Software systems and computational methods - rubric Forms and methods of information security administration

Abstract: The subject of the research is the problem of identifying and countering intrusions (attacks) in information security systems (ISS) based on the system-conceptual approach, developed within the framework of the RFBR funded project No. 19-01-00383. The object of the research is neural networks and information security systems (ISS) of automated data processing systems (ADPS). The authors proceed from the basic conceptual requirements for intrusion detection systems - adaptability, learnability and manageability. The developed intrusion detection procedure considers both internal and external threats. It consists of two subsystems: a subsystem for detecting possible intrusions, which includes subsystems for predicting, controlling and managing access, analyzing and detecting the recurrence of intrusions, as well as a subsystem for countering intrusions, which includes subsystems for blocking / destroying protected resources, assessing losses associated with intrusions, and eliminating the consequences of the invasion. Methodological studies on the development of intrusion detection procedures are carried out using artificial intelligence methods, system analysis, and the theory of neural systems in the field of information security. Research in this work is carried out on the basis of the achievements of the system-conceptual approach to information security in ADPS.The main result obtained in this work is a block diagram (algorithm) of an adaptive intrusion detection procedure, which contains protection means and mechanisms, built by analogy with neural systems used in security systems.The developed general structure of the intrusion detection and counteraction system allows systematically interconnecting the subsystems for detecting possible intrusions and counteracting intrusions at the conceptual level.

Keywords: automated data processing, information protection strategies, intrusion detection systems, information security support, information protection, intelligent systems, neural networks, adaptable systems, attack detection system, software information protection

DOI: 10.7256/2454-0714.2022.3.38674

Abstract: The relevance of the study is dictated by the current state in the field of telephone fraud. According to research conducted by Kaspersky Lab, the share of users who encountered various unwanted spam calls in the spring of 2022 was at the level of 71%. The subject of the research is machine learning and deep learning technologies for determining emotions by the timbre of the voice. The authors consider in detail such aspects as: the creation of a marked-up dataset; the conversion of WAV audio format into a numerical form convenient for fast processing; machine learning methods for solving the problem of multiclass classification; the construction and optimization of neural network architecture to determine emotions in real time. A special contribution to the study of the topic is that the authors implemented a fast method of conversion sound formats into numerical coefficients, which significantly increased the speed of data processing, practically without sacrificing their informativeness. As a result, the models were trained by machine learning algorithms quickly and efficiently. It should be particularly noted that the architecture of a convolutional neural network was modeled, which allowed to obtain the quality of model training up to 98%. The model turned out to be lightweight and was taken as the basis for training the model to determine emotions in real time. The results of the real-time operation of the model were comparable with the results of the trained model. The developed algorithms can be implemented in the work of mobile operators or banks in the fight against telephone fraud. The article was prepared as part of the state assignment of the Government of the Russian Federation to the Financial University for 2022 on the topic "Models and methods of text recognition in anti-telephone fraud systems" (VTK-GZ-PI-30-2022).

Keywords: emotions, information security, mel-kepstral coefficients, convolutional neural networks, classification, neural network training, machine learning, artificial intelligence, phone fraud, fraud

DOI: 10.7256/2454-0714.2021.3.36226

Abstract: This article is dedicated to construction of the system of information security in automated data processing systems that function by analogy with the human immune system. The subject of this research is the development of the procedure for countering external intrusions of viruses, spam, and other destructive software programs in automated data processing systems. The object of this research is the systems of ensuring information security in automated data processing systems and human immune system. Methodological research on elaboration of the procedure for identification of intrusion is conducted via methods of artificial intelligence, systemic analysis, theory of neural and immune systems in the sphere of ensuring information security based on the achievements of systemic analysis and a systemic-conceptual approach towards information security in automated data processing systems. The main result lies in the developed general procedure for the functionality of the system of ensuring information security in countering external intrusions in the form of block-diagram and its description. The procedure is based on the idea of similarity in functionality of the mechanisms and procedures for protection against external intrusions in both, human immune system and automated data processing system, as well as drawing parallel between them. The main peculiarity of the developed procedure lies in its applicability to the accepted classification of the initial external environment of intrusion onto physical, information, field, and infrastructure environments. Such approach guarantees the novelty of the development from the perspective of constant updating of human immune system countering mechanisms to the external intrusions and its application for each environment in applicable to automated data processing systems.

