ISSN 1991-2927
 

ACP № 3 (57) 2019

Keyword: "information security"

Natalia Nikolaevna Baranova, Ulyanovsk Instrument Manufacturing Design Bureau, JSC, graduated from the Faculty of Mechanics and Mathematics of Ulyanovsk State University; Leading Information Security Engineer at Ulyanovsk Instrument Manufacturing Design Bureau, JSC; an author of articles in the field of information security. [e-mail: natasha_bn@mail.ru]N. Baranova,

Iurii Vladimirovich Orlov, Novouralsk National Research Nuclear University of MEPhI, graduated from the Faculty of Mechanics and Mathematics of Ural State University; Senior Lecturer of the Department of Physics and Mathematics of Novouralsk National Research Nuclear University of MEPhI; an author of articles in the field of simulation and analyzing of random processes. [e-mail: orlove79@yandex.ru]I. Orlov

The Reliability of a Modular Information Security System in Instrument-making Enterprises 55_4.pdf

The article presents a modular approach to the design of information security system in an instrument-making enterprise. It is proposed to assess the reliability of the designed information security system in three stages. The method for evaluating the reliability of a modular information security system at a given amount of work performed in an instrument-making enterprise as well as a method for the system behavior evaluation when increasing the amount of work are described. Methods for assessment of the information security threat performance probability, the damage probability upon detection and non-detection of the performed threats as well as for the calculation of the system reliability are considered. The method for calculating the reliability of the modular information security system when performing of several similar tasks is presented. The importance of fragmentation of modules under the influence of security threats and the impact of this approach on the overall reliability of the system in an instrument-making enterprise are shown.

Modular information security system, reliability of information security system, information security, information security threats.

2019_ 1

Sections: Information systems

Subjects: Information systems.



Vladislav Sergeevich Poletaev, Ulyanovsk State University, graduated from Ulyanovsk State University; a degree-seeking student of the Department of Telecommunication Technologies and Networks at Ulyanovsk State University; an author of several articles in the field of forecasting of information security threats based on the method of Internet Forums’ data analysis. [e-mail: vladis173@mail.ru]V. Poletaev

Fuzzy Inference About Information Security Threats Based on Data Analysis From Hacker Forums 54_8.pdf

This article describes an approach to solving the problem of forecasting the risk of new threats to information security by fuzzy inference based on the analysis of text message flow from hacker forums.The method of determining the information security threats is considered. A model of the online forum database based on the analysis of the existing software platforms for the implementation of the Internet forums is created. The online-forum message structure is presented. Empirical rules for the hacker forum functioning and rules of fuzzy system outputs of the fuzzy inference about possible information security threats are formulated. The statistical performances of several hacker forums and an example of fuzzy inference about the risk of information security threats are provided.

Threat forecasting, fuzzy inference, information security, message flow, model of forum.

2018_ 4

Sections: Artificial intelligence

Subjects: Artificial intelligence.


Maksim Viktorovich Abramov, St. Petersburg Institute for Informatics and Automation of the Russian Academy of Sciences, graduated from the Faculty of Mathematics and Mechanics of St. Petersburg State University; a junior researcher at the Laboratory for Theoretical and Interdisciplinary Problems of Informatics at St. Petersburg Institute for Informatics and Automation of the Russian Academy of Sciences, Senior Lecturer of the Department of Informatics of St. Petersburg State University; an author of monographs, textbooks, articles in the field of information security and social engineering attacks; a holder of certificates of registration of computer programs. [e-mail: mva16@list.ru]M. Abramov

Automation of the Social Networks Websites Content Analysis in the Problems of Forecasting the Protection of the Information Systems Users From Social Engineering Attacks 51_5.pdf

This article deals with a software application concept of an automated system for analyzing the protection of online users from social engineering attacks. The architecture of software application prototype is presented. Approaches to algorithm development for the modules responsible for the social engineering attack spread simulation on the social graph of employees and the restoration of the user meta profile on the basis of content published in social networks are proposed. An approach to the building and analyzing of the social graph of employees is presented. The existing methods are evaluated with a critical eye. The algorithm for placing the coefficients on the arcs of the social graph used when calculating success probability of an indirect social engineering attack is presented.

Information security, social engineering attacks, user protection, social graph of company employees, user meta profile, user’s vulnerabilities profile.

