Azhmukhamedov I. M.
Structured fuzzy cognitive model and its proposed methodology for determining the degree of harm the security of systems and services for security of information systems.
Keywords:Security of information systems, fuzzy cognitive model evaluation security.
Belim S. V., Bogachenko N. F., Firdman I. A.
Possibility to construct a mandatory security policy on the basis of known access differentiation rules is considered in this article.
Keywords:Security police, mandatory access, security model.
Komashinskiy D. V., Kotenko I. V.
The necessity to timely detect malicious documents which cause malicious code execution on users' computers due to exploitation of vulnerabilities is very actual issue of information security. At this time this threat is actively used in order to arrange creating botnets, stealing personal assets of users and other criminal acts with the help of so-called exploit kits and the threat seems to be used in future as well. The paper’s focus is on the issues of static structural analysis of malicious PDF (Portable Document Format) files and development of approach to detect such files by using Data Mining techniques.
Keywords:Malicious portable document, exploit kits, data mining techniques.
Baranov V. A.
The opportunity to model an intrusion into a computer system using the imbalance of the observation process is considered in this article. Well-known estimates of trusted bracket for the intrusion time contain parameters depended on type of distributions before and after intrusion. Taking into account the lack of such information it is recommended to use algorithms barely depended on the distribution character and to research the efficiency of intrusion estimate using experimental methods.
Keywords:Trusted bracket, the intrusion moment, observation process.
Plastunov V. U.
In this paper we give an introduction to the digital audio watermarking (DWM) technology, a brief historical summary of DWM. The principle and the general scheme of embedding DWM are considered. The differences in the methods of implementing DWM and other steganography methods are described. DWM applications are given. А comparative analysis of audio signal integrity verification methods based on cryptography and DWM is carried out. The basic requirements for DWM and performance criteria embedding DWM are listed.
Keywords:Watermark, DWM, audio signal, steganography.
Rostovtsev A. G., Mizyukin A. A.
Finding the key of symmetric cipher takes solving of polynomial equations. Complexity of solving process can be reduced if exact or approximate basis of ideal of substitution is defined by short polynomials. Accuracy of short basis can be increased using affine change of variables. Two methods for solving system of Boolean equations are proposed.
Keywords:Cipher, polynomial ring, ideal, variety, Groebner basis.
Volkova T. A., Rudih S. D., Tihonenko A. M.
The focus of the study is to analyze the main temporal, spectral, correlation, and other features and opportunities to apply complex discrete-manipulated signals (DMS) with discontinuous time structure in river automated identification systems (AIS).
Keywords:Discrete-manipulated signals (DMS), discontinuous time signals, mutual interference, automated identification systems (AIS), coefficient of mutual difference (CMD).
Kalinin M., Konoplev A.
The paper reviews the problem of security provision for computing resources and user data in Grid systems. It discusses the security related characteristics of Grid system architecture and provides the threat model. It also considers the related methods aimed to improve security of Grid systems and discusses their disadvantages. There is proposed a Grid system specification based on Petri net which allow modeling of job requests distribution in accordance with the requirements of security policies and formulization of the objectives of Grid systems protection from unauthorized access.
Keywords:Grid system, information security, access control, model, security policy, Petri net.
Kachko A. K.
Use of cloud computing applications and services requires review and adaptation of existing formal models for computer security. It is necessary to consider the benefits of cloud deployment models and provide the procedure for allocating process among components of cloud computing environment for achieving confidentiality and data protection.
Keywords:Security model, cloud computing, public cloud, private cloud, hybrid cloud, security requirements, theory of graphs, data confidentiality.
Zegzhda D. P., Stepanova T. V.
Nowadays there is lack of efficiency evaluation methods, which will allow to compare efficiency of defense and intrusion tools, in particular, botnets. Set of efficiency evaluation metrics is proposed. These metrics take into consideration network nature of modern defense and intrusion tools and allow to obtain a numerical estimate for factors, significant for defense or intrusion efficiency. Therefore, these metrics allow to make a conclusion about result of the battle between networks of benign and malignant agents, and conclusion about local or global area network protection.
Keywords:Botnet, efficiency, disinfection, metric.
Pechenkin A. I.
Malware often aims at breaking confidentiality. In this paper the authors proposed an approach to the detection of unauthorized data transfer, produced by malicious software from client computer over the HTTP. This approach is based on detection of inconsistency between network traffic and user actions.
Keywords:Firewall, network security, HTTP.
Platonov V. V., Tselov I. I.
The article deals with inter-departmental and inter-ministerial document flow protocol. Also there is investigation of implementation stage problems included. Main goal is to estimate these problems impact and to propose relevant solutions.
Keywords:Enterprise content management, document flow security, document flow relevance.
