发布求助
文献互助 智能选刊 最新文献

Digital Technology Security最新文献

筛选
英文 中文
Application of the Blue Team expertise tools in the process of monitoring information systems on the example of the TI platform (Threat Intelligence) 蓝队专业工具在信息系统监控过程中的应用(以TI平台(威胁情报)为例)
Digital Technology Security Pub Date : 2023-06-28 DOI: 10.17212/2782-2230-2023-2-34-51
A. V. Ivanov, Ivan V. Nikroshkin, Igor A. Ognev, Maksim A. Kiselev
{"title":"Application of the Blue Team expertise tools in the process of monitoring information systems on the example of the TI platform (Threat Intelligence)","authors":"A. V. Ivanov, Ivan V. Nikroshkin, Igor A. Ognev, Maksim A. Kiselev","doi":"10.17212/2782-2230-2023-2-34-51","DOIUrl":"https://doi.org/10.17212/2782-2230-2023-2-34-51","url":null,"abstract":"The purpose of this scientific study is to analyze the possibilities of increasing the effectiveness of protection against cyber threats through the use of Blue Team expert systems. The paper provides an overview of various Blue Team expert systems, including advanced detection and response (XDR) systems, information security incident response platforms (IRPs), incident management, automation and response (SOAR) systems, as well as cyber intelligence systems for threat analysis (TI). Threat Intelligence processes are analyzed, including the collection, analysis and interpretation of information about cyber threats. Particular attention is paid to the cyber intelligence platform for threat analysis – TI MISP, including the analysis of the data model of this platform. An example of working with the CVE-2022-26134 vulnerability is provided, demonstrating the effectiveness of using the TI MISP platform to identify threats and take measures to prevent them. At the end of the work, conclusions were drawn about the advantages and disadvantages of using a cyber intelligence platform for threat analysis. In this regard, the use of Blue Team expert systems, including the TI platform, in the process of monitoring information systems can significantly increase the efficiency of identifying computer incidents and provide more reliable protection of information infrastructure, despite their shortcomings.","PeriodicalId":207311,"journal":{"name":"Digital Technology Security","volume":"2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130154581","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Examination of the information security threats model for information systems 检查信息系统的信息安全威胁模型
Digital Technology Security Pub Date : 2023-06-28 DOI: 10.17212/2782-2230-2023-2-52-70
V. Selifanov, P. Zvyagintseva, Elena A. Plahotnikova
{"title":"Examination of the information security threats model for information systems","authors":"V. Selifanov, P. Zvyagintseva, Elena A. Plahotnikova","doi":"10.17212/2782-2230-2023-2-52-70","DOIUrl":"https://doi.org/10.17212/2782-2230-2023-2-52-70","url":null,"abstract":"The basis of the work is the development of an automated software tool for the examination of information security threat models developed for various information systems that process data for compliance with the requirements of regulatory legal acts and regulatory methodological documentation initiated by the Decree of the Government, the FSS and the FSTEC of Russia.","PeriodicalId":207311,"journal":{"name":"Digital Technology Security","volume":"42 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122827682","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Remote monitoring of the condition of the grounding device 远程监控接地装置的状态
Digital Technology Security Pub Date : 2023-06-28 DOI: 10.17212/2782-2230-2023-2-9-20
V. E. Mitrokhin, A. Naumov
{"title":"Remote monitoring of the condition of the grounding device","authors":"V. E. Mitrokhin, A. Naumov","doi":"10.17212/2782-2230-2023-2-9-20","DOIUrl":"https://doi.org/10.17212/2782-2230-2023-2-9-20","url":null,"abstract":"In connection with the rapid development of technologies, increasing the volume of data exchange and increasing requirements for information security, there is a need to pay special attention to the causes of possible data loss. One of the most common reasons is the quality of power supply of telecommunications networks. Since the density of elements on the microcircuit crystals has increased many times over, the breakdown voltage of these elements has significantly decreased. Therefore, with a slight overvoltage or electromagnetic influence, electronic components may fail, or errors may occur in the transmission of information, and even data destruction in memory devices may occur. The quality of power supply is significantly affected by the state of the grounding device, the main parameter of which is the resistance to the flow of electric current. In order to timely detect a malfunction of the grounding device, it is necessary to provide remote monitoring of its condition. The article presents the main provisions of the method of remote monitoring of the condition of the grounding device.","PeriodicalId":207311,"journal":{"name":"Digital Technology Security","volume":"269 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124368365","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Modal design of a polynomial control system for the inverted pendulum with two degrees of freedom 二自由度倒立摆多项式控制系统的模态设计
