×

You are using an outdated browser Internet Explorer. It does not support some functions of the site.

Recommend that you install one of the following browsers: Firefox, Opera or Chrome.

Contacts:

+7 961 270-60-01
ivdon3@bk.ru

  • Hierarchical Dynamic Information Security Management System for an Enterprise Information System

    The problem of developing the architecture of a dynamic information security management system for an enterprise information system, based on the hierarchical organization of the management system, analysis of the state of the computer system in the information space, analysis of the spread of risk flow, as well as multi-agent organization of the processes of collecting, analyzing data and making decisions is considered.

    Keywords: information protection, enterprise information system, security policy, information security management, risk analysis, zero trust architecture, multi-agent technologies, neural network forecasting

  • Detection of false positive cybersecurity incidents based on artificial neural networks

    The possibility of detecting false positive cybersecurity incidents using deep learning models - GRU, Bidirectional LSTM (Bi-LSTM), LSTM - has been studied. The results obtained demonstrate the effectiveness of solving the problem for Powershell scripts. The Bi-LSTM model showed the best classification results, demonstrating an accuracy of 98.50% on the test sample.

    Keywords: machine learning, classification, cybersecurity, deep learning, Powershell

  • On the role of information impacts in the context of national security

    The article discusses issues related to the level of existing technological development and the role of information impacts in the modern world. The necessity of an interdisciplinary approach in training an information security specialist is substantiated. A number of examples are considered on the historical material, indicating the causal relationship between actions in the information space and the events of the material nature, the scale of the consequences has been noted. The process of forming a value system and the potential possibility of changing it are considered. The influence of the level of development of information delivery means on the effectiveness of information impact is noted. An example of using media content to transmit non-verbal signals is given. Using the example of cinematographic products, the principles of deformation of the system of traditional values through the introduction of a new term and a change in attitude towards it are considered. The need for additional measures to counter information threats is substantiated. Ways to reduce the risk of negative consequences from harmful information influences are proposed.

    Keywords: information space, information security, information threat, information delivery tools, information impact, counteraction of the threat

  • Feasibility study for the selection of optimal attack (intrusion) detection tools for the needs of monitoring centers of the Russian Federation

    The subject of the study is the technical and economic characteristics of attack detection tools that affect the effectiveness of their use for the system for detecting, preventing and eliminating the consequences of computer attacks on critical information infrastructure facilities of the Russian Federation. An analysis of approaches to selecting the best solutions is presented, the result of which formed the basis of the proposed solution. The article contains a study of approaches to solving the problem of feasibility study of choice, formalizing the formulation of the problem and a mathematical model for solving the problem of choosing the optimal attack detection tool for implementing the corresponding tasks. The research methods used include systems analysis, modeling and peer review methods. The purpose of developing the methodology is to increase the level of validity of decision-making on choosing the best of the proposed attack detection tools. The research results presented in the article can be used to carry out a feasibility study of decisions made when choosing attack detection tools for the needs of monitoring centers of the Russian Federation. The proposed methodology for conducting competitive analysis can be used as the basis for conducting appropriate research for each means of the system for detecting, preventing and eliminating the consequences of computer attacks on the information resources of the Russian Federation.

    Keywords: attack detection tools, intrusion detection tools, feasibility study, competitive analysis, information security tools, decision support system, information security system, optimization, integer linear programming

  • Zero Trust Architecture Design Patterns

    The features of designing security systems based on the zero trust model are considered. The problem of developing security policy patterns is considered. The problem of choosing the points of application of the security policy based on the analysis of the risk flow is discussed. An example of a security pattern in the DRAKON language is given.

    Keywords: information security, zero trust architecture, enterprise architecture, security policy patterns

  • Model of configuration of structural and functional characteristics of departmental information systems

    This paper considers the conditions and factors affecting the security of information systems functioning under network reconnaissance conditions. The developed model is based on the techniques that realize the dynamic change of domain names, network addresses and ports to the network devices of the information system and false network information objects functioning as part of them. The formalization of the research problem was carried out. The theoretical basis of the developed model is the theories of probability and random processes. The modeled target system is represented as a semi-Markov process identified by an oriented graph. The results of calculation of probabilistic-temporal characteristics of the target system depending on the actions of network reconnaissance are presented, which allow to determine the mode of adjustment of the developed protection measures and to evaluate the security of the target system under different conditions of its functioning.

    Keywords: departmental information system, network intelligence, structural and functional characterization, false network information object

  • Intelligent detection of steganography transform based on containers classification

    The possibility of detection of steganography in digital images based on the classification of stegocontainers is investigated. The obtained results demonstrate the effectiveness of using deep neural networks for solving this problem. The LSB method can be detected using EfficientNet b3 architecture. The achieved classification accuracy is above 97%. Using of steganography methods in frequency domain can be effectively detected by classifying their representation in the form of a digital YCrBr model, with augmentation (vertical and horizontal rotations). The classification accuracy is above 77%.

