The sources of primary data for the development potentially dangerous patterns of cyber-attacks
DOI:
https://doi.org/10.18372/2410-7840.18.10109Keywords:
database pattern of cyber-attacks, vulnera-bility, cyber-attack, cyberthreats, computer system and network, signature, standard functional profile of pro-tection, potentially dangerous patterns of cyber-attacksAbstract
It was established fact that the efficiency of modern systems of information and cyber security essentially de-pends on correct and timely development by vendors of antivirus software patterns of the detected cyber-attacks and timely update databases pattern of attacks these users of security. However, the constant improvement of the technological complexity of cyber-attacks requires from vendors constant improvement of mechanisms of development patterns of cyber-attacks. One of the promising of approaches is considered a developing pattern of potentially dangerous cyberattacks, that of those who are likely to threaten security. The procedure for development of such patterns is enough complicated. The need for providing high of authentic-ity necessitates consideration of many informative characteristics which will be able describe the pattern of po-tentially dangerous cyber-attacks. In particular, this information about known patterns of cyber-attacks and the principles of their construction, vulnerabilities and defects of software and hardware complexes of computer systems and networks, and in them the developer of standard functional profiles of protection, classifiers of cyber-attacks. For this purpose, the article defines the list necessary sources that asked to choose a primary data for the development of potentially dangerous patterns of cyber-attacks. Shown of their comparative characteristics, analyzed advantages and disadvantages. As a result, the proposed the generalized scheme of primary data sources, which is the basis of development potentially dangerous patterns of cyber-attacks. Shown that the benefits of the selected sources of primary data is that the vendor has the opportunity to identify the main information components of potentially dangerous pattern of cyber-attacks even before its manifestation thereby balancing actions of the parties in the system of information and cyber confrontation.References
Олифер, В. Г. Безопасность компьютерных сетей / В. Г. Олифер, Н. А. Олифер. – М. : Горячая линия – Телеком, 2015. – 644 с.
Грищук, Р. В. Атаки на інформацію в інформаційно-комунікаційних системах / Р. В. Грищук // Сучасна спеціальна техніка – 2011. – №1(24). – С.61-66.
Звіт CERT-UA за 2010-2013 роки [Електронний ресурс]. – 2014. – Режим доступу до ресурсу : http://cert.gov.ua/?p=316.
Ларина, Л. Кибервойны XXI века. О чем умолчал Эдвард Сноуден / Л. Ларина, В. Овчинский. – М. : Книжный мир, 2014. – 352 с.
Бурячок, В. Л. Політика інформаційної без-пеки / В. Л. Бурячок, Р. В. Грищук, В. О. Хорошко ; під заг. ред. проф. В. О. Хорошка. – К.: ПВП «Задруга», 2014. – 222 с.
Check Point: 84% компаний загружают вредоносное ПО каждые 10 минут [Електронний ресурс] // Check Point Software Technologies. – 2015. – Режим доступу до ресурсу: http:// servernews.ru/820500.
Касперський, Є. Про Kaspersky Lab [Електрон-ний ресурс] / Є. Касперський // http://www.kaspersky.ua/about#. – 2015.
-й вирус добавлен в вирусные базы Zillya! [Електронний ресурс] // Zillya!. – 2013. – Режим доступу до ресурсу : http://zillya.ua/ru/8000000-i-virus-dobavlen-v-virusnye-bazy-zillya.
Котенко, И. В. Исследование открытых баз уязвимостей и оценка возможности их применения в системах анализа защищенности компьютерных сетей / И. В. Котенко, А. А. Чечулин, А. В. Федорченко. // Информационно-управляющие системы. – 2014. – №5. – С. 72–79.
Лучший антивирус 2015 [Електронний ресурс]. – 2015. – Режим доступу до ресурсу: http://remontka.pro/best-antivirus-2015/.
[Антивирус Nod32: достоинства, недостатки и особенности работы [Електронний ресурс]. – 2015. – Режим доступу до ресурсу: http://sysc.ru/ blog/antivirus-nod32-dostoinstva-nedostatki-i-osobennosti-raboty/.
Shrivas A. K. An Ensemble Model for Classification of Attacks with Feature Selection based on KDD99 and NSL-KDD Data Set / A. K. Shrivas, A. K. De-wangan // International Journal of Computer Appli-cations. – 2014. – Vol. 99, № 15. – P. 8–13.
Офіційний сайт Common Attack Pattern Enu-meration and Classification [Електронний ресурс] – Режим доступу до ресурсу: https://capec.mitre.org.
НД ТЗІ 2.5-005-99 “ Критерії оцінки захищеності інформації в комп’ютерних системах від несанкціонованого доступу”
Downloads
Published
Issue
Section
License
Authors who publish with this journal agree to the following terms:- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).