Digital Technology Security Pub Date : 2023-06-28 DOI: 10.17212/2782-2230-2023-2-21-33
V. Shipagin, V. Filiushov
{"title":"Modal design of a polynomial control system for the inverted pendulum with two degrees of freedom","authors":"V. Shipagin, V. Filiushov","doi":"10.17212/2782-2230-2023-2-21-33","DOIUrl":"https://doi.org/10.17212/2782-2230-2023-2-21-33","url":null,"abstract":"An example of calculating an automatic control system for a multi-channel linearized model of a control object is given ‒ a 2-degree of freedom pendulum on a cart with the ability to move, for a mobile board and a support rack, in two planes. This model is described by a non-square matrix transfer function with a large number of output parameters compared to the number of input parameters. A description of a linear model of an object is obtained through the state space and through a matrix transfer function. According to the obtained descriptions, it can be seen that for a linearized version of the description of the object, for different coordinate axes, the description of the system is symmetrical. In this regard, there is an approach to synthesizing the control system for each coordinate of the mobile platform separately. However, with the further transition to a nonlinear description of the system, the symmetry of the description will be violated and it will be problematic to apply the obtained regulators for a nonlinear object in some cases. In this article, the work of the algorithm for the synthesis of the control system of the mobile platform for stabilizing the support rack to a vertical position and bringing the mobile platform to a given position at both coordinates at the same time is illustrated. The calculation was carried out using the algorithm of synthesis of the controller by a modular method using a polynomial matrix decomposition of the matrix transfer functions of the object and the controller. The simulation of the operation of the resulting automatic control system shows that the controller copes with the task of stabilizing the angle of the support post in the vertical position and bringing the mobile platform to the desired position.","PeriodicalId":207311,"journal":{"name":"Digital Technology Security","volume":"38 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122337338","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Using the IDEF0 methodology in monitoring system development 使用IDEF0方法监测系统开发
Digital Technology Security Pub Date : 2023-06-28 DOI: 10.17212/2782-2230-2023-2-71-81
Nikolay Y. Tsiberman, Viktor M. Belov
{"title":"Using the IDEF0 methodology in monitoring system development","authors":"Nikolay Y. Tsiberman, Viktor M. Belov","doi":"10.17212/2782-2230-2023-2-71-81","DOIUrl":"https://doi.org/10.17212/2782-2230-2023-2-71-81","url":null,"abstract":"There are many specialized methodologies for modeling systems and business processes. One of them is the methodology IDEF0, the relevance of which is confirmed by high efficiency of the use and rationalization of various processes taking place in complex systems. This article discusses the methodology of IDEF0, as well as its advantages and basic concepts. In the sec-ond chapter of the paper, a functional model of a monitoring system for finding vulnerabilities in local networks, developed with the help of this methodology, is described. The model was used to represent the system processes and their interaction with each other graphically, which allowed us to optimally determine the main development steps, localize the weaknesses of the system at the planning stage and improve the understanding of how the system should work. As a result, a functional model consisting of four decomposition levels and six schemes was made.","PeriodicalId":207311,"journal":{"name":"Digital Technology Security","volume":"13 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126826688","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Analysis of security protocols based on the licensed content distribution system 基于授权内容分发系统的安全协议分析
Digital Technology Security Pub Date : 2023-03-29 DOI: 10.17212/2782-2230-2023-1-26-35
Andrey D. Anikin, Kirill A. Biryukov, A. B. Arkhipova