    Keywords: Steganography, stegocontainer, machine learning, classification, digital image, deep learning, CNN, EfficientNet b3, confidentiality, information protection

  • Text information extraction from images of modified text

    This article describes development of a module which provides opportunity to extract text from images of modified text, which can be used to bypass existing information security software and spread sensitive information out of company. The developed module is based on Python programming language with additional libraries expanding basic functional. After creating a module, additional module allowing user to create modified text by themselves was made. Additional module uses a special dictionary that can change any letter to alternative and generate more modified texts in order to test and find the weak spots of a module. To integrate the module into company’s information infrastructure DLP-systems were chosen, because of their popularity and ease of the integration method. To integrate DLP-system and text extraction module we used a mail-server with BCC copies of a mail traffic to send text and images to our module local mail server, additional mechanisms extracts pictures and process them within the module, after what it sends back the image and the text from it. A few rounds of testing were done resulting in nearly 97% accuracy. Future development consider expanding for multi-row processing and adding new alternative symbols after first mention them in text by using a CNN or standard deviation of images pixel and pixel comparison.

    Keywords: information security, data leakage, text analisys, image analisys, modified data analisys, protection against steganography

  • Features of designing security systems based on zero trust architecture

    To optimize the life cycle of information systems, the design uses abstract models that describe the main elements of the system architecture. Zero trust architecture is a new concept of information security that takes into account the remote format of employee access to the assets of an enterprise information system. The main features of zero trust architecture are considered.

    Keywords: information security, enterprise information system, zero trust architecture, security policy

  • Designing the ontological model for the domain model of «Information security»

    This article describes aspects of ontology design for the sphere of information security. There are some examples of the use of ontologies in the sphere of information security including risk management, classification of threats and vulnerabilities, monitoring incidents, as well as examples of existing developments of ontologies for information security. The relevance of the development of legal ontologies is determined and examples of their use in practice are given. Also, the importance of designing a legal ontology for the subject area of information security under consideration is given due to the presence of a large legal framework. The paper presents the developed ontology model for one of the regulatory documents in the field of personal data protection. The approach to ontology design presented in the paper is proposed to be applied in the development of an information security learning system.

    Keywords: security, information security, protection of information, information, domain model, normative legal act, ontology, ontological approach, design, legal ontology

  • Efficiency of data encryption in wireless broadband access technology

    The article is devoted to an overview of protocols used in broadband wireless networks and methods of protecting the information's transmission in them using encryption algorithms. Theoretical and practical aspects, features and principles of wireless access protocols in Wi-Fi, WiMAX, GSM, etc. are considered. An overview of the used data encryption methods, vulnerabilities encountered in algorithms, and methods for solving these problems considered in various laboratories is carried out. The purpose of the study is to review the encryption algorithms used in wireless access protocols. Based on the analyzed data, a conclusion was made on the use of the AES and A5(128) algorithms, as well as the attack protocols and solution methods identified on the data. The object of the study is the technology of wireless local broadband access. The subject of the study is the encryption algorithms underlying wireless broadband networks Scientific novelty. A review was carried out in encryption algorithms used in various wireless network standards. The information security threats arising in the AES and A5 encryption standards related to attacks using linked and session keys are considered.

    Keywords: information technology, cryptography, data protection, encryption algorithm, AES, A5, WiMAX, Wi-Fi

  • Features of building a special communication system based on fiber-optic lines

    The article discusses the features of constructing a special connection based on fiber-optic communication lines. An analysis is conducted on the reliability of using fiber-optic communication lines in terms of the possibility of unauthorized interception of transmitted information. The advantages of practical use of communication systems based on fiber-optic lines are presented. The methods of protecting fiber-optic communication lines from unauthorized access are considered, where the priority method of protecting information is encryption using various methods. In conclusion, the measures necessary for building a reliable communication system based on fiber-optic lines are emphasized.

    Keywords: information, special communication, communication segments, public communication, optical fiber, fiber-optic lines, unauthorized access, encryption, communication system construction, cryptographic protocols

  • Modeling the concept of a smart home in a virtual environment Cisco Packet Tracer

    This article discusses the technology of the Internet of things, which is used to connect smart objects to the network, for intelligent control of the power system and automation of household processes. Intelligent power system management aimed at ensuring a more uniform use of electricity and minimizing energy losses during transmission and consumption of electricity. This technology is currently being promoted globally by utilities, scientific organizations, and governments. In this work, also, a conceptual model of a smart home is built in the Cisco Packet Tracer virtual constructor and diagrams of device interaction at all levels of network construction are given.

