Digital Technology Security最新文献

{"title":"Investigation of noisy audio recordings of speech for processing in an automated system","authors":"Nikita A. Volkov, A. V. Ivanov, Nadegda E. Karpova, Alexsander V. Chuvakov","doi":"10.17212/2782-2230-2022-2-9-20","DOIUrl":"https://doi.org/10.17212/2782-2230-2022-2-9-20","url":null,"abstract":"This article discusses the possibility of processing sound from noise using a neural network that works with image recognition. To make sure of this, spectrograms of the recorded voice of the speaker with a duration of 10 seconds and spectrograms with white noise superimposed on the recorded audio track were considered. After analyzing the noisy audio track by a sub-jective method (listening to the audio track) and analyzing the spectrograms of the noisy audio track, it was revealed that the neural network will be able to recognize the differences in the images on which the noise is visible. This is necessary in order to further train the neural net-work to recognize the noise intensity of the audio track.","PeriodicalId":207311,"journal":{"name":"Digital Technology Security","volume":"27 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-06-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124844291","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Development of a system for monitoring network traffic with filtering elements at the L2","authors":"Konstantin V. Zakharov, Maksim A. Khodorchenko, Igor D. Karpov, Igor A. Ognev, Sergei A. Zyryanov","doi":"10.17212/2782-2230-2022-2-34-47","DOIUrl":"https://doi.org/10.17212/2782-2230-2022-2-34-47","url":null,"abstract":"This article proposes a network traffic monitoring system with filtering elements at the data link layer (L2) of the OSI model. This article presents the general requirements and approaches to the construction of the proposed monitoring and filtering system. The developed device is built on the basis of SDN technology, which makes it possible to create a more flexible and multifunctional network device compared to traditional network devices. In the process of developing the device, standard methods and components available to the masses were used. Under the conditions of the tasks set, a schematic diagram of the developed device based on the TE0714 TRM model board and the SFP standard transceiver is presented. It is proposed to use the device for a monitoring system with filtering elements. Network traffic monitoring is proposed to be implemented based on the SNMP protocol to collect information from critical network nodes. It is proposed to implement network traffic filtering based on a \"white\" list of MAC addresses to limit the list of devices that have access to the system. The practical significance of this article lies in the description of the approach to the development of a fundamental device for monitoring public and personal networks with flexibly defined additional and basic functions. The proposed device, thanks to the use of SDN technology, provides individual customization for customer requests, which means the possibility of expanding functionality without purchasing new hardware and firmware. The proposed device, due to the use of SDN technology, provides individual customization for customer requests, which means the possibility of expanding the functionality without purchasing new hardware and firmware.","PeriodicalId":207311,"journal":{"name":"Digital Technology Security","volume":"16 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-06-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129721354","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Analysis of the features of information security ensuring of the automated system of operational production planning","authors":"Maksim K. Serebrennikov, Polina V. Mishhenko","doi":"10.17212/2782-2230-2022-2-48-62","DOIUrl":"https://doi.org/10.17212/2782-2230-2022-2-48-62","url":null,"abstract":"Information systems used by enterprises meet certain security requirements. The system must be protected from both external and internal threats. Developers of such systems should minimize the impact of both the human factor and various errors and failures of adjacent systems on operation of the system being developed. In this regard, various information system protection techniques are used. The paper considers the features of using some of them in ensuring information security of the automated system of operational production planning being developed at one of the operating enterprises of the Russian Federation.","PeriodicalId":207311,"journal":{"name":"Digital Technology Security","volume":"26 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-06-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122181158","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Organization of monitoring of network intrusions on the basis of freely distributable software","authors":"Viktoria A. Sitnik, D. Vishnyakov, M. V. Shcherba","doi":"10.17212/2782-2230-2022-2-63-73","DOIUrl":"https://doi.org/10.17212/2782-2230-2022-2-63-73","url":null,"abstract":"This paper presents the results of preparing a virtual bench for modeling and detecting network attacks using a freely distributed intrusion detection system (IDS). The relevance of the work is related to the growing demand for IDS as sources of information security events for security information and event management (SIEM) systems. A comparative analysis of the most popular freely distributed open-source network IDSs was carried out and the choice of the Zeek system for its use in the project was substantiated. The work uses Zeek network logs, which contain important and structured information about the analyzed network traffic. The laboratory bench was built on the basis of a Linux virtual machine and a Mininet network simulator. A graphical representation of the developed virtual stand is proposed. An experimental study of the effectiveness of an intrusion detection system is demonstrated by simulating a network denial of service attack and further analyzing the received network traffic using IDS tools.","PeriodicalId":207311,"journal":{"name":"Digital Technology Security","volume":"26 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-06-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116438168","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"The use of automated systems in computer