№ 5(89)
06 november 2020 year
Rubric: Data protection Authors: Tumbinskaya M. V., Vоlkоv V. V., Zagidullin B. G. |
Web resources are an integral part of the life of a modern person, who are now more and more often subjected to hacker attacks. The most popular types of attacks are the SQL-injections and cross-site scripting, but DDoS attacks continue to be in the top 10 of network attacks and lead to serious crashes and failures of web resources. The most common type of DDoS attack is UDP flood attack, based on the infinite sending of UDP packets to ports of various UDP services. The scientific novelty of the work lies in the fact that to increase the level of security of web resources a medium-term forecast of cyber attacks of the UDP-flood type, using the methods of correlation analysis, based on the additive time series model, is proposed taking into account seasonal factors and time duration, which will ensure the necessary level of web security -resources. The type of UDP-flood attacks was chosen as the object of study. Using the methods of correlation analysis and modeling, we calculated the seasonal index of UDP flood attacks, and the autocorrelation of the time series of this type of attack. Using the method of simple exponential smoothing, a forecast of UDP-flood attacks is constructed. The paper proposes a classification of DDoS attacks, describes protection methods. Based on the correlation analysis, the predicted values of the impact of UDP flood attacks on web resources are calculated, and the seasonal factor is revealed. The largest number of attacks is expected in the IV quarter of 2020. For DDoS attacks lasting up to 20 minutes, seasonality was also revealed in the 1st quarter of the calendar year, which means that in the 1st quarter of 2020 the largest number of attacks of this duration should be expected. Prospects for further research into the problem of protection against DDoS attacks are presented in the further development of the methodology for countering UDP flood attacks and information security algorithms for web resources, which will reduce the number of UDP flood attacks and increase the level of web resource security. Continue... |
---|---|
One of the factors influencing the relevance of search output is the multivalued search query, expressed by lexical means of a natural language. The multivalued lexical unit manifests itself at the stage of a search query. The method of removing the multivalence of lexical units in a search query based on ontologies is proposed. It is grounded that ontologies allow transferring semantic component of data related to a subject area accurately enough. The proposed method for lexical multivariance resolution can be described as follows. A user search query is received at the search engine input. The search engine contacts the ontology library to find the query. If the lexical unit from the search query is multivalued, the search engine will offer the user a list of subject areas in which the lexical unit from the search query was found. Oft the user searches in advance for the result from a particular subject area. When the subject area is defined, the search engine determines the nearest elements in the structure of ontology, and when ranking the search output will be guided by their presence or absence. The use of ontologies also allows adding synonyms and acronyms meaning the same to the search query. The proposed approach will allow solving lexical multiplicity and significantly relieving the search output, leaving only the subject area of interest to the user. Continue... | |
The article is devoted to the study of the fluctuation properties of the interaction of halftone screens with different lineatures in the process of full-color printing and the development of a method for assessing the visual perception of these interactions. One of the main tasks solved in the process of printing reproduction of graphic information is to maintain uniformity of tone of large background areas in a print. Violation of the uniformity of the tone of these areas leads to fl - disturbances in the reproduction stability of halft screen structures used in the reproduction process, which become noticeable during the visual perception of the finished images. This issue is especially relevant in the manufacture of full-color images, where there is an interaction of several halftone screens produced for four copies of the image, corresponding to the colors of printing synthesis in the process of color separation. A significant influence on the level of fluctuations is exerted not only by the choice of angles of mutual arrangement of these halftone screens, which is regulated by technological standards, but also by the choice of halftone screening lineature. At the same time, compliance with technological standards does not always guarantee a high-quality result. The purpose of the study is to provide the opportuni-ty to choose the optimal lineature of regular halft screening, which, with a combination of these screens, will minimize the level of noticeability of fluctuations (noise) and, as a result, improve the quality of full-color printed materials. To achieve this goal, in the framework of this work, a method for evaluation of the fl properties of the interaction of raster structures based on the calculation of the standard deviation characterizing the histogram of a particular halftone field and, as a result, the level of fluctuations is developed. The developed method allows choosing the optimal halftone screening lineature, which can be used with a double or triple combination of halftone screens. Continue... | |
Oracles programs accept information from various sources, transform it, and transmit it to smart contracts. They can also accept data from a smart contract and transmit it to an external data source. Ensuring the security, validity and integrity of the supplied data determines the success of the blockchain system, therefore, the research topic is relevant. The purpose of this article is to identify practically important features of Oracle programs and develop a version of the information system architecture for Oracles programs that meets the necessary requirements. The authors were faced with the task of investigating all the vulnerabilities associated with the use of Oracle programs and developing an optimal architectural solution. In the course of research, methods of reviewing scientific literature on the subject of research, collecting, structuring and analyzing the information received, and methods of choosing solutions were used. As a result of the research, the concept of an intelligent system for transferring external data to a blockchain management system is proposed and the optimal architecture of this intelligent system is developed. This solution is aimed at improving the security of using Oracle programs for blockchain management systems, especially blockchain management systems for industrial Internet of things applications. The solution can be used by developers of distributed registry systems to effectively launch and implement projects. Continue... | |
Research of the effectiveness of equipment repair work is of great practical and economic importance. This is confirmed by many publications devoted to monitoring and diagnostic tools for various equipment. This work is devoted to modeling the repair work of technological equipment for various purposes, operating under conditions of uncertainty and risk. The proposed study recommends a technology using an insurance fund that performs two functions: 1) accumulates payments at different intervals to carry out repair work: current, emergency, major; 2) pays for these works as necessary. Mathematical description of the organization of equipment repairs is proposed to be based on a random risk process, which in our case describes the state of the insurance fund. To model this process, it is proposed to use a simulation approach that involves creating a modeling program that creates sample values of a special type. These values are then processed in order to obtain indicators of the effectiveness of the repair work. As indicators, the resource-cost and financial risks are proposed for the assessment of which software has been created. Computational experiments using a modeling program made it possible to obtain estimates of the proposed risk indicators and to conclude that, in terms of their reduction, the frequency of payments to the insurance fund should be different, depending on the type of repair work. The introduction of an insurance fund, a description of its state by a random process, a mathematical description of risk indicators for assessing the effectiveness of repair work, the creation of a modeling program based on an event-based approach are the scientific novelty of this work. Continue... | |
The effect of learning depends on many factors, among the most important of which are the suitability of a plan for conducting practical exercises and laboratory works that most accurately reflects the purposes and didactic units of the course being studied, and a sufficient level of provision of practical training with methodological guidelines and software tools. Decisions regarding the choice of all these elements depend on a number of conditions, such as the rules and standards in force of a particular educational environment, the format of training, the students’ stuff, and others. The paper proposes a framework generalized plan for conducting laboratory workshops on modeling and simulation courses, summarizing the author's methodological experience. The main prerequisites and principles underlying the composition of the workshops are presented. The set of tools used to perform practical tasks is characterized. Brief characteristics of the goals of each practical task of the generalized plan, the setting of tasks and the software tools used to solve them are given. The ideas and principles presented in the paper can be useful for teachers planning practical lessons on modeling and simulation as well as for developing their methodological and instrumental support. Continue... |