    Keywords: internet of Things, IoT, cybersecurity, automation, Cisco Packet Tracer

  • Analysis of modern data encryption algorithms

    The article is devoted to the analysis of modern data encryption algorithms. The introduction gives an overview of the most common encryption algorithms, such as AES, RSA and SHA. The main part of the article includes an analysis of vulnerabilities of modern encryption algorithms and considers various attack methods. It concludes by drawing conclusions that it is necessary to use comprehensive data protection methods and periodically update the encryption algorithms used to prevent possible attacks.

    Keywords: Encryption algorithm, data security, vulnerability, attack method, complex method of data protection

  • Investigation of the effectiveness of Siamese neural networks for biometric authentication by ECG for signals with non-periodic cardiac arrhythmias

    Electrocardiogram signals have unique characteristics and structure that are difficult to fake. This is due to the fact that the electrical activity of the heart is unique for each person. In addition, the main biometric parameters are hidden during ECG authentication, which makes the process more secure and protected from counterfeiting. The purpose of this study is to evaluate the effectiveness of neural networks for ECG authentication for signals with non-periodic cardiac arrhythmias. The Siamese neural network has been developed as a model. The stages of preprocessing of ECG signals taken from the MIT-BIH database are also described. The model presented in the paper has achieved the following results. Accuracy: 99.69%. Sensitivity: 99.43%. Specificity: 99.94%. ROC-AUC: 99.69%. The results allow us to conclude that the proposed model can effectively authenticate users who have non-periodic cardiac arrhythmias, provided at least a small number of registered standards with violations.

    Keywords: biometric authentication, ECG, Siamese neural network, convolutional neural network, Euclidean distance, ROC analysis

  • Reverse analysis of malware Raccoon Stealer

    We describe the process and results of reverse analysis of malware Raccoon Stealer v.1.7.3. We describe instruments of analysis, the process of code analysis, unpacking, getting of original code. We describe the process of code analysis, construction of malware working algorithm. We describe recomendations for defense from Raccoon Stealer.

    Keywords: Reverse analysis, reverse engineering, malware, code analysis, debuger, disassembler, hex redactor, database, browser, information security

  • Network traffic monitoring using artificial intelligence methods for detect attacks

    Nowadays, the organization security against cyber-attacks is a matter of great importance and a challenging area, as it affects them financially and functionally. Novel attacks are emerging daily, threatening a large number of businesses around the world. For this reason, the implementation and optimization of the performance of Intrusion Detection Systems is an urgent task. To solve this problem, the scientific community uses deep learning methods. In this paper, we pay special attention to attack detection methods built on different kinds of architectures, such as multilayer perceptron, gated recurrent unit, long short-term memory network, recurrent neural network, and convolutional neural network. To train and test their models, we used dataset UNSW-NB 15. The Australian Centre created this dataset for Cyber Security. It created to generate traffic, which is a hybrid of normal and attack activities. In finally we summarize this paper and discuss some ways to improve the performance of attack detection under thoughts of utilizing deep learning structures.Nowadays, the organization security against cyber-attacks is a matter of great importance and a challenging area, as it affects them financially and functionally. Novel attacks are emerging daily, threatening a large number of businesses around the world. For this reason, the implementation and optimization of the performance of Intrusion Detection Systems is an urgent task. To solve this problem, the scientific community uses deep learning methods. In this paper, we pay special attention to attack detection methods built on different kinds of architectures, such as multilayer perceptron, gated recurrent unit, long short-term memory network, recurrent neural network, and convolutional neural network. To train and test their models, we used dataset UNSW-NB 15. The Australian Centre created this dataset for Cyber Security. It created to generate traffic, which is a hybrid of normal and attack activities. In finally we summarize this paper and discuss some ways to improve the performance of attack detection under thoughts of utilizing deep learning structures.

    Keywords: network traffic, computer attack, artificial neural network, traffic analysis, neural network configuration

  • Analysis of technologies for building an automated system "Smart Home"

    One of the topics of automation and monitoring that is gaining popularity is the technology of building the Smart Home system. This technology is a home automation system, which refers to the remote monitoring and control of home appliances. With the growth of the Internet and the development of technologies such as artificial intelligence, the Internet of things and cloud technologies, there is great potential and opportunity for remote access, control and monitoring of network devices. This article will review various smart home automation systems and technologies in terms of different functions. In the study, the main focus is on the concept of a home automation system in which control and monitoring operations are carried out using wireless communications.

