scholarly journals ANALYSIS OF TYPICAL NETWORK ATTACKS ON AUTOMATED SYSTEMS OF INTERNAL AFFAIRS DEPARTMENTS

2020 ◽  
Vol 47 (1) ◽  
pp. 72-85
Author(s):  
I. G. Drovnikova ◽  
Е. S. Ovchinnikova ◽  
V. V. Konobeevsky
Keyword(s):  
Access Network ◽  
Automated System ◽  
Export Control ◽  
Information Protection ◽  
Automated Systems ◽  
Security Threat ◽  
Security Systems ◽  
Network Attacks ◽  
Functional Features ◽  
Internal Affairs

Abstract. Aim Important contemporary trends in the theory and functional practice of secure automated systems at informatisation facilities of internal affairs bodies include an increase in the number of threats realised through remote unauthorised access (network attacks) on confidential in-formation resources, as well as the increasing complexity of implementing mechanisms aimed at providing protection from such attacks. In order to increase the effectiveness of existing and prospective automated security systems at the informatisation facilities of internal affairs bodies, it is necessary to identify and analyse typical network attacks aimed at components and software comprising these systems.Method. The method for solving this problem consists in a comprehensive analysis of the process of implementing network attacks on automated systems when they are used in secure mode in the informatisation facilities of internal affairs bodies.Results. Based on the analysis of information held in the security threat database developed by the Russian Federal Service for Technical and Export Control (FSTEC), modern features and operations of secure automated systems on the informatisation facilities of bodies of internal affairs and the results of a survey of experts in the field of information protection of allocated in accordance with the classification typology, eight types of dan-gerous attacks on automated systems of the internal affairs bodies are described taking into account their sources, objects, effects and possible consequences of implementation.Conclusion. The presented results are of use in further studies to conduct a quantitative assessment of the danger of typical attacks and for developing a private model of actual attacks for a specific automated system, taking into account their functional features in secure mode operations at the informatisation facility of the internal affairs body.

scholarly journals Network attacks main danger indicators formation in Internal Affairs Bodies automated systems

2020 ◽  
Vol 27 (3) ◽  
pp. 6-17
Author(s):  
Irina G. Drovnikova ◽  
Elena S. Ovchinnikova2 ◽  
Evgeni A. Rogozin
Keyword(s):  
Automated Systems ◽  
Network Attacks ◽  
Internal Affairs

scholarly journals Methods for assessing the efficiency of access control subsystems at informatization facilities of internal affairs bodies and aspects of their improvement

2021 ◽  
Vol 48 (2) ◽  
pp. 29-39
Author(s):  
A. V. Batskikh ◽  
V. V. Konobeevskikh ◽  
S. V. Efimov
Keyword(s):  
Information Security ◽  
Access Control ◽  
Information And Communication Technologies ◽  
System Analysis ◽  
Security Level ◽  
Automated Systems ◽  
Security Systems ◽  
Advantages And Disadvantages ◽  
Industry Standards ◽  
Internal Affairs

Objective. The purpose of the article is to analyse the existing methodology used to assess the efficiency of automated information security systems by studying open literature sources, international and industry standards of the Russian Federation on information security of automated systems, guidelines and orders of the Federal Service for Technical and Expert Control of Russia, as well as departmental orders, instructions and regulations on information security at informatization facilities of internal affairs bodies. The analysis results in identifying the advantages and disadvantages of the specified methodology, as well as the possibilities of its use when conducting a quantitative assessment of the efficiency of access control subsystems of information security systems at the informatization facilities of internal affairs bodies. Methods. To achieve this goal, the method for system analysis of approaches used to assess the efficiency of information security tools and systems has been applied. Results. The paper presents results of analysing the main approaches used to assess the efficiency of tools and systems for information security of automated systems. The paper determines the relationship between the efficiency indicator of access control subsystems of information security systems and the main disadvantage of their use in protected automated systems of internal affairs bodies. The paper substantiates main directions of improving the existing methodology, proposes methods and indicators for quantifying the efficiency of access control subsystems (including those modified on the basis of using new information and communication technologies) of information security systems in protected automated systems of internal affairs bodies. Conclusion. The results obtained can be used to quantify the security level of existing automated systems and those being developed at informatization facilities of internal affairs bodies.

scholarly journals THE FORMATION OF AN EFFECTIVE SYSTEM OF INFORMATION PROTECTION IN THE DIGITAL EDUCATIONAL SPACE

2019 ◽  
Author(s):  
Э.Д. Алисултанова ◽  
Д.С. Бицалов
Keyword(s):  
Information Technology ◽  
Information Security ◽  
Software Package ◽  
Information Leakage ◽  
Information Protection ◽  
Security Systems ◽  
Network Attacks ◽  
Internal Network ◽  
Effective System ◽  
Client System

Данная статья направлена на формирование эффективной системы защиты информации. В настоящее время ввиду совершенствования информационных технологий все более актуальной становится проблема защиты информации, так как вместе с улучшением методов защиты информации, к сожалению, развиваются и методы утечки информации. В данной статье рассмотрена одна из актуальных систем защиты информации, система ViPNet Client. Программный комплекс ViPNet Client предназначен для защиты рабочих мест корпоративных пользователей. ViPNet Client надежно защищает от внешних и внутренних сетевых атак за счет фильтрации трафика. Кроме того, ПК ViPNet Client обеспечивает защищенную работу с корпоративными данными через зашифрованный канал, в том числе для удаленных пользователей. This article is aimed at the formation of an effective system of information security. Currently, in view of the improvement of information technology, the problem of information security remains more urgent, as together with the improvement of information security methods, information leakage methods are unfortunately developing. This article describes one of the current information security systems, ViPNet Client system. The ViPNet Client servage software package is designed to protect the workplaces of corporate users. ViPNet Client podaressis protects the cigar from external and internal network attacks by filtering the representation of the traffic. In addition, the ViPNet Glukharev Client PC provides secure nonadministrative work with corporate data shunning through an encrypted channel, including for remote eliminated users.

