MODEL OF COMPLEX FLOWS ADDRESS THREATS TO INFORMATION SECURITY IN COMMUNICATION NETWORKS SPECIAL PURPOSE
O.I. Bokova, D.A. Zhayvoronok, S.V. Kanavin, N.S. Khokhlov
Currently, special-purpose communications networks are widely used in government bodies, bodies that carry out the functions of the country’s defense, state security and law enforcement. In connection with the features of the functioning of infocommunication systems and communication networks for special purposes, it must be borne in mind that they are deployed and provide management and interaction within the existing departmental and interdepartmental communication systems. The article proposes a model for the formation of a set of means to counter threats to information security in communication networks for special purposes. A description of such complexes is given, situations and grounds for their application are considered. Attention is drawn to the identification of common technological features of the formation of a set of means to counter threats to information security in communication networks for special purposes. To formulate requirements for complexes of means of counteracting threats to information security in communication networks for special purposes, a rule base has been compiled on the basis of which certain countermeasures will be selected. The authors modeled the functioning of a complex of countermeasures using the apparatus of linguistic variables and fuzzy expert systems. Based on the results obtained, requirements can be proposed for creating a set of means to counter threats to information security in special communication networks. The mathematical apparatus used in this article, based on the use of linguistic variables and fuzzy expert systems, can fully characterize the dependence of the effectiveness of countermeasures on the totality of implemented protective measures.
Keywords:countering threats to information security, special-purpose communications networks, integrated approach, fuzzy expert systems, security management.
NETWORK ATTACK ROUTE ANALYSIS APPROACH
I.A. Kuznetsov, V.S. Oladko
The article discusses current problems and tools for ensuring information security in network infrastructure. The author analyzes the current trends in information security breaches in 2018-2019, concludes about the relevance of countering threats related to unauthorized access to network resources and objects. A typical network infrastructure was analyzed, the main elements were identified: subjects, objects and access resources. The most important security elements are network and server hardware. The main sources of threats to network security violations are identified, a chain of threats to network security is compiled and described, the significance of threats is shown by sources of which are external and internal violators. An example of a network attack implementation scheme during exploitation of the BDU vulnerability: 2017-02494 is given. An approach to building network attack routes for an internal and external security intruder is proposed. It is shown that the network attack route represents the procedure for overcoming technical as well as logical devices containing security measures when implementing an attack on a network infrastructure object. An algorithm for constructing a network attack has been developed. The conclusion is drawn about the possibility of applying the approach to building a network attack route in the tasks of security monitoring, security assessment and planning of protective measures.
Keywords:vulnerability, network security, security event, attack vector, intruder.
RATING MANAGEMENT OF RESOURCE ALLOCATIONSOFTWARE IN ORGANIZATIONAL SYSTEMSBASED ON EXPERT SELECTION OPTIMIZATION
B.A. Chernyshov, O.N. Choporov
Rational allocation of resources is one of the most urgent tasks of managing organizational social-and-economic systems. In this case, there is a need to compare objects based on quantifiable estimates. The integral characteristic of this assessment allows you to specify the rating of objects and can be used in rating management systems. The article considers an optimization approach to expert selection of resource allocation options when using rating management in organizational social-and-economic systems. It is shown that the sources of multivariance are: a variety of sets of indicators used for internal rating assessment, a variety of models for ordering objects of the organizational system by the value of the integral assessment, a variety of models for the distribution of resource provision. The optimization of the expert selection is proposed to be ensured by integrating methods of organizing group examinations, processing their results and selecting the final solution. Combining them in a single cycle of decision-making management within the computer meeting, a question/answer mode of the negotiation process was introduced, allowing to coordinate the opinions of a group of equivalent experts with the dominant one. The paper also justifies the final variant choice of resource allocation in the organizational system based on a combination of the majority and dictator principles.
Keywords: organizational system, rating management, resource support, group expertise, optimal choice.
MULTI-ASPECT ASSESSMENT OF THE QUALITY OF PROJECTS TO ENSURE THE ENVIRONMENTAL SAFETY OF CONSTRUCTION PROCESSES
V.A. Chertov, A.V. Padalko
The article solves the problem of multi-aspect assessment of the quality of projects to ensure environmental safety of the complex of construction processes performed during the construction of buildings and structures. A system of quality criteria for projects of this type is formed, including one integral criterion and four complex criteria that characterize projects in terms of their relevance, feasibility, economic feasibility, realism, and twenty-six local criteria. All criteria meet the requirements of adequacy, completeness and sensitivity. They are systemic in nature and cover the main aspects of environmental safety of construction industries. Based on the use of multiplicative, additive, metric and dichotomous convolutions, formulas are written for evaluating the integral and complex quality criteria of projects to ensure the environmental safety of construction processes. An algorithm for multi-aspect assessment of the quality of projects of this type based on the use of these formulas is developed. The implementation of this algorithm in the practice of territorial environmental authorities will solve a number of topical issues, namely: to improve the quality of expertise of projects to ensure the environmental safety of construction processes; to encourage the introduction of digital technologies in the practice of organizing construction work; to unify legal, economic and technical mechanisms to encourage the introduction of “green” technologies in the work of construction organizations.
