SIMULATION MODEL OF THE GENERATION AND IMPLEMENTATION OF THE MEANS OF «PENETRATION TESTING»
Journal Title: Телекомунікаційні та інформаційні технології - Year 2018, Vol 123, Issue 2
Abstract
During simulation of the process generation of cyberattacks of various formats was performed using the specialized IxChariot 9 package and software developed during the research. The collection of incoming information about the download of the network device was carried out using the standard software traffic analyzer ("Wireshark"). As a result of the simulation, the hypothesis has been tested for the possibility of using the Pearson Xi-square criterion and studies of the reliability of the results of mathematical formalization have been carried out. It is shown that the use of only the principles of secure architectures in the development of secure software is not enough. Must use templates. The main templates of safe programs are considered in which the developed complex of mathematical models of technologies of generation and realization of "penetration test" methods and the method of allocation of the algorithm from binary code for software security analysis can be used. Two main variants of use and improvement of the developed model are considered. The first option has a single centralized security element, which becomes the middle of the queries for all resources in the system. The second option shares the security element's responsibilities, so that there is a separate instance of the security element for each individual resource type. The security of software in the modern world is becoming more and more difficult and difficult, since the value of information resources is constantly increasing. Ensuring the quality of software is a complex matter. The changing one of the characteristics of a computer system or software can easily lead to changes or create a need for change in other parts of the system. Practical recommendations on the use of methods and tools for testing software security of the temporary computer system are given.
Authors and Affiliations
Serhiy Kozelkov, Dmytro Lysytsia, Serhii Semenov, Alina Lysytsia
Keywords
Related Articles
- EP ID EP468545
- DOI -
- Views 111
- Downloads 0
DEFASIFICATION IN INFORMATIONAL TECHNOLOGIES OF FUZZY CONTROL ON THE BASIS OF MEMBERSHIP FUNCTIONS OF SEVERAL ARGUMENTS
Using the information technologies for the fuzzy control of complex systems with depended characteristics and restrictions on control variables requires the applying of fuzzy logic with the membership functions of severa...
Designing a radioscope with optimal parameters
This topic are considered new principles of building wireless networks. Design of optimal radio network parameters. Investigates high-speed radio access network based on OFDM and QAM. Offer new approaches to the design o...
USE OF THE DIODES-NOISE GENERATORS TO CREATE A TWO-LEVEL RANDOM NUMERICAL SEQUENCE
The possibility of using diodes noise generators to create a two-level random number sequence is shown. There are founded for some types of diodes-generators the operating conditions (such as overvoltage), which the maxi...
MODEL OF THE COMBINED INFORMATION TECHNOLOGY OF DATA PROCESSING IN THE SATELLITE SYSTEM
The article deals with the questions and possibilities of developing a new mathematical model of the operation of the hybrid communication network, which allows, based on the proposed flow dividing coefficients, to deter...
METHOD FOR CONSTRUCTING A STABILIZATION FUNCTION FOR MANAGING CYBERSECURITY ON THE BASIS OF THE MATHEMATICAL MODEL OF OSCILLATIONS UNDER THE ACTION OF FORCES WITH A DELAY
The article studies cyber security management systems, in which there is a downtime - a separate type of adaptive systems. Made the analysis of the reasons that influence the appearance of delay (downtime) in information...