Sabanov A. G., Skiba V. U.
Some aspects of protection of electronic flow of documents are investigated.
Keywords:Protected access to the systems of electronic document exchange, secure system of electronic document exchange.
Belim S. V., Belim S. Yu.
The system of reaction on DOS-attacks with feedback are modeling.
Zegzhda D., Kalinin M., Konoplev A., Dzyoba A.
The paper reviews the problem of performance degradation in distributed systems of electronic services using cryptographic algorithms. It discusses a model of network traffic flows classification. Based on that model, the high-performance gateway for providing network traffic security in distributed systems of electronic services is proposed.
Keywords:Information security, cryptoalgorithm, gateway, flows classification, encryption, electronic services.
Kotenko I. V., Saenko I. B., Polubelova O. V., Chechulin A. A.
The paper considers the peculiarities of systems implementing security information and event management technology (SIEM systems). Description of known implementations of such systems is given. We discuss the main features of the MASSIF project of Seven-Framework Program of European Community, which is devoted to investigation of new generation SIEM systems. Issues of two key tasks of this project associated with the analysis of security events, based on the modeling of network attacks, and building the security information repository are also discussed.
Keywords:Information security, security events, SIEM system, security monitoring, network attack modeling, repository.
Rudina E. A.
The paper considers the approach to the interactive specification of the client-server protocols by the special language based on the formal model of network activity.
Keywords:Network protocol, client-server interaction, language of protocol specification.
In this work we present two new protocols for secure management of remote objects. These protocols are released in group of points of elliptic curve, defined over finite field, with usage of russian cryptography standards.
Keywords:Key transport protocol, data transport protocol, elliptic curves, public key infrastructure, hybrid epcryption sheme.
Semyanov P. V.
Standard AES padding schemes could insert some regurality into random data. The exploiting of such vulnerability is shown in password verification algorithms of some applications. The use of random AES padding is proposed.
Keywords:AES padding, random data sequence, password verification.
Zegzhda D. P., Moskvin D. A., Bosov Y. O.
The main problem of the automatic recognition of people's faces is the speed of the existing methods and algorithms. In this paper the authors propose a new method to increase the speed of face recognition by using fractal compression algorithms.
Keywords:Face recognition, identification, fractal.
Belim S. V., Bogachenko N. F., Firdman I. A.
In this article the elementary operators are building. Tranformation of roles tree are Investigated.
Keywords:Security police, RBAC, security model.
Khomonenko A. D., Krasnov S. A., Eremin A. S.
Influence of coefficient of a variation of distribution of duration of intervals between the moments of arrival of requests for efficiency of functioning of client server system of an automatic rubrication of documents in electronic document management system of a higher educational institution is researched. The model with erlangovsky distribution of duration of intervals between requests and exponential distribution of dlitelnosty processing of document packages is used.
Keywords:Automatic rubrication, electronic document management system , non-markov system, erlangovsky distribution.
Danilenko A. Yu.
Deals with the problems that arise when designing and implementing electronic document management systems designed to work with confidential information.
Keywords:Information security, electronic document management, automated information systems.
Kornev P. A., Malysh V. N.
In this article approaches to realization of a categorization of personal data in in-formation systems with application of technologies of artificial intelligence are considered. The technique, allowing to execute a categorization on the basis of fuzzy sets and artificial neural networks, is offered.
Keywords:Personal data, information security, fuzzy sets, fuzzification, neural network.
Azhmukhamedov I. M., Marenkov A. N.
The method for automation of search and an assessment of anomalies of volume of network traffic is offered. Research of the effectiveness of the proposed method is performed.
Keywords:Сomputer networks, prediction of network traffic, search traffic anomalies.
Platonov V. V., Semenov P. O.
The possibility of usage dimension reduction techniques to generate a list of most significant parameters for detecting network attacks is analyzed. In this paper is proposed the model of intrusion detection system with modular architecture, which allows classifying packets by different support vector machines.
Keywords:Intrusion detection system, support vector machine, dimension reduction, principal component analysis.
Stepanova T. V.
Nowadays multi-agent systems, used either for implementing distributed security threats, or for protecting computer systems against distributed threats in Internet, maintain agents’ graph connectivity by maintaining excessive number of links, or don’t maintain connectivity in aggressive environment at all. Finite-state model of multi-agent system adaptive behavior is proposed. Proposed model is based on using d-regular graph of agents in connection with methods for maintaining network connectivity, which allow to provide functional efficiency of the system in aggressive environment.
Keywords:Multi-agent system, functional efficiency, adaptive behavior, random regular graph.
Korzhik V., Tikhonov S.
