HIGH TECH IN EARTH SPACE RESEARCH

Procedure of diagnosis security computer incidents in automated special purpose systems

Avramenko V. S., Malikov A. V.

Substantiated the urgency of the task of rapid and reliable diagnosis of violations of information security in automated systems for special purposes.

The basic concepts in the field of diagnosing security computer incidents are formulated. The problem of diagnosing security computer incidents is formulated as a problem of identifying the values of the characteristics of security violations based on the procedures for processing diagnostic signs.

The approaches to the extraction of diagnostic signs from the general array of events formed during the functioning of the automated system during the preparation and implementation of security violations, to their pre-processing and analysis directly to determine the values of the characteristics of security violations.

The subject of the research is regularities, models and technique of diagnosing security computer incidents in automated systems.

The main purpose of the study is to develop a technique for diagnosing security computer incidents, ensuring compliance with modern requirements for the efficiency and reliability of the analysis of security violations of information intended, including, and for the investigation of a computer incident.

A model for diagnosing security computer incidents with the use of artificial neural networks is presented and a technique for diagnosing computer security incidents is developed on its basis. The ability of trained artificial neural networks, in particular the perceptron, to solve the classification tasks is used. Determination of the value of the characteristics of the security breach is performed in a multilayer perceptron. Due to the fact that the set of diagnostic features is large enough on the scale of an automated system for special purposes, it is proposed to use a kind of artificial neural network – autoencoder to reduce the dimension of the feature space. Combining the above two architectures into one, we obtain a diagnostic artificial neural network.

The presence of hidden dependencies in the diagnostic features allows the use of artificial neural networks in the tasks of determining such implicit characteristics of a security breach as the goal, result, etc. The proposed method is applicable in solving the problems of rapid diagnosis of security computer incidents.

The subject of published articles on the nomenclature of specialties

2.2.15 Systems, networks and telecommunications (technical sciences)

2.3.1 System analysis, management and processing of information (technical sciences)

2.3.5 Mathematical and software of computing systems, complexes and computer networks (technical sciences)

2.3.6 Methods and information protection systems, information security (technical sciences)

2.5.13 Design, design and production of aircraft (technical sciences)

2.5.16 Dynamics, ballistics, the movement of aircraft (technical sciences)

Editorial board

Bobrowsky V.I.
(Ph.D., Associate Professor, Head of Department of "INTELTEH")

Borisov V.V.
(Ph.D., Professor, Actual Member of the Academy of Military Sciences, Professor, Department of Computer Science of MPEI)

Budko P.A.
(Ph.D., Professor, Department of Technical communication and automation in S.M. Budjonny Military Academy of the Signal Corps)

Budnikov S.A.
(Ph.D., associate professor, Actual Member of the Academy of Education Informatization, Head of the automated control systems Department in Russian Air Force Military Educational and Scientific Center “Air Force Academy named after Professor N.E. Zhukovsky and Y.A. Gagarin”)

Verhova G.V.
(Ph.D., Professor, Head of Department of Automation communication companies In the Bonch-Bruevich Saint Petersburg State University of Telecommunications)

Goncharevsky V.S.
(Ph.D., Professor, Honored Worker of Science and Technology of the Russian Federation, Professor of technologies and technical support and maintenance of the automated control systems in Military Space Academy of A.F. Mozhaysky)

Komashinskiy V.I.
(Ph.D., Professor, professor of processing and transmission discrete messages in the Bonch-Bruevich Saint Petersburg State University of Telecommunications)

Kirpanev A.V.
(Ph.D., Associate Professor, Head of JSC "Scientific Production Enterprise "Radar MMS")

Kurnosov V.I.
(Ph.D., Professor, Academician of Academy of Sciences of the Arctic, Academician of the International Academy of Informatization, International Academy of defense, security, law and order, corresponding member of the Academy of Natural Sciences, Senior Researcher" Open Joint Stock Company "Scientific Research Institute "Rubin")

Manuilov Y.S.
(Ph.D., Professor, Department of automated control systems space complexes in Military Space Academy of A.F. Mozhaysky)

Morozov A.V.
(Ph.D., Professor, Actual Member of the Academy of Military Sciences, Head of the Department of automated command and control systems in Military Аcademy of troops of antiaircraft defense)

Moshak N.N.
(Ph.D., Associate Professor, head of the department of "INTELTEH")

Prorok V.Y.
(Ph.D., Professor, professor of automatic control systems in Military Space Academy of A.F. Mozhaysky)

Semenov S.S.
(Ph.D., associate professor, professor of technical communication and automation in S.M. Budjonny Military Academy of the Signal Corps)

Sinicyn E.A.
(Ph.D., Professor, Head of the Research Department of JSC "The All-Russian research institute of radio equipment")

Shatrakov Y.G.
(Ph.D., Professor, Honored Worker of Science, Scientific Secretary of JSC "The All-Russian research institute of radio equipment")