Keywords: construction, project, environmental safety, assessment, criterion, algorithm.
INFORMATION SUPPORT OF VULNERABILITY MANAGEMENT OF COMPLEX DISTRIBUTED SYSTEMS BASED ON SPATIAL INFORMATION PROCESSING
E.S. Brekotkina, M.B. Guzairov, S.V. Pavlov, A.S. Pavlov, O.I. Khristodulo
Complex distributed systems are characterized by a large number of units and their constituent objects, geographically located at a considerable distance from each other. Therefore, when managing various aspects of their activities or functioning, analysis and processing of spatial information characterizing the location and relative position of subsystems and objects, as well as the space surrounding them, can significantly benefit. This article discusses one of the activities aimed at managing vulnerability by identifying and countering threats to public security in the territory of complex distributed systems with the help of video surveillance systems that provide information support to officials in organizing law enforcement activities. For a high-quality solution of these problems, the analysis and structuring of the necessary spatial and corresponding attribute information as part of the spatial information base and its processing as part of a comprehensive geographic information system were carried out. An approach to the formulation and solution of some problems on the placement of video surveillance equipment based on the set-theoretical description of its most important spatial characteristics is proposed. The solution to these problems can improve the quality of placement of video surveillance equipment and the necessary engineering infrastructure, taking into account the actual placement of both the cameras themselves and the observed objects, and taking into account obstacles. In turn, the high-quality placement of cameras will increase the efficiency of fixing the place and time of the incident and thereby allow quickly put forward the necessary forces and means to counter public safety threats, develop optimal extension routes, plan the areas of responsibility of the relevant services and plan the conduct of parry events in accordance with their location these threats.
Keywords:сomplex distributed systems, geographic information systems, threat parry.
IMPLEMENTATION OF AN ADAPTIVE AUTHENTICATION SYSTEM USING AN EEG INTERFACE
A.Y. Iskhakov, A.M. Smirnov
The work offers methodological support for critical information infrastructure objects, which provides for the systematization of the basic steps for the formation of adaptive authentication algorithms, including using a biometric factor, which consists in checking the electroencephalogram of the access subject. The proposed approach eliminates the drawbacks of existing traditional authentication methods based on the use of explicit verification methods related to the fact that authentication characteristics are used to authenticate the user, which can be compromised by attackers. During the research, an authentication subsystem was implemented using the brain-computer interface. Despite the resistance to errors of the second kind, the insufficient results of the false access denial coefficient obtained at the stage of the experiment do not allow for the “seamless” implementation of such biometric authentication mechanisms in existing objects of critical information infrastructure. At the same time, the effectiveness of the adaptive mechanisms for checking the user profile formed on the basis of the approach proposed in the work indicates the possibility of their use on real objects using diverse factors and authentication criteria. Thus, in the framework of this article, one of the aspects of an integrated approach to ensure the security of the functioning of technological processes, as well as combating fraud and theft of information through the formation of adaptive authentication algorithms, was considered.
Keywords: authentication, electroencephalogram, neurointerface, brain–computer interface, critical information infrastructure, information security.
INFORMATION SUPPORT FOR PROACTIVE MANAGEMENT OF FUNCTIONAL SAFETY OF COMPONENTS OF CYBER-PHYSICAL SYSTEMS
V.E. Gvozdev, M.B. Guzairov, O.Y. Bezhayeva, R.R. Kurunova, R.A. Nasyrova
Ensuring the functional safety of cyber-physical systems is a prerequisite for their implementation in areas in which reliable and predictable behavior of nodes of distributed cyber-physical control systems is a critical requirement. In the literature from the beginning of the 90s of the last century, within the framework of the theory of risk management, an approach to ensuring the functional safety of subject-centric systems is discussed. The conceptual basis of this approach is the provision on the inevitability of the presence of latent defects of different nature in complex technical systems, the activation conditions of which cannot be predicted. This implies the need to create barriers to the conversion of danger into an incident. The approach proposed in this paper to constructing a system of structural models based on the apparatus of conjugation schemes and truth tables of functional components should be considered from the perspective of information support for the formation of barriers. The basis of the approach to constructing structural models that allow performing a scenario analysis of the functional safety indicators of the nodes of cyber-physical systems is the apparatus of conjugation schemes and truth tables. It is shown that the proposed approach allows one to obtain models corresponding to Failure Tree Analysis, Root Cause Analysis, as well as a set of models obtained as part of the concept of profiles as particular solutions.
