V.I. Budzko1, V.I. Korolev2, V.G. Belenkov3, P.A. Keyer4
1–4 FRC CSC RAS (Moscow, Russia)
1 National Research Nuclear University MEPhI (Moscow, Russia)
1 vbudzko@ipiran.ru, 2 vkorolev@ ipiran.ru, 3 vbelenkov@ipiran.ru, 4 pkeyer@ipiran.ru
The current stage of development of Russian society is characterized by the digital transformation of all its spheres, including economics, science, healthcare, education, culture, etc. One of the directions of such transformation is the widespread use of artificial intelligence technologies (AIT). AIT have a significant potential to transform society and people's lives – from trade and healthcare to transport and cybersecurity, as well as the environment. At the same time, AIT entail risks of managing information security (IS), which can negatively affect individuals, groups, organizations, sectors of the economy and society as a whole.
The article analyzes additional features of managing automated systems (AS) IS of due to their use of the capabilities of AIT and multilayer neural networks (MNN). The characteristic features of the threats associated with the training and testing of MNN and influencing the AIT-risks for such AS are also identified.
The paper presents a classification of AS security threats using vulnerabilities specific to the MNN. The features that have a significant impact on the way AIT-risks are implemented when using software components using and not using MNN are determined.
The article defines the features of managing AS information security due to their use of the capabilities of AIT and MNN, which must be taken into account when developing, implementing and operating such AS.
Budzko V.I., Korolev V.I., Belenkov V.G., Keyer P.A. Cybersecurity of systems implementing intensive data use. Part 1. The place of cybersecurity in the protection of information. Highly Available Systems. 2024. V. 20. № 1. P. 16−29. DOI: https://doi.org/ 10.18127/j20729472-202401-02 (in Russian)
- Strategii razvitiya informacionnogo obshchestva v Rossijskoj Federacii na 2017–2030 gody (utv. Ukazom Prezidenta RF ot 09.05.2017 № 203). p. I.4.d) (in Russian).
- Koncepciya nauchno-informacionnogo obespecheniya programm i proektov gosudarstv-uchastnikov SNG v innovacionnoj sfere. (Odobrena resheniem Ekonomicheskogo Soveta Sodruzhestva Nezavisimyh Gosudarstv ot 13 marta 2009 g.), ctr. 5 (in Russian).
- Proekt Koncepcii strategii kiberbezopasnosti Rossijskoj Federacii, p. II.1). URL: http://council.gov.ru/media/files/41d4b3dfbdb25 cea8a73.pdf (in Russian).
- Strategii razvitiya informacionnogo obshchestva v Rossijskoj Federacii na 2017–2030 gody (utv. Ukazom Prezidenta RF ot 09.05.2017 № 203), p. I.4.m) (in Russian).
- Proekt Koncepcii strategii kiberbezopasnosti Rossijskoj Federacii», p. II.3). URL: http://council.gov.ru/media/files/41d4b3dfbdb25cea8a 73.pdf (in Russian).
- Markov A.S., Cirlov V.L. Rukovodyashchie ukazaniya po kiberbezopasnosti v kontekste ISO 27032. Voprosy kiberbezopasnosti. 2014. №1 (2). S. 28. URL: https://s3r.ru/wp-content/uploads/2014/03/iso27032.pdf.
- Russko-amerikanskij slovar' terminov i opredelenij v sfere informacionnoj bezopasnosti. Kiberprostranstvo. URL: https://digital. report/cybersecurity-terminology/ (in Russian).
- Slovari i enciklopedii na Akademike. Kiberprostranstvo. URL: https://dic.academic.ru/dic.nsf/dic_synonims/284434/kiberprostranstvo (in Russian).
- Trishin V.N. Slovar' sinonimov ASIS. 2013. Kiberprostranstvo. URL: http://rus-yaz.niv.ru/doc/synonyms-trishin/index.htm (in Russian).
- GOST R 59276-2020. Sposoby obespecheniya doveriya. Obshchie polozheniya. S.16 (Sistemy iskusstvennogo intellekta), p.3.3 (in Russian).
- Doktrina informacionnoj bezopasnosti Rossijskoj Federacii (utv. Ukazom Prezidenta RF ot 5 dekabrya 2016 g. № 646), z) p. 2 (in Russian).
- GOST R ISO/MEK 20546-2021. Bol'shie dannye. Obzor i slovar'. S.16 (Informacionnye tekhnologii), p. 3.12 (in Russian).
- GOST R ISO/MEK 20546-2021. Bol'shie dannye. Obzor i slovar'. S.16 (Informacionnye tekhnologii), pp. 3.1.5, 3.1.11 (in Russian).
- GOST R ISO/MEK 20546-2021. Informacionnye tekhnologii. Bol'shie dannye. Obzor i slovar'. S.16 (Informacionnye tekhnologii),
p. 3.3.2 (in Russian). - Proekt Koncepcii strategii kiberbezopasnosti Rossijskoj Federacii», p. II.4). URL: http://council.gov.ru/media/files/41d4b3dfbdb25cea8a 73.pdf (in Russian).
- GOST ISO 27032:2023. Cybersecurity – Guidelines for Internet security. S.12, pp. 3.6, 3.12 (in Russian).
- Russko-amerikanskij slovar' terminov i opredelenij v sfere informacionnoj bezopasnosti. Kiberbezopasnost'. URL: https://digital.report/ cybersecurity-terminology/ (in Russian).
- Rudneva E. Kiberbezopasnost'. URL: https://www.banki.ru/wikibank/kiberbezopasnost/ (in Russian).
- Chto takoe kiberbezopasnost'. URL: https://www.ptsecurity.com/ru-ru/research/knowledge-base/chto-takoe-kiberbezopasnost/ (in Russian).
- Kiberbezopasnost': vidy ugrozy i 10 luchshih instrumentov dlya zashchity. URL: https://neiros.ru/blog/code/kiberbezopasnost-vidy-ugrozy-i-10-luchshikh-instrumentov-dlya-zashchity/ (in Russian).
- Kiberbezopasnost' v Rossii: zashchita ot ugroz v virtual'nom mire. URL: https://nauchniestati.ru/spravka/kiberbezopasnost-v-rossii/ (in Russian).
- Rukovodyashchij dokument. Zashchita ot nesankcionirovannogo dostupa k informacii. Terminy i opredeleniya (Utv. resheniem predsedatelya Gostekhkomissii Rossii ot 30 marta 1992 g), p. 21 (in Russian).
- GOST R ISO/MEK 17799-2005. Prakticheskie pravila upravleniya informacionnoj bezopasnost'yu. S.62 (Informacionnaya tekhnologiya), p.2.1 (in Russian).
- Proekt Koncepcii strategii kiberbezopasnosti Rossijskoj Federacii», p. II.2). URL: http://council.gov.ru/media/files/41d4b3dfbdb25cea8a 73.pdf (in Russian).
- GOST R 59277-2020. Klassifikaciya sistem iskusstvennogo intellekta. S.16 (Sistemy iskusstvennogo intellekta), p.p. 3.18, 3.16 (in Russian).
- GOST 59895-2021. Obshchie polozheniya i terminologiya. S.12 (Tekhnologii iskusstvennogo intellekta v obrazovanii). p.2.1.7 (in Russian).