MODELING, ANALYSIS, AND COUNTERACTION MEASURES FOR IMPLEMENTATION SCENARIOS OF INFORMATION SECURITY THREATS ON MOBILE DEVICES

2021 ◽  
pp. 179-192
Author(s):  
Алексей Леонидович Сердечный ◽  
Глеб Валерьевич Сторожев ◽  
Михаил Андреевич Тарелкин ◽  
Анна Степановна Пахомова
Keyword(s):  
Information Security ◽  
Mobile Devices ◽  
Petri Net ◽  
Development Process ◽  
Informed Choice ◽  
Security Threats ◽  
Security Measures ◽  
Modeling Methods ◽  
Modeling Analysis ◽  
Computer Attacks

В настоящей статье представлены результаты моделирования способов реализации компьютерных атак на мобильные устройства. Актуальность данной статьи обусловлена отсутствием наработок по формированию методического обеспечения, касающегося моделирования способов реализации компьютерных атак на мобильные устройства, учитывающего их специфику. Предложенные модели способов предназначены для формирования методического обеспечения расчета рисков и выявления оценки защищенности таких систем от актуальных сценариев реализации угроз безопасности информации, которое даёт возможность обоснованного выбора мер защиты. Построение моделей способов реализации компьютерных атак осуществлялось с использованием аппарата сетей Петри на основании сведений, содержащихся в базе данных MITRE ATT&CK. Разработанные модели взаимосвязаны по условиям и последствиям реализации основных технических приёмов, определённых в базе данных ATT&CK и актуальных для мобильных устройств (условия и последствия моделируются позициями сети Петри, а сами технические приёмы - переходами сети Петри). Также в статье затрагиваются вопросы автоматизации и совместной разработки подобных моделей. Проводится сравнительный анализ различных форм представления участков моделируемой сети Петри в контексте удобства процесса её разработки This article presents the results of modeling methods for implementing computer attacks on mobile devices. The relevance of this article is due to the lack of developments in the formation of methodological support for modeling methods for implementing computer attacks on mobile devices, taking into account their specifics. These models are intended for the formation of methodological support for calculating risks and identifying the assessment of the security of such systems from current scenarios of information security threats, which makes it possible to make an informed choice of security measures. The construction of models of ways to implement computer attacks was carried out using the device of Petri nets based on the information contained in the MITRE ATT&CK database. These models are interconnected by the conditions and consequences of the implementation of the main techniques defined in the ATT&CK database and relevant for mobile devices (conditions and consequences are modeled by the positions of the Petri net, and the techniques themselves are modeled by the transitions of the Petri net). In article also addresses the issues of automation and joint development of such models. A comparative analysis of various forms of representation of the sections of the simulated Petri net in the context of the convenience of its development process is carried out.

MODELING, ANALYSIS AND COUNTERING SCENARIOS OF INFORMATION SECURITY THREATS ON CORPORATE DISTRIBUTED COMPUTER SYSTEMS

2021 ◽  
pp. 63-72
Author(s):  
Алексей Леонидович Сердечный ◽  
Артем Александрович Шевелюхин ◽  
Михаил Андреевич Тарелкин ◽  
Александр Вильямович Бабурин
Keyword(s):  
Information Security ◽  
Petri Nets ◽  
Computer Systems ◽  
Model Development ◽  
Security Threats ◽  
Security Measures ◽  
Protection Measures ◽  
Modeling Analysis ◽  
Computer Attacks ◽  
Distributed Computer Systems

В настоящей статье представлены результаты моделирования способов реализации компьютерных атак на корпоративные распределенные компьютерные системы. Предложенные модели способов предназначены для формирования методического обеспечения расчета рисков и выявления оценки защищенности таких систем от актуальных сценариев реализации угроз безопасности информации, которое даёт возможность обоснованного выбора мер защиты. Построение моделей способов реализации компьютерных атак осуществлялось с использованием аппарата сетей Петри на основании сведений, содержащихся в базе данных MITRE ATT&CK. Разработанные модели взаимосвязаны по условиям и последствиям реализации основных технических приёмов, определённых в базе данных ATT&CK и актуальных для корпоративных распределённых компьютерных сетей (условия и последствия моделируются позициями сети Петри, а сами технические приёмы - переходами сети Петри). Также в статье продемонстрирована возможность наращивания модели за счёт включения в неё моделей мер защиты, используемых в нормативных и методических документах ФСТЭК России. This article presents the results of modeling computer attack methods on corporate distributed computer systems. The proposed models of methods are intended for the formation of methodological support for calculating risks and identifying the assessment of the security of such systems from current scenarios of information security threats, which makes it possible to choice of informed security measures. The model development of ways to implement computer attacks was carried out using the Petri nets approach based on the information contained in the MITRE ATT&CK database. The developed model is interconnected on the conditions and consequence of the basic techniques defined in the database ATT&CK and relevant for enterprise distributed computer networks (conditions and consequence are simulated positions Petri nets themselves and techniques - transitions Petri nets). In addition, the article demonstrates the possibility of increasing the model by including models of protection measures against the considered methods of implementing computer attacks, defined in the regulatory and methodological documents of the FSTEC of Russia

