SIMULATION MODEL OF THE GENERATION AND IMPLEMENTATION OF THE MEANS OF «PENETRATION TESTING»
Journal Title: Телекомунікаційні та інформаційні технології - Year 2018, Vol 123, Issue 2
Abstract
During simulation of the process generation of cyberattacks of various formats was performed using the specialized IxChariot 9 package and software developed during the research. The collection of incoming information about the download of the network device was carried out using the standard software traffic analyzer ("Wireshark"). As a result of the simulation, the hypothesis has been tested for the possibility of using the Pearson Xi-square criterion and studies of the reliability of the results of mathematical formalization have been carried out. It is shown that the use of only the principles of secure architectures in the development of secure software is not enough. Must use templates. The main templates of safe programs are considered in which the developed complex of mathematical models of technologies of generation and realization of "penetration test" methods and the method of allocation of the algorithm from binary code for software security analysis can be used. Two main variants of use and improvement of the developed model are considered. The first option has a single centralized security element, which becomes the middle of the queries for all resources in the system. The second option shares the security element's responsibilities, so that there is a separate instance of the security element for each individual resource type. The security of software in the modern world is becoming more and more difficult and difficult, since the value of information resources is constantly increasing. Ensuring the quality of software is a complex matter. The changing one of the characteristics of a computer system or software can easily lead to changes or create a need for change in other parts of the system. Practical recommendations on the use of methods and tools for testing software security of the temporary computer system are given.
Authors and Affiliations
Serhiy Kozelkov, Dmytro Lysytsia, Serhii Semenov, Alina Lysytsia
Keywords
Related Articles
- EP ID EP468545
- DOI -
- Views 122
- Downloads 0
METHOD OF TRANSFORMATION OF INFORMATIVE PARAMETERS OF THE HUMAN-OPERATOR STATUS IN THE HERGATIC TELECOMMUNICATION SYSTEMS
The article substantiates the necessity of developing an integral index of the functional state of the human operator and taking into account it in the study of the issues of the efficiency of the functioning of the erga...
The detector for fiber optical communication systems with high photosensitivity
The article presents the results of a study of photo detection in barrier modulation of the Au-CdP2 structures. Results of a study of the spectral and frequency characteristics of the photodiode with Schottky barrier are...
Cognitive approach to the forming and estimation of specialist ICT competence.
Described approach to the synthesis of model specialist ICT competence, based on the methods of expert assessments and cognitive modeling. The cognitive approach allow to determine the structural composition of competenc...
INTERPOLATION MODELS FOR SIGNAL RESTORATION IN TECHNOLOGIES INTERNET OF THINGS
An approach is proposed concerning signal processing in technologies Internet of Things (IoT). Microprocessor technologies are used in these technologies, when creating information and measuring systems. The use of such...
THE QUANTITATIVE OPTIMIZATION OF INFORMATION SYSTEM RESOURCES FOR EFFECTIVE DECISION SUPPORT
The article is devoted to the optimization of information system resources by quantitative factor. This optimization is carried out in the local issue of calculating rational volumes of information. For this purpose, the...