2018_ 1

Sections: Information systems

Subjects: Information systems.


Iurii Ivanovitch Starodubtsev, Military Communications Academy, Doctor of Military Sciences, Professor; graduated from Kemerovo Higher Military Command School of Communications and the Marshal Budjonny Military Academy of Signal Corps; Honored Worker of Science of the Russian Federation, Academician of the Russian Academy of Military Sciences, Security Forces Academy, Russian Academy of Natural Sciences, Arctic Academy of Sciences; Honored Worker of Higher Professional Education, Professor of the Marshal Budjonny Military Academy of Signal Corps; an author of monographs, manuals, articles, and inventions in the field of information-resources security of military communication systems and computer-aided control systems in infowar contexts. [e-mail: vas@mail.ru]I. Starodubtsev,

Elena Valerievna Sukhorukova, of the Marshal Budjonny Military Academy of Signal Corps, Candidate of Engineering; graduated from Novocherkassk Military Communications Institute; finished his post-graduate studies at the Marshal Budjonny Military Academy of Signal Corps; Lecturer at the Department ‘Security of Information and Telecommunication Systems of Social Purposes’ of the Marshal Budjonny Military Academy of Signal Corps; an author of articles and inventions in the field of information security. [e-mail: sukhorukova_lena@mail.ru]E. Sukhorukova,

Andrei Sergeevich Korsunskii, Federal Research-and-Production Center Joint Stock Company ‘Research-and-Production Association ‘Mars’, Candidate of Engineering; graduated from the Faculty of Radio-Communications at Ulyanovsk Branch of the Military Communications University; finished his post-graduate studies at the Marshal Budjonny Military Academy of Signal Corps; Chief Specialist at FRPC JSC ’RPA ’Mars’; an author of articles and inventions in the field of radioelectronics protection, communications, and information security as well as data transmission through wireless communication channels in information telecommunication systems. [e-mail: aksspb@mail.ru]A. Korsunskii,

Tatiana Nikolaevna Maslennikova, Federal Research-and-Production Center Joint Stock Company ‘Research-and-Production Association ‘Mars’, Candidate of Engineering; graduated from the Faculty of Radioengineering of Ulyanovsk Polytechnic Institute; Head of a research-and-development laboratory at FRPC JSC ’RPA ’Mars’; an author of papers and publications in the field of information support of special-purpose computer-aided systems. [e-mail: mars@mv.ru]T. Maslennikova,

Aleksei Vasilievich Vershennik, of the Marshal Budjonny Military Academy of Signal Corps, graduated from Stavropolsk Higher Military Engineering School of Communications and Military Academy of the Strategic Missile Forces, Lecturer of the Department ‘The Security of Information Telecommunications Systems of Special Purposes’ of the Marshal Budjonny Military Academy of Signal Corps; an author of articles and inventions in the field of information security. [e-mail: alex14121972@mail.ru]A. Vershennik

The Problem of Detecting Electronic Devices Installed Without Authorization and the Method of Its Solution 000_1.pdf

The modern development of the Russian society is characterized with the great increase of the role and actuality of security assurance problems in all spheres of life. One of the major problems is industrial (economic) counterespionage. Such types of espionages are carried in order to sweep market, prevent technological breakthroughs of contestants, wreck negotiations on contracts, resale corporate secrets, etc. One of the most widespread technological tools for information retrieval is a radio eavesdropping device. However, existing control devices do not address capabilities of modern radio eavesdropping devices. The article considers the problem of detection of radio devices installed without authorization in information retrieval systems. Such devices are used for espionage. The method for solving the aforesaid problem is also offered. The method is concerned with the field of radio monitoring of electronic devices in a supervised zone, provides detection of signals in conditions of absence of prior information about their parameters and also allows to define the base frequency of performance.

Information security, eavesdropping devices, radio eavesdropping device.

2017_ 2

Sections: Задача обнаружения несанкционированно установленных радиоэлектронных устройств и способ ее решения

Subjects: Automated control systems, Mathematical modeling.


