is analyzed. To select the optimal methodology for threat modeling the main criteria are determined which are taken into account when developing threat models. The proposed approach allows for the development of effective and reliable threat models for multi-level intelligent control systems providing a high level of information security. Keywords: threat modeling information security system intelligent control systems multi-level systems.","PeriodicalId":504130,"journal":{"name":"Computer systems and network","volume":"35 25","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141410448","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The article contains a review of a wide range of methods and means to ensure the stability of communication and protection of radio transmissions including encryption frequency hopping the use of directional antennas masking and interference-resistant coding. Based on the conducted review and analysis conclusions were made about the possibility of applying these methods and means of protection in popular unmanned devices today. Aspects of protection that were not covered by classical methods are also considered. The results of the study highlight the importance of continuous improvement in the field of radio communication security and protection to keep pace with evolving threats in a complex electromagnetic environment. Key words: radio communications stability protection electromagnetic environment encryption frequency hopping.
{"title":"METHODS AND MEANS OF ENSURING STABILITY AND PROTECTION OF RADIO COMMUNICATIONS IN A COMPLEX ELECTROMAGNETIC ENVIRONMENT","authors":"R. Kuten, O. Syniavskyi","doi":"10.23939/csn2024.01.099","DOIUrl":"https://doi.org/10.23939/csn2024.01.099","url":null,"abstract":"The article contains a review of a wide range of methods and means to ensure the stability of communication and protection of radio transmissions including encryption frequency hopping the use of directional antennas masking and interference-resistant coding. Based on the conducted review and analysis conclusions were made about the possibility of applying these methods and means of protection in popular unmanned devices today. Aspects of protection that were not covered by classical methods are also considered. The results of the study highlight the importance of continuous improvement in the field of radio communication security and protection to keep pace with evolving threats in a complex electromagnetic environment. Key words: radio communications stability protection electromagnetic environment encryption frequency hopping.","PeriodicalId":504130,"journal":{"name":"Computer systems and network","volume":"75 9","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141389509","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: