{"title":"为调查与使用恶意软件有关的网络事件提供科学和方法支持的专题问题","authors":"Yu. Nizovtsev, Oleg A. Parfylo","doi":"10.54658/ssu.27097978.2021.1.pp.55-64","DOIUrl":null,"url":null,"abstract":"The article is devoted to the problems of information security and the fight against\ncybercrime. Attention is focused on the use of software specially designed or modified for\nimplementation of cyberattacks, which, according to the formulations of the current\nlegislation, falls under the definition of «malicious program».\nThe article examines the most well-known cases of large-scale cyberattacks in\nUkraine, analyzes the course of these attacks and the destructive effectiveness of\nmalicious software.\nThe importance of forensic expertise support of the investigation of cyber incidents\nin terms of research of malicious software is substantiated. The need for proper scientific\nand methodological support of the above forensic expertise research is noted.\nThe state of scientific and methodological support of forensic expertise researches\nof malicious software is analyzed, chronological description of the development and\nimplementation of scientific and methodological materials for expertise during the\ninvestigation of cyber incidents related to the use of malicious software is presented.\nProblematic points in the study of malicious software are indicated. The limits of the\nforensic expert's competence are outlined and the impossibility to determine the\nprogram's affiliation to malicious software by a purely expert basis is substantiated. The\nclassification of malicious software proposed in the methodical recommendations is given\nin an abbreviated form.\nA comparative analysis is conducted and the advantages of the methodological\nrecommendations of the Security Service of Ukraine are specified, both in training and\ncertification of forensic experts, and actually during conducting of malicious software\nexpert researches.","PeriodicalId":427922,"journal":{"name":"Collection of Ukrainian Research Institute of Special Equipment and Forensic Expertise of the Security Service OF Ukraine","volume":"106 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-01-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Topical issues of scientific and methodological support for the investigation of\\ncyber incidents associated with the use of malicious software\",\"authors\":\"Yu. Nizovtsev, Oleg A. Parfylo\",\"doi\":\"10.54658/ssu.27097978.2021.1.pp.55-64\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The article is devoted to the problems of information security and the fight against\\ncybercrime. Attention is focused on the use of software specially designed or modified for\\nimplementation of cyberattacks, which, according to the formulations of the current\\nlegislation, falls under the definition of «malicious program».\\nThe article examines the most well-known cases of large-scale cyberattacks in\\nUkraine, analyzes the course of these attacks and the destructive effectiveness of\\nmalicious software.\\nThe importance of forensic expertise support of the investigation of cyber incidents\\nin terms of research of malicious software is substantiated. The need for proper scientific\\nand methodological support of the above forensic expertise research is noted.\\nThe state of scientific and methodological support of forensic expertise researches\\nof malicious software is analyzed, chronological description of the development and\\nimplementation of scientific and methodological materials for expertise during the\\ninvestigation of cyber incidents related to the use of malicious software is presented.\\nProblematic points in the study of malicious software are indicated. The limits of the\\nforensic expert's competence are outlined and the impossibility to determine the\\nprogram's affiliation to malicious software by a purely expert basis is substantiated. The\\nclassification of malicious software proposed in the methodical recommendations is given\\nin an abbreviated form.\\nA comparative analysis is conducted and the advantages of the methodological\\nrecommendations of the Security Service of Ukraine are specified, both in training and\\ncertification of forensic experts, and actually during conducting of malicious software\\nexpert researches.\",\"PeriodicalId\":427922,\"journal\":{\"name\":\"Collection of Ukrainian Research Institute of Special Equipment and Forensic Expertise of the Security Service OF Ukraine\",\"volume\":\"106 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-01-28\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Collection of Ukrainian Research Institute of Special Equipment and Forensic Expertise of the Security Service OF Ukraine\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.54658/ssu.27097978.2021.1.pp.55-64\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Collection of Ukrainian Research Institute of Special Equipment and Forensic Expertise of the Security Service OF Ukraine","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.54658/ssu.27097978.2021.1.pp.55-64","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Topical issues of scientific and methodological support for the investigation of
cyber incidents associated with the use of malicious software
The article is devoted to the problems of information security and the fight against
cybercrime. Attention is focused on the use of software specially designed or modified for
implementation of cyberattacks, which, according to the formulations of the current
legislation, falls under the definition of «malicious program».
The article examines the most well-known cases of large-scale cyberattacks in
Ukraine, analyzes the course of these attacks and the destructive effectiveness of
malicious software.
The importance of forensic expertise support of the investigation of cyber incidents
in terms of research of malicious software is substantiated. The need for proper scientific
and methodological support of the above forensic expertise research is noted.
The state of scientific and methodological support of forensic expertise researches
of malicious software is analyzed, chronological description of the development and
implementation of scientific and methodological materials for expertise during the
investigation of cyber incidents related to the use of malicious software is presented.
Problematic points in the study of malicious software are indicated. The limits of the
forensic expert's competence are outlined and the impossibility to determine the
program's affiliation to malicious software by a purely expert basis is substantiated. The
classification of malicious software proposed in the methodical recommendations is given
in an abbreviated form.
A comparative analysis is conducted and the advantages of the methodological
recommendations of the Security Service of Ukraine are specified, both in training and
certification of forensic experts, and actually during conducting of malicious software
expert researches.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