{"title":"Analysis of security protocols based on the licensed content distribution system","authors":"Andrey D. Anikin, Kirill A. Biryukov, A. B. Arkhipova","doi":"10.17212/2782-2230-2023-1-26-35","DOIUrl":"https://doi.org/10.17212/2782-2230-2023-1-26-35","url":null,"abstract":"In recent years, the number of cyberattacks has increased significantly. Most enterprises need reliable protection of the intracorporate networks. Intrusion prevention systems allow timely and automatic response to threats of various kinds that cannot be identified by firewalls, anti-viruses and other security systems. Many companies are represented on the market, providing their signatures to implement intrusion prevention systems developed by manufacturers of network equipment or personal security. There is a need to preserve the confidentiality of these rules with the implementation of the possibility of application on devices commercial users. That’s why systems for the distribution of licensed content to consumer devices are being developed. However, it is necessary to ensure a high level of security of such systems, to avoid leaks of classified data provided by third-party vendors.","PeriodicalId":207311,"journal":{"name":"Digital Technology Security","volume":"13 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-03-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132247954","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Personal information security issues in the context of digital transformation of the economy, management and public communications 经济、管理和公共通信数字化转型背景下的个人信息安全问题
Digital Technology Security Pub Date : 2023-03-29 DOI: 10.17212/2782-2230-2023-1-36-52
M. E. Bocharnikova, T. M. Pestunova, V. Selifanov
{"title":"Personal information security issues in the context of digital transformation of the economy, management and public communications","authors":"M. E. Bocharnikova, T. M. Pestunova, V. Selifanov","doi":"10.17212/2782-2230-2023-1-36-52","DOIUrl":"https://doi.org/10.17212/2782-2230-2023-1-36-52","url":null,"abstract":"The article analyzes the main aspects of personal information security, the knowledge of which is important for a person in conditions of high rates of digitalization of social and economic spheres. They are aimed at the formation of a personal information digital space and its management in the conditions of changing technologies and the legal field in accordance with the private and business interests of the individual. The first task in this case is to make a person aware of their interests and needs in the use of the digital environment, to assess the significance of the issues of the security of their personal data. Further, attention is drawn to the development of skills for analyzing and evaluating Internet resources in the context of the reliability and purposes of information dissemination, the development of methods and means of managing your personal data available within the framework of current legislation. Examples of a number of other relevant tasks, existing opportunities for practical acquisition of knowledge and formation of skills for safe work in a digital environment for various categories of users at the current level of information technology development are considered, and those aspects that remain outside the scope of methods and technologies that are massively used to increase the level of digital literacy of the population are also identified.","PeriodicalId":207311,"journal":{"name":"Digital Technology Security","volume":"55 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-03-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115765724","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Issues of assessing the credibility of the risk management system 评估风险管理体系可信度的问题
Digital Technology Security Pub Date : 2023-03-29 DOI: 10.17212/2782-2230-2023-1-69-82
V. Selifanov, Veronika V. Anikeeva, Igor A. Ognev
{"title":"Issues of assessing the credibility of the risk management system","authors":"V. Selifanov, Veronika V. Anikeeva, Igor A. Ognev","doi":"10.17212/2782-2230-2023-1-69-82","DOIUrl":"https://doi.org/10.17212/2782-2230-2023-1-69-82","url":null,"abstract":"This article is devoted to the assessment of confidence in the risk management system. The term trust in relation to information systems is practically not used nowadays. The author proposes a procedure for assessing confidence in the risk management system, which consists of four stages: compliance with the requirements of Russian legislation and national standards, assessing the optimality of the existing risk management system and reassessing risks. A description of existing methods for assessing confidence in risk management systems has been given. It is concluded that at present there are no existing requirements to the system of risk assessment even in some segments. The paper proposes to use a pre-agreed by stakeholders’ selection of criteria for assessing risks from a system of standards that describe the process of risk assessment in terms of systems engineering. The criteria and indicators used in the standards that define systems analysis are considered. Probabilistic assessment of a few indicators is taken as the basis of risk assessment: risk of violation of reliability of process implementation without regard to information protection requirements; risk of violation of information protection requirements in the process; integral risk of violation of process implementation with regard to information protection requirements. To calculate these risk indicators the investigated entities are examined in the form of a modeled system of a complex structure. A mathematical model for assessing risks in accordance with the provisions of systems engineering standards is presented.","PeriodicalId":207311,"journal":{"name":"Digital Technology Security","volume":"367 2","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-03-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134323261","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Modal synthesis of controllers by a polynomial method for automatic control systems with excessive dimension of the control vector 针对控制向量维数过大的自动控制系统,采用多项式方法进行控制器模态综合