MODELING, ANALYSIS AND COUNTERING THE SCENARIOS OF PREPARING COMPUTER ATTACKS IN DISTRIBUTED COMPUTER SYSTEMS

2021 ◽  
pp. 193-202
Author(s):  
Алексей Леонидович Сердечный ◽  
Никита Сергеевич Пустовалов ◽  
Михаил Андреевич Тарелкин ◽  
Анна Евгеньевна Дешина
Keyword(s):  
Computer Systems ◽  
Main Stage ◽  
Security Threats ◽  
Security Measures ◽  
Modeling Analysis ◽  
Source Data ◽  
Preparation Stage ◽  
Computer Attacks ◽  
Functional Features ◽  
Distributed Computer Systems

Цель проведённых исследований заключалась в формализации действий нарушителя, совершаемых в ходе подготовки компьютерной атаки как основного этапа, на котором можно оказать противодействие нарушителю до того, как защищаемой системе будет нанесён ущерб. В настоящей статье представлены результаты разработки модели сети Петри для этапа подготовки к компьютерной атаке в распределенных компьютерных системах. Модель учитывает причинно-следственные связи между действиями нарушителя, а также условиями и последствиями реализации таких действий. Наличие таких связей позволяет определять сценарии подготовки компьютерных атак в зависимости от структурных и функциональных особенностей объекта защиты и модели нарушителя. Разработанная модель может быть использована в качестве исходных данных при моделировании угроз безопасности информации в части определения способов, используемых нарушителем при выборе объекта атаки, а также в ходе получения необходимых ресурсов для её совершения. Также в настоящей статье продемонстрирована возможность моделирования мер защиты, затрудняющих реализацию сценария к атаке. The purpose of the research was to formalize the actions of the violator committed during the preparation of a computer attack as the main stage at which it is possible to counteract the violator before the protected system is damaged. This article presents the results of the development of a Petri net model for the preparation stage for a computer attack in distributed computer systems. The model takes into account the causal relationships between the actions of the violator, as well as the conditions and consequences of the implementation of such actions. The presence of such links allows you to determine the scenarios for preparing computer attacks, depending on the structural and functional features of the object of protection and the model of the intruder. The developed model can be used as a source data for modeling information security threats in terms of determining the methods used by the violator when choosing the object of the attack, as well as in the course of obtaining the necessary resources for its commission. This article also demonstrates the possibility of modeling security measures that make it difficult to implement a scenario for an attack.

MODELING, ANALYSIS AND COUNTERING SCENARIOS OF PREPARING COMPUTER ATTACKS REALIZED BY THE GROUP APT3 IN DISTRIBUTED COMPUTER SYSTEMS

2021 ◽  
pp. 35-46
Author(s):  
Алексей Леонидович Сердечный ◽  
Александр Владимирович Айдаркин ◽  
Михаил Андреевич Тарелкин ◽  
Анна Евгеньевна Дешина
Keyword(s):  
Petri Nets ◽  
Computer Systems ◽  
Protection System ◽  
Protection Measures ◽  
Advanced Persistent Threat ◽  
Modeling Methods ◽  
Modeling Analysis ◽  
Protected Object ◽  
Computer Attacks ◽  
Distributed Computer Systems