Keywords: neural systems, intelligent systems, intrusions detection system, information protection, information security systems, human immune system, artificial immune systems, cellular immunity, humoral immunity, systems approach

DOI: 10.7256/2454-0714.2024.2.41036

Abstract: The article focuses on security and fire alarm systems (SFAS) as means of ensuring the safety of facilities, viewing them as integrated complexes for promptly detecting potential threats. The main emphasis is on detectors, including their classification and role within the system. The article examines various configurations of SFAS and ways of connecting and processing signals from detectors, allowing for an evaluation of how these factors affect the system's effectiveness. The lifecycle of SFAS is described, highlighting the importance of each stage from design to operation. The article provides an overview of regulatory documents, emphasizing the importance of compliance with standards and requirements when implementing SFAS. Recommended for security professionals and individuals interested in delving into this topic. Additionally, the article addresses issues related to the placement of SFAS and their impact on system effectiveness. It analyzes vulnerabilities arising from irrational placement of components and presents a methodology for optimizing placement to enhance security. The methodology is described step by step, considering input and output processes at each stage. The authors conduct practical testing of the methodology in an educational laboratory with an installed SFAS, identifying placement errors and formulating recommendations for correction. The article is beneficial for professionals in the design and installation of SFAS, as well as for those seeking to improve the level of protection of facilities, accentuating the critical importance of proper component placement.

Keywords: Protection, Installation, Components, Optimization, Effectiveness, Methodology, Placement, Fire alarm, Security systems, Design

DOI: 10.7256/2454-0714.2017.3.23311

Abstract: The research is devoted to the topical issue of ensuring security of heterogeneous information platforms applying the multi-agent threat detection systems. The object of the research is the multi-agent platform. The author pays special attention to such aspects of the topic as security of multi-agent platforms, managing threat detection agents, interaction between different threat detection agents, and vulnerability of multi-agent platforms. The author also analyses tendencies for developing new distributed security structures. In his research Lyapustin offers a mutl-agent structure that can be used by security service as well as a general scenario for deploying security policy in threat detection multi-agent systems. In terms of theory, the results of the research demonstrate the need to extend the scope of the multi-agent approach and integrate it with the intelligent analysis of information systems development and operation. The result of the research is the concept of a secure multi-agent platform that can be used in the treat detection multi-agent system.

Keywords: threat detection agent, heterogeneous information platforms, multi-agent platform, intelligent protection system, threat detection, information security, analysis systems, detection algorithms, agent platform, multi-agent system

DOI: 10.7256/2454-0714.2018.2.23086

Abstract: The article deals with the economic aspects of building protection systems against computer attacks for information-computing and automated systems for various purposes. An objective assessment of the cost of the life cycle of systems to protect against computer attacks is one of the most important factors that determines the strategy for choosing a rational option for building defense systems. The subject of the study are the economic aspects of choosing options for building defense systems against computer attacks, as well as minimizing the financial costs of their creation and operation. The object - the system to protect against computer attacks. The methodology of this study is based on the use of an integrated approach to assessing the life cycle cost of protection systems as the costs included in the calculation year, including the share of the cost of the protection system, the costs of its implementation, operation during the use of the protection system, and the costs of its disposal at the end service life. Scientific novelty of the work is to create a real practical methodology that allows to evaluate all the components of one-time and current costs that are included in the cost of the life cycle of systems to protect against computer attacks. The offered technique allows to carry out an estimation of cost of a life cycle of several alternative variants of construction of system of protection against computer attacks and to make a choice of admissible on cost variants of construction of system of protection.

Keywords: operating costs, total cost of ownership, cost estimation, current expenses, non-recurrent costs, life cycle cost, information security, protection system, computer attacks, information-computing systems

DOI: 10.7256/2454-0714.2015.1.14010

Abstract: Mechanisms to collect and convert the format of presentation of the initial information are essential in the functional structure of management systems for information security incidents. Therefore, the paper discusses the development of a module for events translation, which provides merging registration events into one point. And it is also important to have the ability to implement transfer of raw data from single sensors into the consolidated database system of correlation. This requires development of a mechanism of data aggregation with further normalization and prioritization which provides source data compression for subsequent decision making on the presence / absence of information security incident over the current period. The authors carried out the development of the mathematical apparatus for translation events module for perspective management systems for information security incidents, which provides merging registration events from many sources into one point. In this paper the authors propose a mechanism for gathering and converting the format of presentation of the initial information, including: a procedure for data converting before transporting by assigning alpha or numeric identifier to fields of registration logs line by line and splitting these identifiers into groups; procedures of categorization and prioritization; algorithm for aggregating data about events, based on the calculation of the sample coefficient of correlation between signs of elementary events.

