Assessment of probabilities of computer attacks based on the method of analysis of hierarchies with dynamic priorities and preferences

The article discusses the competences and powers of the state authorities of the Russian Federation within their legal status in the field of ensuring the security of critical information infrastructure. Some functions and authorities in the field of information security have changed in a number of federal executive bodies. In particular, the Federal Security Service, on the basis of a presidential decree, is authorized to create a state system for detecting, preventing and eliminating the consequences of computer attacks on information resources of the Russian Federation. However, not all rights and obligations are enshrined; a number of powers cause the duality of the legal status of certain federal bodies of state power. The clarity and unambiguity of securing the rights and obligations of state bodies authorized in the field of information security are guarantees for effectively ensuring the security of important information infrastructure facilities.

Download Full-text

INTEGRATED ASSESSMENT OF STABILITY FUNCTIONING COMPLEX TECHNICAL SYSTEMS IN THE TECHNO AND INFO SPHERE

Issues of radio electronics ◽

10.21778/2218-5453-2018-5-89-94 ◽

2018 ◽

pp. 89-94

Author(s):

V. A. Minaev ◽

I. D. Korolev ◽

V. V. Mukhortov

Keyword(s):

Integrated Assessment ◽

Noise Immunity ◽

Maximum Intensity ◽

Robotic Systems ◽

Formal Definition ◽

Protection Systems ◽

Computer Attacks ◽

Complex Technical Systems ◽

Impact Protection ◽

Technical Systems

The article deals with the issues of integrated assessment of complex technical systems stability functioning in techno sphere and info sphere. It is shown that the concept of cyber stability, including its components such as cyber reliability, noise immunity and cyber survivability are insufficiently investigated and defined. The formal definition is given and the scale with various gradation of cyber survivability is entered. On the example of robotic systems in form of drones two variants of mathematical models of cyber survivability estimation are considered. The first variant is related to the description of drones functioning in the conditions of computer attacks without impact protection systems. The second variant reflects the functioning of drones under the conditions of impacts in the presence of adaptive combined cybernetic protection system. In both variants, two strategies are considered - with minimal and maximum intensity of effects on the drone. It is concluded that proposed in the paper approach enables to evaluate the integrated stability of complex technical systems in the techno sphere and info sphere at the same time.

Download Full-text

Application of dynamic priorities for controlling the characteristics of a queuing system

Journal of Physics Conference Series ◽

10.1088/1742-6596/803/1/012119 ◽

2017 ◽

Vol 803 ◽

pp. 012119

Author(s):

S V Polyanskiy ◽

Yu Ya Katsman

Keyword(s):

Queuing System ◽

Dynamic Priorities

Download Full-text

Message Integration Authentication in the Internet-of-Things via Lattice-Based Batch Signatures

Sensors ◽

10.3390/s18114056 ◽

2018 ◽

Vol 18 (11) ◽

pp. 4056 ◽

Cited By ~ 1

Author(s):

Xiuhua Lu ◽

Wei Yin ◽

Qiaoyan Wen ◽

Kaitai Liang ◽

Liqun Chen ◽

...

Keyword(s):

Internet Of Things ◽

Processing Speed ◽

Quantum Computer ◽

The Internet ◽

Small Integer ◽

Computer Attacks ◽

Intersection Method ◽

Small Integer Solution Problem ◽

The Internet Of Things ◽

Batch Signature

The internet-of-things (also known as IoT) connects a large number of information-sensing devices to the Internet to collect all kinds of information needed in real time. The reliability of the source of a large number of accessed information tests the processing speed of signatures. Batch signature allows a signer to sign a group of messages at one time, and signatures’ verification can be completed individually and independently. Therefore, batch signature is suitable for data integration authentication in IoT. An outstanding advantage of batch signature is that a signer is able to sign as many messages as possible at one time without worrying about the size of signed messages. To reduce complexity yielded by multiple message signing, a binary tree is usually leveraged in the construction of batch signature. However, this structure requires a batch residue, making the size of a batch signature (for a group of messages) even longer than the sum of single signatures. In this paper, we make use of the intersection method from lattice to propose a novel generic method for batch signature. We further combine our method with hash-and-sign paradigm and Fiat–Shamir transformation to propose new batch signature schemes. In our constructions, a batch signature does not need a batch residue, so that the size of the signature is relatively smaller. Our schemes are securely proved to be existential unforgeability against adaptive chosen message attacks under the small integer solution problem, which shows great potential resisting quantum computer attacks.