В работе представлены результаты моделирования способов реализации долговременных целенаправленных атак на корпоративные распределённые компьютерные системы со стороны одной из опасных киберпреступных группировкок - Advanced Persistent Threat 3 (APT3). Осуществлено моделирование способов, реализуемых APT3. Построение моделей осуществлялось с использованием аппарата сетей Петри на основании сведений о технических приёмах, содержащихся в базе данных MITRE ATT&CK. Разработанные модели взаимосвязаны по условиям и последствиям реализации основных технических приёмов, актуальных для корпоративных распределённых компьютерных сетей. Реализованный подход также позволяет моделировать меры защиты, регламентируемые нормативными и методическим документами, что даст возможность принятия обоснованных решений при построении системы защиты с учётом специфики защищаемого объекта. The paper presents the results of modeling methods for implementing APT-attacks on corporate distributed computer systems by one of the most dangerous cybercrime groups - Advanced Persistent Threat 3 (APT3). The methods implemented by APT3 are modeled. The models were constructed using the Petri nets apparatus based on the information about technical techniques contained in the MITRE ATT&CK database. The developed models are interrelated in terms of the conditions and consequences of the implementation of the main technical techniques relevant for corporate distributed computer networks. The implemented approach also allows to model the protection measures from regulatory and methodological documents, which will make it possible to make informed decisions when building a protection system, taking into account the specifics of the protected object.

The Influence of Technical and Social Factors in Mitigating Threats in a BYOD-Enabled Environment

2021 ◽  
Vol 13 (1) ◽  
pp. 1-30
Author(s):  
Lizzy Oluwatoyin Ofusori ◽  
Prabhakar Rontala Subramaniam
Keyword(s):  
Mobile Devices ◽  
Social Factors ◽  
Bring Your Own Device ◽  
Security Threats ◽  
Security Measures ◽  
Banking Institutions ◽  
Social Threats

As the adoption of bring your own device (BYOD) phenomenon by businesses and other sectors continues to grow. Employees find it desirable to use their personally owned mobile devices for work without the need to differentiate between their carrier services and their organizations' network. However, this practice makes such businesses vulnerable to various security threats. Nigeria banking institutions, like other businesses globally, have adopted the BYOD phenomenon. However, BYOD trend constitutes heterogeneity, and there is large diversity in mobile devices, hence the risk of corporate data being exposed to threats increases. Thus, this paper investigates the influence of technical and social threats as it relates to BYOD phenomenon in the banking institutions. Data was collected from the employees of four banks in Nigeria that supported BYOD trend. The study found out that there are some security threats that are integrated, and the existing security measures are not sufficient to mitigate those threats. Hence, this study has presented an integrated solution to curb these threats.

scholarly journals Confidential Data Protection as a Means of Ensuring Information Security

2018 ◽  
Vol 3 (2) ◽  
pp. 85
Author(s):  
Chicherov K.A. ◽  
Norkina A. N.
Keyword(s):  
Information Security ◽  
Data Security ◽  
Personal Data ◽  
Security Threats ◽  
Security Measures ◽  
Security Threat ◽  
Confidential Data ◽  
Security Information ◽  
Types Of Information ◽  
Authorized Access

This article presents issues of protecting confidential data, ways to support information security, types of information security threats resulting in an authorized access to confidential data, countermeasures and security measures to ensure confidential data security. Keywords: confidential data, information security, information security threat(s), personal data, information systems, data security.

scholarly journals CYBER SECURITY ISSUES & CHALLENGES FACED IN HANDLING CYBERCRIMES

2020 ◽  
Author(s):  
Pranav C
Keyword(s):  
Information Security ◽  
Cyber Security ◽  
Nuclear Power ◽  
Power Plants ◽  
Security Threats ◽  
Security Measures ◽  
Paper Briefly ◽  
Modern Life ◽  
Security Issues ◽  
The World

Abstract: With rapid computerisation of all walks of life, cyber security has become a major challenge to the mankind. Cyber security is all about security of anything in cyber realm, while information security is all about security of information regardless of the realm. Cybercrimes are perpetrated by using computers and related devices / networks by individuals with sophisticated knowledge in the field of computers. Cybercrime is an evil having its origin in the growing dependence on computers in modern life. In a day and age when everything from microwave ovens and refrigerators to nuclear power plants is being run on computers, cybercrime has assumed rather sinister implications. Cybercrime perpetrators are keeping pace with innovations in technology and are way ahead of security measures taken to curb them. With huge money involved in cybercrimes, it has become a major concern. This research paper briefly defines cyber security and deals in detail with cybercrime and five major cyber security threats currently plaguing the world.

scholarly journals Social Networks Security in Universities: Challenges and Solutions

2015 ◽  
Vol 62 (s1) ◽  
pp. 53-63 ◽  
Author(s):  
Daniela Popescul ◽  
Mircea Georgescu
Keyword(s):  
Social Networks ◽  
Information Security ◽  
Academic Community ◽  
Security Policies ◽  
Correct Identification ◽  
Security Threats ◽  
Information Flows ◽  
Security Measures ◽  
Protection Measures ◽  
Policies And Procedures

Abstract Nowadays, information flows are powerfully augmented by Social Media. This situation brings along the adjustment of the traditional information security threats to this new environment, as well as the emergence of new characteristic dangers. The purpose of this study is to learn about Generation Y students’ attitude to risks and security measures when using Social Networks (SN). The correct identification of their behavior is, in our opinion, essential for the academic community. Firstly, we need to understand what their real knowledge in the field is. Then, a serious and consistent adaptation of our courses in Information Security and other subjects and a redefinition of universities’ security policies and procedures is necessary. On this basis, in an empirical study, we try to determine how much our students know about security threats and subsequent protection measures in SN.

