Scientific Journal of KubSAU

Polythematic online scientific journal
of Kuban State Agrarian University
ISSN 1990-4665
AGRIS logo UlrichsWeb logo DOAJ logo

Name

Kucher Victor Alekseevich

Scholastic degree


Academic rank

professor

Honorary rank

Organization, job position

Kuban State Technological University
   

Web site url

Email

emessage@rambler.ru


Articles count: 9

Sort by: Date Title Views
358 kb

ADAPTIVE SUBSYSTEM FOR DETECTING AND PREVENTING ANOMALIES AS A PROTECTION MEANS AGAINST NETWORK ATTACKS

abstract 1101506114 issue 110 pp. 1770 – 1779 30.06.2015 ru 1071
This article describes the results of networks anomalies detection system based on modular adaptive approach practical implementation. The list of specific modules used in the practical implementation of IPS, their architecture, algorithms, software, organizational and technical support determined at technical working design based on the results of the audit, evaluation and risk analysis. In the general list of modules (subsystems) we may include: intrusion detection and prevention (IPS / IDS) subsystems; monitoring, data collection, and event correlation, administration and management subsystem and others. We have demonstrated the specificity of formation requirements for the basic mechanisms of the subsystems in terms of development and implementation of specific architecture with some examples, plus practically implemented structure of system modules, as well as organizational and technical support system functioning
471 kb

DIAGNOSTIC OF ANOMALIES IN DATA-PROCESSING NETWORKS WITH USE OF VARIETY OF INFORMATION EXCHANGE

abstract 1101506120 issue 110 pp. 1826 – 1836 30.06.2015 ru 765
The work is devoted to searching efficient detection methods of anomalous state in data networks. There is a structure of modern informational attacks detecting system. There are short review and analysis of information system network security facilities. Two main technologies of attack detection are described: anomaly detection and misuse detection. It is shown that every detection of anomalies is based on assumption that anomalous behavior is deflection from normal profile of behavior. It is hard to implement this technology, although there is some progress when expert system, fuzzy logic and so on are used for this purpose. Action patterns or symbols assets which describe anomaly activity are used as attack signature in misuse detection method. Author offers to use benefits of both methods for solving the problem
193 kb

MODEL OF INFORMATION SECURITY FOR CONTROL PROCESSES OF COMPUTER NETWORKS

abstract 1101506117 issue 110 pp. 1803 – 1811 30.06.2015 ru 807
In order to improve the security of information transfer we have offered one of the possible approaches to modeling process control computer networks with elements of intelligent decision support. We proceed from the graph model of network nodes which are network devices with software control agents, and arcs are logical channels of information exchange between the equipment computer systems. We built an addressless sensing technology which ensures the completeness of monitoring of all network equipment. To classify the computer networks state we provided a method for calculating the values of reliability. Development of signal mismatch triggers the control cycle as a result of which the adjustment of the state of network equipment. For existing tools we proposed adding network control expert system consists of a knowledge base, inference mechanism and means of description and fill in the knowledge base
124 kb

PROVIDING INFORMATION SECURITY OF DATA-PROCESSING NETWORK WITH USE OF INTELLIGENT SYSTEM

abstract 1101506118 issue 110 pp. 1812 – 1817 30.06.2015 ru 864
The article is devoted to creation of intelligent management system of complex data-processing network. This is caused by the fact that modern telecommunication hardware generates growing amount of statistic information. Expert system is offered to be used in management of networks for the purpose of information security
156 kb

STATISTICAL MODELS DECISION SUPPORT FOR INFORMATION SECURITY MANAGEMENT IN AN AUTOMATED SYSTEM

abstract 1111507116 issue 111 pp. 1755 – 1763 30.09.2015 ru 875
The article deals with mathematical models of management decision-making to select the option to protect the AU, based on sufficient statistical information about attacks on the AU. The amount of a priori uncertainty about the choice of protection option in GIS was described with Boltzmann's entropy. Introduction of the value within Shannon’s definition of mutual information is called the context random variables, it allows removing the uncertainty regarding the actions of the enemy, and it enables decisionmakers to choose protection options. The model of decision for choosing the type of protection of the AIS presented in the article is based on sufficient statistical information about the attacks to the system components. In the ideal case, for decision-making, we use large sample statistical data that provides high accuracy control system for protection of information. Based on the available amount of information available to the IPA, against the acts of SIN, it is possible to choose a decision on the choices you make
182 kb

SYSTEMS OF REMOVING NETWORK ANOMALIES AND METHODS OF CREATION THEIR ARCHITECTURE

abstract 1101506121 issue 110 pp. 1837 – 1847 30.06.2015 ru 886
Different stages of designing architecture of detection systems and opposition to network anomalies are analyzed in this article. It is pointed that common classification can be to determine state of network: “normal”, “critical”, “faulted”. Bases for building architecture of detection and removing anomalies are offered
150 kb

TO THE QUESTION OF THE ORGANIZATION OF DISTRIBUTED INFORMATION-ANALITICAL SYSTEMS WITH ELEMENTS OF INTELLECTUAL PROCESSES

abstract 1101506115 issue 110 pp. 1780 – 1788 30.06.2015 ru 897
In the article we have allocated a number of poorly formalized functional tasks that significantly affect the efficiency of the operation of distributed information-analytical systems. The scheme has been developed for the iterative process, which in addition to the automation of the delivery process and the exchange of information between information systems based on grid integration, also includes funds for applied modeling situations on the basis of available information, developing alternatives, multi-criteria decision problems using techniques scenarios and peer review. Obtained during the evaluation of the effectiveness results allow us to control and manage the operation of distributed information-analytical systems with specific problems, as well as to conduct simulations and analytical processing of the results
128 kb

USING TECHNOLOGIES OF EXPERT SYSTEMS FOR SECURITY IN INFORMATION SYSTEMS

abstract 1101506119 issue 110 pp. 1818 – 1825 30.06.2015 ru 893
The article is devoted to the expert systems technology using to monitor the correct operation of the software and databases. It is noted that the main issues of security management in critical information systems is a process of observation and collection of information in a computing environment. Observation results should be evaluated and processed by an expert on security and then recorded in the database of expert systems. One of the possible options for security management of distributed computing network - creating a security machine. It will ensure: minimum response time to external perturbations; the accuracy of the audit protected by S-interface and independent decision-making process of the state of the controlled elements of information systems. After that, the agent is completely worn out; it is destroyed and replaced by a new one. This aging mechanism protects agent from analyzing and from external attacks
.