Keywords: event of information security, information security, incident management, management systems for information security incide, data extraction, registration logs, data normalization, events categorization, eventss prioritization, data filtering

DOI: 10.7256/2454-0714.2015.1.66217

DOI: 10.7256/2454-0714.2016.1.18330

Abstract: The article is devoted to the main types of users’ unauthorized activity and analysis of existing approaches to the data security on the Internet, their design and technical implementation features. The authors of the article examine the control system designated not only to monitor but also to prevent malicious activity in corporate computer network. The authors also demonstrate the construction of the security system as one of the main organization departments and the system maintenance after it has been implemented. The authors provide the list of the main information leakage channels. After that, the authors unfold the problem step by step from the methods used by intruders to get unauthorized access to the corporate computer network to the actions the data protection system must perform. The authors describe the full chain of actions to be completed by the security system. The results of the research allow to compare the existing methods and services protecting the computer network from unauthorized access both outside and inside the enterprise. The authors also develop the recurrence scheme for creating the security system, outline the scope of functions to be performed and analyze the security of the services used.

Keywords: neuronet, system vulnerability, intruder, security, computer networks, Cisco, Internet, computer system, unauthorized access, confidential information

DOI: 10.7256/2454-0714.2021.4.37072

Abstract: This article is dedicated to the problem of detecting intrusions of unknown type based on neural networks that bypass the system of information security in automated data processing systems and are not recognized as spiteful. Development of the means, methods and measures for detecting or preventing such hidden attacks is of particular relevance. Methodological research on the development of procedure for detecting intrusions are based on the achievements of systemic analysis, systemic-conceptual approach towards protection of information in automated data processing systems and achievements of the theory of neural systems in the area of ensuring information security. The object of this research is the intrusions of unknown type in automated data processing systems. The subject is the neural networks, namely neural networks of direct action. The main result lies in the development of neural network of direct action in form of the diagram of neural network links for detecting intrusions. For solving this task, the author developed: 1) The system of input indicators of the neural system; 2) Scales for the assessment of values of the formed indicators; 3) General procedure for detecting intrusions based on neural networks, the essence of which consists in implementation of the following sequence of actions: a) formation of the list of all the main parties to the process of detection of intrusion; b) formation of the set of parameters that characterize each of them; c) formation of the set of numerical characteristics for each parameter using the assessment scales of the formed indicators; d) analysis of the parameters of the configuration of neural network The developed procedure may serve as the basic in further practical developments of the concept of detecting intrusions of unknown types based on neural networks.

Keywords: intelligent systems, intrusion detection system, systemic approach, intrusion, neural network, information protection, information security system, artificial immune systems, neural network diagram, neural network parameters

DOI: 10.7256/2454-0714.2016.1.67594

Keywords: neuronet, system vulnerability, intruder, security, computer networks, Cisco, Internet, computer system, unauthorized access, confidential information

Abstract: The article reviews the architecture of a developed system for spelling verification of Finno-Ugric languages. The architecture of this system is divided into functional units, each of them is given a detailed description. The article contains graphics showing the relationship of functional blocks of the system. The author also discusses the main advantages of the proposed system in comparison to existing solutions and gives a diagram of the developed system.

Keywords: Software, spelling verification, spell check, computer linguistics, natural lan guage processing, system architecture, finno-ugric languages, spell-checker, functional blocks, linguistic components

DOI: 10.7256/2454-0714.2019.1.29048

Abstract: Detecting insider threats is a task that analysts and information security administrators address in the commercial sector and in government organizations. Up to 75% of incidents involving insider actions are still detected manually. Detection of insider threats in an organization can be carried out using a set of organizational and technical measures. To identify them, the authors propose the use of behavioral and technical indicators. The aim of the article is to increase the effectiveness of countering random and malicious insider information security threats by developing a method for detecting insider activity in an organization. To achieve this goal authors used set-theoretic modeling, a hierarchy analysis method, a fuzzy logic apparatus and a fuzzy inference system. As a result of the study authors developed a method that allows detecting insider activity in an organization based on evaluating an employee's predisposition to insider activity and identifying an insider as a result of recording an information security incident. The developed method can be used to create an automated system for identifying insiders in an organization.