Application of Fractal Methods to Ensure the Cyber-Resilience of Self-Organizing Networks

2019 ◽  
Vol 22 (4) ◽  
pp. 336-341
Author(s):  
D. V. Ivanov ◽  
D. A. Moskvin
Keyword(s):  
Information Security ◽  
Network Structure ◽  
Self Regulation ◽  
Security Threats ◽  
Self Organizing Networks ◽  
Self Organizing ◽  
Fractal Methods

In the article the approach and methods of ensuring the security of VANET-networks based on automated counteraction to information security threats through self-regulation of the network structure using the theory of fractal graphs is provided.

Ensuring the security of critical information infrastructure: the powers of the federal government bodies of the Russian Federation

2019 ◽  
Author(s):  
Ilia Pavlovich Mikhnev ◽  
Svetlana Vladimirovna Mikhneva
Keyword(s):  
Information Security ◽  
Federal Government ◽  
Russian Federation ◽  
Legal Status ◽  
Information Infrastructure ◽  
Critical Information ◽  
Security Service ◽  
Presidential Decree ◽  
Computer Attacks ◽  
The Russian Federation

The article discusses the competences and powers of the state authorities of the Russian Federation within their legal status in the field of ensuring the security of critical information infrastructure. Some functions and authorities in the field of information security have changed in a number of federal executive bodies. In particular, the Federal Security Service, on the basis of a presidential decree, is authorized to create a state system for detecting, preventing and eliminating the consequences of computer attacks on information resources of the Russian Federation. However, not all rights and obligations are enshrined; a number of powers cause the duality of the legal status of certain federal bodies of state power. The clarity and unambiguity of securing the rights and obligations of state bodies authorized in the field of information security are guarantees for effectively ensuring the security of important information infrastructure facilities.

Do doctors care? Validating a tool for the assessment of health information security in Spanish-speaking countries (Preprint)

2020 ◽  
Author(s):  
Jorge Andres Delgado-Ron ◽  
Daniel Simancas-Racines
Keyword(s):  
Social Media ◽  
Information Security ◽  
Mobile Devices ◽  
Media Use ◽  
Medical Doctors ◽  
Spanish Translation ◽  
Social Media Use ◽  
Attitudes And Practices ◽  
Human Aspects ◽  
Password Management

BACKGROUND Healthcare has increased its use of information technology over the last few years. A trend followed higher usage of Electronic Health Record in low-and-middle-income countries where doctors use non-medical applications and websites for healthcare-related tasks. Information security awareness and practices are essential to reduce the risk of breaches. OBJECTIVE To assess the internal reliability of the Spanish translation of three areas of the Human Aspects of Information Security Questionnaire (HAIS-Q), and to assess the knowledge, attitudes, and practices of medical doctors around information security. METHODS This is a cross-sectional descriptive study designed as a questionnaire-based. We used focus areas (Password management, social media use, and mobile devices use) from the Human Aspects of Information Security Questionnaire (HAIS-Q). Medical doctors in Ecuador answered an online survey between December 2017 and January 2018. RESULTS A total of 434 health professionals (response rate: 0.65) completed all the questions in our study. Scores were 37.4 (SD 5.9) for Password Management, 35.4 (SD 5.0) for Social Media Use and 35.9 (SD 5.7) for Mobile Devices. Cronbach’s alpha coefficient (α) was 0.78 (95% CI: 0.75, 0.81) for password management, 0.73 (95%CI: 0.69, 0.77) for mobile devices and 0.77 (95% CI: 0.73, 0.78) for Social Media Use. CONCLUSIONS Our study shows that three components of the Spanish translation of the HAIS-Q questionnaire were internally reliable when applied in medical doctors. Medical doctors with eagerness to receive infosec training scored higher in social media use and mobile device use categories.

Sign in / Sign up

Export Citation Format

Share Document