    Keywords: internet of things, smart home, NB-IoT automation, cyber security

  • Analysis of characteristics and functionality of IoT devices

    The concept of the Internet of Things (IoT) allows devices to communicate with each other and share resources using the Internet as a wireless medium. In smart homes, IoT allows the owner, who is far from home, to control it via the Internet. The ease of use and rich features of home automation systems have made them popular. Some people need home automation systems to make their home appliances easier and more convenient to operate, and they are also very useful for people with disabilities and the elderly. However, the useful features and functionality of IoT devices do not stop there. Scientific directions are being formed to analyze the efficiency of energy consumption and methods for preventing various disasters, where the main role is played by the technologies of the Internet of things. This article analyzes the standard models of smart home automation devices. The paper discusses the functionality of IoT devices through a virtual environment for building network models Cisco Packet Tracer.

    Keywords: internet of things, IoT, automation, data analysis, data collection, cyber security

  • Designing a security module for evidence of identification during testing in the e-learning system

    The article describes the algorithmic realisation of a software module for evidence of learner’s identification in the testing process. The advantage of this module is simple operation, ease of implementation and execution as well as convenience of application by various categories of users. The need for such a module was engendered by the problem of examinee identification during testing in the e-learning system. The technology of program module operation is based on forming questions with the use of information stored in the learner’s personal account; the operation result is demonstrated through confirmation or non-confirmation of the examinee’s identity in real time.

    Keywords: distance learning, identification, student testing, software module, learner’s personal account

  • Method for constructing a profile of a complex technical system functioning

    In the modern world, the number of different complex technical systems is only increasing every year, and any system incorporates or uses a third-party communication system. Disruption of the communication system and its elements functioning can lead to a situation where a complex technical system cannot realize its functions. It is required to ensure the guaranteed functioning of the communication system and its elements. One of the ways to ensure the stable operation of complex technical systems is the implementation of the control function by the control system, while in the process of system operation it is necessary to take into account not the characteristics and parameters of individual elements that describe their operation, but the ability of the system to perform tasks and functions. The paper proposes an approach to describing the functioning of a communication system through the formation of the system functioning profile, which is a set of matrices, which is used in the control system.

    Keywords: functional stability, criticality, communication system, control system, complex technical system, functions, tasks, profile, regulations

  • Application of russian artificial intelligence technologies in space

    The article provides a general overview of current information about the applied artificial intelligence technologies in outer space. The main role and effectiveness of the use of Russian intellectual developments in the space sphere are outlined. The popular modern developments of scientists who are engaged in research activities in the field of artificial intelligence in space are shown. Excerpts from articles proving the prospects for the development of artificial intelligence in the life of society are presented.

    Keywords: outer space, space stations, artificial intelligence, intelligent systems, artificial intelligence technologies, artificial intelligence, neural networks, research, machine learning, neural network technologies

  • Simulation of the implementation of a computer attack with an increase in the privileges of the user of the electronic document management system

    The work is devoted to the problems of protecting the document management system of public administration bodies. The aim of the work is to build a simulation model of the implementation of a targeted computer attack, taking into account the simultaneous (occurring with a slight delay) response of the security tools of the document management system. For modeling, it is proposed to use the apparatus of Petri-Markov networks, combining the representation of the change of states of the attacked system in the form of Markov (semi-Markov) processes and the expressive capabilities of Petri nets to describe the interaction of processes. The constructed model reflects both the specifics of attacks with increased user privileges, and the features of document processing processes, as well as the mechanisms used to counteract unauthorized access. Computational experiments conducted using the constructed simulation model allow us to assess possible risks and make a decision on choosing the most effective system of protection against the considered type of attacks.

    Keywords: electronic document management system, computer attack, simulation modeling, Petri-Markov network

  • Analysis of existing tools for solving the problem of monitoring the network infrastructure of an enterprise

    This article presents an overview of the tools for solving the problem of monitoring the network infrastructure. Foreign solutions are considered, their characteristics are presented, key features are described, as well as their shortcomings. The problem of import substitution in the Russian Federation is emphasized. The results were summed up, and the relevance of developing a domestic IT infrastructure monitoring system with additional functionality was developed.

    Keywords: monitoring, IT infrastructure, network infrastructure, negios, zabbix, cacti, import substitution, information security, Linux, Windows

  • A new approach to security model construction of electronic document management

    The article confirms the need for a systematic approach to the scientific justification of the electronic document management systems security(EDMS) and the relevance of the study, presents the results of the analysis of guidance documents regarding the development of mathematical models and existing experience, summarizes the procedure for the scientific justification of EDMS security, highlights the main trends in modeling today, a new approach to the construction of EDMS security models is proposed, defines its role and place in the existing theory and practice.

    Keywords: Security models of computer systems, security policy, electronic document management system, systematic approach