Stanislav Vladislavovich Zhukov, Ulyanovsk State University, graduated from the Faculty of Economical Cybernetics of Moscow Institute of Economics and Statistics; doctoral candidate at Ulyanovsk State University [e-mail: texthapb@mail.ru]S. Zhukov,

Vladimir Anatolyevich Maklaev, Federal Research-and-Production Center Open Joint-Stock Company Research-and-Production Association Mars, Candidate of Engineering, graduated from the Faculty of Radioengineering of Ulyanovsk Polytechnic Institute; Director General of Federal Research-and-Production Center Open Joint-Stock Company Research-and-Production Association Mars; author of articles in the field of CAD [e-mail: mars@mv.ru]V. Maklaev,

Petr Ivanovich Sosnin, Ulyanovsk State Technical University, honored worker of the Higher School of the Russian Federation, Doctor of Engineering, Professor; graduated from the Faculty of Radioengineering of Ulyanovsk Polytechnic Institute; head of the Chair Computers at Ulyanovsk State Technical University; author of numerous papers in the field of conceptual design of computer-aided systems [e-mail: sosnin@ulstu.ru]P. Sosnin

Label Security of Design Tasks When Developing Computer-aided Systems 28_6.pdf

The article presents a system of means for label security of design tasks when developing com-puter-aided systems. The peculiarity of the suggested means determines homogenous hierar-chical presentation of the tasks and organizational structure of project teams. The operational interaction among developers is provided by software agents. The system of security means is implemented as an extension of the tool modeling environment WIQA.Net servicing conceptual design of computer-aided systems.

Computer-aided design, information security, label security, software agents, design tasks.

2012_ 2

Sections: Artificial-intelligence systems

Subjects: Artificial intelligence, Automated control systems, Computer-aided engineering, Information systems.


Stanislav Vladislavovich Zhukov, Ulyanovsk State University, graduated from the Faculty of Economical Cybernetics of Moscow Institute of Economics and Statistics; applicant at Ulyanovsk State University [e-mail: texthapb@mail.ru]S. Zhukov,

Vladimir Anatolyevich Maklaev, Federal Research-and-Production Center Open Joint-Stock Company 'Research-and-Production Association 'Mars', Candidate of Engineering, graduated from the Faculty of Radioengineering of Ulyanovsk Polytechnic Institute; Director General author of articles in the field of CAD [e-mail: mars@mv.ru]V. Maklaev,

Petr Ivanovich Sosnin, Ulyanovsk State Technical University, honored worker of the Higher School of the Russian Federation, Doctor of Engineering, Professor; graduated from the Faculty of Radioengineering of Ulyanovsk Polytechnic Institute; head of the Chair 'Computers'; author of numerous papers in the field of conceptual design of computer-aided systems [e-mail: sosnin@ulstu.ru]P. Sosnin,

Modeling of the Standard Gostriso/iec 15408 'information Technology - Security Techniques- Evaluation Criteria for Information Technology Security' 27_1.pdf

Information security of computer-aided system is to be based on contemporary standards. The article suggests solutions to the development of security facilities in order to materialize standard requirements in a precedent base.

Computer-aided system, information security, metrics, design, protection profile.

2012_ 1

Sections: System analysis, datamanagement andprocessing

Subjects: Computer-aided engineering, Information systems.


Andrey Sergeevich Korsunsky, Federal Research-and-Production Center Open Joint-Stock Company 'Research-and-Production Association 'Mars', Candidate of Engineering; graduated from the Faculty of Radio-Communications of Ulyanovsk branch of the Military Communications University; finished his post-graduate studies at the Military Communications Academy named after S. Budenny; lead programmer at Federal Research-and-Production Center 'Research-and-Production Association 'Mars'; author of articles and inventions in the field of radioelectronic protection, communications and information security as well as data transmission through wireless communications channels of infotelecommunication systems. [e-mail: aksspb@mail.ru]A. Korsunsky,

Vadim Georgievich Eryshov, Military Communications Academy named after S. Budenny, Candidate of Engineering; graduated from the Military Communications Academy named after S. Budenny; finished his doctoral studies at the Military Communications Academy; Associate Professor at the Chair 'Radioelectronic Protection, Communications and Information Security' of the Military Communications Academy; author of text-books, articles and inventions in the field of electromagnetic compatibility of military-purpose radioelectronic facilities, monitoring of communications and information security as well as that of information security against its leakage through technical channels. [e-mail: eryshov@mail.ru]V. Eryshov

Protection of Infotelecommunication Systems in Information and Psychological Warfare 26_12.pdf

The article deals with an approach to the protection of infotelecommunication systems in information and psychological warfare. The suggested approach contributes to anticipating system reconfiguration on basis of the analysis of enemy operations. The re-configuration results in the decrease of the efficiency of infotelecommunication system cracking by affecting sides and in the saving of required values of subscriber-service timeliness.

