Methodological aspects of the presentation of information security threats recognition signs in the context of improving technical intelligence

S. Skryl', S. Nikulin, A. Mazin, V. Spivak, V. Krylov, V. V. Nikulina
{"title":"Methodological aspects of the presentation of information security threats recognition signs in the context of improving technical intelligence","authors":"S. Skryl', S. Nikulin, A. Mazin, V. Spivak, V. Krylov, V. V. Nikulina","doi":"10.21778/2413-9599-2020-30-4-35-46","DOIUrl":null,"url":null,"abstract":"Formulation of the problem. The completeness of the characteristics of one of the most serious threats to the security of information today – its leakage through the transient electromagnetic pulse emanation standard (TEMPEST) from computer equipment (CE) is determined not only by the number of detectable signs of leakage but also by several other parameters characterizing the dynamics of the implementation of such a threat. The established patterns in the scenarios of violators’ actions associated with the use of technical reconnaissance equipment (TRQ) to intercept informative TEMPEST signals from computer equipment made it possible to form a model of all possible options for using TRQ to obtain confidential information processed by computer equipment. The proposed model provides the implementation of the methodological principles of the recognition theory for a more complete characterization of threats of information leakage through the channels of spurious electromagnetic radiation and interference from CE in the process of their detection.Objective. Development of methodological grounds for presenting signs of the violator’s implementation of certain functions associated with the use of technical reconnaissance equipment to intercept informative signals of spurious electromagnetic radiation and interference from computer equipment as signs that identify the most significant conditions for the recognition and prevention of such threats.Results. Methodological solutions for the identification of three states significant for the prevention of threats are given based on the structuring of the functional representation of the intruder’s actions to implement such threats. Mathematical models for assessing the predicted amount of information disclosed in the process of intercepting TEMPEST informative signals from computer equipment, and assessing the level of security threats in case of interception of information are also presented.Practical significance. The paper presents the main options for the operation of a complex of programs for recognizing threats of information leakage through TEMPEST channels from computer equipment developed within the framework of the presented methodology.","PeriodicalId":159068,"journal":{"name":"Radio industry (Russia)","volume":"24 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-12-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Radio industry (Russia)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.21778/2413-9599-2020-30-4-35-46","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0

Abstract

Formulation of the problem. The completeness of the characteristics of one of the most serious threats to the security of information today – its leakage through the transient electromagnetic pulse emanation standard (TEMPEST) from computer equipment (CE) is determined not only by the number of detectable signs of leakage but also by several other parameters characterizing the dynamics of the implementation of such a threat. The established patterns in the scenarios of violators’ actions associated with the use of technical reconnaissance equipment (TRQ) to intercept informative TEMPEST signals from computer equipment made it possible to form a model of all possible options for using TRQ to obtain confidential information processed by computer equipment. The proposed model provides the implementation of the methodological principles of the recognition theory for a more complete characterization of threats of information leakage through the channels of spurious electromagnetic radiation and interference from CE in the process of their detection.Objective. Development of methodological grounds for presenting signs of the violator’s implementation of certain functions associated with the use of technical reconnaissance equipment to intercept informative signals of spurious electromagnetic radiation and interference from computer equipment as signs that identify the most significant conditions for the recognition and prevention of such threats.Results. Methodological solutions for the identification of three states significant for the prevention of threats are given based on the structuring of the functional representation of the intruder’s actions to implement such threats. Mathematical models for assessing the predicted amount of information disclosed in the process of intercepting TEMPEST informative signals from computer equipment, and assessing the level of security threats in case of interception of information are also presented.Practical significance. The paper presents the main options for the operation of a complex of programs for recognizing threats of information leakage through TEMPEST channels from computer equipment developed within the framework of the presented methodology.
在提高技术情报的背景下,信息安全威胁识别标志的呈现方法方面
问题的表述。当今对信息安全最严重的威胁之一——通过瞬态电磁脉冲发射标准(TEMPEST)从计算机设备(CE)泄漏——其特征的完整性不仅取决于可检测到的泄漏迹象的数量,还取决于表征这种威胁实施动态的其他几个参数。违规者使用技术侦察设备拦截来自计算机设备的信息性暴风信号的行为的既定模式,使利用技术侦察设备获取由计算机设备处理的机密信息的所有可能选择的模式得以形成。该模型实现了识别理论的方法论原则,从而更完整地描述了在检测过程中通过虚假电磁辐射和CE干扰渠道泄露信息的威胁。发展方法论依据,以显示违规者使用技术侦察设备拦截来自计算机设备的虚假电磁辐射和干扰信息信号的某些功能的迹象,作为识别和预防此类威胁的最重要条件的迹象。基于入侵者实施这些威胁的行为的功能表示的结构,给出了识别对预防威胁重要的三种状态的方法学解决方案。此外,还提出了从计算机设备截获TEMPEST信息信号过程中预测信息泄露量的数学模型,以及在截获信息时评估安全威胁程度的数学模型。现实意义。本文提出了在所提出的方法框架内开发的计算机设备通过TEMPEST渠道识别信息泄漏威胁的复杂程序操作的主要选择。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信