5 research outputs found
ΠΠ²ΡΠΎΠΌΠ°ΡΠΈΠ·ΠΈΡΠΎΠ²Π°Π½Π½ΠΎΠ΅ ΠΎΠΏΡΠ΅Π΄Π΅Π»Π΅Π½ΠΈΠ΅ Π°ΠΊΡΠΈΠ²ΠΎΠ² ΠΈ ΠΎΡΠ΅Π½ΠΊΠ° ΠΈΡ ΠΊΡΠΈΡΠΈΡΠ½ΠΎΡΡΠΈ Π΄Π»Ρ Π°Π½Π°Π»ΠΈΠ·Π° Π·Π°ΡΠΈΡΠ΅Π½Π½ΠΎΡΡΠΈ ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΠΎΠ½Π½ΡΡ ΡΠΈΡΡΠ΅ΠΌ
Π¦Π΅Π»Ρ ΠΈΡΡΠ»Π΅Π΄ΠΎΠ²Π°Π½ΠΈΡ Π·Π°ΠΊΠ»ΡΡΠ°Π΅ΡΡΡ Π² ΡΠ°Π·ΡΠ°Π±ΠΎΡΠΊΠ΅ ΠΌΠ΅ΡΠΎΠ΄ΠΈΠΊΠΈ Π°Π²ΡΠΎΠΌΠ°ΡΠΈΠ·ΠΈΡΠΎΠ²Π°Π½Π½ΠΎΠ³ΠΎ Π²ΡΠ΄Π΅Π»Π΅Π½ΠΈΡ Π°ΠΊΡΠΈΠ²ΠΎΠ² ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΠΎΠ½Π½ΠΎΠΉ ΡΠΈΡΡΠ΅ΠΌΡ ΠΈ ΡΡΠ°Π²Π½ΠΈΡΠ΅Π»ΡΠ½ΠΎΠΉ ΠΎΡΠ΅Π½ΠΊΠΈ ΡΡΠΎΠ²Π½Ρ ΠΈΡ
ΠΊΡΠΈΡΠΈΡΠ½ΠΎΡΡΠΈ Π΄Π»Ρ ΠΏΠΎΡΠ»Π΅Π΄ΡΡΡΠ΅ΠΉ ΠΎΡΠ΅Π½ΠΊΠΈ Π·Π°ΡΠΈΡΠ΅Π½Π½ΠΎΡΡΠΈ Π°Π½Π°Π»ΠΈΠ·ΠΈΡΡΠ΅ΠΌΠΎΠΉ ΡΠ΅Π»Π΅Π²ΠΎΠΉ ΠΈΠ½ΡΡΠ°ΡΡΡΡΠΊΡΡΡΡ. ΠΠΎΠ΄ Π°ΠΊΡΠΈΠ²Π°ΠΌΠΈ Π² Π΄Π°Π½Π½ΠΎΠΌ ΡΠ»ΡΡΠ°Π΅ ΠΏΠΎΠ½ΠΈΠΌΠ°ΡΡΡΡ Π²ΡΠ΅ ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΠΎΠ½Π½ΠΎ-ΡΠ΅Ρ
Π½ΠΎΠ»ΠΎΠ³ΠΈΡΠ΅ΡΠΊΠΈΠ΅ ΠΎΠ±ΡΠ΅ΠΊΡΡ ΡΠ΅Π»Π΅Π²ΠΎΠΉ ΠΈΠ½ΡΡΠ°ΡΡΡΡΠΊΡΡΡΡ. Π Π°Π·ΠΌΠ΅ΡΡ, ΡΠ°Π·Π½ΠΎΡΠΎΠ΄Π½ΠΎΡΡΡ, ΡΠ»ΠΎΠΆΠ½ΠΎΡΡΡ Π²Π·Π°ΠΈΠΌΠΎΡΠ²ΡΠ·Π΅ΠΉ, ΡΠ°ΡΠΏΡΠ΅Π΄Π΅Π»Π΅Π½Π½ΠΎΡΡΡ ΠΈ Π΄ΠΈΠ½Π°ΠΌΠΈΡΠ½ΠΎΡΡΡ ΡΠΎΠ²ΡΠ΅ΠΌΠ΅Π½Π½ΡΡ
ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΠΎΠ½Π½ΡΡ
ΡΠΈΡΡΠ΅ΠΌ Π·Π°ΡΡΡΠ΄Π½ΡΡΡ ΠΎΠΏΡΠ΅Π΄Π΅Π»Π΅Π½ΠΈΠ΅ ΡΠ΅Π»Π΅Π²ΠΎΠΉ ΠΈΠ½ΡΡΠ°ΡΡΡΡΠΊΡΡΡΡ ΠΈ ΠΊΡΠΈΡΠΈΡΠ½ΠΎΡΡΠΈ ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΠΎΠ½Π½ΠΎ-ΡΠ΅Ρ
Π½ΠΎΠ»ΠΎΠ³ΠΈΡΠ΅ΡΠΊΠΈΡ
Π°ΠΊΡΠΈΠ²ΠΎΠ² Π΄Π»Ρ Π΅Π΅ ΠΊΠΎΡΡΠ΅ΠΊΡΠ½ΠΎΠ³ΠΎ ΡΡΠ½ΠΊΡΠΈΠΎΠ½ΠΈΡΠΎΠ²Π°Π½ΠΈΡ. ΠΠ²ΡΠΎΠΌΠ°ΡΠΈΠ·ΠΈΡΠΎΠ²Π°Π½Π½ΠΎΠ΅ ΠΈ Π°Π΄Π°ΠΏΡΠΈΠ²Π½ΠΎΠ΅ ΠΎΠΏΡΠ΅Π΄Π΅Π»Π΅Π½ΠΈΠ΅ ΡΠΎΡΡΠ°Π²Π° ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΠΎΠ½Π½ΠΎ-ΡΠ΅Ρ
Π½ΠΎΠ»ΠΎΠ³ΠΈΡΠ΅ΡΠΊΠΈΡ
Π°ΠΊΡΠΈΠ²ΠΎΠ² ΠΈ ΡΠ²ΡΠ·Π΅ΠΉ ΠΌΠ΅ΠΆΠ΄Ρ Π½ΠΈΠΌΠΈ Π½Π° ΠΎΡΠ½ΠΎΠ²Π΅ Π²ΡΠ΄Π΅Π»Π΅Π½ΠΈΡ ΡΡΠ°ΡΠΈΡΠ½ΡΡ
