Annotation:

The model of demonstration of invasion of a computer system as a change of the parameters, which are being registered during the system monitoring, is considered in this article. It is supposed that these changes have statistical nature and they can be described using probability-theoretical model of sequence of observations imbalance. In the necessity to differ complicated hypothesizes, several ways of imbalance detection are suggested. In addition, their efficiency in the suggested probability-theoretical models is considered.

Keywords:

Annotation:

This article describes a study of the possibility of the numerical characteristics of access to information based on access control lists using the model of Take-Grant. These characteristics allow to estimate correctly the probability of access. Since it is possible that it may be a channel of information leakage, but the likelihood of it is so small that the installation of some additional mechanisms of protection simply makes no sense.

Keywords:

Annotation:

This article represents role DP-model access control and information flows in operating systems of Linux sets which take into account some their essential features. The article focuses basic attention on formal description mechanism of mandatory integrity control, and also on conditions and results of application rules of transformation conditions. The article represents analysis of properties restrictions on role access control which invariantly concerning nonmonotonic rules of transformation conditions.

Keywords:

Annotation:

The article presents a comprehensive approach to automation of security configuring at operating systems. This technique allows to implement a set of corporative security policy requirements in accordance with a usage profile of the configured system. As the result, assurance in sustainability of the performance, elimination of "human factor" influence, as well as speed up of the process of security setting up are reached using the suggested approach.

Keywords:

Annotation:

This paper describes a methodology of evaluation the level of compliance between company information streams and a RBAC system. Several criteria for redundant permissions detection and role assignment rules quality assessment are proposed.

Keywords:

Annotation:

The feature of modern automated systems is a high concentration of information of limited distribution in these systems. This feature leads to conflict between users and information security systems. The application of biometrics-cryptographic technologies in the automated systems will solve the problem of access control to protected resources and meets user requirements and requirements for information protection.

Keywords:

Annotation:

This work describes the problem of providing sufficiency of the information protection facility gears suite, depending on its usage conditions. The revealed base principle allows to speak about sufficiency of information security gears suite, when developing high and multipurpose system facilities. Some problems of practical implementation of these gears are also discussed.

Keywords:

Annotation:

In the present study examined the transfer of correction information and the impact of underlying surfaces in the transmission range of differential corrections.

Keywords:

Annotation:

In article features of the approach to safety of the ship automated systems are considered. In article communication between safety of functioning of the automated systems with questions of optimization of the processes proceeding in difficult automated systems is underlined. Optimization is based on criteria of orthogonality and minimization.

Keywords:

Annotation:

In this article algorithms of calculation and interference immunity of AIS under influence of mutual interference were examined, and also investigation of influence of concentrated on spectrum disturbances on the working zone dimentions of AIS was performed.

Keywords:

Annotation:

We describe a key sharing protocol based on a concept of smart randomly excited antenna and multipath wave propagation considered in the first part of this paper. Reliability, randomness and security of the key string shared by legal users depending on the correlation between legal and illegal signals are estimated. Both erasing of unreliable bits and error correction codes are used. Parameters of key sharing protocols are optimized in order to maximize the key rate. We conclude that appropriated choice of parameters allows provide all requirements even in the case of noiseless eavesdropping channel in contrast of all known previous protocols of the key distribution over noisy channels.

Keywords:

Annotation:

We introduce key update planning models depending from character of adversary activities. The proposed formalization provides the possibility of finding the optimal timing for key update process aimed at minimization of the system idle time.

Keywords:

Annotation:

The paper reviews the main problems encountered in the organizing of preparing the trusted executable environment for multiprotocol network devices. Also the approach to solve this problem is presented.

Keywords:

Annotation:

The paper raises the problem of IT-security control in Grid-systems. Comparison of security-relevant mechanisms implemented in BOINC, Gridbus, Globus Toolkit, UNICORE, and gLite is presented. That allows us to figure out common approaches applied to realize security in well-known Grid-systems. As the result, formal model of Grid access control and universal method of automated security verification in Grid-systems have been suggested.

Keywords:

Annotation:

This article is devoted to the task of network traffic classification and application of this task to solution of network security problems. Payload is presented in this work as n-gram and on this basis we can talk about network protocol and content recognition and anomaly detection.

