The method of calculating the protection of information from the interaction of users in social networks

The elements of user interaction in social networks are considered: it is shown that the method of analysis of user interactions is based on assumptions when the magnitude of the influence depends on the centrality of users in the social network; the greater the consonance, the higher the nature of the influence, the interaction is a nonlinear function; it is indicated that interaction is a process that has a time interval, the linear model of protection of the information protection system from user interaction is considered; the obtained equations of protection are the equation of a harmonic oscillator with damping amplitude, the iteration of oscillations of the protection system in the pre-resonant, resonant and post-resonant zones is shown.

Application of Johnson distributions to describe noise in the problem of information protection from leakage due to the side electromagnetic fields of the USB keyboard

The problem of the description of artificially present industrial noises which are available at operation of personal computers is considered in work. These noises have both positive and negative effects when protecting the information typed by the user by means of the USB keyboard interface. The difficulties that arise in this case are due to the fact that the indirect radiation of electromagnetic fields is observed during the operation of all elements of computer technology. On the one hand, the presence of these noises distorts the useful signal, which in turn prevents the attacker from detecting reliable information that is transmitted. On the other hand, these noises prevent the creation of appropriate measures to ensure complete protection when typing by a user of a personal computer. The paper proposes to consider industrial noise in the form of three random processes, which are described by Johnson distributions.

Model of predicting insider threat in the organization

The article considers the concepts of "insider threat" and "insider". General methods of using insider threats by cybercriminals to compromise the network environment of the organization to gain access to valuable assets are identified. The types of insider threats and their criticality for organizations to deal with these threats to reduce risk are studied. It is concluded that no approach can solve the security problem. In order to mitigate the insider threat, further research is needed on cybersecurity insider threats, and the right approach to combating a malicious insider threat from different perspectives should be identified. It is noted that organizations can implement some basic measures that can reduce the number of cases of insider threats to a minimum.

Choosing an appropriate architecture to protect the information system from multi-level DDOS attacks

The paper examines multi-level DDoS attacks, which are a type of denial of service (DoS) attack, which aims to ban network services by failing target servers or consuming their resources, so that these servers can no longer provide services to legitimate users. DDoS attacks are divided into several classes, which include: Telnet brute force attack, SYN flood attack, ICMP flood attack, Smurf attack, Ping flood, HTTP Get Flooding request attack and HTTP Post. It is concluded that in order to create an effective information security architecture and, at the same time, effective measures to combat DDoS attacks, it is important to understand the different methods of DDoS. The architecture of information system protection against multilevel DDoS-attacks based on SDN and analysis of network traffic correlation is presented. Recommendations for protecting the information system from multi-level DDoS-attacks have been developed. It is noted that in addition to technical measures, organizations also need to implement procedural measures at the level of protection, detection and response.

Ensuring cybersecurity of ACS TP energy company based on the construction of protected enclaves

The paper presents basic information about systems and networks of automated process control systems and identifies trends in their modern development. New tasks of increase of their safety are formulated, both at the stage of the analysis of separate functional knots, and creation of system and a network as a whole according to technical requirements. Different types of constructions of protected enclaves are investigated and recommendations on their choice depending on the set technical requirements to the system and taking into account the criticality of the systems are made. The technology of enclave protection is studied taking into account the criticality of assets.

Vulnerability management of corporate information systems based on QUALYS solutions

The article analyzes the problem of cybersecurity of corporate information systems and defines the purpose and objectives of their protection. The analysis of technology of management of vulnerabilities of corporate information systems is carried out. Methods and tools for managing vulnerabilities of corporate information systems based on the Qualys solution are studied. The purpose, main functions and composition of Qualys solution software are defined. A variant of managing corporate information system vulnerabilities based on the Qualys solution has been developed.

Application of internal point methods in cybersecurity problems of intelligent energy systems

The paper considers approaches to the creation of intelligent energy systems based on WAMS monitoring systems, using information technology in metrology, in the means of receiving, processing and transmitting information and determining parameters in control tasks. The paper analyzes the existing cyberattacks on the SCADA and WAMS system and considers possible ways to solve control problems in terms of information security violations of intelligent energy systems. DoS-attacks are considered in more detail, which lead to the failure of devices that measure currents, voltages and capacities, as well as to the disruption of information processing equipment. The paper proposes an algorithm for estimating the state of cyber defense of the intelligent energy system based on mathematical modeling of the internal states of the system, which allows to obtain the required accuracy of calculations in terms of incomplete information, which is the inability to access measurement data.

Static analysis of software source code based on the Fortify Static Code Analyzer solution

The article analyzes the problem of identifying source code vulnerabilities in the context of software development. An analysis of existing technologies for detecting vulnerabilities in the source code. Methods and means of protection of detection of source code vulnerabilities on the basis of the Fortify Static Code Analyzer solution are investigated. The purpose, main functions and architecture of the Fortify Static Code Analyzer solution are defined. Based on the research conducted in the work, a variant of the process of static analysis of the security of the source code in the context of the software life cycle was developed. Recommendations for the use of static source security analysis technology have been developed.

Technology of protection of confidential information in social networks

The paper presents the main functions of social networks and the data contained in them. Spectra of attacks and countermeasures are considered. Threats and technologies of information protection are investigated and the variant of technology of protection of personal and confidential information in social networks is developed. Introducing the first prototype of P2P Messenger, written in Java, which can run on several operating systems, such as Windows, Linux and MacOS.

Topological identification of data transmission systems in the tasks of information protection at the objects of information activity

The paper considers the problem associated with the detection of threats associated with the leakage of information through existing channels that have a different physical principle at the objects of information activities. A mathematical model is proposed, which is based on the theory of fractal analysis and which identifies the channel through which there is an unauthorized leakage of information on the object of information activity. Based on experimental data obtained using different channels of unauthorized removal of information at the object of information activities, a scale is presented, which determines the intervals of the fractal dimension, which allows to identify the channel through which the intention to leak information at the object information activities.