ΠΈ Π΄ΠΈΠ½Π°ΠΌΠΈΡΠ½ΡΡ
ΠΎΠ±ΡΠ΅ΠΊΡΠΎΠ² ΠΈΠ·Π½Π°ΡΠ°Π»ΡΠ½ΠΎ Π½Π΅ΠΎΠΏΡΠ΅Π΄Π΅Π»Π΅Π½Π½ΠΎΠΉ ΠΈΠ½ΡΡΠ°ΡΡΡΡΠΊΡΡΡΡ ΡΠ²Π»ΡΠ΅ΡΡΡ Π΄ΠΎΡΡΠ°ΡΠΎΡΠ½ΠΎ ΡΠ»ΠΎΠΆΠ½ΠΎΠΉ Π·Π°Π΄Π°ΡΠ΅ΠΉ. ΠΠ΅ ΠΏΡΠ΅Π΄Π»Π°Π³Π°Π΅ΡΡΡ ΡΠ΅ΡΠΈΡΡ Π·Π° ΡΡΠ΅Ρ ΠΏΠΎΡΡΡΠΎΠ΅Π½ΠΈΡ Π°ΠΊΡΡΠ°Π»ΡΠ½ΠΎΠΉ Π΄ΠΈΠ½Π°ΠΌΠΈΡΠ΅ΡΠΊΠΎΠΉ ΠΌΠΎΠ΄Π΅Π»ΠΈ ΠΎΡΠ½ΠΎΡΠ΅Π½ΠΈΠΉ ΠΎΠ±ΡΠ΅ΠΊΡΠΎΠ² ΡΠ΅Π»Π΅Π²ΠΎΠΉ ΠΈΠ½ΡΡΠ°ΡΡΡΡΠΊΡΡΡΡ Ρ ΠΈΡΠΏΠΎΠ»ΡΠ·ΠΎΠ²Π°Π½ΠΈΠ΅ΠΌ ΡΠ°Π·ΡΠ°Π±ΠΎΡΠ°Π½Π½ΠΎΠΉ ΠΌΠ΅ΡΠΎΠ΄ΠΈΠΊΠΈ, ΠΊΠΎΡΠΎΡΠ°Ρ ΡΠ΅Π°Π»ΠΈΠ·ΡΠ΅Ρ ΠΏΠΎΠ΄Ρ
ΠΎΠ΄ Π½Π° ΠΎΡΠ½ΠΎΠ²Π΅ ΠΊΠΎΡΡΠ΅Π»ΡΡΠΈΠΈ ΡΠΎΠ±ΡΡΠΈΠΉ, ΠΏΡΠΎΠΈΡΡ
ΠΎΠ΄ΡΡΠΈΡ
Π² ΡΠΈΡΡΠ΅ΠΌΠ΅. Π Π°Π·ΡΠ°Π±ΠΎΡΠ°Π½Π½Π°Ρ ΠΌΠ΅ΡΠΎΠ΄ΠΈΠΊΠ° ΠΎΡΠ½ΠΎΠ²Π°Π½Π° Π½Π° ΡΡΠ°ΡΠΈΡΡΠΈΡΠ΅ΡΠΊΠΎΠΌ Π°Π½Π°Π»ΠΈΠ·Π΅ ΡΠΌΠΏΠΈΡΠΈΡΠ΅ΡΠΊΠΈΡ
Π΄Π°Π½Π½ΡΡ
ΠΎ ΡΠΎΠ±ΡΡΠΈΡΡ
Π² ΡΠΈΡΡΠ΅ΠΌΠ΅. ΠΠ΅ΡΠΎΠ΄ΠΈΠΊΠ° ΠΏΠΎΠ·Π²ΠΎΠ»ΡΠ΅Ρ Π²ΡΠ΄Π΅Π»ΠΈΡΡ ΠΎΡΠ½ΠΎΠ²Π½ΡΠ΅ ΡΠΈΠΏΡ ΠΎΠ±ΡΠ΅ΠΊΡΠΎΠ² ΠΈΠ½ΡΡΠ°ΡΡΡΡΠΊΡΡΡΡ, ΠΈΡ
Ρ
Π°ΡΠ°ΠΊΡΠ΅ΡΠΈΡΡΠΈΠΊΠΈ ΠΈ ΠΈΠ΅ΡΠ°ΡΡ
ΠΈΡ, ΠΎΡΠ½ΠΎΠ²Π°Π½Π½ΡΡ Π½Π° ΡΠ°ΡΡΠΎΡΠ΅ ΠΈΡΠΏΠΎΠ»ΡΠ·ΠΎΠ²Π°Π½ΠΈΡ ΠΎΠ±ΡΠ΅ΠΊΡΠΎΠ², ΠΈ, ΠΊΠ°ΠΊ ΡΠ»Π΅Π΄ΡΡΠ²ΠΈΠ΅, ΠΎΡΡΠ°ΠΆΠ°ΡΡΡΡ ΠΈΡ
ΠΎΡΠ½ΠΎΡΠΈΡΠ΅Π»ΡΠ½ΡΡ ΠΊΡΠΈΡΠΈΡΠ½ΠΎΡΡΡ Π΄Π»Ρ ΡΡΠ½ΠΊΡΠΈΠΎΠ½ΠΈΡΠΎΠ²Π°Π½ΠΈΡ ΡΠΈΡΡΠ΅ΠΌΡ. ΠΠ»Ρ ΡΡΠΎΠ³ΠΎ Π² ΡΠ°Π±ΠΎΡΠ΅ Π²Π²ΠΎΠ΄ΡΡΡΡ ΠΏΠΎΠΊΠ°Π·Π°ΡΠ΅Π»ΠΈ, Ρ
Π°ΡΠ°ΠΊΡΠ΅ΡΠΈΠ·ΡΡΡΠΈΠ΅ ΠΏΡΠΈΠ½Π°Π΄Π»Π΅ΠΆΠ½ΠΎΡΡΡ ΡΠ²ΠΎΠΉΡΡΠ² ΠΎΠ΄Π½ΠΎΠΌΡ ΡΠΈΠΏΡ, ΡΠΎΠ²ΠΌΠ΅ΡΡΠ½ΠΎΠ΅ ΠΈΡΠΏΠΎΠ»ΡΠ·ΠΎΠ²Π°Π½ΠΈΠ΅ ΡΠ²ΠΎΠΉΡΡΠ², Π° ΡΠ°ΠΊΠΆΠ΅ ΠΏΠΎΠΊΠ°Π·Π°ΡΠ΅Π»ΠΈ Π΄ΠΈΠ½Π°ΠΌΠΈΡΠ½ΠΎΡΡΠΈ, Ρ
Π°ΡΠ°ΠΊΡΠ΅ΡΠΈΠ·ΡΡΡΠΈΠ΅ Π²Π°ΡΠΈΠ°ΡΠΈΠ²Π½ΠΎΡΡΡ ΡΠ²ΠΎΠΉΡΡΠ² ΠΎΡΠ½ΠΎΡΠΈΡΠ΅Π»ΡΠ½ΠΎ Π΄ΡΡΠ³ Π΄ΡΡΠ³Π°. Π Π΅Π·ΡΠ»ΡΡΠΈΡΡΡΡΠ°Ρ ΠΌΠΎΠ΄Π΅Π»Ρ ΠΈΡΠΏΠΎΠ»ΡΠ·ΡΠ΅ΡΡΡ Π΄Π»Ρ ΡΡΠ°Π²Π½ΠΈΡΠ΅Π»ΡΠ½ΠΎΠΉ ΠΎΡΠ΅Π½ΠΊΠΈ ΡΡΠΎΠ²Π½Ρ ΠΊΡΠΈΡΠΈΡΠ½ΠΎΡΡΠΈ ΡΠΈΠΏΠΎΠ² ΠΎΠ±ΡΠ΅ΠΊΡΠΎΠ² ΡΠΈΡΡΠ΅ΠΌΡ. Π ΡΠ°Π±ΠΎΡΠ΅ ΠΎΠΏΠΈΡΡΠ²Π°ΡΡΡΡ ΠΈΡΠΏΠΎΠ»ΡΠ·ΡΠ΅ΠΌΡΠ΅ Π²Ρ