Infotelecommunication system, information and psychological warfare, information security, re-configuration, simulation.

2011_ 4

Sections: Telecommunications systems and computer networks

Subjects: Automated control systems.


Vadim Georgievich Eryshov, Military Communications Academy named after S. Budenny, Candidate of Engineering; graduated from the Military Communications Academy named after S. Budenny; finished his doctoral studies at the Military Communications Academy; Associate Professor at the Chair Radio-Electronics Protection, Security of Communications and Information of the Military Communications Academy; author of text-books, articles and inventions in the field of electromagnetic compatibility of militarypurpose radio-electronics facilities, monitoring of communications and information security as well as monitoring of information security against its leakage through technical channels. [e-mail: eryshov@mail.ru]V. Eryshov,

Andrey Sergeevich Korsunky, FRPC OJSC RPA Mars, Candidate of Engineering; graduated from the Faculty of Radio-Communications at Ulyanovsk branch of the Military Communications University; finished his post-graduate studies at the Military Communications Academy named after S. Budenny; lead programmer at FRPC OJSC RPA Mars; author of articles and inventions in the field of radio-electronics protection, communications and information security. [e-mail: aksspb@mail.ru]A. Korsunky,

Andrey Petrovich Vashchenko, General Staff of the Armed Forces of the Russian Federation, graduated from Ulyanovsk Higher Military Communications Command College, the Military Communications Academy named after S. Budenny; senior officer at a department of the 8th Agency of the General Staff of the Armed Forces of the Russian Federation; author of articles in the field of communications and information security as well as in the field of control of processes of data transfer via communications channels of computer-aided information systems. [e-mail: VAP-1973-06-11@yandex.ru]A. Vashchenko

A Method of the Creation of Intelligence-resistant Communications System 25_10.pdf

The article deals with a method for the creation of an intelligence-resistance communications system which contributes to the increase of the protection level for military-purpose communications systems by ensuring the least contrast for the space of disclosure attributes due to uniform change of their information values.

Intelligence resistance, communications system, information security, disclosure attributes, information value, technical intelligence, common network of electrical communications.

2011_ 3

Sections: Information-protection methods and systems, information security

Subjects: Automated control systems, Information systems.


Andrey Alexanderovich Ermolenko, Saint-Petersburg Institute of Informatics and Automation of the Russian Academy of Sciences, Candidate of Engineering; graduated from the Faculty of Computer Engineering of the Naval Radio-Electronics Academy named after A. Popov, the Faculty of Radio-Electronics of the Naval Academy; senior staff scientist of the Institution of the Russian Academy of Sciences of Saint-Petersburg Institute of Informatics and Automation of the Russian Academy of Sciences; author of publications in the field of information technologies and information security. [e-mail: ermolenko@mail.ru]A. Ermolenko,

Andrey Sergeevich Korsunky, FRPC OJSC RPA Mars, Candidate of Engineering; graduated from the Faculty of Radio-Communications at Ulyanovsk branch at the Military Communications University; finished his post-graduate studies at the Military Communications Academy named after S. Budenny; lead programmer at FRPC OJSC RPA Mars; author of articles and inventions in the field of radio-electronics protection, communications and information security. [e-mail: aksspb@mail.ru]A. Korsunky,

Tatiana Nikolaevna Maslennikova, FRPC OJSC RPA Mars, Candidate of Engineering; graduated from the Faculty of Radio-Engineering of Ulyanovsk Polytechnic Institute; head of a research-and-development laboratory at FRPC OJSC RPA Mars; author of papers and publications in the field of information support of special-purpose computer-aided systems. [e-mail: mars@mv.ru]T. Maslennikova

Problems of Information Security During the Change to Network-centric Principles of Control of Forces 25_11.pdf

The article deals with some aspects of information security, which can occur during the change to network-centric principles of control of troops (forces).

Information security, information protection, network-centric principles of control of forces.

2011_ 3

Sections: Information-protection methods and systems, information security

Subjects: Automated control systems, Information systems.


