Digital Technology Security最新文献_第2页

To the question of organization of cultural and educational work in the industries of housing and communal services and construction 关于在住房、公共服务和建筑行业组织文化教育工作的问题

Digital Technology Security Pub Date : 2022-12-27 DOI: 10.17212/2782-2230-2022-4-27-38

D. Kosov, Viktor M. Belov

{"title":"To the question of organization of cultural and educational work in the industries of housing and communal services and construction","authors":"D. Kosov, Viktor M. Belov","doi":"10.17212/2782-2230-2022-4-27-38","DOIUrl":"https://doi.org/10.17212/2782-2230-2022-4-27-38","url":null,"abstract":"This article is an attempt to model in organizational terms the subsystem of a public association participating in the systemic management of housing and communal services and construction, responsible for cultural and educational work in this area. As a result, some \"boiling points\" in the housing and communal services and construction industry were identified, associated, first of all, with the lack of clear legal regulation on the part of the state in the tariff area of this area of activity. It is shown that housing education and the creation of an appropriate cultural environment significantly narrow the gap of competencies between homeowners, specialists in the field of apartment building management and specialists of management companies, increase the level of trust in relationships and provide an opportunity for the emergence of new forms of positive interaction. A conditional classification of homeowners by levels of knowledge in the field of housing and communal services and construction is proposed. The structure and approximate functionality of cultural and educational work in the frame-work of housing and communal services and construction on the basis of existing public associations in this area have been built.","PeriodicalId":207311,"journal":{"name":"Digital Technology Security","volume":"72 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-12-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134549697","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

The practice of making a Security Operations Center 建立安全运营中心的实践

Digital Technology Security Pub Date : 2022-12-27 DOI: 10.17212/2782-2230-2022-4-39-51

A. Kiselev, Igor V. Korotkikh, Valeria V. Shott

{"title":"The practice of making a Security Operations Center","authors":"A. Kiselev, Igor V. Korotkikh, Valeria V. Shott","doi":"10.17212/2782-2230-2022-4-39-51","DOIUrl":"https://doi.org/10.17212/2782-2230-2022-4-39-51","url":null,"abstract":"The rapidly changing landscape of information security threats, directly related to the development of information technologies, requires continuous automated monitoring of information security events for the purpose of quick response, retrospective analysis for targeted attacks, as well as compliance with the requirements of the regulators of the sphere. This article presents the process of creating a concept that is being implemented everywhere – an information security monitoring center. This complex, multifactorial process takes into account the elaboration of regulatory legal acts and regulatory and methodological documentation, the analysis of current international practices, the formation of a pool of technologies used, the formation of a service team and the debugging of workflows. At the same time, the possibility of the SOC's interaction with regulatory authorities, the specific of communication with customers, its own resistance to attacks, economic feasibility, the peculiarities of human psychology, etc. should be taken into account. To visualize the work of the SOC, a process diagram of the SOC's work is presented. In the article attention is paid to the choice of the core of the SOC – SIEM system. The result clearly represents the current cross-section of the Russian market of systems of this class, which is important in the context of import substitution.","PeriodicalId":207311,"journal":{"name":"Digital Technology Security","volume":"122 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-12-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122120636","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Algorithms, methods and approaches to details and enrich data, including personal data 算法、方法和途径详细和丰富的数据，包括个人数据

Digital Technology Security Pub Date : 2022-12-27 DOI: 10.17212/2782-2230-2022-4-9-26

A. Malyavko, Vladimir V. Reutov, Igor V. Korotkikh, Vladimir K. Shperling

{"title":"Algorithms, methods and approaches to details and enrich data, including personal data","authors":"A. Malyavko, Vladimir V. Reutov, Igor V. Korotkikh, Vladimir K. Shperling","doi":"10.17212/2782-2230-2022-4-9-26","DOIUrl":"https://doi.org/10.17212/2782-2230-2022-4-9-26","url":null,"abstract":"This article presents the results of a study of algorithms, methods and approaches to depersonalization and enrichment of data, including personal data. Among the types of data enrichment, demographic, geographic and behavioral data enrichments were considered, as well as statistical, semantic and pragmatic data enrichment algorithms were studied. In addition to data enrichment, categories of ontology enrichment were considered, namely expressive ontologies, lightweight ontologies such as taxonomies, and a category that includes works that use reasoning to partially replace traditional methods of knowledge extraction. Ontology enrichment is a broad area of research that can be divided into three categories of work devoted to extracting semantic knowledge from heterogeneous data. As a result of the analysis, it was found that data enrichment processes optimize sales, as well as reduce business costs, by saving finances through information management. The advantages and disadvantages of the considered approaches and methods of data enrichment and ontologies were presented. The main benefit of fortification is the increased value and accuracy of information that helps companies make important business decisions. The main disadvantage is the risk of growing redundant data, which can lead to incorrect analytics and, accordingly, to wrong business decisions, which in turn harms the business. The significance of the analysis is also presented – on the basis of the studies carried out, it is planned to form a technical proposal for creating the basic infrastructure of the project of the NTI Central Committee \"Trusted Information Exchange Environment\" for further research on the topic of data enrichment and depersonalization.","PeriodicalId":207311,"journal":{"name":"Digital Technology Security","volume":"47 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-12-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125064086","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Risk assessment in the process of determining the system architecture 在确定系统架构的过程中进行风险评估

