4 research outputs found
Methods of counteraction of bypassing two-factor authentication using reverse proxy
Get PDFThe existing solutions for counteracting and preventing the interception of data and tokens of two-factor authentication are considered. Features that may indicate the presence of a silent reverse proxy server are chosen. It is proposed to analyze the information about additional time anomalies, which are usually created by the proxy server. The advantage of this approach is that the time characteristics information is generated on the client-side, and the malicious proxy server cannot modify it. Machine learning methods were used to detect implicit signs of the presence of a proxy server. A new method of detecting a silent reverse proxy server that satisfies the following conditions is proposed: 1) the human factor is minimized, 2) use by an individual user is possible, 3) the method has an acceptable impact on performance and can be used in real-time
Peculiarities of phishing threats and preventive measures in the conditions of war in Ukraine
Get PDFThe paper is devoted to the study of the peculiarities of phishing attacks on the personnel of enterprises and institutions of Ukraine during the war period (from February 2022- till now). The life cycle of the most popular attacks is analyzed. The focus is made on email phishing, which is the most popular for attacks on enterprises. A list of typical topics of phishing emails, psychological vectors of phishing influence, typical for attacks on Ukrainian users, additional factors that contribute to the success of attacks have been revealed. A countermeasures for phishing attacks prevention have been recommended. A list of phishing keywords was collected and templates were developed, a software solution based on artificial intelligence approaches was proposed to automate the generation of phishing letters in Ukrainian that can be used during "false alarms" and staff training in large enterprises
Reference functions of cyber incidents displaying in the media space
Get PDFThe principles of cyber attacks detection that based on media content are described. Proposed methods are suitable for description of the general trends in the dynamics of information flows concerning cyber incidents. A generalized diagram of cyber attacks stages displaying in the media space is proposed. On the basis of the diagram the basic wavelet functions are selected, which can be considered as a reference for detecting cyber incidents. The proposed wavelets are low-order derivatives of Gaussian function (Wave, Β«Mexican HatΒ» and Morlaix wavelets). Retrospective analysis of already implemented information operations is a reliable way to verify them. The problem of forecasting is partly solved by probabilistic estimates in accordance with the type of reference functions
Perspectives of Fuzzy Hashing Use in Antivirus Protection
Get PDFΠΠ°ΠΏΡΠΎΠΏΠΎΠ½ΠΎΠ²Π°Π½ΠΎ Π·Π°ΡΠΎΠ±ΠΈ ΠΏΡΠ΄Π²ΠΈΡΠ΅Π½Π½Ρ Π΅ΡΠ΅ΠΊΡΠΈΠ²Π½ΠΎΡΡΡ Π²ΠΈΠΊΠΎΡΠΈΡΡΠ°Π½Π½Ρ ΡΡΠ½ΠΊΡΡΠΉ Π½Π΅ΡΡΡΠΊΠΎΠ³ΠΎ Ρ
Π΅ΡΡΠ²Π°Π½Π½Ρ Π΄Π»Ρ Π·Π°Π²Π΄Π°Π½Ρ, ΠΏΠΎΠ²βΡΠ·Π°Π½ΠΈΡ
Π· Π°Π½ΡΠΈΠ²ΡΡΡΡΠ½ΠΈΠΌ Π·Π°Ρ
ΠΈΡΡΠΎΠΌ.The means to improve the use of fuzzy hashing functions for tasks associated with antivirus protection are proposed