Alexey Sergeevich Markov, Research-and-Production Association Eshelon, JSC, Candidate of Engineering, Associate Professor at the Chair Information Security at Bauman Moscow State Technical University, CISSP, SBCI; Director General of Research-and-Production Association Eshelon, JSC; interested in testing and certifying of software as per requirements of information security, software reliability. [e-mail: mail@npo-echelon.ru]A. Markov,

Valentin Leonidovich Tsirlov, Research-and-Production Association Eshelon, JSC, Candidate of Engineering, Associate Professor at the Chair Information Security at Bauman Moscow State Technical University, CISSP, AMBCI; Executing Chief Manager of Research-and-Production Association Eshelon, JSC; interested in audit of security and formal verification of software and computer-aided systems, control of information security. [e-mail: mail@npo-echelon.ru]V. Tsirlov,

Sergey Anatolyevich Smolin, FRPC OJSC RPA Mars, Graduated from the Faculty of Mechanics and Mathematics at Ulyanovsk State University; head of a research laboratory at FRPC OJSC RPA Mars; author of articles in certification in the field of information security. [e-mail: mars@mv.ru]S. Smolin,

Andrey Sergeevich Korsunky, FRPC OJSC RPA Mars, Candidate of Engineering, graduated from the Faculty of Radio-Communications at Ulyanovsk branch of the Military Communications University, finished his post-graduate studies at the Military Communications Academy named after S. Budenny; lead programmer of FRPC OJSC RPA Mars; author of articles and inventions in the field of radio-electronics protection, communications and information security. [e-mail: aksspb@mail.ru]A. Korsunky

Modern Methods of Certification Tests of Software Codes Without Source Codes 24_13.pdf

The article researches features of state-of-the-art systems of software development from the point of view of audit of security and certification tests of software without source codes. It also shows possible detection of vulnerability, bookmarks and errors as well as development of certification-test reports for the programming environments JVM (Java) and .NET (C#).

Software, vulnerability, not declared capabilities, certification, information security, security audit.

2011_ 2

Sections: Telecommunications systems and computer networks

Subjects: Information systems.


Vadim Georgievich Eryshov, Military Communications Academy named after S. Budenny, Candidate of Engineering, graduated from and finished his doctoral studies at the Military Communications Academy named after S. Budenny; Associate Professor of the Chair Radio-Electronics Protection, Security of Communications and Information at the Military Communications Academy; author of textbooks, articles and inventions in the field of electromagnetic compatibility of military-purpose radio-electronics facilities, monitoring of communications and information security as well as monitoring of information security against its leakage through technical channels. [e-mail: eryshov@mail.ru]V. Eryshov,

Andrey Sergeevich Korsunky, FRPC OJSC RPA Mars, Candidate of Engineering, graduated from the Faculty of Radio-Communications at Ulyanovsk branch of the Military Communications University, finished his post-graduate studies at the Military Communications Academy named after S. Budenny; lead programmer of FRPC OJSC RPA Mars; author of articles and inventions in the field of radio-electronics protection, communications and information security. [e-mail: aksspb@mail.ru.]A. Korsunky,

Sergey Anatolyevich Smolin, FRPC OJSC RPA Mars, Graduated from the Faculty of Mechanics and Mathematics at Ulyanovsk State University; head of a research laboratory at FRPC OJSC RPA Mars; author of articles in certification in the field of information security. [e-mail: mars@mv.ru]S. Smolin

Certification of Systems, Facilities of Communications, Information Security and Software As Per Information-security Requirements 24_14.pdf

The article researches a certification process as per requirements of information security in order to detect probability and time dependences of events and states of the process. It reveals the got dependences which can be used for the estimation of effectiveness of the operation of existing systems in certification, and development of improvement suggestions.

Certification, markovian processes, information security, certification-process model.

2011_ 2

Sections: Telecommunications systems and computer networks

Subjects: Information systems.