forensics","authors":"Y. Grishin, A. V. Ivanov, Nadegda E. Karpova, Alexsander V. Chuvakov","doi":"10.17212/2782-2230-2022-2-21-33","DOIUrl":"https://doi.org/10.17212/2782-2230-2022-2-21-33","url":null,"abstract":"The rapid development and spread of new information and telecommunication technologies is acquiring the character of a global information revolution today, which has an increasing im-pact on politics, economics, management, finance, science, culture and other spheres of society within national borders and in the world as a whole. This is used not only by conscientious users of communication networks, but also by malefactors pursuing various illegal goals – personal enrichment, discrediting citizens and state bodies, spreading illegal information, ideas of terrorism and extremism. There is also a rapid growth of new types of crimes related to the use of information systems. All this requires the creation of new computer forensics tools (forensics), which is able to process a large amount of information and help in the identification, dis-closure and investigation of crimes. The article analyzes the directions of modern development of automation of search and analysis of criminally significant information. Various types of electronic traces for different types of crimes are considered. New forms of using a number of elements of artificial intelligence and the use of mathematical apparatus within the automation of expert systems to obtain the necessary evidence in relevant criminal cases are proposed. A recommendation system is proposed, which, with the help of multifactor analysis, will allow to form a \"portrait\" of a person based on the data contained on the user's electronic media.","PeriodicalId":207311,"journal":{"name":"Digital Technology Security","volume":"79 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-06-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129775046","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Analysis of methodological and technical support of procedures for assessing the security of significant objects of critical information infrastructure from unauthorized access","authors":"Evgeniy N. Pivkin, Anastasia A. Ardaeva","doi":"10.17212/2782-2230-2022-1-27-40","DOIUrl":"https://doi.org/10.17212/2782-2230-2022-1-27-40","url":null,"abstract":"This paper provides a direct analysis of existing methods for assessing the security of significant objects of critical information infrastructure, a review of their legislative framework and existing means of protecting information from unauthorized access. Such an analysis is necessary to solve problems related to the development of an integrated approach to assessing the security of significant objects of critical information infrastructure. The main guiding documents and orders of the FSTEC of Russia, Federal Law No. 187-FZ of July 26, 2017 \"On the security of the CII of the Russian Federation\" were considered. The modern market of means of protecting information from unauthorized access was analyzed. For convenience, all comparative criteria were divided into categories: general information; system requirements (minimum); supported automated workstations and servers based on well-known secure operating systems; the level of certification according to the safety requirements of the FSTEC of Russia; deployment of a protection system; component updates; the main functions of the means of protecting information from unauthorized access; clearing information; additional protection modules; centralized management and reporting; possibility of integration; licensing. The four most popular Russian groups of means of protecting information from unauthorized access were selected to participate in the comparison: Secret Net Studio; Dallas Lock 8.0-K; Diamond ACS; Blockhost Network 2.0. In order to identify methods for assessing the security of significant objects of critical information infrastructure, national standards of Russia and scientific periodicals were considered. It is shown that the methodological support of this segment of safety is not at the proper level.","PeriodicalId":207311,"journal":{"name":"Digital Technology Security","volume":"12 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-03-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131013062","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Algorithms and methods of data clustering in the analysis of information security event logs","authors":"Diana N. Sidorova, Evgeniy N. Pivkin","doi":"10.17212/2782-2230-2022-1-41-60","DOIUrl":"https://doi.org/10.17212/2782-2230-2022-1-41-60","url":null,"abstract":"Security event log files give an idea of the state of the information system and allow you to find anomalies in user behavior and cybersecurity incidents. The existing event logs (application, system, security event logs) and their division into certain types are considered. But automated analysis of security event log data is difficult because it contains a large amount of unstructured data that has been collected from various sources. Therefore, this article presents and describes the problem of analyzing information security event logs. And to solve this problem, new and not particularly studied methods and algorithms for data clustering were considered, such as Random forest (random forest), incremental clustering, IPLoM algorithm (Iterative Partitioning Log Mining - iterative analysis of the partitioning log). The Random forest algorithm creates decision trees for data samples, after which it is provided with a forecast for each sample, and the best solution is selected by voting. This method reduces overfitting by averaging the scores. The algorithm is also used in such types of problems as regression and classification. Incremental clustering defines clusters as groups of objects that belong to the same class or concept, which is a specific set of pairs. When clusters are defined, they can overlap, allowing for a degree of \"fuzziness for samples\" that lie at the boundaries of different clusters. The IPLoM algorithm uses the unique characteristics of log messages to iteratively partition the log, which helps to extract message types efficiently.","PeriodicalId":207311,"journal":{"name":"Digital Technology Security","volume":"27 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-03-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125971144","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Research