Download Full-text

Multi-UAV agent-based coordination for persistent surveillance with dynamic priorities

2017 International Conference on Military Technologies (ICMT) ◽

10.1109/miltechs.2017.7988859 ◽

2017 ◽

Cited By ~ 1

Author(s):

Luis C. Batista da Silva ◽

Ricardo Maroquio Bernardo ◽

Hugo A. de Oliveira ◽

Paulo F. F. Rosa

Keyword(s):

Agent Based ◽

Dynamic Priorities ◽

Multi Uav

Download Full-text

Security and Privacy in Information Management in a Distributed Environment for Public Organizations

Fuzzy Systems and Data Mining VI - Frontiers in Artificial Intelligence and Applications ◽

10.3233/faia200716 ◽

2020 ◽

Author(s):

Segundo Moisés Toapanta Toapanta ◽

Yaritza Julieth Terán Terranova ◽

Bertha Alice Naranjo Sánchez ◽

Luis Enrique Mafla Gallegos

Keyword(s):

Risk Assessment ◽

Information Management ◽

Public Organizations ◽

Security And Privacy ◽

Exploratory Research ◽

Distributed Environment ◽

Privacy And Security ◽

External Threats ◽

Deductive Method ◽

Computer Attacks

Security and privacy problems in information management are evident in public organizations. The objective of this research is the analisys risks that these organizations run, since computer attacks have increased along with both internal and external threats. Causing information and database thefts, there are risk analysis methodologies which are oriented to the objective for the preservation of guaranteeing the security and privacy of the information. Were used the deductive method and exploratory research to analyze the articles in the references and in the information available online and MAGERIT methodology what protects the information in its integrity, confidentiality and availability guaranteeing the security of the system and processes of public organizations. It turned out a Control of Security and Privacy factors, Threat Probability, Risk Assessment Formula, Prototype of Risk Management for Public Organizations and Privacy and security factor formula. It was concluded that MAGERIT is an alternative what allow mitigate the vulnerabilitys, threat and risks its processes in public organizations for protecting their information.

Download Full-text

Analyzing Impact of Computer Attacks on the Banking System of the Russian Federation

Vestnik of the Plekhanov Russian University of Economics ◽

10.21686/2413-2829-2019-6-202-210 ◽

2019 ◽

pp. 202-210

Author(s):

A. A. Salcutan

Keyword(s):

Russian Federation ◽

Banking Sector ◽

International System ◽

Banking System ◽

Russian Economy ◽

Computer Attacks ◽

The Russian Federation ◽

The Impact ◽

Swift System

The article analyzes damage caused by attacking finance organizations in the Russian Federation through activization of hacker groups. The mentioned attacks were mainly directed at banking cards’ processing, cash machines and the SWIFT system, an international system of transmitting finance information and payments. The growth in hacker penetrations can be seen in all sectors of Russian economy, it is based on informational confrontation and aims at destabilization of considerable objects of critical information infrastructure. Today special attention is paid to attacks of hacker groups, which get financing from states and criminal groupings in order to exert influence on the leading banks of the world. The author investigated the key methods of attacks of finance organizations. The role of the Federal service on technical and export control and the Department of information security of the Bank of Russia was described. By assessing the impact of computer attacks the author came to the conclusion that the Russian banking sector is vulnerable to computer attacks on informational systems that could cause damage not only to small but also big credit organizations, which possess over 60% of the Russian banking sector assets.