Keywords: threats, counteraction, insider detection, insider, information security, internal threats, security, organization, automated systems, modeling

DOI: 10.7256/2454-0714.2019.3.30583

Abstract: The subject of the research is the concept of creating intelligent information protection systems based on neural network intrusion detection systems in automated data processing systems, developed as part of the funded project of the RFBR No. 19-01-00383. The object of the study is the intelligent information protection systems in automated data processing systems, built on the basis of neural intrusion detection systems, and later on the mechanisms of artificial immune systems. The authors consider adaptability, learning ability and controllability as the main conceptual requirements for the intrusion detection systems. Particular attention is focused on the construction of a flexible intelligent information protection system containing intrusion detection systems in both the nodes of the structural components of automated data processing systems, and in data transmission networks between structural components. Methodological studies of the chosen research direction are carried out using the methods of artificial intelligence, system analysis, the theory of intelligent information systems in the field of artificial intelligence. The work uses the achievements of a system-conceptual approach to information protection in automated data processing systems. The main result of the study is the conclusion that successful protection of information in automated data processing systems can only be carried out in a network in the form of interconnected local intrusion detection systems using neural network technologies combined into a single head center based on a system-conceptual approach. To combat unauthorized intrusions, it is necessary to adopt a unified systematic approach based on uniform legal, organizational and technical measures to protect information. The application of a system-conceptual approach to the creation of intrusion detection systems based on neural network technologies will contribute to the development of new tools, methods and activities for the intelligent management of information security in automated data processing systems.

Keywords: attack detection system, adaptable systems, automated data processing, information security strategies, intrusion detection systems, neural systems, protection of information, intelligent systems, software information protection, hardware information protection

DOI: 10.7256/2454-0714.2015.1.14124

Abstract: The subject of study is the problem of formalized description of conflicts arising in the protection of information from unauthorized access, for more information on possible action potential enemy and their consequences for the benefit of the selection and implementation of the defense strategy of information in automated systems. The initial data are the list of objects of the automated system and the value of the processed information to them; a list of information security and their cost; a list of possible methods of implementing the threat of unauthorized access to information, cost and efficiency. The result is the most effective means of protection configuration information for each object with the estimates of the effectiveness and cost of its implementation. Methods used: game theory, probability theory, reliability theory, system analysis, the theory of the collection and processing of expert information. The application of the developed models of information security processes for optimum configuration of information security for which each option protection system is characterized by unique quantification of having a clear physical meaning (security measure), so it is possible to choose a specific embodiment of the object of protection of the automated system by the criterion of maximum security (with cost constraints) or minimum value (for fixed requirements for security). Furthermore, the optimization of the composition and structure of information protection system design and in changing the original data is not time-consuming.

Keywords: evaluation of data protection, threats to information security, security risk management, modeling of information security, modeling of information threats, information security management, information protection, information security, unauthorized information exposure, criteria for data protection

DOI: 10.7256/2454-0714.2015.1.66218

DOI: 10.7256/2454-0714.2013.1.62447

Abstract: the article presents a problem of creating digital watermarks for image files. The authors analyze the main characteristics and requirements to the digital watermarks, introduces a mathematical model of digital watermark generation for “hard” and “soft” stegodetectors. The article analyses the algorithm of message implementation and it proposes the application of the described stego algorithm for solving the problem of copyright check to a specific multimedia file.

Keywords: Software, digital watermarks, format methods, steganos algorithms of spatial area, steganos algorithms of the field of transformation, multimedia, media space, copyright, copyright protection, inter-format conversation

DOI: 10.7256/2454-0714.2023.2.43552

Abstract: The article is devoted to the organization of the educational process using a specialized laboratory stand of security and fire systems. The main purpose of the paper is to form professional competencies of students in the field of security and safety systems. The paper describes in detail the structure and components of the laboratory stand, emphasizing the importance of its key elements - the control panel "Astra-812 Pro" and a variety of detectors. This allows students to practically apply theoretical knowledge, studying the functioning and interaction of various components of the security and fire system. The article also presents schemes of connection of detectors to the expander, allowing students to more deeply understand the technical side of the process. The steps of the bench training are disclosed to support step-by-step, sequential learning. The study emphasizes the effectiveness of the proposed learning system, which involves direct student interaction with hands-on equipment. The findings confirm the significance of using such training stands in modern higher professional education, emphasizing their contribution to the formation of the necessary professional competencies in future specialists in the field of safety and security. Scientific novelty of the work consists in the development and application of a specialized training stand for teaching students to work with security and fire systems. This allows students to get direct experience of interaction with the equipment, deepen their understanding of the technical aspects of the systems operation and improve their practical skills. The work also contributes to research on educational approaches in the field of safety and security by proposing an effective teaching methodology through the use of a laboratory bench. This provides a platform for further research and development in this area that can broaden and deepen the educational opportunities in the field.