of application of knowledge graphs to generate information security audit questions","authors":"Artem V. Lemyakin, Anastasiya B. Arkhipova","doi":"10.17212/2782-2230-2022-1-85-98","DOIUrl":"https://doi.org/10.17212/2782-2230-2022-1-85-98","url":null,"abstract":"The article presents approaches to research on the use of knowledge graphs to generate information security audit issues. The significance of the human factor in the audit of information security as an element of socially significant activity is shown. As a solution to the formation of an objective research base, a method of automatically generating questions based on knowledge graphs capable of identifying a set of cartoons that are subject-object relations is proposed. Existing models and a set of dynamically generated metrics were analyzed. In particular, the subjective method of the five-point Makoto Nagao scale and the machine method of the automatic evaluation system based on the N-gram method. Advantages and disadvantages of research methods are analyzed, task setting for further research is presented.","PeriodicalId":207311,"journal":{"name":"Digital Technology Security","volume":"20 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-03-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133476980","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Possibilities of analysis of nominative signs in tasks of information security","authors":"V. Khitsenko, N. Fedotov","doi":"10.17212/2782-2230-2022-1-61-84","DOIUrl":"https://doi.org/10.17212/2782-2230-2022-1-61-84","url":null,"abstract":"Using various examples, the article demonstrates and discusses the possibilities of testing hypotheses and applying information measures to identify and assess the strength of the connection of nominative features in classification problems in the analysis of information security. The main type of presentation of the initial data in this scale is a contingency table of nominative features or an \"object-feature\" table, from which frequencies of coincidence of feature categories and a contingency table can be obtained. Using this table, it is easy to test the hypothesis of independence or homogeneity of features. An alternative approach to this analysis is considered based on the Kullback statistics, which is the average discriminating information in favor of the hypothesis of the dependence of features. In particular cases, the hypothesis of the symmetry of square tables is of practical interest, which can also be tested on the basis of information measures and criteria. An example of the processing of dichotomous data of the \"yes-no\" type according to the Cochran test is shown. The paper discusses ways to measure the strength of the connection of features. Illustrative examples of calculating measures based on chi-square statistics and directed measures are considered. The possibilities of various information characteristics are discussed in the form of a relative decrease in the entropy of one feature with a known other, or in the form of a weighted average amount of information falling on different categories of a feature. These measures are useful for comparative analysis of nominative features in decision-making problems. Shannon's informativeness index, Kullback-Leibler divergence, and a measure of pairwise differentiation of protection efficiency classes according to the laws of distribution of the corresponding categories of a feature are used. The classical procedures for testing hypotheses and approaches based on information characteristics are consistently compared. The methods and examples considered in the work cover many urgent problems of information security associated with nominative features.","PeriodicalId":207311,"journal":{"name":"Digital Technology Security","volume":"35 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-03-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122228962","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"An integrated approach to assessing the security of significant objects of critical information infrastructure from unauthorized access","authors":"Viktor M. Belov, Evgeniy N. Pivkin, Anastasia A. Ardaeva","doi":"10.17212/2782-2230-2022-1-9-26","DOIUrl":"https://doi.org/10.17212/2782-2230-2022-1-9-26","url":null,"abstract":"The number of cybersecurity events in the modern world has increased significantly, of which a significant number fall on objects of critical information infrastructure. This paper discusses the main requirements for models for assessing the security of significant objects of critical information infrastructure from unauthorized access, classification of ambiguous source information, a generalized algorithm for assessing the level of security of significant objects of critical information infrastructure from unauthorized access, a fuzzy model for assessing the level of security using point and linguistic scales. It also determines the procedure for assessing the security of significant objects of critical information infrastructure from unauthorized access. Among the main requirements for models for assessing the security of significant objects of critical information infrastructure from unauthorized access are the following: versatility, extensibility, formalizability, simplicity, multifactoriality. The generalized algorithm for assessing the level of security of significant objects of critical information infrastructure from unauthorized access includes four computational blocks: in block 1, the collection and primary processing of information is carried out; in block 2, calculations using fuzzy evaluation algorithms with linguistic and point scales are used; in block 3, the effectiveness of information security employees is evaluated; in block 4, the levels of security of significant objects of critical information infrastructure from unauthorized access are predicted using fuzzy time series; in block 5, the estimates obtained at previous stages of calculations are examined using data processing techniques and draw appropriate conclusions for decision-making.","PeriodicalId":207311,"journal":{"name":"Digital Technology Security","volume":"25 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-03-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125471385","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}