ΠΎΠ΄Π½ΡΠ΅ Π΄Π°Π½Π½ΡΠ΅ ΠΈ ΠΌΠΎΠ΄Π΅Π»ΠΈ, Π° ΡΠ°ΠΊΠΆΠ΅ ΠΌΠ΅ΡΠΎΠ΄ΠΈΠΊΠ° ΠΎΠΏΡΠ΅Π΄Π΅Π»Π΅Π½ΠΈΡ ΡΠΈΠΏΠΎΠ² ΠΈ ΡΡΠ°Π²Π½Π΅Π½ΠΈΡ ΠΊΡΠΈΡΠΈΡΠ½ΠΎΡΡΠΈ Π°ΠΊΡΠΈΠ²ΠΎΠ² ΡΠΈΡΡΠ΅ΠΌΡ. ΠΡΠΈΠ²Π΅Π΄Π΅Π½Ρ ΡΠΊΡΠΏΠ΅ΡΠΈΠΌΠ΅Π½ΡΡ, ΠΏΠΎΠΊΠ°Π·ΡΠ²Π°ΡΡΠΈΠ΅ ΡΠ°Π±ΠΎΡΠΎΡΠΏΠΎΡΠΎΠ±Π½ΠΎΡΡΡ ΠΌΠ΅ΡΠΎΠ΄ΠΈΠΊΠΈ Π½Π° ΠΏΡΠΈΠΌΠ΅ΡΠ΅ Π°Π½Π°Π»ΠΈΠ·Π° ΠΆΡΡΠ½Π°Π»ΠΎΠ² Π±Π΅Π·ΠΎΠΏΠ°ΡΠ½ΠΎΡΡΠΈ ΠΎΠΏΠ΅ΡΠ°ΡΠΈΠΎΠ½Π½ΠΎΠΉ ΡΠΈΡΡΠ΅ΠΌΡ Windows
Attack Graph Construction for Security Events Analysis
The paper is devoted to investigation of the attack graphs construction and analysis task for a network security evaluation and real-time security event processing. Main object of this research is the attack modeling process. The paper contains the description of attack graphs building, modifying and analysis technique as well as overview of implemented prototype for network security analysis based on attack graph approach
Design of Vulnerability Ontologies and Application of Logical Inference for Security Information and Events Menegement
In the paper the usage of the ontological approach, description logics and logical inference to the design of the data model of computer vulnerabilities and attacks is suggested. The challenge of construction of ontological models is discussed, and an example of its solutions for vulnerabilities is shown. To analyze the benefits of the ontological approach we compare it with the relational representation of vulnerabilities and attacks
Development of Information Access and Management Services for Integrated Vulnerability Database
The paper is devoted to the investigation of open vulnerability databases and methods of their integration for construction of an integrated security information repository. The novelty of the present work lies in the proposed process model of repository construction and filing optimized for the task of network security evaluation. As a practical implementation the set of security information management services are presented. The main distinguishing feature of proposed integrated repository is its adaptation for use as a service in the network security evaluation systems and aggregation of security information from multiple open databases in one repository
Dynamic Security Assessment Of Computer Networks In Siem-Systems
The paper suggests an approach to the security assessment of computer networks. The approach is based on attack graphs and intended for Security Information and Events Management systems (SIEM-systems). Key feature of the approach consists in the application of the multilevel security metrics taxonomy. The taxonomy allows definition of the system profile according to the input data used for the metrics calculation and techniques of security metrics calculation. This allows specification of the security assessment in near real time, identification of previous and future attacker steps, identification of attackers goals and characteristics. A security assessment system prototype is implemented for the suggested approach. Analysis of its operation is conducted for several attack scenarios