Sergey Alexanderovich Ageev, Federal State Unitary Enterprise Research-and-Production Association Signal, Candidate of Engineering, Associate Professor; doctoral student at the Military Communications Academy named after S. Budenny (Saint-Petersburg); graduated from the Faculty of Radio-Engineering at the Ulyanovsk Polytechnic Institute; Deputy Head of R&D Department of Federal State Unitary Enterprise Research-and-Production Association Signal; specializes in the field of telecommunications-system design; has articles, patents in the field of data-transfer systems. [e-mail: serg123@mail.ru]S. Ageev,

Alexander Sergeevich Bushuev, Saint-Petersburg VTB 24 branch, Lead specialist of information-security department at the Saint-Petersburg VTB 24 branch, applicant at Federal State Unitary Enterprise Rubin (Saint-Petersburg); graduated from the Saint-Petersburg State Technical University; specializes in the field of information security in computer-aided and telecommunications systems; author of publications in the above field. [e-mail: bsn@telda.ru]A. Bushuev,

Yury Petrovich Egorov, FRPC OJSC RPA Mars, Doctor of Engineering, Professor, graduated from the Faculty of Radio-Engineering at the Leningrad Maritime Engineering Academy named after S. Makarov; chief staff scientist of FRPC OJSC RPA Mars; specializes in the field of macro-design of large-scale information-management systems; has monographs, articles, patents in the field of design of computer-aided C2 systems for troops. [e-mail: yupe@mail.ru]Y. Egorov,

Igor Borisovich Saenko, Military Communications Academy named after S. Budenny, Doctor of Engineering, Professor, graduated from the Military Communications Academy named after S. Budenny; specializes in the field of creation and development of information-management systems; has monographs, articles and patents in this field. [e-mail: ibsaen@mail.ru]I. Saenko

Concept of Automation of Information-security Control in Protected Special-purpose Multi-service Networks 23_7.pdf

The article deals with conceptual basis for automation of information-security control for protected special-purpose multi-service networks. The authors discuss conceptual model of protected multi-service network control, security threats, protection tasks and mechanisms.

Computer-aided network-control system, protected multi-service network, information security, tmn model, threat model, telematics network services.

2011_ 1

Sections: Information-protection methods and systems. information security

Subjects: Automated control systems, Architecture of ship's system.


Andrey Sergeevich Korsunsky, [e-mail: mars@mv.ru]A. Korsunsky,

Olga Vasilievna Sheykina, [e-mail: mars@mv.ru] O. Sheykina

Authentication of Correspondents in Umts-netwoks When Using Gold and Kasami Pseudorandom Sequences. 20_6.pdf

The article investigates a way of authentication of correspondent calls in networks of mobile radio 3Gcommunications (UMTS). It also deals with an approach to correspon-dent-authentication procedure using Gold and Kasami sequences.

Authentication, information security, pseudorandom sequences, noise immunity, protection against false-data entry.

2010_ 2

Sections: Theoretical issues of automation of command and control processes

Subjects: Mathematical modeling.


Ilya Sergeevich Yastrebov, [e-mail: mars@mv.ru]I. Yastrebov

Access Control in Distributed Systems 20_7.pdf

The present article deals with main issues of development and implementation of access control in distributed systems. It gives an overview of access-control models as well as different implementation of these models for large-size production distributed systems. The article also contains an analysis of the above implementations as well as de-finition of their application domain.

Access control, information security, distributed systems.

2010_ 2

Sections: Theoretical issues of automation of command and control processes

Subjects: Information systems.


Sergey Anatolyevich Smolin, [e-mail: mars@mv.ru]S. Smolin,

Andrey Sergeevich Korsunsky, [e-mail: mars@mv.ru]A. Korsunsky

About Certification in the Information-security Field 19_4.pdf

The article investigates a issues of certification in the field of information security. It deals with an approach to certification procedure in the field of information security, contributing to reasoning of quantitative factors of certification-system efficiency.

Certification, attestation, information security.

2010_ 1

Sections: Theoretical issues of automation of command and control processes

Subjects: Automated control systems.


Andrey Sergeevich Korsunsky[e-mail: mars@mv.ru] A. Korsunsky

Analysis of Subscriber Terminal Authentication Protocols in Mobile Radio Networks 18_3.pdf

The actual article presents studies in ensuring authenticity and availability of data and services in existing and future-proof mobile radio networks. It also shows that some ad-vanced technologies are considerably vulnerable in case of information attack from the point of view of information and information resource availability.

Authentication, information security, mobile radio networks.

2009_ 4

Sections: Theoretical issues of automation of command and control processes

Subjects: Automated control systems.


© FRPC JSC 'RPA 'Mars', 2009-2018 The web-site runs on Joomla!