350 rub
Journal Neurocomputers №11 for 2013 г.
Article in number:
Actual security threats information and control systems of critical objects
Keywords:
information security
information security threat
information and control system
a critical object
a system of information security
vulnerability
information attack
a programmable logic controller
Authors:
А. S. Shaburov - Ph.D. (Eng.), Associate Professor, Perm National Research Polytechnic University. E-mail: shans@at.pstu.ru
R. B. Rashevskiy - Student, Perm National Research Polytechnic University. E-mail: roman@rashevskiy.com
R. B. Rashevskiy - Student, Perm National Research Polytechnic University. E-mail: roman@rashevskiy.com
Abstract:
The actual problem of information security is the need to protect the information in the management information systems of critical objects. Over the last few years a number of specially designed malicious programs has been identified that implement malware impact on the various information and control systems. An example of such a program is a "worm" Stuxnet, influence to the control program logic controller (PLC) Siemens Simatic S7 to the decommissioning of centrifuges to enrich uranium.
The second, a well-known program of its kind, was the program Duqu, realizing the theft of information from key certification center to create, in the future, the real signatures for other malicious programs.
Another malicious program is detected Wiper. The main result of the impact Wiper is the removal of information from the hard drives of personal computers, by using special algorithms that exclude the ability to recover deleted information.
Programs Flame and Gauss, relating to programs ? "backdoor" with key purpose of stealing confidential information, data authentication in systems for remote banking (RBS) of financial institutions.
In order to effectively prevent the attacks on information management systems the analysis of a process of the negative impact of the information on the software is necessary. The sequence of the information attack by the Stuxnet malware involves the following steps:
1. View the contents of the USB-drive with malicious code.
2. Infection of PC malware.
3. Distribution of the other USB-drives and PCs via the network.
4. Infection control of PC with malware PLC.
5. Legitimate control of PLC Siemens Simatic S7.
Exposure to significant risk by objects attacks from malicious software requires the implementation of appropriate and effective methods of protecting information systems. Traditional systems are effective protection against known network attacks and malware, for which the database were created to search for signatures.
Fuzzy logic algorithm based on the capabilities of neural grids of, and hence the neural computers can become entirely new of protection the information and control systems against malicious attacks information. Neural Technologies will operate not only the concept of the signature, or digital prints malicious attacks, and to use a special heuristic model of malicious behavior, that will make it possible to most effectively resist the previously unknown but potentially serious threats.
It is advisable to highlight certain specific malicious programs or information flow patterns of behavior. In the future, the radiation patterns can be used to create a mathematical model of the threat. As a result of creating a mathematical model of information security threats, developed a neural network can be trained to under-test measures to improve the efficiency of its work in general and information security in particular.
Pages: 96-100
References
- Ukaz Prezidenta RF ot 12 maya 2009 g. № 537 «O Strategii naczional'noj bezopasnosti RF do 2020 goda» // Rossijskaya gazeta. 19 maya 2009 g.
- Berd Kivi. Boevoj cherv' Stuxnet // Setevaya gazeta InfoSecurity.ru http://www.infosecurity.ru/_gazeta/content/101001/ art2.shtml
- David E. Sanger Confront and Conceal // Crown Publishing Group. 2012.
- Gostev A.N. Tajna Duqu: chast' vtoraya // Laboratoriya Kasperskogo. Securelyst. 2011. http://www.securelist.com/ru/blog /40797/Tayna _Duqu_chast _vtoraya
- Issledovatel'skij czentr «Laboratorii Kasperskogo» (GReAT). Chto e'to tam by'l za Wiper - // Laboratoriya Kasperskogo. Securelyst. 2011. http://www.securelist.com/ru /blog/207764148/Chto_eto_tam_byl_za_Wiper
- Gostev A.N. Flame: chasto zadavaemy'e voprosy' // Laboratoriya Kasperskogo. Securelyst. 2012. http://www.securelist.com/ ru/blog/207763998/Flame_chasto_zadavaemye_voprosy