Keywords:

Annotation:

The possibility of usage dimension reduction techniques to generate a list of most significant parameters for detecting network attacks is analyzed. In this paper is proposed the model of intrusion detection system with modular architecture, which allows classifying packets by different support vector machines.

Keywords:

Annotation:

The article describes hybrid intrusion detection model. For traffic classification on network and transport layers it is offered to use support vector machine (SVM). Lexicographic methods of application level protocols analysis possibility reseached.

Keywords:

Annotation:

In [1], the authors proposed a method of protection against DDOS-attacks which combines attack detection techniques on the hosts and tracing the sources of attacks using the network routers. Tracing of the attack sources is implemented by reconstructing the packets’ route from the source of the attack to the victim. This paper presents the simulation results of this method. To construct the network topology graph models were used: a tree graph with the victim at the root and the random Euclidean graph. We tested the effectiveness of the method for tracing DDoS-attack sources using these models when the number of attackers did not exceed 500. To test the effectiveness of the method in a large-scale network with hundreds of autonomous systems, thousands of users and tens of thousands of attackers we performed the simulation using OMNet. The results of the simulation allowed to obtain more detailed information about the functioning of the method including the process of normalization of legitimate traffic by detecting and blocking attackers using this method.

Keywords:

Annotation:

The article suggests a new way for providing the capability of the signatory authority revocation from some group member from a specific time point in the BBS group signature scheme. Security of this mechanism is based on the adding new trusted party into the group signature scheme. This new subject is in charge of the time reference of keys and signatures, as well as of the other subjects synchronization in revocation procedure.

Keywords:

Annotation:

Method of secure evaluation of polynomial y = F(x1, …, xk) over some rings on untrusted computer is proposed. Two models of untrusted computer are considered: passive and active.

Keywords:

Annotation:

In article the method of construction and algorithms of functionally steady adaptive automated identification systems are considered at influence of mutual hindrances.

Keywords:

Annotation:

The article proposes two ways to automate the signal reception for better management of information and algorithmic support of the CDMA Globalstar satellite system in the presence of multiplicative noise to improve the efficiency of AIS in the TMS on inland waterways.

Keywords:

Annotation:

This article observes different aspects of cloud computing security. It also does basic treats analysis for clouds. Approaches and specificity of providing security for cloud computing considered.

Keywords:

Annotation:

Application of model of single-channel non-stationary system of service for an estimation of efficiency of work of client-server system of an automatic rubrication of documents in system of electronic document circulation of HIGH SCHOOL is considered. In model the assumption about exponential distributions of intervals of time between the moments of receipt of inquiries and durations their service is used. The model allows to consider non-stationary character of process of receipt and service of demands for the decision of problems in client-server system of an automatic rubrication.

Keywords:

Annotation:

Several types of statistics, which are used for a posteriori estimation of the moment of imbalance of an observation process, are considered in this article as the models of influence of intrusion into a computer system on the parameters of the events, which are observed. Also the possibility of construction of an effective statistical procedure of estimation of the intrusion moment, while the difference in observation parameters of the system before the imbalance and after it is little, is estimated. The results of a posteriori statistical estimation of the moment of intrusion for the array of data, which has been gathered from the working system while it was being infected by a virus, are described.

Keywords:

Annotation:

The paper considers the approach to the identification of network protocols on the basis of variably-signature analysis.

Keywords:

Annotation:

The approach to increase of accuracy of an fuzzy conclusion of decisions by means of algorithm of Mamdani in systems of detection of intrusions is offered. At the heart of the approach estimation of degree of uncertainty (размытости) terms of linguistic variables and their updating by means of linguistic modifiers lies.

Keywords:

Annotation:

Influence of JPEG-conversion on a noise stability of symbols (messages) reception which embedded in digital video images is considered. Dependence of error probability on compression ratio at information embedding at level of factors DCT has threshold character.

Keywords:

Annotation:

This article represents definition of requirements degree of information assets for data centre in credit institution. Criteria of an estimation are considered, the basic directions of responsibility come to light.

Keywords:

Annotation:

The purpose of this article is to synthesize a device with an external (on the line "base station-transponder") and internal (only in the structure of the transponder) "rings" adjustment with complex effects of noise and focusing on spectrum interference.

Keywords:

Annotation:

The focus of the study is to analyze the main temporal, spectral, correlation, and other features and opportunities to apply complex discrete-manipulated signals (DMS) with linear frequency modulation in river automated identification systems (AIS).

Keywords: