16 research outputs found
ΠΠ²ΡΠΎΠΌΠ°ΡΠΈΠ·ΠΈΡΠΎΠ²Π°Π½Π½ΠΎΠ΅ ΠΎΠΏΡΠ΅Π΄Π΅Π»Π΅Π½ΠΈΠ΅ Π°ΠΊΡΠΈΠ²ΠΎΠ² ΠΈ ΠΎΡΠ΅Π½ΠΊΠ° ΠΈΡ ΠΊΡΠΈΡΠΈΡΠ½ΠΎΡΡΠΈ Π΄Π»Ρ Π°Π½Π°Π»ΠΈΠ·Π° Π·Π°ΡΠΈΡΠ΅Π½Π½ΠΎΡΡΠΈ ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΠΎΠ½Π½ΡΡ ΡΠΈΡΡΠ΅ΠΌ
The research aims to develop the technique for an automated detection of information system assets and comparative assessment of their criticality for farther security analysis of the target infrastructure. The assets are all information and technology objects of the target infrastructure. The size, heterogeneity, complexity of interconnections, distribution and constant modification of the modern information systems complicate this task. An automated and adaptive determination of information and technology assets and connections between them based on the determination of the static and dynamic objects of the initially uncertain infrastructure is rather challenging problem. The paper proposes dynamic model of connections between objects of the target infrastructure and the technique for its building based on the event correlation approach. The developed technique is based on the statistical analysis of the empirical data on the system events. The technique allows determining main types of analysed infrastructure, their characteristics and hierarchy. The hierarchy is constructed considering the frequency of objects use, and as the result represents their relative criticality for the system operation. For the listed goals the indexes are introduced that determine belonging of properties to the same type, joint use of the properties, as well as dynamic indexes that characterize the variability of properties relative to each other. The resulting model is used for the initial comparative assessment of criticality for the system objects. The paper describes the input data, the developed models and proposed technique for the assets detection and comparison of their criticality. The experiments that demonstrate an application of the developed technique on the example of analyzing security logs of Windows operating system are provided.Π¦Π΅Π»Ρ ΠΈΡΡΠ»Π΅Π΄ΠΎΠ²Π°Π½ΠΈΡ Π·Π°ΠΊΠ»ΡΡΠ°Π΅ΡΡΡ Π² ΡΠ°Π·ΡΠ°Π±ΠΎΡΠΊΠ΅ ΠΌΠ΅ΡΠΎΠ΄ΠΈΠΊΠΈ Π°Π²ΡΠΎΠΌΠ°ΡΠΈΠ·ΠΈΡΠΎΠ²Π°Π½Π½ΠΎΠ³ΠΎ Π²ΡΠ΄Π΅Π»Π΅Π½ΠΈΡ Π°ΠΊΡΠΈΠ²ΠΎΠ² ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΠΎΠ½Π½ΠΎΠΉ ΡΠΈΡΡΠ΅ΠΌΡ ΠΈ ΡΡΠ°Π²Π½ΠΈΡΠ΅Π»ΡΠ½ΠΎΠΉ ΠΎΡΠ΅Π½ΠΊΠΈ ΡΡΠΎΠ²Π½Ρ ΠΈΡ
ΠΊΡΠΈΡΠΈΡΠ½ΠΎΡΡΠΈ Π΄Π»Ρ ΠΏΠΎΡΠ»Π΅Π΄ΡΡΡΠ΅ΠΉ ΠΎΡΠ΅Π½ΠΊΠΈ Π·Π°ΡΠΈΡΠ΅Π½Π½ΠΎΡΡΠΈ Π°Π½Π°Π»ΠΈΠ·ΠΈΡΡΠ΅ΠΌΠΎΠΉ ΡΠ΅Π»Π΅Π²ΠΎΠΉ ΠΈΠ½ΡΡΠ°ΡΡΡΡΠΊΡΡΡΡ. ΠΠΎΠ΄ Π°ΠΊΡΠΈΠ²Π°ΠΌΠΈ Π² Π΄Π°Π½Π½ΠΎΠΌ ΡΠ»ΡΡΠ°Π΅ ΠΏΠΎΠ½ΠΈΠΌΠ°ΡΡΡΡ Π²ΡΠ΅ ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΠΎΠ½Π½ΠΎ-ΡΠ΅Ρ
Π½ΠΎΠ»ΠΎΠ³ΠΈΡΠ΅ΡΠΊΠΈΠ΅ ΠΎΠ±ΡΠ΅ΠΊΡΡ ΡΠ΅Π»Π΅Π²ΠΎΠΉ ΠΈΠ½ΡΡΠ°ΡΡΡΡΠΊΡΡΡΡ. Π Π°Π·ΠΌΠ΅ΡΡ, ΡΠ°Π·Π½ΠΎΡΠΎΠ΄Π½ΠΎΡΡΡ, ΡΠ»ΠΎΠΆΠ½ΠΎΡΡΡ Π²Π·Π°ΠΈΠΌΠΎΡΠ²ΡΠ·Π΅ΠΉ, ΡΠ°ΡΠΏΡΠ΅Π΄Π΅Π»Π΅Π½Π½ΠΎΡΡΡ ΠΈ Π΄ΠΈΠ½Π°ΠΌΠΈΡΠ½ΠΎΡΡΡ ΡΠΎΠ²ΡΠ΅ΠΌΠ΅Π½Π½ΡΡ
ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΠΎΠ½Π½ΡΡ
ΡΠΈΡΡΠ΅ΠΌ Π·Π°ΡΡΡΠ΄Π½ΡΡΡ ΠΎΠΏΡΠ΅Π΄Π΅Π»Π΅Π½ΠΈΠ΅ ΡΠ΅Π»Π΅Π²ΠΎΠΉ ΠΈΠ½ΡΡΠ°ΡΡΡΡΠΊΡΡΡΡ ΠΈ ΠΊΡΠΈΡΠΈΡΠ½ΠΎΡΡΠΈ ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΠΎΠ½Π½ΠΎ-ΡΠ΅Ρ
Π½ΠΎΠ»ΠΎΠ³ΠΈΡΠ΅ΡΠΊΠΈΡ
Π°ΠΊΡΠΈΠ²ΠΎΠ² Π΄Π»Ρ Π΅Π΅ ΠΊΠΎΡΡΠ΅ΠΊΡΠ½ΠΎΠ³ΠΎ ΡΡΠ½ΠΊΡΠΈΠΎΠ½ΠΈΡΠΎΠ²Π°Π½ΠΈΡ. ΠΠ²ΡΠΎΠΌΠ°ΡΠΈΠ·ΠΈΡΠΎΠ²Π°Π½Π½ΠΎΠ΅ ΠΈ Π°Π΄Π°ΠΏΡΠΈΠ²Π½ΠΎΠ΅ ΠΎΠΏΡΠ΅Π΄Π΅Π»Π΅Π½ΠΈΠ΅ ΡΠΎΡΡΠ°Π²Π° ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΠΎΠ½Π½ΠΎ-ΡΠ΅Ρ
Π½ΠΎΠ»ΠΎΠ³ΠΈΡΠ΅ΡΠΊΠΈΡ
Π°ΠΊΡΠΈΠ²ΠΎΠ² ΠΈ ΡΠ²ΡΠ·Π΅ΠΉ ΠΌΠ΅ΠΆΠ΄Ρ Π½ΠΈΠΌΠΈ Π½Π° ΠΎΡΠ½ΠΎΠ²Π΅ Π²ΡΠ΄Π΅Π»Π΅Π½ΠΈΡ ΡΡΠ°ΡΠΈΡΠ½ΡΡ
ΠΈ Π΄ΠΈΠ½Π°ΠΌΠΈΡΠ½ΡΡ
ΠΎΠ±ΡΠ΅ΠΊΡΠΎΠ² ΠΈΠ·Π½Π°ΡΠ°Π»ΡΠ½ΠΎ Π½Π΅ΠΎΠΏΡΠ΅Π΄Π΅Π»Π΅Π½Π½ΠΎΠΉ ΠΈΠ½ΡΡΠ°ΡΡΡΡΠΊΡΡΡΡ ΡΠ²Π»ΡΠ΅ΡΡΡ Π΄ΠΎΡΡΠ°ΡΠΎΡΠ½ΠΎ ΡΠ»ΠΎΠΆΠ½ΠΎΠΉ Π·Π°Π΄Π°ΡΠ΅ΠΉ. ΠΠ΅ ΠΏΡΠ΅Π΄Π»Π°Π³Π°Π΅ΡΡΡ ΡΠ΅ΡΠΈΡΡ Π·Π° ΡΡΠ΅Ρ ΠΏΠΎΡΡΡΠΎΠ΅Π½ΠΈΡ Π°ΠΊΡΡΠ°Π»ΡΠ½ΠΎΠΉ Π΄ΠΈΠ½Π°ΠΌΠΈΡΠ΅ΡΠΊΠΎΠΉ ΠΌΠΎΠ΄Π΅Π»ΠΈ ΠΎΡΠ½ΠΎΡΠ΅Π½ΠΈΠΉ ΠΎΠ±ΡΠ΅ΠΊΡΠΎΠ² ΡΠ΅Π»Π΅Π²ΠΎΠΉ ΠΈΠ½ΡΡΠ°ΡΡΡΡΠΊΡΡΡΡ Ρ ΠΈΡΠΏΠΎΠ»ΡΠ·ΠΎΠ²Π°Π½ΠΈΠ΅ΠΌ ΡΠ°Π·ΡΠ°Π±ΠΎΡΠ°Π½Π½ΠΎΠΉ ΠΌΠ΅ΡΠΎΠ΄ΠΈΠΊΠΈ, ΠΊΠΎΡΠΎΡΠ°Ρ ΡΠ΅Π°Π»ΠΈΠ·ΡΠ΅Ρ ΠΏΠΎΠ΄Ρ
ΠΎΠ΄ Π½Π° ΠΎΡΠ½ΠΎΠ²Π΅ ΠΊΠΎΡΡΠ΅Π»ΡΡΠΈΠΈ ΡΠΎΠ±ΡΡΠΈΠΉ, ΠΏΡΠΎΠΈΡΡ
ΠΎΠ΄ΡΡΠΈΡ
Π² ΡΠΈΡΡΠ΅ΠΌΠ΅. Π Π°Π·ΡΠ°Π±ΠΎΡΠ°Π½Π½Π°Ρ ΠΌΠ΅ΡΠΎΠ΄ΠΈΠΊΠ° ΠΎΡΠ½ΠΎΠ²Π°Π½Π° Π½Π° ΡΡΠ°ΡΠΈΡΡΠΈΡΠ΅ΡΠΊΠΎΠΌ Π°Π½Π°Π»ΠΈΠ·Π΅ ΡΠΌΠΏΠΈΡΠΈΡΠ΅ΡΠΊΠΈΡ
Π΄Π°Π½Π½ΡΡ
ΠΎ ΡΠΎΠ±ΡΡΠΈΡΡ
Π² ΡΠΈΡΡΠ΅ΠΌΠ΅. ΠΠ΅ΡΠΎΠ΄ΠΈΠΊΠ° ΠΏΠΎΠ·Π²ΠΎΠ»ΡΠ΅Ρ Π²ΡΠ΄Π΅Π»ΠΈΡΡ ΠΎΡΠ½ΠΎΠ²Π½ΡΠ΅ ΡΠΈΠΏΡ ΠΎΠ±ΡΠ΅ΠΊΡΠΎΠ² ΠΈΠ½ΡΡΠ°ΡΡΡΡΠΊΡΡΡΡ, ΠΈΡ
Ρ
Π°ΡΠ°ΠΊΡΠ΅ΡΠΈΡΡΠΈΠΊΠΈ ΠΈ ΠΈΠ΅ΡΠ°ΡΡ
ΠΈΡ, ΠΎΡΠ½ΠΎΠ²Π°Π½Π½ΡΡ Π½Π° ΡΠ°ΡΡΠΎΡΠ΅ ΠΈΡΠΏΠΎΠ»ΡΠ·ΠΎΠ²Π°Π½ΠΈΡ ΠΎΠ±ΡΠ΅ΠΊΡΠΎΠ², ΠΈ, ΠΊΠ°ΠΊ ΡΠ»Π΅Π΄ΡΡΠ²ΠΈΠ΅, ΠΎΡΡΠ°ΠΆΠ°ΡΡΡΡ ΠΈΡ
ΠΎΡΠ½ΠΎΡΠΈΡΠ΅Π»ΡΠ½ΡΡ ΠΊΡΠΈΡΠΈΡΠ½ΠΎΡΡΡ Π΄Π»Ρ ΡΡΠ½ΠΊΡΠΈΠΎΠ½ΠΈΡΠΎΠ²Π°Π½ΠΈΡ ΡΠΈΡΡΠ΅ΠΌΡ. ΠΠ»Ρ ΡΡΠΎΠ³ΠΎ Π² ΡΠ°Π±ΠΎΡΠ΅ Π²Π²ΠΎΠ΄ΡΡΡΡ ΠΏΠΎΠΊΠ°Π·Π°ΡΠ΅Π»ΠΈ, Ρ
Π°ΡΠ°ΠΊΡΠ΅ΡΠΈΠ·ΡΡΡΠΈΠ΅ ΠΏΡΠΈΠ½Π°Π΄Π»Π΅ΠΆΠ½ΠΎΡΡΡ ΡΠ²ΠΎΠΉΡΡΠ² ΠΎΠ΄Π½ΠΎΠΌΡ ΡΠΈΠΏΡ, ΡΠΎΠ²ΠΌΠ΅ΡΡΠ½ΠΎΠ΅ ΠΈΡΠΏΠΎΠ»ΡΠ·ΠΎΠ²Π°Π½ΠΈΠ΅ ΡΠ²ΠΎΠΉΡΡΠ², Π° ΡΠ°ΠΊΠΆΠ΅ ΠΏΠΎΠΊΠ°Π·Π°ΡΠ΅Π»ΠΈ Π΄ΠΈΠ½Π°ΠΌΠΈΡΠ½ΠΎΡΡΠΈ, Ρ
Π°ΡΠ°ΠΊΡΠ΅ΡΠΈΠ·ΡΡΡΠΈΠ΅ Π²Π°ΡΠΈΠ°ΡΠΈΠ²Π½ΠΎΡΡΡ ΡΠ²ΠΎΠΉΡΡΠ² ΠΎΡΠ½ΠΎΡΠΈΡΠ΅Π»ΡΠ½ΠΎ Π΄ΡΡΠ³ Π΄ΡΡΠ³Π°. Π Π΅Π·ΡΠ»ΡΡΠΈΡΡΡΡΠ°Ρ ΠΌΠΎΠ΄Π΅Π»Ρ ΠΈΡΠΏΠΎΠ»ΡΠ·ΡΠ΅ΡΡΡ Π΄Π»Ρ ΡΡΠ°Π²Π½ΠΈΡΠ΅Π»ΡΠ½ΠΎΠΉ ΠΎΡΠ΅Π½ΠΊΠΈ ΡΡΠΎΠ²Π½Ρ ΠΊΡΠΈΡΠΈΡΠ½ΠΎΡΡΠΈ ΡΠΈΠΏΠΎΠ² ΠΎΠ±ΡΠ΅ΠΊΡΠΎΠ² ΡΠΈΡΡΠ΅ΠΌΡ. Π ΡΠ°Π±ΠΎΡΠ΅ ΠΎΠΏΠΈΡΡΠ²Π°ΡΡΡΡ ΠΈΡΠΏΠΎΠ»ΡΠ·ΡΠ΅ΠΌΡΠ΅ Π²Ρ
ΠΎΠ΄Π½ΡΠ΅ Π΄Π°Π½Π½ΡΠ΅ ΠΈ ΠΌΠΎΠ΄Π΅Π»ΠΈ, Π° ΡΠ°ΠΊΠΆΠ΅ ΠΌΠ΅ΡΠΎΠ΄ΠΈΠΊΠ° ΠΎΠΏΡΠ΅Π΄Π΅Π»Π΅Π½ΠΈΡ ΡΠΈΠΏΠΎΠ² ΠΈ ΡΡΠ°Π²Π½Π΅Π½ΠΈΡ ΠΊΡΠΈΡΠΈΡΠ½ΠΎΡΡΠΈ Π°ΠΊΡΠΈΠ²ΠΎΠ² ΡΠΈΡΡΠ΅ΠΌΡ. ΠΡΠΈΠ²Π΅Π΄Π΅Π½Ρ ΡΠΊΡΠΏΠ΅ΡΠΈΠΌΠ΅Π½ΡΡ, ΠΏΠΎΠΊΠ°Π·ΡΠ²Π°ΡΡΠΈΠ΅ ΡΠ°Π±ΠΎΡΠΎΡΠΏΠΎΡΠΎΠ±Π½ΠΎΡΡΡ ΠΌΠ΅ΡΠΎΠ΄ΠΈΠΊΠΈ Π½Π° ΠΏΡΠΈΠΌΠ΅ΡΠ΅ Π°Π½Π°Π»ΠΈΠ·Π° ΠΆΡΡΠ½Π°Π»ΠΎΠ² Π±Π΅Π·ΠΎΠΏΠ°ΡΠ½ΠΎΡΡΠΈ ΠΎΠΏΠ΅ΡΠ°ΡΠΈΠΎΠ½Π½ΠΎΠΉ ΡΠΈΡΡΠ΅ΠΌΡ Windows
ΠΠ²ΡΠΎΠΌΠ°ΡΠΈΠ·ΠΈΡΠΎΠ²Π°Π½Π½ΠΎΠ΅ ΠΎΠΏΡΠ΅Π΄Π΅Π»Π΅Π½ΠΈΠ΅ Π°ΠΊΡΠΈΠ²ΠΎΠ² ΠΈ ΠΎΡΠ΅Π½ΠΊΠ° ΠΈΡ ΠΊΡΠΈΡΠΈΡΠ½ΠΎΡΡΠΈ Π΄Π»Ρ Π°Π½Π°Π»ΠΈΠ·Π° Π·Π°ΡΠΈΡΠ΅Π½Π½ΠΎΡΡΠΈ ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΠΎΠ½Π½ΡΡ ΡΠΈΡΡΠ΅ΠΌ
Π¦Π΅Π»Ρ ΠΈΡΡΠ»Π΅Π΄ΠΎΠ²Π°Π½ΠΈΡ Π·Π°ΠΊΠ»ΡΡΠ°Π΅ΡΡΡ Π² ΡΠ°Π·ΡΠ°Π±ΠΎΡΠΊΠ΅ ΠΌΠ΅ΡΠΎΠ΄ΠΈΠΊΠΈ Π°Π²ΡΠΎΠΌΠ°ΡΠΈΠ·ΠΈΡΠΎΠ²Π°Π½Π½ΠΎΠ³ΠΎ Π²ΡΠ΄Π΅Π»Π΅Π½ΠΈΡ Π°ΠΊΡΠΈΠ²ΠΎΠ² ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΠΎΠ½Π½ΠΎΠΉ ΡΠΈΡΡΠ΅ΠΌΡ ΠΈ ΡΡΠ°Π²Π½ΠΈΡΠ΅Π»ΡΠ½ΠΎΠΉ ΠΎΡΠ΅Π½ΠΊΠΈ ΡΡΠΎΠ²Π½Ρ ΠΈΡ
ΠΊΡΠΈΡΠΈΡΠ½ΠΎΡΡΠΈ Π΄Π»Ρ ΠΏΠΎΡΠ»Π΅Π΄ΡΡΡΠ΅ΠΉ ΠΎΡΠ΅Π½ΠΊΠΈ Π·Π°ΡΠΈΡΠ΅Π½Π½ΠΎΡΡΠΈ Π°Π½Π°Π»ΠΈΠ·ΠΈΡΡΠ΅ΠΌΠΎΠΉ ΡΠ΅Π»Π΅Π²ΠΎΠΉ ΠΈΠ½ΡΡΠ°ΡΡΡΡΠΊΡΡΡΡ. ΠΠΎΠ΄ Π°ΠΊΡΠΈΠ²Π°ΠΌΠΈ Π² Π΄Π°Π½Π½ΠΎΠΌ ΡΠ»ΡΡΠ°Π΅ ΠΏΠΎΠ½ΠΈΠΌΠ°ΡΡΡΡ Π²ΡΠ΅ ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΠΎΠ½Π½ΠΎ-ΡΠ΅Ρ
Π½ΠΎΠ»ΠΎΠ³ΠΈΡΠ΅ΡΠΊΠΈΠ΅ ΠΎΠ±ΡΠ΅ΠΊΡΡ ΡΠ΅Π»Π΅Π²ΠΎΠΉ ΠΈΠ½ΡΡΠ°ΡΡΡΡΠΊΡΡΡΡ. Π Π°Π·ΠΌΠ΅ΡΡ, ΡΠ°Π·Π½ΠΎΡΠΎΠ΄Π½ΠΎΡΡΡ, ΡΠ»ΠΎΠΆΠ½ΠΎΡΡΡ Π²Π·Π°ΠΈΠΌΠΎΡΠ²ΡΠ·Π΅ΠΉ, ΡΠ°ΡΠΏΡΠ΅Π΄Π΅Π»Π΅Π½Π½ΠΎΡΡΡ ΠΈ Π΄ΠΈΠ½Π°ΠΌΠΈΡΠ½ΠΎΡΡΡ ΡΠΎΠ²ΡΠ΅ΠΌΠ΅Π½Π½ΡΡ
ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΠΎΠ½Π½ΡΡ
ΡΠΈΡΡΠ΅ΠΌ Π·Π°ΡΡΡΠ΄Π½ΡΡΡ ΠΎΠΏΡΠ΅Π΄Π΅Π»Π΅Π½ΠΈΠ΅ ΡΠ΅Π»Π΅Π²ΠΎΠΉ ΠΈΠ½ΡΡΠ°ΡΡΡΡΠΊΡΡΡΡ ΠΈ ΠΊΡΠΈΡΠΈΡΠ½ΠΎΡΡΠΈ ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΠΎΠ½Π½ΠΎ-ΡΠ΅Ρ
Π½ΠΎΠ»ΠΎΠ³ΠΈΡΠ΅ΡΠΊΠΈΡ
Π°ΠΊΡΠΈΠ²ΠΎΠ² Π΄Π»Ρ Π΅Π΅ ΠΊΠΎΡΡΠ΅ΠΊΡΠ½ΠΎΠ³ΠΎ ΡΡΠ½ΠΊΡΠΈΠΎΠ½ΠΈΡΠΎΠ²Π°Π½ΠΈΡ. ΠΠ²ΡΠΎΠΌΠ°ΡΠΈΠ·ΠΈΡΠΎΠ²Π°Π½Π½ΠΎΠ΅ ΠΈ Π°Π΄Π°ΠΏΡΠΈΠ²Π½ΠΎΠ΅ ΠΎΠΏΡΠ΅Π΄Π΅Π»Π΅Π½ΠΈΠ΅ ΡΠΎΡΡΠ°Π²Π° ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΠΎΠ½Π½ΠΎ-ΡΠ΅Ρ
Π½ΠΎΠ»ΠΎΠ³ΠΈΡΠ΅ΡΠΊΠΈΡ
Π°ΠΊΡΠΈΠ²ΠΎΠ² ΠΈ ΡΠ²ΡΠ·Π΅ΠΉ ΠΌΠ΅ΠΆΠ΄Ρ Π½ΠΈΠΌΠΈ Π½Π° ΠΎΡΠ½ΠΎΠ²Π΅ Π²ΡΠ΄Π΅Π»Π΅Π½ΠΈΡ ΡΡΠ°ΡΠΈΡΠ½ΡΡ
ΠΈ Π΄ΠΈΠ½Π°ΠΌΠΈΡΠ½ΡΡ
ΠΎΠ±ΡΠ΅ΠΊΡΠΎΠ² ΠΈΠ·Π½Π°ΡΠ°Π»ΡΠ½ΠΎ Π½Π΅ΠΎΠΏΡΠ΅Π΄Π΅Π»Π΅Π½Π½ΠΎΠΉ ΠΈΠ½ΡΡΠ°ΡΡΡΡΠΊΡΡΡΡ ΡΠ²Π»ΡΠ΅ΡΡΡ Π΄ΠΎΡΡΠ°ΡΠΎΡΠ½ΠΎ ΡΠ»ΠΎΠΆΠ½ΠΎΠΉ Π·Π°Π΄Π°ΡΠ΅ΠΉ. ΠΠ΅ ΠΏΡΠ΅Π΄Π»Π°Π³Π°Π΅ΡΡΡ ΡΠ΅ΡΠΈΡΡ Π·Π° ΡΡΠ΅Ρ ΠΏΠΎΡΡΡΠΎΠ΅Π½ΠΈΡ Π°ΠΊΡΡΠ°Π»ΡΠ½ΠΎΠΉ Π΄ΠΈΠ½Π°ΠΌΠΈΡΠ΅ΡΠΊΠΎΠΉ ΠΌΠΎΠ΄Π΅Π»ΠΈ ΠΎΡΠ½ΠΎΡΠ΅Π½ΠΈΠΉ ΠΎΠ±ΡΠ΅ΠΊΡΠΎΠ² ΡΠ΅Π»Π΅Π²ΠΎΠΉ ΠΈΠ½ΡΡΠ°ΡΡΡΡΠΊΡΡΡΡ Ρ ΠΈΡΠΏΠΎΠ»ΡΠ·ΠΎΠ²Π°Π½ΠΈΠ΅ΠΌ ΡΠ°Π·ΡΠ°Π±ΠΎΡΠ°Π½Π½ΠΎΠΉ ΠΌΠ΅ΡΠΎΠ΄ΠΈΠΊΠΈ, ΠΊΠΎΡΠΎΡΠ°Ρ ΡΠ΅Π°Π»ΠΈΠ·ΡΠ΅Ρ ΠΏΠΎΠ΄Ρ
ΠΎΠ΄ Π½Π° ΠΎΡΠ½ΠΎΠ²Π΅ ΠΊΠΎΡΡΠ΅Π»ΡΡΠΈΠΈ ΡΠΎΠ±ΡΡΠΈΠΉ, ΠΏΡΠΎΠΈΡΡ
ΠΎΠ΄ΡΡΠΈΡ
Π² ΡΠΈΡΡΠ΅ΠΌΠ΅. Π Π°Π·ΡΠ°Π±ΠΎΡΠ°Π½Π½Π°Ρ ΠΌΠ΅ΡΠΎΠ΄ΠΈΠΊΠ° ΠΎΡΠ½ΠΎΠ²Π°Π½Π° Π½Π° ΡΡΠ°ΡΠΈΡΡΠΈΡΠ΅ΡΠΊΠΎΠΌ Π°Π½Π°Π»ΠΈΠ·Π΅ ΡΠΌΠΏΠΈΡΠΈΡΠ΅ΡΠΊΠΈΡ
Π΄Π°Π½Π½ΡΡ
ΠΎ ΡΠΎΠ±ΡΡΠΈΡΡ
Π² ΡΠΈΡΡΠ΅ΠΌΠ΅. ΠΠ΅ΡΠΎΠ΄ΠΈΠΊΠ° ΠΏΠΎΠ·Π²ΠΎΠ»ΡΠ΅Ρ Π²ΡΠ΄Π΅Π»ΠΈΡΡ ΠΎΡΠ½ΠΎΠ²Π½ΡΠ΅ ΡΠΈΠΏΡ ΠΎΠ±ΡΠ΅ΠΊΡΠΎΠ² ΠΈΠ½ΡΡΠ°ΡΡΡΡΠΊΡΡΡΡ, ΠΈΡ
Ρ
Π°ΡΠ°ΠΊΡΠ΅ΡΠΈΡΡΠΈΠΊΠΈ ΠΈ ΠΈΠ΅ΡΠ°ΡΡ
ΠΈΡ, ΠΎΡΠ½ΠΎΠ²Π°Π½Π½ΡΡ Π½Π° ΡΠ°ΡΡΠΎΡΠ΅ ΠΈΡΠΏΠΎΠ»ΡΠ·ΠΎΠ²Π°Π½ΠΈΡ ΠΎΠ±ΡΠ΅ΠΊΡΠΎΠ², ΠΈ, ΠΊΠ°ΠΊ ΡΠ»Π΅Π΄ΡΡΠ²ΠΈΠ΅, ΠΎΡΡΠ°ΠΆΠ°ΡΡΡΡ ΠΈΡ
ΠΎΡΠ½ΠΎΡΠΈΡΠ΅Π»ΡΠ½ΡΡ ΠΊΡΠΈΡΠΈΡΠ½ΠΎΡΡΡ Π΄Π»Ρ ΡΡΠ½ΠΊΡΠΈΠΎΠ½ΠΈΡΠΎΠ²Π°Π½ΠΈΡ ΡΠΈΡΡΠ΅ΠΌΡ. ΠΠ»Ρ ΡΡΠΎΠ³ΠΎ Π² ΡΠ°Π±ΠΎΡΠ΅ Π²Π²ΠΎΠ΄ΡΡΡΡ ΠΏΠΎΠΊΠ°Π·Π°ΡΠ΅Π»ΠΈ, Ρ
Π°ΡΠ°ΠΊΡΠ΅ΡΠΈΠ·ΡΡΡΠΈΠ΅ ΠΏΡΠΈΠ½Π°Π΄Π»Π΅ΠΆΠ½ΠΎΡΡΡ ΡΠ²ΠΎΠΉΡΡΠ² ΠΎΠ΄Π½ΠΎΠΌΡ ΡΠΈΠΏΡ, ΡΠΎΠ²ΠΌΠ΅ΡΡΠ½ΠΎΠ΅ ΠΈΡΠΏΠΎΠ»ΡΠ·ΠΎΠ²Π°Π½ΠΈΠ΅ ΡΠ²ΠΎΠΉΡΡΠ², Π° ΡΠ°ΠΊΠΆΠ΅ ΠΏΠΎΠΊΠ°Π·Π°ΡΠ΅Π»ΠΈ Π΄ΠΈΠ½Π°ΠΌΠΈΡΠ½ΠΎΡΡΠΈ, Ρ
Π°ΡΠ°ΠΊΡΠ΅ΡΠΈΠ·ΡΡΡΠΈΠ΅ Π²Π°ΡΠΈΠ°ΡΠΈΠ²Π½ΠΎΡΡΡ ΡΠ²ΠΎΠΉΡΡΠ² ΠΎΡΠ½ΠΎΡΠΈΡΠ΅Π»ΡΠ½ΠΎ Π΄ΡΡΠ³ Π΄ΡΡΠ³Π°. Π Π΅Π·ΡΠ»ΡΡΠΈΡΡΡΡΠ°Ρ ΠΌΠΎΠ΄Π΅Π»Ρ ΠΈΡΠΏΠΎΠ»ΡΠ·ΡΠ΅ΡΡΡ Π΄Π»Ρ ΡΡΠ°Π²Π½ΠΈΡΠ΅Π»ΡΠ½ΠΎΠΉ ΠΎΡΠ΅Π½ΠΊΠΈ ΡΡΠΎΠ²Π½Ρ ΠΊΡΠΈΡΠΈΡΠ½ΠΎΡΡΠΈ ΡΠΈΠΏΠΎΠ² ΠΎΠ±ΡΠ΅ΠΊΡΠΎΠ² ΡΠΈΡΡΠ΅ΠΌΡ. Π ΡΠ°Π±ΠΎΡΠ΅ ΠΎΠΏΠΈΡΡΠ²Π°ΡΡΡΡ ΠΈΡΠΏΠΎΠ»ΡΠ·ΡΠ΅ΠΌΡΠ΅ Π²Ρ
ΠΎΠ΄Π½ΡΠ΅ Π΄Π°Π½Π½ΡΠ΅ ΠΈ ΠΌΠΎΠ΄Π΅Π»ΠΈ, Π° ΡΠ°ΠΊΠΆΠ΅ ΠΌΠ΅ΡΠΎΠ΄ΠΈΠΊΠ° ΠΎΠΏΡΠ΅Π΄Π΅Π»Π΅Π½ΠΈΡ ΡΠΈΠΏΠΎΠ² ΠΈ ΡΡΠ°Π²Π½Π΅Π½ΠΈΡ ΠΊΡΠΈΡΠΈΡΠ½ΠΎΡΡΠΈ Π°ΠΊΡΠΈΠ²ΠΎΠ² ΡΠΈΡΡΠ΅ΠΌΡ. ΠΡΠΈΠ²Π΅Π΄Π΅Π½Ρ ΡΠΊΡΠΏΠ΅ΡΠΈΠΌΠ΅Π½ΡΡ, ΠΏΠΎΠΊΠ°Π·ΡΠ²Π°ΡΡΠΈΠ΅ ΡΠ°Π±ΠΎΡΠΎΡΠΏΠΎΡΠΎΠ±Π½ΠΎΡΡΡ ΠΌΠ΅ΡΠΎΠ΄ΠΈΠΊΠΈ Π½Π° ΠΏΡΠΈΠΌΠ΅ΡΠ΅ Π°Π½Π°Π»ΠΈΠ·Π° ΠΆΡΡΠ½Π°Π»ΠΎΠ² Π±Π΅Π·ΠΎΠΏΠ°ΡΠ½ΠΎΡΡΠΈ ΠΎΠΏΠ΅ΡΠ°ΡΠΈΠΎΠ½Π½ΠΎΠΉ ΡΠΈΡΡΠ΅ΠΌΡ Windows
Π£ΡΠΊΠΎΡΠ΅Π½ΠΈΠ΅ ΡΠ°ΡΡΠ΅ΡΠΎΠ² ΠΎΡΠ΅Π½ΠΊΠΈ Π·Π°ΡΠΈΡΠ΅Π½Π½ΠΎΡΡΠΈ ΠΏΠΎΠ»ΡΠ·ΠΎΠ²Π°ΡΠ΅Π»Π΅ΠΉ ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΠΎΠ½Π½ΠΎΠΉ ΡΠΈΡΡΠ΅ΠΌΡ Π·Π° ΡΡΠ΅Ρ ΡΠ»ΠΈΠΌΠΈΠ½Π°ΡΠΈΠΈ ΠΌΠ°Π»ΠΎΠ²Π΅ΡΠΎΡΡΠ½ΡΡ ΡΡΠ°Π΅ΠΊΡΠΎΡΠΈΠΉ ΡΠΎΡΠΈΠΎ-ΠΈΠ½ΠΆΠ΅Π½Π΅ΡΠ½ΡΡ Π°ΡΠ°ΠΊ
In the field of information security it is necessary to develop scientific and proved and mathematical methods and the models reflecting specifics of subject domain for ensuring activity of experts, allowing to automate the analysis of information systems userβs security from socio-engineering attacks. The purpose of this paper is consideration of a method of of success probability search of socio-engineering attacking impact on each user in the "personnel - information system - critical documents" complex where users and communications between them are presented as graph. The algorithm assumes search of various acyclic ways between two users.ΠΠ»Ρ ΠΎΠ±Π΅ΡΠΏΠ΅ΡΠ΅Π½ΠΈΡ Π΄Π΅ΡΡΠ΅Π»ΡΠ½ΠΎΡΡΠΈ ΡΠΏΠ΅ΡΠΈΠ°Π»ΠΈΡΡΠΎΠ² Π² ΠΎΠ±Π»Π°ΡΡΠΈ ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΠΎΠ½Π½ΠΎΠΉ Π±Π΅Π·ΠΎΠΏΠ°ΡΠ½ΠΎΡΡΠΈ Π½Π΅ΠΎΠ±Ρ
ΠΎΠ΄ΠΈΠΌΠΎ ΡΠ°Π·ΡΠ°Π±ΠΎΡΠ°ΡΡ Π½Π°ΡΡΠ½ΠΎ-ΠΎΠ±ΠΎΡΠ½ΠΎΠ²Π°Π½Π½ΡΠ΅ ΠΈ ΠΎΡΡΠ°ΠΆΠ°ΡΡΠΈΠ΅ ΡΠΏΠ΅ΡΠΈΡΠΈΠΊΡ ΠΏΡΠ΅Π΄ΠΌΠ΅ΡΠ½ΠΎΠΉ ΠΎΠ±Π»Π°ΡΡΠΈ ΠΌΠ°ΡΠ΅ΠΌΠ°ΡΠΈΡΠ΅ΡΠΊΠΈΠ΅ ΠΌΠ΅ΡΠΎΠ΄Ρ ΠΈ ΠΌΠΎΠ΄Π΅Π»ΠΈ, ΠΏΠΎΠ·Π²ΠΎΠ»ΡΡΡΠΈΠ΅ Π°Π²ΡΠΎΠΌΠ°ΡΠΈΠ·ΠΈΡΠΎΠ²Π°ΡΡ Π°Π½Π°Π»ΠΈΠ· Π·Π°ΡΠΈΡΠ΅Π½Π½ΠΎΡΡΠΈ ΠΏΠΎΠ»ΡΠ·ΠΎΠ²Π°ΡΠ΅Π»Π΅ΠΉ ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΠΎΠ½Π½ΡΡ
ΡΠΈΡΡΠ΅ΠΌ ΠΎΡ ΡΠΎΡΠΈΠΎ-ΠΈΠ½ΠΆΠ΅Π½Π΅ΡΠ½ΡΡ
Π°ΡΠ°ΠΊ. Π¦Π΅Π»ΡΡ Π½Π°ΡΡΠΎΡΡΠ΅ΠΉ ΡΠ°Π±ΠΎΡΡ ΡΠ²Π»ΡΠ΅ΡΡΡ ΡΠ°ΡΡΠΌΠΎΡΡΠ΅Π½ΠΈΠ΅ ΠΌΠ΅ΡΠΎΠ΄Π° ΠΏΠΎΠΈΡΠΊΠ° Π²Π΅ΡΠΎΡΡΠ½ΠΎΡΡΠΈ ΡΡΠΏΠ΅Ρ
Π° ΡΠΎΡΠΈΠΎ-ΠΈΠ½ΠΆΠ΅Π½Π΅ΡΠ½ΠΎΠ³ΠΎ Π°ΡΠ°ΠΊΡΡΡΠ΅Π³ΠΎ Π²ΠΎΠ·Π΄Π΅ΠΉΡΡΠ²ΠΈΡ Π½Π° ΠΊΠ°ΠΆΠ΄ΠΎΠ³ΠΎ ΠΏΠΎΠ»ΡΠ·ΠΎΠ²Π°ΡΠ΅Π»Ρ Π² ΠΊΠΎΠΌΠΏΠ»Π΅ΠΊΡΠ΅ Β«ΠΏΠ΅ΡΡΠΎΠ½Π°Π» - ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΠΎΠ½Π½Π°Ρ ΡΠΈΡΡΠ΅ΠΌΠ° β ΠΊΡΠΈΡΠΈΡΠ½ΡΠ΅ Π΄ΠΎΠΊΡΠΌΠ΅Π½ΡΡΒ», ΠΏΠΎΠ»ΡΠ·ΠΎΠ²Π°ΡΠ΅Π»ΠΈ ΠΊΠΎΡΠΎΡΠΎΠ³ΠΎ ΠΈ ΡΠ²ΡΠ·ΠΈ ΠΌΠ΅ΠΆΠ΄Ρ Π½ΠΈΠΌΠΈ ΠΏΡΠ΅Π΄ΡΡΠ°Π²Π»Π΅Π½Ρ Π²ΠΈΠ΄Π΅ Π³ΡΠ°ΡΠ°. ΠΠ»Π³ΠΎΡΠΈΡΠΌ ΠΏΡΠ΅Π΄ΠΏΠΎΠ»Π°Π³Π°Π΅Ρ ΠΏΠΎΠΈΡΠΊ Π²ΡΠ΅Π²ΠΎΠ·ΠΌΠΎΠΆΠ½ΡΡ
Π°ΡΠΈΠΊΠ»ΠΈΡΠ΅ΡΠΊΠΈΡ
ΠΏΡΡΠ΅ΠΉ ΠΌΠ΅ΠΆΠ΄Ρ Π΄Π²ΡΠΌΡ ΠΏΠΎΠ»ΡΠ·ΠΎΠ²Π°ΡΠ΅Π»ΡΠΌΠΈ
ΠΠ½Π°Π»ΠΈΠ· Π·Π°ΡΠΈΡΠ΅Π½Π½ΠΎΡΡΠΈ ΠΏΠΎΠ»ΡΠ·ΠΎΠ²Π°ΡΠ΅Π»Π΅ΠΉ ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΠΎΠ½Π½ΡΡ ΡΠΈΡΡΠ΅ΠΌ Π½Π° ΠΎΡΠ½ΠΎΠ²Π΅ Π³ΡΠ°ΡΠΈΡΠ΅ΡΠΊΠΈΡ ΠΌΠΎΠ΄Π΅Π»Π΅ΠΉ, ΡΠΎΠ΄Π΅ΡΠΆΠ°ΡΠΈΡ ΠΏΡΠΎΡΠΈΠ»ΠΈ ΡΡΠ·Π²ΠΈΠΌΠΎΡΡΠ΅ΠΉ
The problem of critical information protection is now one of the most actual in in-formation technologies though it is necessary to recognize that, from the historical point of view, closely related to it problems arose much earlier β probably, at the same time with writing emergence. The standard approach to the solution of these problems consists in development, diversification and complication of applied technical measures of safety. Thus possibilities of technical attacks to systems are minimized. At the same time, each protected information system has the authorized users who work at the lawful bases in it and often have legal access to confidential information. The purpose of this article is creation of an analysis algorithm of resistance of users of information systems from socio-engineering attacks taking into account a profile of vulnerabilities of the user.ΠΡΠΎΠ±Π»Π΅ΠΌΠ° Π·Π°ΡΠΈΡΡ ΠΊΡΠΈΡΠΈΡΠ½ΠΎΠΉ ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΠΈ Π² Π½Π°ΡΡΠΎΡΡΠ΅Π΅ Π²ΡΠ΅ΠΌΡ ΡΠ²Π»ΡΠ΅ΡΡΡ ΠΎΠ΄Π½ΠΎΠΉ ΠΈΠ· ΡΠ°ΠΌΡΡ
Π°ΠΊΡΡΠ°Π»ΡΠ½ΡΡ
Π² ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΠΎΠ½Π½ΡΡ
ΡΠ΅Ρ
Π½ΠΎΠ»ΠΎΠ³ΠΈΡΡ
, Ρ
ΠΎΡΡ Π½Π΅Π»ΡΠ·Ρ Π½Π΅ ΠΏΡΠΈΠ·Π½Π°ΡΡ, ΡΡΠΎ, Ρ ΠΈΡΡΠΎΡΠΈΡΠ΅ΡΠΊΠΎΠΉ ΡΠΎΡΠΊΠΈ Π·ΡΠ΅Π½ΠΈΡ, Π±Π»ΠΈΠ·ΠΊΠΎΡΠΎΠ΄ΡΡΠ²Π΅Π½Π½ΡΠ΅ Π΅ΠΉ ΠΏΡΠΎΠ±Π»Π΅ΠΌΡ Π·Π°ΡΠΎΠ΄ΠΈΠ»ΠΈΡΡ Π³ΠΎΡΠ°Π·Π΄ΠΎ ΡΠ°Π½ΡΡΠ΅ β Π²ΠΈΠ΄ΠΈΠΌΠΎ, ΠΎΠ΄Π½ΠΎΠ²ΡΠ΅ΠΌΠ΅Π½Π½ΠΎ Ρ Π²ΠΎΠ·Π½ΠΈΠΊΠ½ΠΎΠ²Π΅Π½ΠΈΠ΅ΠΌ ΠΏΠΈΡΡΠΌΠ΅Π½Π½ΠΎΡΡΠΈ. ΠΠ±ΡΠ΅ΠΏΡΠΈΠ½ΡΡΡΠΉ ΠΏΠΎΠ΄Ρ
ΠΎΠ΄ ΠΊ ΡΠ΅ΡΠ΅Π½ΠΈΡ Π΄Π°Π½Π½ΡΡ
ΠΏΡΠΎΠ±Π»Π΅ΠΌ Π·Π°ΠΊΠ»ΡΡΠ°Π΅ΡΡΡ Π² ΡΠ°Π·Π²ΠΈΡΠΈΠΈ, Π΄ΠΈΠ²Π΅ΡΡΠΈΡΠΈΠΊΠ°ΡΠΈΠΈ ΠΈ ΡΡΠ»ΠΎΠΆΠ½Π΅Π½ΠΈΠΈ ΠΏΡΠΈΠΌΠ΅Π½ΡΠ΅ΠΌΡΡ
ΡΠ΅Ρ
Π½ΠΈΡΠ΅ΡΠΊΠΈΡ
ΠΌΠ΅Ρ ΠΎΠ±Π΅ΡΠΏΠ΅ΡΠ΅Π½ΠΈΡ Π±Π΅Π·ΠΎΠΏΠ°ΡΠ½ΠΎΡΡΠΈ. Π’Π°ΠΊΠΈΠΌ ΠΎΠ±ΡΠ°Π·ΠΎΠΌ ΠΌΠΈΠ½ΠΈΠΌΠΈΠ·ΠΈΡΡΡΡΡΡ Π²ΠΎΠ·ΠΌΠΎΠΆΠ½ΠΎΡΡΠΈ ΡΠ΅Ρ
Π½ΠΈΡΠ΅ΡΠΊΠΈΡ
Π°ΡΠ°ΠΊ Π½Π° ΡΠΈΡΡΠ΅ΠΌΡ. Π ΡΠΎ ΠΆΠ΅ Π²ΡΠ΅ΠΌΡ, ΠΊΠ°ΠΆΠ΄Π°Ρ Π·Π°ΡΠΈΡΠ°Π΅ΠΌΠ°Ρ ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΠΎΠ½Π½Π°Ρ ΡΠΈΡΡΠ΅ΠΌΠ° ΠΈΠΌΠ΅Π΅Ρ ΡΠ°Π½ΠΊΡΠΈΠΎΠ½ΠΈΡΠΎΠ²Π°Π½Π½ΡΡ
ΠΏΠΎΠ»ΡΠ·ΠΎΠ²Π°ΡΠ΅Π»Π΅ΠΉ, ΠΊΠΎΡΠΎΡΡΠ΅ Π½Π° Π·Π°ΠΊΠΎΠ½Π½ΡΡ
ΠΎΡΠ½ΠΎΠ²Π°Π½ΠΈΡΡ
ΡΠ°Π±ΠΎΡΠ°ΡΡ Π² Π½Π΅ΠΉ ΠΈ Π·Π°ΡΠ°ΡΡΡΡ ΠΈΠΌΠ΅ΡΡ Π»Π΅Π³Π°Π»ΡΠ½ΡΠΉ Π΄ΠΎΡΡΡΠΏ ΠΊ ΠΊΠΎΠ½ΡΠΈΠ΄Π΅Π½ΡΠΈΠ°Π»ΡΠ½ΠΎΠΉ ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΠΈ. Π¦Π΅Π»ΡΡ Π΄Π°Π½Π½ΠΎΠΉ ΡΡΠ°ΡΡΠΈ ΡΠ²Π»ΡΠ΅ΡΡΡ ΠΏΠΎΡΡΡΠΎΠ΅Π½ΠΈΠ΅ Π°Π»Π³ΠΎΡΠΈΡΠΌΠ° Π°Π½Π°Π»ΠΈΠ·Π° ΡΠ΅Π·ΠΈΡΡΠ΅Π½ΡΠ½ΠΎΡΡΠΈ ΠΏΠΎΠ»ΡΠ·ΠΎΠ²Π°ΡΠ΅Π»Π΅ΠΉ ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΠΎΠ½Π½ΡΡ
ΡΠΈΡΡΠ΅ΠΌ ΠΎΡ ΡΠΎΡΠΈΠΎ-ΠΈΠ½ΠΆΠ΅Π½Π΅ΡΠ½ΡΡ
Π°ΡΠ°ΠΊ Ρ ΡΡΠ΅ΡΠΎΠΌ ΠΏΡΠΎΡΠΈΠ»Ρ ΡΡΠ·Π²ΠΈΠΌΠΎΡΡΠ΅ΠΉ ΠΏΠΎΠ»ΡΠ·ΠΎΠ²Π°ΡΠ΅Π»Ρ
ΠΠΈΠ½Π°ΠΌΠΈΡΠ΅ΡΠΊΠΈΠΉ ΠΏΠ΅ΡΠ΅ΡΠ°ΡΡΠ΅Ρ ΠΏΠΎΠΊΠ°Π·Π°ΡΠ΅Π»Π΅ΠΉ Π·Π°ΡΠΈΡΠ΅Π½Π½ΠΎΡΡΠΈ Π½Π° ΠΏΡΠΈΠΌΠ΅ΡΠ΅ ΠΎΠΏΡΠ΅Π΄Π΅Π»Π΅Π½ΠΈΡ ΠΏΠΎΡΠ΅Π½ΡΠΈΠ°Π»Π° Π°ΡΠ°ΠΊΠΈ
Analysis of security risks and calculation of security metrics is an important task for Security Information and Events Management (SIEM) systems. It allows recognizing the current security situation and necessary countermeasures. The paper considers a technique for calculation of the security metrics in the near real time and demonstrates it on the example of the recalculation of the attack potentiality.ΠΠ½Π°Π»ΠΈΠ· ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΠΎΠ½Π½ΡΡ
ΡΠΈΡΠΊΠΎΠ² ΠΈ Π²ΡΡΠΈΡΠ»Π΅Π½ΠΈΠ΅ ΠΏΠΎΠΊΠ°Π·Π°ΡΠ΅Π»Π΅ΠΉ Π·Π°ΡΠΈΡΠ΅Π½Π½ΠΎΡΡΠΈ ΡΠ²Π»ΡΡΡΡΡ Π²Π°ΠΆΠ½ΡΠΌΠΈ Π·Π°Π΄Π°ΡΠ°ΠΌΠΈ Π΄Π»Ρ ΡΠΈΡΡΠ΅ΠΌ ΡΠΏΡΠ°Π²Π»Π΅Π½ΠΈΡ ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΠ΅ΠΉ ΠΈ ΡΠΎΠ±ΡΡΠΈΡΠΌΠΈ Π±Π΅Π·ΠΎΠΏΠ°ΡΠ½ΠΎΡΡΠΈ (Security Information and Events Management, SIEM). ΠΠ½ΠΈ ΠΏΠΎΠ·Π²ΠΎΠ»ΡΡΡ ΠΎΠΏΡΠ΅Π΄Π΅Π»ΠΈΡΡ ΡΠ΅ΠΊΡΡΡΡ ΡΠΈΡΡΠ°ΡΠΈΡ Π² ΠΎΠ±Π»Π°ΡΡΠΈ Π·Π°ΡΠΈΡΠ΅Π½Π½ΠΎΡΡΠΈ ΠΈ Π½Π΅ΠΎΠ±Ρ
ΠΎΠ΄ΠΈΠΌΡΠ΅ ΠΊΠΎΠ½ΡΡΠΌΠ΅ΡΡ. ΠΠ°Π½Π½Π°Ρ ΡΡΠ°ΡΡΡ ΡΠ°ΡΡΠΌΠ°ΡΡΠΈΠ²Π°Π΅Ρ ΠΌΠ΅ΡΠΎΠ΄ΠΈΠΊΡ Π²ΡΡΠΈΡΠ»Π΅Π½ΠΈΡ ΠΏΠΎΠΊΠ°Π·Π°ΡΠ΅Π»Π΅ΠΉ Π·Π°ΡΠΈΡΠ΅Π½Π½ΠΎΡΡΠΈ Π²ΠΎ Π²ΡΠ΅ΠΌΠ΅Π½ΠΈ, Π±Π»ΠΈΠ·ΠΊΠΎΠΌ ΠΊ ΡΠ΅Π°Π»ΡΠ½ΠΎΠΌΡ, ΠΈ Π΄Π΅ΠΌΠΎΠ½ΡΡΡΠΈΡΡΠ΅Ρ Π΅Π΅ ΠΏΡΠΈΠΌΠ΅Π½Π΅Π½ΠΈΠ΅ Π½Π° ΠΏΡΠΈΠΌΠ΅ΡΠ΅ ΠΏΠ΅ΡΠ΅ΡΠ°ΡΡΠ΅ΡΠ° ΠΏΠΎΡΠ΅Π½ΡΠΈΠ°Π»Π° Π°ΡΠ°ΠΊΠΈ
ΠΠΎΠΊΠ°Π·Π°ΡΠ΅Π»ΠΈ ΠΈ ΠΌΠ΅ΡΠΎΠ΄ΠΈΠΊΠΈ ΠΎΡΠ΅Π½ΠΊΠΈ Π·Π°ΡΠΈΡΠ΅Π½Π½ΠΎΡΡΠΈ ΠΊΠΎΠΌΠΏΡΡΡΠ΅ΡΠ½ΡΡ ΡΠ΅ΡΠ΅ΠΉ Π½Π° ΠΎΡΠ½ΠΎΠ²Π΅ Π³ΡΠ°ΡΠΎΠ² Π°ΡΠ°ΠΊ ΠΈ Π³ΡΠ°ΡΠΎΠ² Π·Π°Π²ΠΈΡΠΈΠΌΠΎΡΡΠ΅ΠΉ ΡΠ΅ΡΠ²ΠΈΡΠΎΠ²
The paper considers the last researches in the area of the security metrics. Classification of the known metrics is suggested. Multilevel approach to the security assessment is suggested. It is based on the attack graphs and service dependencies graphs. The approach allows evaluating different aspect of the system security considering its topology, operation mode, historical data about incidents and other information.Π Π΄Π°Π½Π½ΠΎΠΉ ΡΠ°Π±ΠΎΡΠ΅ ΡΠ°ΡΡΠΌΠ°ΡΡΠΈΠ²Π°ΡΡΡΡ ΠΎΡΠ½ΠΎΠ²Π½ΡΠ΅ Π½Π°ΠΏΡΠ°Π²Π»Π΅Π½ΠΈΡ ΠΈΡΡΠ»Π΅Π΄ΠΎΠ²Π°Π½ΠΈΠΉ Π² ΠΎΠ±Π»Π°ΡΡΠΈ ΠΏΠΎΠΊΠ°Π·Π°ΡΠ΅Π»Π΅ΠΉ Π·Π°ΡΠΈΡΠ΅Π½Π½ΠΎΡΡΠΈ ΠΈ Π²Π²ΠΎΠ΄ΠΈΡΡΡ ΡΡΠΎΡΠΌΠΈΡΠΎΠ²Π°Π½Π½Π°Ρ Π½Π° ΠΈΡ
ΠΎΡΠ½ΠΎΠ²Π΅ ΠΊΠ»Π°ΡΡΠΈΡΠΈΠΊΠ°ΡΠΈΡ ΠΏΠΎΠΊΠ°Π·Π°ΡΠ΅Π»Π΅ΠΉ. ΠΡΠΎΠΌΠ΅ ΡΠΎΠ³ΠΎ, ΠΏΡΠ΅Π΄Π»Π°Π³Π°Π΅ΡΡΡ ΠΌΠ½ΠΎΠ³ΠΎΡΡΠΎΠ²Π½Π΅Π²ΡΠΉ ΠΏΠΎΠ΄Ρ
ΠΎΠ΄ ΠΊ ΠΎΡΠ΅Π½ΠΊΠ΅ Π·Π°ΡΠΈΡΠ΅Π½Π½ΠΎΡΡΠΈ, Π²ΠΊΠ»ΡΡΠ°ΡΡΠΈΠΉ ΡΠΈΡΡΠ΅ΠΌΡ ΠΏΠΎΠΊΠ°Π·Π°ΡΠ΅Π»Π΅ΠΉ Π·Π°ΡΠΈΡΠ΅Π½Π½ΠΎΡΡΠΈ ΠΈ ΠΌΠ΅ΡΠΎΠ΄ΠΈΠΊΠΈ ΠΈΡ
ΡΠ°ΡΡΠ΅ΡΠ°, ΠΎΡΠ½ΠΎΠ²Π°Π½Π½ΡΠ΅ Π½Π° Π³ΡΠ°ΡΠ°Ρ
Π°ΡΠ°ΠΊ ΠΈ Π·Π°Π²ΠΈΡΠΈΠΌΠΎΡΡΡΡ
ΡΠ΅ΡΠ²ΠΈΡΠΎΠ². ΠΠ°Π½Π½ΡΠΉ ΠΏΠΎΠ΄Ρ
ΠΎΠ΄ ΠΏΠΎΠ·Π²ΠΎΠ»ΡΠ΅Ρ ΠΎΡΠ΅Π½ΠΈΠ²Π°ΡΡ ΡΠ°Π·Π»ΠΈΡΠ½ΡΠ΅ Π°ΡΠΏΠ΅ΠΊΡΡ Π·Π°ΡΠΈΡΠ΅Π½Π½ΠΎΡΡΠΈ ΡΠΈΡΡΠ΅ΠΌΡ Ρ ΡΡΠ΅ΡΠΎΠΌ Π΅Π΅ ΡΠΎΠΏΠΎΠ»ΠΎΠ³ΠΈΠΈ, ΡΠ΅ΠΆΠΈΠΌΠ° ΡΠ°Π±ΠΎΡΡ, ΠΈΡΡΠΎΡΠΈΡΠ΅ΡΠΊΠΈΡ
Π΄Π°Π½Π½ΡΡ
ΠΎΠ± ΠΈΠ½ΡΠΈΠ΄Π΅Π½ΡΠ°Ρ
ΠΈ Π΄ΡΡΠ³ΠΎΠΉ ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΠΈ
Home-Based Intrusion Detection System
Wireless network security has an important role in our daily lives. It has received significant attention, although wireless communication is facing different security threats. Some security efforts have been applied to overcome wireless attacks. Unfortunately, complete attack prevention is not accurately achievable. Intrusion Detection System (IDS) is an additional field of computer security. It is concerned with software that can distinguish between legitimate users and malicious users of a computer system and make a controlled response when an attack is detected. The project proposed to develop IDS technology on the windows platform. The IDS adopted misuse detection, which is based on signature recognition. The main objective of this proposal is to detect any network vulnerabilities and threats that concern home-based attacks or intrusion. There are five steps in our methodology: The first step is to create awareness of the problem by understanding the purpose and scope of the learning, as well as the problem, which are necessary to be solved. The second step is to make suggestion that the intrusion detection system is protecting the network of the homes. The third step is to develop signature by establishing a set of rule thorough processes for testing IDS. The fourth step is evaluating and testing the system that has been developed. This design used the sensor to find and match activity signatures found in the checked environment to the known signatures in the signature database. Finally, the conclusion in this phase showed the results of the study and the achievement of the objectives of the study. This IDS project will contribute to the efforts to protect users from the internal and external intruders
SQL-ΠΏΡΠ΅Π΄ΡΡΠ°Π²Π»Π΅Π½ΠΈΠ΅ ΡΠ΅Π»ΡΡΠΈΠΎΠ½Π½ΠΎ-Π²Π΅ΡΠΎΡΡΠ½ΠΎΡΡΠ½ΡΡ ΠΌΠΎΠ΄Π΅Π»Π΅ΠΉ ΡΠΎΡΠΈΠΎ-ΠΈΠ½ΠΆΠ΅Π½Π΅ΡΠ½ΡΡ Π°ΡΠ°ΠΊ Π² Π·Π°Π΄Π°ΡΠ°Ρ ΡΠ°ΡΡΠ΅ΡΠ° Π°Π³ΡΠ΅Π³ΠΈΡΠΎΠ²Π°Π½Π½ΡΡ ΠΎΡΠ΅Π½ΠΎΠΊ Π·Π°ΡΠΈΡΠ΅Π½Π½ΠΎΡΡΠΈ ΠΏΠ΅ΡΡΠΎΠ½Π°Π»Π° ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΠΎΠ½Π½ΠΎΠΉ ΡΠΈΡΡΠ΅ΠΌΡ
Risk analysis of information security nowadays is an extremely important topic, due to the fact that insurance companies want to have probably more exact characteristics about the probable size of a damage and the necessary sum of insurance, and the company, wishing to insure the information risks, also wants to understand, for what it does pay at the conclusion of the contract of insurance and if these fees are reasonable. Besides, both mentioned above parties don't want to lose their resources. Thus, it is necessary to learn to receive adequate, but at the same time complex, aggregated estimates of security of information systems. The purpose of the present article is consideration of setting of general relations in a complex Β«the personnel information system β critical documentsΒ» at socio-engineering attack of the malefactor, and then illustration of work of principles of a likelihood and relational approach on simplified (for availability and brevity of a statement) example. Weβll use the mixed terminology borrowed from the theory of the relations and the theory of relational DB.ΠΠ½Π°Π»ΠΈΠ· ΡΠΈΡΠΊΠΎΠ² ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΠΎΠ½Π½ΠΎΠΉ Π±Π΅Π·ΠΎΠΏΠ°ΡΠ½ΠΎΡΡΠΈ Π² Π½Π°ΡΡΠΎΡΡΠ΅Π΅ Π²ΡΠ΅ΠΌΡ ΡΠ²Π»ΡΠ΅ΡΡΡ ΠΎΡΠΎΠ±ΠΎ Π°ΠΊΡΡΠ°Π»ΡΠ½ΠΎΠΉ ΡΠ΅ΠΌΠΎΠΉ, Π² ΡΠΈΠ»Ρ ΡΠΎΠ³ΠΎ, ΡΡΠΎ ΠΈ ΡΡΡΠ°Ρ
ΠΎΠ²ΡΠ΅ ΠΊΠΎΠΌΠΏΠ°Π½ΠΈΠΈ Ρ
ΠΎΡΡΡ ΠΈΠΌΠ΅ΡΡ Π²ΠΎΠ·ΠΌΠΎΠΆΠ½ΠΎ Π±ΠΎΠ»Π΅Π΅ ΡΠΎΡΠ½ΡΠ΅ Ρ
Π°ΡΠ°ΠΊΡΠ΅ΡΠΈΡΡΠΈΠΊΠΈ ΠΎ Π²Π΅ΡΠΎΡΡΠ½ΠΎΠΌ ΡΠ°Π·ΠΌΠ΅ΡΠ΅ ΡΡΠ΅ΡΠ±Π° ΠΈ Π½Π΅ΠΎΠ±Ρ
ΠΎΠ΄ΠΈΠΌΠΎΠΉ ΡΡΠΌΠΌΠ΅ ΡΡΡΠ°Ρ
ΠΎΠ²Π°Π½ΠΈΡ, ΠΈ ΠΊΠΎΠΌΠΏΠ°Π½ΠΈΠΈ, ΠΆΠ΅Π»Π°ΡΡΠΈΠ΅ Π·Π°ΡΡΡΠ°Ρ
ΠΎΠ²Π°ΡΡ ΡΠ²ΠΎΠΈ ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΠΎΠ½Π½ΡΠ΅ ΡΠΈΡΠΊΠΈ, ΡΠ°ΠΊΠΆΠ΅ Ρ
ΠΎΡΡΡ ΠΏΠΎΠ½ΠΈΠΌΠ°ΡΡ, Π·Π° ΡΡΠΎ ΠΈΠΌΠ΅Π½Π½ΠΎ ΠΈ Π½Π°ΡΠΊΠΎΠ»ΡΠΊΠΎ ΠΎΠ±ΠΎΡΠ½ΠΎΠ²Π°Π½Π½ΠΎ ΠΏΠ»Π°ΡΡΡΡΡ ΡΠ΅ ΠΈΠ»ΠΈ ΠΈΠ½ΡΠ΅ ΡΡΠΌΠΌΡ ΠΏΡΠΈ Π·Π°ΠΊΠ»ΡΡΠ΅Π½ΠΈΠΈ Π΄ΠΎΠ³ΠΎΠ²ΠΎΡΠ° ΡΡΡΠ°Ρ
ΠΎΠ²Π°Π½ΠΈΡ. ΠΡΠΎΠΌΠ΅ ΡΠΎΠ³ΠΎ, Π½ΠΈ ΠΎΠ΄Π½Π° ΠΈΠ· Π½Π°Π·Π²Π°Π½Π½ΡΡ
ΡΡΠΎΡΠΎΠ½ Π½Π΅ Ρ
ΠΎΡΠ΅Ρ ΡΠ΅ΡΡΡΡ ΡΠΎΠ±ΡΡΠ²Π΅Π½Π½ΡΠ΅ ΡΠ΅ΡΡΡΡΡ. Π’Π°ΠΊΠΈΠΌ ΠΎΠ±ΡΠ°Π·ΠΎΠΌ, Π½Π΅ΠΎΠ±Ρ
ΠΎΠ΄ΠΈΠΌΠΎ Π½Π°ΡΡΠΈΡΡΡΡ ΠΏΠΎΠ»ΡΡΠ°ΡΡ Π°Π΄Π΅ΠΊΠ²Π°ΡΠ½ΡΠ΅, Π½ΠΎ Π² ΡΠΎ ΠΆΠ΅ Π²ΡΠ΅ΠΌΡ ΠΊΠΎΠΌΠΏΠ»Π΅ΠΊΡΠ½ΡΠ΅, Π°Π³ΡΠ΅Π³ΠΈΡΠΎΠ²Π°Π½Π½ΡΠ΅ ΠΎΡΠ΅Π½ΠΊΠΈ Π·Π°ΡΠΈΡΠ΅Π½Π½ΠΎΡΡΠΈ ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΠΎΠ½Π½ΡΡ
ΡΠΈΡΡΠ΅ΠΌ. Π¦Π΅Π»ΡΡ Π½Π°ΡΡΠΎΡΡΠ΅ΠΉ ΡΡΠ°ΡΡΠΈ ΡΠ²Π»ΡΠ΅ΡΡΡ ΡΠ°ΡΡΠΌΠΎΡΡΠ΅Π½ΠΈΠ΅ Π²Π°ΡΠΈΠ°Π½ΡΠ° Π·Π°Π΄Π°Π½ΠΈΡ ΠΎΡΠ½ΠΎΠ²Π½ΡΡ
ΠΎΡΠ½ΠΎΡΠ΅Π½ΠΈΠΉ Π² ΠΊΠΎΠΌΠΏΠ»Π΅ΠΊΡΠ΅ Β«ΠΏΠ΅ΡΡΠΎΠ½Π°Π» - ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΠΎΠ½Π½Π°Ρ ΡΠΈΡΡΠ΅ΠΌΠ° β ΠΊΡΠΈΡΠΈΡΠ½ΡΠ΅ Π΄ΠΎΠΊΡΠΌΠ΅Π½ΡΡΒ» ΠΏΡΠΈ ΡΠΎΡΠΈΠΎ-ΠΈΠ½ΠΆΠ΅Π½Π΅ΡΠ½ΠΎΠΉ Π°ΡΠ°ΠΊΠ΅ Π·Π»ΠΎΡΠΌΡΡΠ»Π΅Π½Π½ΠΈΠΊΠ°, Π° Π·Π°ΡΠ΅ΠΌ ΠΈΠ»Π»ΡΡΡΡΠ°ΡΠΈΡ ΡΠ°Π±ΠΎΡΡ ΠΏΡΠΈΠ½ΡΠΈΠΏΠΎΠ² Π²Π΅ΡΠΎΡΡΠ½ΠΎΡΡΠ½ΠΎ-ΡΠ΅Π»ΡΡΠΈΠΎΠ½Π½ΠΎΠ³ΠΎ ΠΏΠΎΠ΄Ρ
ΠΎΠ΄Π° Π½Π° ΡΠΏΡΠΎΡΠ΅Π½Π½ΠΎΠΌ (Π΄Π»Ρ Π΄ΠΎΡΡΡΠΏΠ½ΠΎΡΡΠΈ ΠΈ ΠΊΡΠ°ΡΠΊΠΎΡΡΠΈ ΠΈΠ·Π»ΠΎΠΆΠ΅Π½ΠΈΡ) ΠΏΡΠΈΠΌΠ΅ΡΠ΅. ΠΡΠ΄Π΅ΠΌ ΠΈΡΠΏΠΎΠ»ΡΠ·ΠΎΠ²Π°ΡΡ ΡΠΌΠ΅ΡΠ°Π½Π½ΡΡ ΡΠ΅ΡΠΌΠΈΠ½ΠΎΠ»ΠΎΠ³ΠΈΡ, Π·Π°ΠΈΠΌΡΡΠ²ΠΎΠ²Π°Π½Π½ΡΡ ΠΈΠ· ΡΠ΅ΠΎΡΠΈΠΈ ΠΎΡΠ½ΠΎΡΠ΅Π½ΠΈΠΉ ΠΈ ΡΠ΅ΠΎΡΠΈΠΈ ΡΠ΅Π»ΡΡΠΈΠΎΠ½Π½ΡΡ
ΠΠ
The Methodology for Evaluating Response Cost for Intrusion Response Systems
Recent advances in the field of intrusion detection brought new requirements to intrusion prevention and response. Traditionally, the response to the detected attack was selected and deployed manually, in the recent years the focus has shifted towards developing automated and semi-automated methodologies for responding to intrusions. In this context, the cost-sensitive intrusion response models have gained the most interest mainly due to their emphasis on the balance between potential damage incurred by the intrusion and cost of the response. However, one of the challenges in applying this approach is defining consistent and adaptable measurement of these cost factors on the basis of requirements and policy of the system being protected against intrusions. In this paper we present a structured methodology for evaluating cost of responses based on three factors: the response operational cost associated with the daily maintenance of the response, the response goodness that measures the applicability of the selected response for a detected intrusion and the response impact on the system that refers to the possible response effect on the system functionality. The proposed approach provides consistent basis for response evaluation across different systems while incorporating security policy and properties of specific system environment. We demonstrate the advantages of the proposed cost model and evaluate it on the example of three systems
ΠΠ΅ΡΠΎΡΡΠ½ΠΎΡΡΠ½ΠΎ-ΡΠ΅Π»ΡΡΠΈΠΎΠ½Π½ΡΠΉ ΠΏΠΎΠ΄Ρ ΠΎΠ΄ ΠΊ ΠΏΡΠ΅Π΄ΡΡΠ°Π²Π»Π΅Π½ΠΈΡ ΠΌΠΎΠ΄Π΅Π»ΠΈ ΠΊΠΎΠΌΠΏΠ»Π΅ΠΊΡΠ° Β«ΠΠ½ΡΠΎΡΠΌΠ°ΡΠΈΠΎΠ½Π½Π°Ρ ΡΠΈΡΡΠ΅ΠΌΠ° β ΠΏΠ΅ΡΡΠΎΠ½Π°Π» β ΠΊΡΠΈΡΠΈΡΠ½ΡΠ΅ Π΄ΠΎΠΊΡΠΌΠ΅Π½ΡΡΒ»
One of the main problems of researches in the field of socio-engineering attacks is the development of analysis algorithms (assessment) of information system's users' protection estimated on the basis of computing complexity. According to preliminary estimates the application of probabilistic relational algorithm will essentially reduce computing complexity of a program complex. Use of the specified approach will also allow to increase flexibility in a task of estimation of criticality of the documents available in system and chances of successful realization of attacks, in description of communicationsβ system and accesses among actual components of a complex Β«information system β personnel β critical documentsΒ», and among specified components and the malefactor. Relational models will probably allow to use effective computational methods, implemented in modern DBSM for fast SQL-links implementation.ΠΠ΄Π½ΠΎΠΉ ΠΈΠ· ΠΎΡΠ½ΠΎΠ²Π½ΡΡ
ΠΏΡΠΎΠ±Π»Π΅ΠΌ ΠΈΡΡΠ»Π΅Π΄ΠΎΠ²Π°Π½ΠΈΠΉ Π² ΠΎΠ±Π»Π°ΡΡΠΈ ΡΠΎΡΠΈΠΎ-ΠΈΠ½ΠΆΠ΅Π½Π΅ΡΠ½ΡΡ
Π°ΡΠ°ΠΊ ΡΠ²Π»ΡΠ΅ΡΡΡ ΡΠ°Π·Π²ΠΈΡΠΈΠ΅ ΠΏΡΠΈΠ΅ΠΌΠ»Π΅ΠΌΡΡ
ΠΏΠΎ Π²ΡΡΠΈΡΠ»ΠΈΡΠ΅Π»ΡΠ½ΠΎΠΉ ΡΠ»ΠΎΠΆΠ½ΠΎΡΡΠΈ Π°Π»Π³ΠΎΡΠΈΡΠΌΠΎΠ² Π°Π½Π°Π»ΠΈΠ·Π° (ΠΎΡΠ΅Π½ΠΊΠΈ) Π·Π°ΡΠΈΡΠ΅Π½Π½ΠΎΡΡΠΈ ΠΏΠ΅ΡΡΠΎΠ½Π°Π»Π° ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΠΎΠ½Π½ΡΡ
ΡΠΈΡΡΠ΅ΠΌ. ΠΠΎ ΠΏΡΠ΅Π΄Π²Π°ΡΠΈΡΠ΅Π»ΡΠ½ΡΠΌ ΠΎΡΠ΅Π½ΠΊΠ°ΠΌ ΠΈΠΌΠ΅Π½Π½ΠΎ ΠΏΡΠΈΠΌΠ΅Π½Π΅Π½ΠΈΠ΅ Π²Π΅ΡΠΎΡΡΠ½ΠΎΡΡΠ½ΠΎ-ΡΠ΅Π»ΡΡΠΈΠΎΠ½Π½ΠΎΠ³ΠΎ Π°Π»Π³ΠΎΡΠΈΡΠΌΠ° ΠΏΠΎΠΌΠΎΠΆΠ΅Ρ ΡΡΡΠ΅ΡΡΠ²Π΅Π½Π½ΠΎ ΡΠΌΠ΅Π½ΡΡΠΈΡΡ Π²ΡΡΠΈΡΠ»ΠΈΡΠ΅Π»ΡΠ½ΡΡ ΡΠ»ΠΎΠΆΠ½ΠΎΡΡΡ ΠΏΡΠΎΠ³ΡΠ°ΠΌΠΌΠ½ΠΎΠ³ΠΎ ΠΊΠΎΠΌΠΏΠ»Π΅ΠΊΡΠ°. ΠΡΠΏΠΎΠ»ΡΠ·ΠΎΠ²Π°Π½ΠΈΠ΅ ΡΠΊΠ°Π·Π°Π½Π½ΠΎΠ³ΠΎ ΠΏΠΎΠ΄Ρ
ΠΎΠ΄Π° ΠΏΠΎΠ·Π²ΠΎΠ»ΠΈΡ ΡΠ°ΠΊΠΆΠ΅ ΡΠ²Π΅Π»ΠΈΡΠΈΡΡ Π³ΠΈΠ±ΠΊΠΎΡΡΡ Π² Π·Π°Π΄Π°Π½ΠΈΠΈ ΠΎΡΠ΅Π½ΠΎΠΊ ΠΊΡΠΈΡΠΈΡΠ½ΠΎΡΡΠΈ Π΄ΠΎΠΊΡΠΌΠ΅Π½ΡΠΎΠ², Π΄ΠΎΡΡΡΠΏΠ½ΡΡ
Π² ΡΠΈΡΡΠ΅ΠΌΠ΅, ΠΎΡΠ΅Π½ΠΎΠΊ ΡΠ°Π½ΡΠΎΠ² ΡΡΠΏΠ΅ΡΠ½ΠΎΠΉ ΡΠ΅Π°Π»ΠΈΠ·Π°ΡΠΈΠΈ Π°ΡΠ°ΠΊ, ΠΎΠΏΠΈΡΠ°Π½ΠΈΠΈ ΡΠΈΡΡΠ΅ΠΌΡ ΡΠ²ΡΠ·Π΅ΠΉ ΠΈ Π΄ΠΎΡΡΡΠΏΠ° ΡΡΠ΅Π΄ΠΈ ΡΠΎΠ±ΡΡΠ²Π΅Π½Π½ΠΎ ΠΊΠΎΠΌΠΏΠΎΠ½Π΅Π½Ρ ΠΊΠΎΠΌΠΏΠ»Π΅ΠΊΡΠ° Β«ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΠΎΠ½Π½Π°Ρ ΡΠΈΡΡΠ΅ΠΌΠ° β ΠΏΠ΅ΡΡΠΎΠ½Π°Π» β ΠΊΡΠΈΡΠΈΡΠ½ΡΠ΅ Π΄ΠΎΠΊΡΠΌΠ΅Π½ΡΡΒ» ΠΈ ΡΡΠ΅Π΄ΠΈ ΡΠΊΠ°Π·Π°Π½Π½ΡΡ
ΠΊΠΎΠΌΠΏΠΎΠ½Π΅Π½Ρ, ΠΈ Π·Π»ΠΎΡΠΌΡΡΠ»Π΅Π½Π½ΠΈΠΊΠ°. Π Π΅Π»ΡΡΠΈΠΎΠ½Π½ΡΠ΅ ΠΌΠΎΠ΄Π΅Π»ΠΈ, Π²ΠΎΠ·ΠΌΠΎΠΆΠ½ΠΎ, ΠΏΠΎΠ·Π²ΠΎΠ»ΡΡ ΠΏΡΠΈ Π²ΡΡΠΈΡΠ»Π΅Π½ΠΈΡΡ
ΠΎΡΠ΅Π½ΠΎΠΊ ΡΡΠ΅ΠΏΠ΅Π½ΠΈ Π·Π°ΡΠΈΡΠ΅Π½Π½ΠΎΡΡΠΈ ΠΈΡΠΏΠΎΠ»ΡΠ·ΠΎΠ²Π°ΡΡ Π²ΡΡΠΈΡΠ»ΠΈΡΠ΅Π»ΡΠ½ΡΠ΅ ΠΌΠ΅ΡΠΎΠ΄Ρ, ΠΊΠΎΡΠΎΡΡΠ΅ ΡΡΡΠ΅ΠΊΡΠΈΠ²Π½ΠΎ ΡΠ΅Π°Π»ΠΈΠ·ΠΎΠ²Π°Π½Ρ Π² ΡΠΎΠ²ΡΠ΅ΠΌΠ΅Π½Π½ΡΡ
Π‘Π£ΠΠ Π΄Π»Ρ Π±ΡΡΡΡΠΎΠ³ΠΎ Π²ΡΠΏΠΎΠ»Π½Π΅Π½ΠΈΡ SQL-Π·Π°ΠΏΡΠΎΡΠΎΠ²