Digital Technology Security Pub Date : 2022-12-27 DOI: 10.17212/2782-2230-2022-4-52-62

Veronika V. Anikeeva, V. Selifanov

引用次数: 0

Methodology for forecasting the demand of graduates in IT directions 预测资讯科技方向毕业生需求的方法

Digital Technology Security Pub Date : 2022-12-27 DOI: 10.17212/2782-2230-2022-4-63-81

E. Kunts, P. Lozhnikov, Ekaterina S. Khazanskaya, A. Belykh

引用次数: 1

Study of approaches to the synthesis and detection of cloned voices (DeepFake) 克隆语音合成与检测方法研究(DeepFake)

Digital Technology Security Pub Date : 2022-09-29 DOI: 10.17212/2782-2230-2022-3-62-80

Andrey Ivanov, Stepan A. Primak, Viktor A. Mazurenko

{"title":"Study of approaches to the synthesis and detection of cloned voices (DeepFake)","authors":"Andrey Ivanov, Stepan A. Primak, Viktor A. Mazurenko","doi":"10.17212/2782-2230-2022-3-62-80","DOIUrl":"https://doi.org/10.17212/2782-2230-2022-3-62-80","url":null,"abstract":"Modern methods of protecting personal information often uses the voice biometric data of the owner of the information to identify the user. When the owner of the information voices the passphrase, he confirms his identity. However, attackers take advantage of the imperfection of such systems and develop methods for voice cloning, to create a twinkly voice for a cyberattack on personal data protection systems. Within the framework of this article, an attempt is made to explore existing methods for detecting cloned voices in order to protect information and counteract cyberattacks. Also, to achieve results, detection systems will be tested on a sample of Russian-language voice recordings taken from open sources. A comparative assessment of existing approaches is carried out in terms of their practical applicability. In particular, the requirements for the occupied memory of a computing device, computational complexity, complexity in implementation and data collection for training were taken into account. In addition, an analysis of the existing prerequisites and trends for the use of voice synthesis and substitution systems was carried out, potential risks were described, and examples of possible damage from the theft of biometric data were given. An attempt was also made to describe the experimental procedure for evaluating the performance of the considered methods with specifying and clarifying conditions. The criteria for verification and validation of the results are set, which allow drawing conclusions about the efficiency of the systems.","PeriodicalId":207311,"journal":{"name":"Digital Technology Security","volume":"43 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-09-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117137309","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

The perspective of using machine learning to classify network traffic in trusted interaction technologies 在可信交互技术中使用机器学习对网络流量进行分类的观点

Digital Technology Security Pub Date : 2022-09-29 DOI: 10.17212/2782-2230-2022-3-49-61

A. B. Arkhipova, M. Medvedev, Vladimir V. Reutov, Igor V. Korotkih

引用次数: 0

On controllability and observability of multichannel automatic control systems in the synthesis by the modal method using the polynomial matrix decomposition of the object and controller 多通道自动控制系统的可控性和可观察性问题，采用模态法对目标和控制器进行多项式矩阵分解

Digital Technology Security Pub Date : 2022-09-29 DOI: 10.17212/2782-2230-2022-3-26-48

A. Voevoda, V. Shipagin

{"title":"On controllability and observability of multichannel automatic control systems in the synthesis by the modal method using the polynomial matrix decomposition of the object and controller","authors":"A. Voevoda, V. Shipagin","doi":"10.17212/2782-2230-2022-3-26-48","DOIUrl":"https://doi.org/10.17212/2782-2230-2022-3-26-48","url":null,"abstract":"When considering the issue of synthesis of an automatic control system by a modular method using a polynomial decomposition of the transfer functions of an object and a controller, synthesis algorithms for fully controlled systems are proposed. However, the question arises about the possibilities of using this algorithm if this condition is not met. The consideration of this is-sue turned out to be especially relevant for multichannel models of objects with a non-square transfer function (having an unequal number of input and output channels). It is shown that for some fundamental terms of the theory of automatic control, such as controllability, reachability, observability, stability and some others, there are special definitions of them in the case of considering this type of objects. The term non‒square object is proposed for use, which is used mainly in foreign literature. Some restrictions on the modal synthesis of regulators by a method using a polynomial matrix separation of the object and the regulator are considered. Examples of internally and asymptotically unstable systems are given. A hypothesis is put forward about the stability of the controlled system. An example of a multichannel system \"inverted pendulum on a cart\" is considered, which is an object with a non-square matrix transfer function (in this example, the number of input actions is less than the number of output parameters). Using the static characteristics of this object, it is demonstrated that not always controlled systems can be stabilized in a given position. For example, in the case of setting the desired angle of an inverted pendulum other than zero, it is impossible to hold the position of the cart in a given coordinate. At the same time, if you set the angle at the equilibrium point as the desired angle of the inverted pendulum, then stabilization of the cart at a given coordinate becomes possible.","PeriodicalId":207311,"journal":{"name":"Digital Technology Security","volume":"5 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-09-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115521197","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Remote control of the PROTEK 3201N spectrum analyzer to solve radiomonitoring tasks 远程控制PROTEK 3201N频谱分析仪，解决无线电监测任务