Keywords:functional safety, cyber-physical systems, reliability, information service, profile.
DATA MINING THE USER’S ENVIRONMENT IN THE PROBLEM OF REMOTE CONTROL DETECTION
The aim of the work is to improve the detection algorithms for remote control of a user session. Object of study – a system for detecting remote control of a user’s computer. The subject of the study is data mining algorithms collected using tools and monitoring tools as part of the client side of the web application on the browser side, designed to analyze changes in the patterns of dynamic biometric features in the case of remote control. The approaches to detecting a remote connection are analyzed. The structure of the remote access detection system with a modern approach to the collection and analysis of the user environment in combination with machine learning methods has been developed. The experimental part of the work is based on an analysis of the user environment database, collected specifically for testing the software implementation of the developed algorithms. 16 different options for remote connection from an attacker to a user’s device were considered. The obtained sample included 178 measurements with a different number of time intervals between intermediate points of the mouse cursor path. The highest efficiency was shown by the random forest classification algorithm with a group of features consisting of time intervals between mouse cursor movement events. The share of correct predictions was 93% on test data.
Keywords:intelligent analysis, user environment analysis, antifraud system, cyber fraud, remote access.
INTELLIGENT ANALYSIS OF VIDEO DATA IN SYSTEM FOR MONITORING COMPLIANCE WITH INDUSTRIAL SAFETY RULES
The use of intelligent cameras and sensors, in combination with the human operator in video analytics systems, from which most of the analytical and visual load has been removed, allows you to increase the efficiency of video surveillance and, as a result, increase the safety and productivity of work in production as a whole. Analysis of the existing data processing methods in the video surveillance systems of industrial facility showed that the use of a non-contact method for analyzing person’s posture and actions in the camera’s field of vision is rare, but it can be critical in certain situations (person in overalls is in the camera’s field of view, but the system is on him does not respond, because he is not in the forbidden zone). The improvement of algorithms for the intellectual analysis of video data in the system for monitoring compliance with industrial safety rules (analysis of the type of dynamics and control “friend or foe”) using neural network processing technologies is considered. Effectiveness evaluation of algorithms for analyzing full-scale video data software implementation showed the correctness of classification in 97% of cases. Effectiveness evaluation of the 5 subjects into two classes of “own” and “alien” classification was carried out by cross-validation and showed an accuracy of 99% on the test sample.
Keywords:video analytics, intelligent analysis, dynamics type recognition, neural network, classifier, pose determination.
A SET OF PROGRAMS FOR SOLVING PROBLEMS OF MODELING, OPTIMIZATION AND ASSESSMENT OF STABILITY OF COMPLEX SECURITY OF OBJECTS OF CRITICAL APPLICATION
UDC 004.02; 004.942; 378.1
A description of a set of programs for modeling, optimizing and evaluating the stability of integrated security processes in UIS institutions is given. The complex in the interactive mode of communication with the user allows you to: develop and display in the form of visual diagrams a model of complex security of objects of critical application; evaluate the inconsistency of local security aspects; choose the appropriate method of optimization depending on the degree of inconsistency of local security aspects and threats from malicious users; to optimize the processes of ensuring complex safety of critical application objects in regular, critical and threatening situations by the criterion of minimum deviation from the requirements; to give an integral rapid assessment of the level of safety, using models of additive, multiplicative and dichotomous convolution, as well as convolution based on the theory of non-clear sets; to carry out expert evaluation of local safety indicators at the preliminary stage of optimization; evaluate the sustainability of management decisions taking into account the management style adopted at this facility and the nature of relationships between subordinates. The complex is built on the basis of interactive ideology and differs from the existing disparate software products of similar purpose in that it is implemented as an information and calculation system of dialect type with a single interface and a common database. The complex is implemented in an integrated TURBO PASCAL environment using VISUAL BAISIC, DELPHI, and C++ procedures and functions that are focused on creating applications running Windows 10. It can find practical application as a decision support tool for managing the safety of critical application ergatic systems.
Keywords: critical application object, safety, complex of programs, management decision, stability.