Download Full-text

USE OF GENETIC ALGORITHM IN DEEP NEURAL NETWORKS CONFIGURATION FOR THE PURPOSES OF COMPUTER ATTACKS CLASSIFICATION

10.22250/isu.2020.66.104-117 ◽

2020 ◽

pp. 104-117

Author(s):

O.S. Amosov ◽

◽

S.G. Amosova ◽

D.S. Magola ◽

◽

...

Keyword(s):

Neural Network ◽

Genetic Algorithm ◽

Network Architecture ◽

Deep Neural Network ◽

Deep Neural Networks ◽

Classification Problem ◽

Neural Network Architecture ◽

Computer Attacks ◽

Neural Network Technology

The task of multiclass network classification of computer attacks is given. The applicability of deep neural network technology in problem solving has been considered. Deep neural network architecture was chosen based on the strategy of combining a set of convolution and recurrence LSTM layers. Op-timization of neural network parameters based on genetic algorithm is proposed. The presented results of modeling show the possibility of solving the network classification problem in real time.

Download Full-text

APPROACHES TO ADAPTIVE FORECASTING OF THE DIRECTIONS OF DEVELOPMENT OF COMPUTER ATTACKS IN INFORMATION SYSTEMS

Globus: technical sciences ◽

10.52013/2713-3079-37-1-7 ◽

2021 ◽

Vol 7 (1(37)) ◽

pp. 44-49

Author(s):

Sergey Alexandrovich Golitsyn ◽

Anastasia Dmitrievna Shulzhenko

Keyword(s):

Information Systems ◽

Structural Diagram ◽

Computer Attacks

This article discusses the issues of organizing countering computer attacks based on predicting the directions of their development and the formation of alternatives to counter them. The functional-structural diagram and architecture of the subsystem for predicting computer attacks are proposed.

Download Full-text

Prevention of Information Security Incidents in Automated Information System

Voprosy kiberbezopasnosti ◽

10.21681/2311-3456-2020-05-45-51 ◽

2020 ◽

pp. 45-51

Author(s):

Igor Butusov ◽

◽

Aleksandr Romanov ◽

Keyword(s):

Information System ◽

Information Security ◽

Theoretical Computer Science ◽

Structured Data ◽

Fuzzy Information ◽

Security Incident ◽

Automated Information System ◽

Computer Attacks ◽

Stored Information ◽

Security Incidents

The purpose of the article is to support the processes of preventing information security incidents in conditions of high uncertainty. Method: methods of mathematical (theoretical) computer science and fuzzy set theory. Result: an information security Incident, including a computer incident, is considered as a violation or termination of the functioning of an automated information system and (or) a violation of information stored and processed in this system, including those caused by a computer attack. Information descriptions are presented in the form of structured data about signs of computer attacks. Structured data is the final sequence of strings of symbols in a formal language. The Damerau-Levenstein editorial rule is proposed as a metric for measuring the distance between strings of characters from a particular alphabet. The possibility of presenting the semantics of information descriptions of attack features in the form of fuzzy sets is proved. Thresholds (degrees) of separation of fuzzy information descriptions are defined. The influence of semantic certainty of information descriptions of features (degrees of blurring of fuzzy information descriptions) on the decision-making about their identity (similarity) is evaluated. It is shown that the semantic component of information descriptions of signs of computer attacks presupposes the presence of some semantic metric (for its measurement and interpretation), which, as a rule, is formally poorly defined, ambiguously interpreted and characterized by uncertainty of the type of fuzziness, the presence of semantic information and the inability to directly apply a probabilistic measure to determine the degree of similarity of input and stored information descriptions of signs. An approach is proposed to identify fuzzy information descriptions of computer attacks and to apply methods for separating elements of reference sets on which these information descriptions are defined. It is shown that the results of the procedure for identifying fuzzy information descriptions of computer attacks depend on the degree of separation of the reference sets and on the indicators of semantic uncertainty of these descriptions

Download Full-text