Digital Technology Security Pub Date : 2023-03-29 DOI: 10.17212/2782-2230-2023-1-53-68
A. Voevoda, V. Shipagin
{"title":"Modal synthesis of controllers by a polynomial method for automatic control systems with excessive dimension of the control vector","authors":"A. Voevoda, V. Shipagin","doi":"10.17212/2782-2230-2023-1-53-68","DOIUrl":"https://doi.org/10.17212/2782-2230-2023-1-53-68","url":null,"abstract":"When using polynomial methods of synthesis of multichannel regulators, there is a need for polynomial matrix calculus. However, when using this method, objects with the number of output channels equal to the number of input channels are mainly considered. This is necessary for the convenience of solving a system of linear algebraic equations in matrix polynomial computation. At the same time, a fairly large number of real technical systems have an unequal number of input and output channels. At the same time, the issue of the synthesis of generators by the polynomial method for multichannel objects with an unequal number of input and output impacts has not been worked out sufficiently deeply. One of the special cases of such systems can be considered systems with excessive dimension of the control vector. Within the framework of this work, examples of such systems and the purposes of their use are given. An illustrative example of a linear model of an unstable object with three channels for input action and two channels for output action is given. It is necessary to achieve certain quality indicators of the output vector quantity, while the control is carried out in the feedback of the system and is summed up with the input effect. The simplicity of the system under consideration is connected with the convenience of demonstrating on this example a modal synthesis method using a polynomial matrix decomposition of the transfer functions of an object and a controller for such a class of objects. In accordance with the recommendations presented in the algorithm for synthesizing regulators for objects with a non-square matrix transfer function, to solve the problem of synthesizing a regulator for systems with an excessive dimension of the control vector, the transfer function of the control object is represented as a right polynomial matrix decomposition, and the regulator is represented as a left one. During the demonstration of the example of the algorithm, some clarifications and edits are proposed in it.","PeriodicalId":207311,"journal":{"name":"Digital Technology Security","volume":"182 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-03-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114647146","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Formation of a stepped signal with minimum levels of the third harmonic 形成具有最小三次谐波电平的阶跃信号
Digital Technology Security Pub Date : 2023-03-29 DOI: 10.17212/2782-2230-2023-1-9-25
Michael M. Babichev, Daniil A. Grigoriev
{"title":"Formation of a stepped signal with minimum levels of the third harmonic","authors":"Michael M. Babichev, Daniil A. Grigoriev","doi":"10.17212/2782-2230-2023-1-9-25","DOIUrl":"https://doi.org/10.17212/2782-2230-2023-1-9-25","url":null,"abstract":"One of the important tasks of electronic instrumentation is the creation of powerful measuring generators of a sinusoidal signal, in particular, fictitious power generators for testing and verifying electricity meters. Such generators are usually digitally controlled. Get a high efficiency allows pulse-width modulation (PWM). However, when building a device based on PWM, there is a need to suppress higher-order harmonics. To simplify signal filtering, the switching frequency of the keys in the generator is increased, which reduces its efficiency. The paper presents a new method for obtaining a sinusoidal signal by adding three rectangular pulse signals having the frequency of the generated sinusoid, which makes it possible to suppress the 3rd harmonic and filter the harmonics starting from the 5th. This method allows, with high efficiency and a simple output filter, to form a sinusoid with a frequency of not only 50 Hz, but also significantly higher.","PeriodicalId":207311,"journal":{"name":"Digital Technology Security","volume":"219 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-03-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131679900","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信