{"title":"开发消除 \"零日 \"威胁的方法","authors":"A. I. Dubrovina, M. H. Alcordi","doi":"10.21822/2073-6185-2023-50-4-93-100","DOIUrl":null,"url":null,"abstract":"Objective. The purpose of this study is to develop and analyze methods for neutralizing «zero-day» threats in order to increase the level of cybersecurity and protection of information systems. Method. In this article, a behavioral analysis of the threat is used. The characteristic features of the zero-day exploit behavior have been studied. The threat model is based on solving the tasks of timely detection and neutralization of the threat. Result. The actual problem of information systems security - the threat of «zero-day» is considered. The review of existing neutralization methods and discussion of effective new approaches were carried out. It has been revealed that the main vulnerability is outdated threat signatures. Threat detection is based on a study of the behavior of software a comparison with the previous day tracking is possible mainly by analyzing log files taken from an automated workplace. Conclusion. The content of this work emphasizes the importance of developing methods to neutralize «zero-day» threats in order to avoid the centralized spread of vulnerability and infection of a large number of automated workplaces, which can lead to the suspension of production processes within a large enterprise.","PeriodicalId":202454,"journal":{"name":"Herald of Dagestan State Technical University. Technical Sciences","volume":"70 5","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2024-01-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Development of methods for neutralizing «Zero-day» threats\",\"authors\":\"A. I. Dubrovina, M. H. Alcordi\",\"doi\":\"10.21822/2073-6185-2023-50-4-93-100\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Objective. The purpose of this study is to develop and analyze methods for neutralizing «zero-day» threats in order to increase the level of cybersecurity and protection of information systems. Method. In this article, a behavioral analysis of the threat is used. The characteristic features of the zero-day exploit behavior have been studied. The threat model is based on solving the tasks of timely detection and neutralization of the threat. Result. The actual problem of information systems security - the threat of «zero-day» is considered. The review of existing neutralization methods and discussion of effective new approaches were carried out. It has been revealed that the main vulnerability is outdated threat signatures. Threat detection is based on a study of the behavior of software a comparison with the previous day tracking is possible mainly by analyzing log files taken from an automated workplace. Conclusion. The content of this work emphasizes the importance of developing methods to neutralize «zero-day» threats in order to avoid the centralized spread of vulnerability and infection of a large number of automated workplaces, which can lead to the suspension of production processes within a large enterprise.\",\"PeriodicalId\":202454,\"journal\":{\"name\":\"Herald of Dagestan State Technical University. Technical Sciences\",\"volume\":\"70 5\",\"pages\":\"\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2024-01-22\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Herald of Dagestan State Technical University. Technical Sciences\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.21822/2073-6185-2023-50-4-93-100\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Herald of Dagestan State Technical University. Technical Sciences","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.21822/2073-6185-2023-50-4-93-100","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Development of methods for neutralizing «Zero-day» threats
Objective. The purpose of this study is to develop and analyze methods for neutralizing «zero-day» threats in order to increase the level of cybersecurity and protection of information systems. Method. In this article, a behavioral analysis of the threat is used. The characteristic features of the zero-day exploit behavior have been studied. The threat model is based on solving the tasks of timely detection and neutralization of the threat. Result. The actual problem of information systems security - the threat of «zero-day» is considered. The review of existing neutralization methods and discussion of effective new approaches were carried out. It has been revealed that the main vulnerability is outdated threat signatures. Threat detection is based on a study of the behavior of software a comparison with the previous day tracking is possible mainly by analyzing log files taken from an automated workplace. Conclusion. The content of this work emphasizes the importance of developing methods to neutralize «zero-day» threats in order to avoid the centralized spread of vulnerability and infection of a large number of automated workplaces, which can lead to the suspension of production processes within a large enterprise.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