Keywords: student training, educational approaches, wiring diagrams, professional competencies, security system, detectors, monitoring device, fire protection system, training stand, practical skills

DOI: 10.7256/2454-0714.2023.4.69055

Abstract: The article focuses on the process of teaching students technical aspects of video surveillance systems in the course "Technical Means of Security". The main attention is paid to the methods of developing professional competencies related to installation and configuration of equipment, mastering video surveillance software and mastering the application of facial recognition technologies. The article describes laboratory work in detail, starting from the theoretical basis laid at the beginning of the course to practical skills such as connecting cameras, configuring programs and creating databases for identifying individuals. The learning process includes preparation and analysis of theoretical material, performance of laboratory works, as well as testing and evaluation of the obtained results. The result is to provide learners with a comprehensive understanding of video surveillance systems and practical skills relevant for their future careers in security and use in everyday life. The research methodology in the article combines theoretical learning and practical laboratory work. It includes the steps of connecting video monitoring cameras, configuring software and facial recognition algorithms. Students gained experience with real equipment and programs, which contributed to deep learning of the material and development of practical skills. The scientific novelty of this article lies in the integrated approach to teaching students how to use video surveillance systems, including technical aspects of connecting the equipment, configuring software and face recognition algorithms. This approach provides not only theoretical training, but also practical mastery of skills, which is innovative in the context of security technology education programs. The findings of the article emphasize the importance of practical training in student learning. It is shown that real-life experience with equipment and programs significantly improves the quality of education and readiness of students for future professional activities. The article emphasizes that modern education in the field of security systems requires the integration of theoretical knowledge and practical skills, thus providing comprehensive training of specialists in this important and relevant field.

Keywords: Identification Algorithms, Camera Connection, Practical Skills, Software, Facial Recognition, Laboratory Exercises, Student Trainin, Technical Security Devices, Video Surveillance Systems, Educational Methodologies

DOI: 10.7256/2454-0714.2014.2.12504

DOI: 10.7256/2454-0714.2014.2.65259

Abstract: according to the current state standards, “security of information assets” combines protection of four types: physical, technical, legal and cryptographic. This implies that it is a complex concept. Furthermore, in accordance with regulatory documents, protective actions for providing information security are subdivided into organizational and technical measures. Technical protective actions directed at such functions as restricting threats, deterrence, prevention, detection, notification of various events at the facility of informatization, monitoring the state of information assets, error correction, asset recovery system etc. Analysis of the current state of methods and means for the alarm system, which is the most important component of complex system of information security, showed that such systems need to be constantly improved to meet the constantly raising requirements for protection of modern objects of information. Hence it follows that development of mathematical models for calculating the probabilities of unauthorized physical penetration to information assets, forming the integrated system of information security, is an urgent task. To solve the presented problem the article uses methods of information protection, theory of graphs and probability theory. The presented results were obtained using the Maple system of computer algebra. Scientific novelty is in the methods being based on the graph theory and mathematical model of calculating the probability of unauthorized physical penetration to information assets. The model itself is built in three stages on the base of on the specific source data from the estimation of the probability of detecting an unauthorized physical penetration to information assets by alarm system.

Keywords: neograf, acyclic graph, unauthorized physical penetration, technical protection measures, protection of the information assets, orgraph, adjacency matrix, weight matrix, Dijkstra algorithm, somposition of probabilities

DOI: 10.7256/2454-0714.2016.4.21460

Abstract: The subject of this study is a comprehensive office security system based on Z-Wave network. The authors design a comprehensive system for office monitoring based on the Z-Wave network with mobile control feature. Office security is based on a comprehensive system of monitoring and controlling equipment, devices, condition sensors, fire alarm. The designed integrated security system includes the management and control of the major office facilities: the status of the fire alarm sensors, state of basic electrical devices and the status of the mechanisms of locks of doors and windows. The authors present JavaScript-based functions for running the control and management of the office security system. A method of managing complex security system through the mobile device with the Android operating system is suggested. The paper contains basic commands to control devices in the Z-Wave network. The designed complex security system significantly increases the level of security and allows to continuously monitor the appropriate device via the mobile app. The authors show technologies and the equipment necessary for the construction of an office complex security system. Low cost of building this security system allows to widely use it in all areas of business.

Keywords: controllers, mobile app, mobile device, sensors, Android, control, office equipment, Z-Wave radio protocol, security system, Z-Wave network

DOI: 10.7256/2454-0714.2016.4.68450