Near-Perfect Automation: Investigating Performance, Trust, and Visual Attention Allocation

2021 ◽  
pp. 001872082110328
Author(s):  
Cyrus K. Foroughi ◽  
Shannon Devlin ◽  
Richard Pak ◽  
Noelle L. Brown ◽  
Ciara Sibley ◽  
...  
Keyword(s):  
Visual Attention ◽  
False Alarm ◽  
Real Time ◽  
Subjective Experience ◽  
Automated System ◽  
Automated Systems ◽  
High Stakes ◽  
Individual Level ◽  
Scan Pattern ◽  
Subjective Trust

Objective Assess performance, trust, and visual attention during the monitoring of a near-perfect automated system. Background Research rarely attempts to assess performance, trust, and visual attention in near-perfect automated systems even though they will be relied on in high-stakes environments. Methods Seventy-three participants completed a 40-min supervisory control task where they monitored three search feeds. All search feeds were 100% reliable with the exception of two automation failures: one miss and one false alarm. Eye-tracking and subjective trust data were collected. Results Thirty-four percent of participants correctly identified the automation miss, and 67% correctly identified the automation false alarm. Subjective trust increased when participants did not detect the automation failures and decreased when they did. Participants who detected the false alarm had a more complex scan pattern in the 2 min centered around the automation failure compared with those who did not. Additionally, those who detected the failures had longer dwell times in and transitioned to the center sensor feed significantly more often. Conclusion Not only does this work highlight the limitations of the human when monitoring near-perfect automated systems, it begins to quantify the subjective experience and attentional cost of the human. It further emphasizes the need to (1) reevaluate the role of the operator in future high-stakes environments and (2) understand the human on an individual level and actively design for the given individual when working with near-perfect automated systems. Application Multiple operator-level measures should be collected in real-time in order to monitor an operator’s state and leverage real-time, individualized assistance.

scholarly journals AUTOMATED SYSTEM FOR ESTIMATION-EFFICIENCYSOFTWARE MEANS OF IN-FORMATION PROTECTION

2019 ◽  
Vol 2019 (2) ◽  
pp. 25-32
Author(s):  
Алексей Горлов ◽  
Aleksey Gorlov ◽  
Михаил Рытов ◽  
Mikhail Rytov ◽  
Дмитрий Лысов ◽  
...  
Keyword(s):  
Information Security ◽  
Automated System ◽  
Security Threats ◽  
Information Protection ◽  
Technical Documentation ◽  
Confidential Information ◽  
Hardware System ◽  
Material Costs ◽  
Software And Hardware

This article discusses the process of automating the assessment of the effectiveness of software and hardware information protection by creating an automated system. The main functions of the proposed system are: conducting an audit of information security, forming a model of information security threats, forming recommendations for creating a software and hardware system for protecting information, and creating organizational-technical documentation. The developed automated system for evaluating the effectiveness of software and hardware protection of information allows in an automated way to build a model of information security threats, to form organizational and technical documentation governing the protection of confidential information, and also to make recommendations for improving the software and hardware system for protecting information. The use of this system will significantly reduce the time and material costs of auditing information security and developing additional measures to protect information.

scholarly journals WAYS AND METHODS OF IMPROVING FORENSIC ACTIVITIES

2020 ◽  
pp. 108-120
Author(s):  
О. Zherebko
Keyword(s):  
Law Enforcement ◽  
Best Practices ◽  
Comprehensive Analysis ◽  
Automated Systems ◽  
Law Enforcement Agencies ◽  
Legal Proceedings ◽  
Research Activities ◽  
Organizational Work ◽  
Internal Affairs ◽  
Forensic Tools

The article analyzes forensic activity as one of the forms of activity in the field of legal proceedings. A comprehensive analysis of forensic activity has allowed formulating a number of proposals regarding ways and means of improving it. Ways of improving forensic activities have been identified and proposed: increasing the level of technical and forensic support for the disclosure, investigation and prevention of crimes; implementation of measures to increase the effectiveness of the participation of specialists of expert services in conducting investigative actions and operational-search measures. There is also indicated on improving research activities and introducing into practice new technical and forensic tools, forensic methods and techniques. Conducting forensic records, analytical and organizational work based on the introduction of modern automated systems and technologies; synthesis and dissemination of best practices and analysis of expert practice; improving the selection, training and placement of employees of expert units, strengthening official and executive discipline. Intensification of interaction between the expert services of the Ministry of Internal Affairs with other departments of the internal affairs bodies, as well as with other law enforcement agencies, including at the interstate level is described.

Sign in / Sign up

Export Citation Format

Share Document