THE ANALYSIS OF THE METHODS OF THE CYBER ATTACKS COUNTERACTION
Journal Title: Юридичний бюлетень - Year 2018, Vol 6, Issue
Abstract
Cybercrime is a very serious problem that gradually covers all spheres of the life in a modern society. Botnets, malicious code, hosted on sites, viruses, trojans, DDoS attacks etc. are main tools of a cybercrime. Such ways of compromising of the computer network from the outside as an access through weak, stolen or lost credentials; an access through malware; an access through compromising systems of remote access; a weakened access by the third parties; an access through physical penetration; an access via modem; an unauthorized access to the staff of the organization; an access through wireless systems; the direct penetration through the perimeter of systems are considered. The purpose of internal attacks is to gain an access to forbidden, hidden data and resources. The classification of Trojan attacks is given. Trojans can be used by cybercriminals and hackers who are trying to access the user systems. Unlike computer viruses and worms, Trojans are not capable of distribution. The types of Trojans are considered. The mechanism of propagation of a virus attack is given. Since the virus is spread by humans, human actions will unknowingly continue to spread the computer virus by exchanging, infecting files, or sending e-mail messages with viruses as attachments inside the e-mail. The analysis of techniques (scanning methods) for detecting vulnerable machines was performed: random scanning, hit-sheet scanning, topological scanning, local scan of a subnet, scanning by permutation. A list of necessary measures to counter offenders is proposed. For the organization of effective struggle against terrorist activity in cyberspace, three stages of protection of computer systems and networks are considered: prevention; incident management, mitigation, damage limitation; impact management. In prevention, the use of various forms of prevention or interception is recommended, because it stops the attack that has been launched, counteracts the achievement of the goal. Warning strikes or interceptions may be either cyberspace or physical. The most important duty of specialists at the stage of incident management is to provide guidance and warnings that the attack is taking place. Also, automatic or partial shutdown and redistribution, load rejection strategy, redistribution of survival capability for the most important functions required by the organization are applied. Audit and backup are carried out. There are two main components at the stage of managing the consequences: recovery and response. The response involves identifying and punishing of the perpetrators and mastering lessons in order to enable the organization for a better protection of it in future. A prototype of the personal computer protection system has been developed and practical recommendations for the protection of personal computers and computer networks from external and internal intrusions are given.
Authors and Affiliations
Роман Васильович Бараненко, Антоніна Юріївна Задорожна
Keywords
Related Articles
- EP ID EP597819
- DOI -
- Views 58
- Downloads 0
ON THE ADMINISTRATIVE-LEGAL MECHANISM OF INTERACTION BETWEEN EXPERT INSTITUTIONS AND LAW ENFORCEMENT BODIES
The article explores the essence and structure of the administrative-legal mechanism of interaction of expert institutions with law enforcement bodies. On the basis of scientific opinions on the content of the terms “mec...
OBSTACLES TO THE INSTITUTIONAL DEVELOPMENT OF MEDIATION IN UKRAINE: ABUSE OF RIGHTS IN THE PROCESS OF MEDIATION
The article covers the scientific approaches to the category of “abuse of the law”. The author draws attention to the possibility of using this category in the administrative process of Ukraine. Some aspects of abuse of...
LEGAL STATUS AND PROTECTION OF DISCLOSERS. FUNCTIONING OF THE INSTITUTE OF DISCLOSURES: PROBLEMS AND PERSPECTIVES
The article is devoted to the analysis and regulation of the preventive anti-corruption mechanism of protection of the disclosure, can greatly improve the situation in the country. The purpose of this procedure is to cha...
LEGAL STATUS OF HOLDING COMPANIES IN UKRAINE
To date, the legal status of holding companies in Ukraine is connected with a number of issues, including theoretical and practical. The basis for existing holding companies was laid many years ago, when the processes of...
CONCEPT AND GIST OF CIVIL RIGHTS BY PARTICIPANTS OF CONSUMERS
The article is devoted to the concept and gist of civil legal relations with the participation of consumers. In the scientific article the theoretical comprehension of the concept of “civil legal relations with the parti...