We prove that there is a possibility to find the secret key from tamper resistant chip that provides encryption by algorithm GOST-28147-89. In order to solve this problem it is performed a side attack on power consumption. In a comparison with a simple power analysis it is performed the so called differential power analysis (DPA) that is tolerant to such protection technique as noising and shielding. We present an algorithm of key calculation given cipher text and estimate the number of operations needed to break all cipher. We remark that GOST cipher is more easy breakable by this attack rather than DES cipher. This means that module 232 addition that is implemented by GOST gives nothing advantages against DPA in comparison with a module 2 addition implemented by DES.
Keywords:Secret key, algorithm GOST-28147-89, attack, DES code.
Bundin G. G., Polyakov V. B., Pomozova T. G.
In this article information security is considered as a condition of security of the SoC information environment of DSP Radar station devices which is reached at the expense of use of the corresponding methods of processing of information, protecting process of processing of information from unauthorized and inadvertent impacts on processed information and a course of computing process.
Keywords:System-on-a-chip, protection of process of processing of information, internal parallelism of a task, arithmetic device, method of processing of information.
Platonov V. V., Shchelovanov N. V.
The article describes some aspects of SS7 network information security. The main SS7 protocols which are exposed the threat of integrity and the possible implications of these threats are described. The concept of SS7 protection is proposed.
Keywords:SS7 protocols, threat of integrity, traffic screening and monitoring.
Khomonenko A. D., Danilov A. A., Danilov A. I.
An iterative algorithm for calculation of stationary distribution in MGn queueuing system with non reliable restored devices is proposed. The above model is very nice describe an behavior of information system of critical appointment with general services distribution law and unreliable elements. The approach for calculation of probability and time characteristics of service of demands is shown, results of numerical experiment are discussed.
Keywords:Iterative algorithm, demand, results of numerical experiment unreliable elements.
Baranov A. P.
In this article given proof of opportunity of using the chi-squared test with deviation from standard fixed model of independent observation. It is showed in the article, that with breaches of classical conditions using the test is brought to comparison of two large, but different values, opposite to standard hypothesizes, where large and medium values of statistics are compared.
Keywords:Criterion chi-squared, independent observation, values of statistics.
Gaydamakin N. A., Leontyev S. V.
In this paper we propose the method for analyzing probabilistic attributes of computer system security class evaluation process according to the set of rules declared in common standards. Entire event group used in computer system security class determination is introduced. Probability calculation results of correct/incorrect estimation for given conditions are proposed.
Keywords:Protection class of computer systems, protection level certification, trusted computer system, information security.
Azhmuhamedov I. M., Pereverzeva R. Y.
Based on the systematic approach developed using cryptographic mechanisms and block access to the file, allowing synergies to increase the reliability of the protection of information stored on your computer.
Keywords:A systematic approach, the synergies, the confidentiality of information, cryptographic protection, blocking access to the file.
Baklanov V., Knyazeva N., Khorkov D.
This paper presents some experimental results of the research on the process of creation and renewal of file timestamps during common file operations in the NTFS file system. A thorough analysis of these results may be promising from the angle of information security and computer forensics.
Keywords:Timestamp, forensic analysis, file operations, NTFS, file attributes.
Pechenkin A. I., Lavrova D. S.
Nowadays systems of and network traffic analysis have to process large volumes of traffic, it requires substantial computing resources. Proposed model of high-speed parallel network traffic processing on a multiprocessor cluster mathematically describes processes of load-balancing on clusters, network traffic classification and evaluation of its characteristics, which allows to increase in efficiency of network traffic's data processing.
Keywords:Network traffic, multiprocessor cluster, load-balancing, network traffic classification.
Kuzmina N. G., Makhovenko E. B.
Some results on cryptanalysis of Hidden Field Equations (HFE) cryptosystem over the odd-characteristic fields are presented. Using of odd-char HFE schemes reduces key generation, encryption and decryption time. Possible attacks are analyzed. Recommendations for HFE parameters choice are provided.
Keywords:Postquantum cryptography, MPKS, HFE, odd-char fields.
Kalinichenko S. V., Khomonenko A. D.
The procedures eliminating possible ambiguity, inconsistency and discrepancy of data in the distributed automated systems of critical appointment are considered and are mathematically proved. The method and a technique of control and search of the duplicated data for relational model are described respectively. Application of potential key attributes for an assessment of identity of objects in the distributed information automated system is offered. Values of a resultant matrix of similarity of potential key attributes are thus used.
Keywords:Integration of data, relational model, key attributes, elimination of contradictions of data.
Sorokin A. V.
An approach to differentiation of clusters belonging to jpeg files from other clusters on the digital media is described in the following work. The approach is based on building of signatures for former search in clusters in question. Possible applications of described method are discussed.
Keywords:Data recovery, JPEG, differentiation of clusters by the search of signatures.