Modern information security最新文献

{"title":"Human psychological and biometric factor in the development and use of social engineering methods in peacetime and wartime","authors":"M. I. Ganchenko","doi":"10.31673/2409-7292.2022.011626","DOIUrl":"https://doi.org/10.31673/2409-7292.2022.011626","url":null,"abstract":"The subject of this article is the process of influence of social engineers on people by manipulating consciousness, emotions, feelings without and with the use of modern information technology processing and simulation of biological characteristics of mankind in peacetime and wartime. The purpose and objectives are: consideration of existing methods of social engineering such as phishing, trojan, pretexting, watering hole, betting, quid pro quo, persecution, reverse social engineering through the prism of human feelings: naivety, inattention, greed, gullibility, curiosity, belonging fear; Consideration of modern technologies: handwriting forgery - My Text in your Handwriting algorithm, voice substitution - Descript's Ovrlab service, artificial dialogue - Replika application and face replacement - Deep Fake technology, which can help fraudsters to achieve their own goals of obtaining confidential data and carrying out further attacks based on them, as well as manipulating the consciousness of the real perception of events in wartime. The methods used are: psychological and sociological research methods, such as observation, social engineering methods, forecasting methods based on analysis and conclusions about future trends. The following results were obtained. Associations of methods of social engineering with feelings to which this or that psychological influence of the social engineer is directed are created. The potential of using emerging technologies with social engineering techniques to carry out more effective and sophisticated attacks, taking into account the favorite effects of criminals: haste, surprise, confusion, feelings of pity, anxiety, excitement and so on. The possibility of threats related to the procedures of authentication and authorization of users of biometric data on the basis of the considered modern technologies of imitation of biometric data of mankind: handwriting, voice, face. The scientific novelty of the research results is as follows: the importance and necessity of careful treatment of confidential information that people disseminate about themselves in all aspects of their social life; identified the main feelings on which social engineers play to achieve their own goals and benefit; the potential of development of modern technologies of imitation of biometric data of people in efficiency of carrying out attacks by methods of social engineering is specified, efficiency of use of means and methods of social engineering during information wars for influence on unstable psychological state is proved.","PeriodicalId":107068,"journal":{"name":"Modern information security","volume":"24 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114863189","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"The method of maximum plausibility in the problems of protection of the radio signal of unmanned aerial vehicles control","authors":"S. I. Ganusyak","doi":"10.31673/2409-7292.2020.041217","DOIUrl":"https://doi.org/10.31673/2409-7292.2020.041217","url":null,"abstract":"The paper considers the problem of protection of control of the radio signal of control of unmanned aerial vehicles as a task of control of signal parameters. The problem of control of a parameter of a radio signal and a problem of protection against interception by control of the unmanned aerial vehicle is formulated. The methods of estimating the parameters of the radio communication signal are analyzed and the method of estimating the parameters based on the method of maximum likelihood is proposed. This technique is demonstrated by estimating the phase of harmonic oscillation, which describes the radio signal and there are noise interference. Simulation modeling of the developed method is carried out, which confirmed the adequacy of the proposed model.","PeriodicalId":107068,"journal":{"name":"Modern information security","volume":"10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121790772","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"The Cyberattack Simulation by Graph Theory","authors":"V. Savchenko, O. Matsko, S. Legominova, I. Poltorak, V. Marchenko","doi":"10.31673/2409-7292.2019.040611","DOIUrl":"https://doi.org/10.31673/2409-7292.2019.040611","url":null,"abstract":"","PeriodicalId":107068,"journal":{"name":"Modern information security","volume":"10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134255526","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Cybersecurity risk management on the basis of game-theoretic approach","authors":"V. Savchenko, O. Matsko","doi":"10.31673/2409-7292.2019.020616","DOIUrl":"https://doi.org/10.31673/2409-7292.2019.020616","url":null,"abstract":"","PeriodicalId":107068,"journal":{"name":"Modern information security","volume":"50 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132968447","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Acoustic Authorization Method in Access Control and Control Systems","authors":"L. Kriuchkova, V. Pshonnik, M. Vovk","doi":"10.31673/2409-7292.2019.043439","DOIUrl":"https://doi.org/10.31673/2409-7292.2019.043439","url":null,"abstract":"","PeriodicalId":107068,"journal":{"name":"Modern information security","volume":"86 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132799071","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A method of countering the vulnerabilities of applications based on the Android operating system through permission management","authors":"B. V. Hoholʹ","doi":"10.31673/2409-7292.2022.024552","DOIUrl":"https://doi.org/10.31673/2409-7292.2022.024552","url":null,"abstract":"The article explores vulnerabilities and ways to protect mobile applications based on the Android operating system. The security problem has been investigated and various types of mobile application security threats have been analyzed. On the basis of the research carried out in the article, recommendations have been developed for the protection of mobile applications from cyber attacks by means of permission management.","PeriodicalId":107068,"journal":{"name":"Modern information security","volume":"73 7","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131874747","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Methods and tools for managing vulnerabilities of corporate information system based on machine learning","authors":"G. G. Nayman, D. M. Garkavenko","doi":"10.31673/2409-7292.2021.032428","DOIUrl":"https://doi.org/10.31673/2409-7292.2021.032428","url":null,"abstract":"The article highlights the general concepts of IT infrastructure, corporate information system, cyberattacks and cyberattack statistics. Vulnerability management is also described as a process of harm reduction from the implementation of threats, what problems are faced by information security professionals and ways to solve them. The possibility of using artificial intelligence in the field of information security, advantages, disadvantages, problems are considered. A hypothetical solution is proposed by developing methods and tools for managing vulnerabilities in corporate information systems using machine learning technologies.","PeriodicalId":107068,"journal":{"name":"Modern information security","volume":"20 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114338873","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Methods of increasing the security of the Internet of Things based on blockchain technologies","authors":"G. Gaidur, D. Gai, S. O. Aleksenko","doi":"10.31673/2409-7292.2020.012530","DOIUrl":"https://doi.org/10.31673/2409-7292.2020.012530","url":null,"abstract":"","PeriodicalId":107068,"journal":{"name":"Modern information security","volume":"93 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114610558","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"The Problem of Students’ DoS / DDoS Attacks on Educational Resources","authors":"Y. S. Antonov, P. V. Rymar, O. Antonova","doi":"10.31673/2409-7292.2019.045262","DOIUrl":"https://doi.org/10.31673/2409-7292.2019.045262","url":null,"abstract":"","PeriodicalId":107068,"journal":{"name":"Modern information security","volume":"59 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117310432","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Analysis of modern tools for penetration testing","authors":"T. Muzhanova","doi":"10.31673/2409-7292.2023.020005","DOIUrl":"https://doi.org/10.31673/2409-7292.2023.020005","url":null,"abstract":"Penetration testing is a security audit performed by an organization in which an expert attempts to find, penetrate, and exploit weaknesses in an organization's computer system or networks. The main goal is to find any potential weakness. It also helps organizations maintain and adhere to established standards for protecting the privacy of their customers. The article explores software tools that can be used to perform penetration testing.","PeriodicalId":107068,"journal":{"name":"Modern information security","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130118665","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}