Kompiuterių ir operacinių sistemų saugos modulio programos sudarymas

Informacinės technologijos turi tinkamai atlikti kontrolę, užtikrinančią informacijos saugą nuo įvairių pavojų – nepageidaujamo ar nesankcionuoto informacijos skleidimo, pakeitimo ar netekimo ir panašiai. Tarptautinių ir Lietuvos institucijų, tiriančių kompiuterių saugos incidentus, duomenimis, informacijos saugos pažeidimų skaičius nemažėja. Įvairūs tyrimai, atlikti Lietuvos valstybinių ir nepriklausomų organizacijų, rodo, kad Lietuvoje nėra specialių informacijos saugos specialistų rengimostudijų programų, nors jų poreikis yra akivaizdus. Europos ir JAV universitetuose kompiuterių saugos dalykai dėstomi įvairiais būdais – yra atskiros studijų programos arba saugos moduliai įtraukti į bendrąsias kompiuterių mokslo ar inžinerijos programas. Straipsnyje, išnagrinėjus Vakarų universitetų informacijos saugos studijų programas ir patirtį, siūloma Kompiuterių ir operacinių sistemų saugos modulio programa, apimanti svarbiausius informacijos saugos dalykus.Development of Computer and Operating Systems Security Module CurriculumAlgimantas Venčkauskas, Jevgenijus Toldinas, Vita Krivickienė SummaryThe purpose of Information technologies is to protect an organization’s valuable resources, such as information, from unauthorized publishing, changing or missing. Total number of information security breaches unabated, according to Worldwide and Lithuanian institutions inquiring computer security incidents. In recent years a number of Government and independence Lithuanian organizations have recognized the need for security education in Lithuania (especially in information security), and lack of information security courses. In Europe and USA computer security course modules are taught as separate study programs or they are integrated into existing computer science or engineering programs. In this paper we analyze information security programs curriculums and experiences of west universities in this area. We investigate the Computer and operating systems security module course curriculum where main information security priorities are included

Korporacinių įmonių informacinės saugos architektūrų modeliavimas

Korporacinių įmonių kompiuterinių sistemų informacinės saugos užtikrinimas yra viena iš svarbiausių informacinių technologijų problemų. Augant ir plečiantis verslui iškyla nutolusių įmonės padalinių, partnerių, darbuotojų saugaus pasikeitimo duomenimis ir lokalių tinklų saugumo problema. Verslo ir valdymo procesuose informacinės technologijos tampa vis reikšmingesnės, didėja informacinių procesų sudėtingumas. Dėl šių priežasčių kompiuterinių sistemų informacinės saugospažeidimų kaina nuolatos auga. Atsižvelgiant į informacinės saugos priemonių patikimumo ir našumo kriterijus, būtina šių sistemų veikimą ištirti prieš diegiant. Adekvačių sprendimų, užtikrinančių informacinę saugą už atitinkamą kainą, priėmimas tampa vis sudėtingesniu uždaviniu. Korporacinės įmonės informacinės saugos modeliai leidžia išspręsti šias problemas ir gali būti taikomi informacinės saugos sistemoms projektuoti, parametrams parinkti ir diegti. Šiame darbe sudaromi ir nagrinėjami korporacinių įmonių informacinės saugos sistemų modeliai, aprašantys įvairias saugaus duomenų pasikeitimo ir informacinės saugos grėsmių neutralizavimo priemonių architektūras. Informacinės saugos realizavimo priemonės įvertintos atitinkamais parametrais. Modeliai leidžia palyginti įvairias informacinės saugos realizavimo architektūras ir parinkti efektyviausią.Modelling of architectures of information system security of companies’Mindaugas Mikučionis, Eugenijus Toldinas, Algimantas Venčkauskas SummaryThe purpose of this work is to create and analyze the information security models of large corporations. It’s difficult and hard to deploy efficiently safe systems due to complex network environment and enterprise computer systems. It’s important to analyze security system parameters before design process. The enterprise information security system modelling helps us to solve these problems. Information security models with complex information security elements and safe data transferring between remote locations are designed. The models will help designers to compare different systems and to find the most secure and effective. This work generalizes the information security modelling process and describes the factors influencing it

Model-Driven Approach for Body Area Network Application Development

This paper introduces the sensor-networked IoT model as a prototype to support the design of Body Area Network (BAN) applications for healthcare. Using the model, we analyze the synergistic effect of the functional requirements (data collection from the human body and transferring it to the top level) and non-functional requirements (trade-offs between energy-security-environmental factors, treated as Quality-of-Service (QoS)). We use feature models to represent the requirements at the earliest stage for the analysis and describe a model-driven methodology to design the possible BAN applications. Firstly, we specify the requirements as the problem domain (PD) variability model for the BAN applications. Next, we introduce the generative technology (meta-programming as the solution domain (SD)) and the mapping procedure to map the PD feature-based variability model onto the SD feature model. Finally, we create an executable meta-specification that represents the BAN functionality to describe the variability of the problem domain though transformations. The meta-specification (along with the meta-language processor) is a software generator for multiple BAN-oriented applications. We validate the methodology with experiments and a case study to generate a family of programs for the BAN sensor controllers. This enables to obtain the adequate measure of QoS efficiently through the interactive adjustment of the meta-parameter values and re-generation process for the concrete BAN application

A Lightweight Protocol for Secure Video Streaming

The Internet of Things (IoT) introduces many new challenges which cannot be solved using traditional cloud and host computing models. A new architecture known as fog computing is emerging to address these technological and security gaps. Traditional security paradigms focused on providing perimeter-based protections and client/server point to point protocols (e.g., Transport Layer Security (TLS)) are no longer the best choices for addressing new security challenges in fog computing end devices, where energy and computational resources are limited. In this paper, we present a lightweight secure streaming protocol for the fog computing “Fog Node-End Device” layer. This protocol is lightweight, connectionless, supports broadcast and multicast operations, and is able to provide data source authentication, data integrity, and confidentiality. The protocol is based on simple and energy efficient cryptographic methods, such as Hash Message Authentication Codes (HMAC) and symmetrical ciphers, and uses modified User Datagram Protocol (UDP) packets to embed authentication data into streaming data. Data redundancy could be added to improve reliability in lossy networks. The experimental results summarized in this paper confirm that the proposed method efficiently uses energy and computational resources and at the same time provides security properties on par with the Datagram TLS (DTLS) standard

Improved Asymmetric Cipher Based on Matrix Power Function with Provable Security

The improved version of the author’s previously declared asymmetric cipher protocol based on matrix power function (MPF) is presented. Proposed modification avoids discrete logarithm attack (DLA) which could be applied to the previously declared protocol. This attack allows us to transform the initial system of MPF equations to so-called matrix multivariate quadratic (MMQ) system of equations, which is a system representing a subclass of multivariate quadratic (MQ) systems of equations. We are making a conjecture that avoidance of DLA in protocol, presented here, should increase its security, since an attempt to solve the initial system of MPF equations would appear to be no less complex than solving the system of MMQ equations. No algorithms are known to solve such a system of equations. Security parameters and their secure values are defined. Security analysis against chosen plaintext attack (CPA) and chosen ciphertext attack (CCA) is presented. Measures taken to prevent DLA attack increase the security of this protocol with respect to the previously declated protocol

The Method for Identifying the Scope of Cyberattack Stages in Relation to Their Impact on Cyber-Sustainability Control over a System

Industry X.0 is the new age of digitization, when information and communication systems are strongly linked to other systems and processes and are accessed remotely from anywhere at any time. The existing information systems’ security methods are ineffective because they should focus on and assess a broader range of factors in physical and digital spaces, especially because tactics of cybercrimes are always evolving and attackers are getting more inventive in searching for holes that might be exploited. To fight it, it is a need to be one step ahead of the attacker, including understanding the nature, stages and scope of the upcoming cyberattack. The objective of our research is to identify the impact of the scope of a cyberattack’s stages on the cyber resilience of an information and communication system, assessing the level of cybersecurity based on existing technical and operational measures. The research methodology includes a numerical simulation, an analytical comparison and experimental validation. The achieved results allow for the identification of up to 18 attack stages based on the aggregation of technical and organizational security metrics and detection sources. The analytical comparison proved the proposed method to be 13% more effective in identifying the stage of a cyberattack and its scope. Based on this research, the extensive scoping flexibility of the proposed method will enable additional control measures and methods that would reduce the impact of an attack on the robustness while increasing the cyber-sustainability of a system

A Comparison of authorship attribution approaches applied on the Lithuanian language

WOS:000417412800051This paper reports comparative authorship attribution results obtained on the Internet comments of the morphologically complex Lithuanian language. We have explored the impact of machine learning and similarity-based approaches on the different author set sizes (containing 10, 100, and 1,000 candidate authors), feature types (lexical, morphological, and character), and feature selection techniques (feature ranking, random selection). The authorship attribution task was complicated due to the used Lithuanian language characteristics, nonnormative texts, an extreme shortness of these texts, and a large number of candidate authors. The best results were achieved with the machine learning approaches. On the larger author sets the entire feature set composed of word-level character tetra-grams demonstrated the best performanceKauno technologijos universitetasTaikomosios informatikos katedraVytauto Didžiojo universiteta

Framing Network Flow for Anomaly Detection Using Image Recognition and Federated Learning

The intrusion detection system (IDS) must be able to handle the increase in attack volume, increasing Internet traffic, and accelerating detection speeds. Network flow feature (NTF) records are the input of flow-based IDSs that are used to determine whether network traffic is normal or malicious in order to avoid IDS from difficult and time-consuming packet content inspection processing since only flow records are examined. To reduce computational power and training time, this paper proposes a novel pre-processing method merging a specific amount of NTF records into frames, and frame transformation into images. Federated learning (FL) enables multiple users to share the learned models while maintaining the privacy of their training data. This research suggests federated transfer learning and federated learning methods for NIDS employing deep learning for image classification and conducting tests on the BOUN DDoS dataset to address the issue of training data privacy. Our experimental results indicate that the proposed Federated transfer learning (FTL) and FL methods for training do not require data centralization and preserve participant data privacy while achieving acceptable accuracy in DDoS attack identification: FTL (92.99%) and FL (88.42%) in comparison with Traditional transfer learning (93.95%)

Smartphone User Identity Verification Using Gait Characteristics

Smartphone-based biometrics offers a wide range of possible solutions, which could be used to authenticate users and thus to provide an extra level of security and theft prevention. We propose a method for positive identification of smartphone user’s identity using user’s gait characteristics captured by embedded smartphone sensors (gyroscopes, accelerometers). The method is based on the application of the Random Projections method for feature dimensionality reduction to just two dimensions. Then, a probability distribution function (PDF) of derived features is calculated, which is compared against known user PDF. The Jaccard distance is used to evaluate distance between two distributions, and the decision is taken based on thresholding. The results for subject recognition are at an acceptable level: we have achieved a grand mean Equal Error Rate (ERR) for subject identification of 5.7% (using the USC-HAD dataset). Our findings represent a step towards improving the performance of gait-based user identity verification technologies