Digital Technology Security Pub Date : 2022-09-29 DOI: 10.17212/2782-2230-2022-3-9-25

S. V. Bykov, Igor V. Isakov, Bogdan S. Shwenk

{"title":"Remote control of the PROTEK 3201N spectrum analyzer to solve radiomonitoring tasks","authors":"S. V. Bykov, Igor V. Isakov, Bogdan S. Shwenk","doi":"10.17212/2782-2230-2022-3-9-25","DOIUrl":"https://doi.org/10.17212/2782-2230-2022-3-9-25","url":null,"abstract":"Electrical measuring instruments related to spectrum analyzers allow you to quickly obtain information about the distribution of energy of electrical and electromagnetic signals in a certain frequency band. The range of signal frequencies that can be measured by spectrum analyzers depends on the specific instrument model. Extending the signal frequency range measured by the spectrum analyzer increases its cost. But depending on the signal processing algorithm, spectrum analyzers with the same frequency range can also vary significantly in cost. The PROTEK3201N spectrum analyzer considered in this article costs around 50,000 rubles, while the similar GW Instek GSP-7730 spectrum analyzer costs about 150,000 rubles. Given the range of prices, the PROTEK3201N spectrum analyzer can be considered as the best option for implementing a system for measuring the parameters of high-frequency electrical and electromagnetic signals. One of the areas of application of this equipment is radio monitoring within the controlled area. Radio monitoring is understood as a set of measures to determine the frequency and level of electromagnetic signals, and their identification. The essence of identification is to determine whether the detected electromagnetic signals belong to a regular radio transmitter or a device that performs unauthorized removal of information from a con-trolled area. One of the possible identification methods is a detailed analysis of the electromagnetic signal spectrum shape. This can be achieved by changing the scanning step of the frequency range by the radio receiver. It is spectrum analyzers that have the most developed functionality for changing the scanning step without changing the frequency range in which radiomonitoring is performed.","PeriodicalId":207311,"journal":{"name":"Digital Technology Security","volume":"14 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-09-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127941439","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Technologies and methods for creating systems of secure information exchange 建立安全信息交换系统的技术和方法

Digital Technology Security Pub Date : 2022-09-29 DOI: 10.17212/2782-2230-2022-3-81-97

I. Reva, Igor A. Ognev, A. Yakimenko, O. Alsova

{"title":"Technologies and methods for creating systems of secure information exchange","authors":"I. Reva, Igor A. Ognev, A. Yakimenko, O. Alsova","doi":"10.17212/2782-2230-2022-3-81-97","DOIUrl":"https://doi.org/10.17212/2782-2230-2022-3-81-97","url":null,"abstract":"This article presents a description of existing technologies and methods for creating secure information exchange systems. To date, secure information exchange systems are built in accordance with two technologies – VPN technology and cryptographic protocols SSL and TSL, as well as in accordance with combinations of these technologies. The necessity of creating network security systems is considered. The rapid development of network technologies leads to an equally rapid increase in information security risks for companies in both the public and private sectors. The requirements of the legislation of the Russian Federation in the field of ensuring the security of networks are presented. The principles of network security design are described. The analysis of existing projects and implementations of network security was carried out. A description of the existing and methods for constructing secure information exchange systems is given. The technologies for building secure information exchange systems based on VPN technology, as well as the algorithms for building VPN connections – PPTP, IPSec, L2TP, SSTP, OpenVPN, GOST VPN are considered. The most common technical and software information security tools that use VPN to build a secure information exchange are described – the products of the companies InfoTeKS, Security Code, S-Terra. The technology of constructing secure information exchange systems based on SSL and TLS cryptographic protocols is considered. This article identifies the most common problems in building secure information exchange systems – the presence of a large number of manufacturers of information security tools with their own ecosystem, as well as high labor, financial and time costs for ensuring the information exchange of systems of different levels of security, the security of which built on solutions from different vendors.","PeriodicalId":207311,"journal":{"name":"Digital Technology Security","volume":"31 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-09-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126616543","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0