Summary. I. V. Arzamartsev, G. I. Borzunov A Method of Analysis of Multithreaded Applications Based on Symbolic Execution

Transcription

1 I. V. Arzamartsev, G. I. Borzunov A Method of Analysis of Multithreaded Applications Based on Symbolic Execution Keywords: symbolic execution, parallel data flow, condition race This article is devoted to the method of search for bugs in multithreaded applications based on the symbolic execution algorithm. This method can deterministically find conditions race and dead locks in multithreaded applications providing thread schedule and values of input data needed for reproducing a bug. B. V. Egorov, M. Y. Senatorov, Е. V. Frolkov, S. J. Nagibin Main Directions in Ensuring Business Continuity for Information and Telecommunication Systems of High Availability Keywords: information and telecommunication system, high availability, Business Continuity Management, Enterprise Continuity Program, Information and Telecommunication System of Bank of Russia The results of the analysis of the main directions to ensure business continuity for the information and telecommunication systems of high availability in relation to expansion of the problems range, their intellectualization and the modern IT implementation are given. S. V. Zapechnikov Educational and Methodical Maintenance of Open Information Systems Discipline Keywords: information technology, open information systems, information security, specialists training, educational and methodical maintenance The educational and methodical complex for the Open Information Systems discipline has been prepared at the Cybernetics and Information Security faculty as part of the teaching curricula upgrade for the transition to the 3-generation educational standards. The main content of the discipline is devoted to the issues of development of information technologies, including model representation and standardization of information systems. A. M. Kanner zlinux: Access Control inside Mainframes Keywords: zlinux, IBM System z, z/vm, access control The author describes singularities arising during access control in IBM System z and zlinux environment. The article provides appropriate requirements to protect zlinux and options that meet such requirements and are based on existing experience. B. L. Kozirsky, T. I. Komarov, M. A. Ivanov Using Fuzz Testing for Searching Software Vulnerabilities Keywords: software vulnerabilities, fuzzing, Black Box Testing This article deals with fuzz testing (fuzzing), a software testing and vulnerability searching technique based on providing inputs of programs with random data and further analysis of their behavior. The basics of implementing cmdline argument fuzzer, environment variable fuzzer and syscall fuzzer in any UNIX-like OS have been closely investigated. 138

2 S. V. Konyavskaya Action-oriented Rhetoric Course in Information Security Field Teaching: Unpopular Solutions Reasoning Technique Keywords: action-oriented rhetoric, practical course, reasoning technique The article is devoted to the description of unpopular solutions reasoning technique in field of information security and its teaching method within the framework of practical course Action-oriented Rhetoric for Information Security Experts. V. V. Korobov Effective Implementations of Data Encryption and Generation of Message Authentication Code in Block-Oriented Devices Keywords: block-oriented devices, encryption modes, message authentication code, parallel computing The article gives a brief overview of the encryption modes, which are described in standards IEEE P1619 for use in block-oriented devices. The possibility of using these modes together with the Russian cryptographic algorithms, the technology of parallel computing for simultaneous encryption and generation of message authentication is considered in this paper. N. A. Kostilova, A. V. Sorokin On Elaboration of the Method of Identifying Clusters Belonging to JPEG Files Keywords: data recovery, file carving, file fragmentation The results of the experimental attempts of elaboration of the previously proposed method for identifying clusters belonging to JPEG files are described. Type II errors rates for different file formats are estimated. The possible ways of their improvement for some file formats are offered. E. V. Makarenko, A. V. Tsaregorodtsev Hybrid Cloud Computing Architecture Optimization by Total Cost of Ownership Criterion Keywords: cloud computing, cost model, the total cost of ownership, cost metrics, analysis of information risk, management of information security Achieving the goals of information security is a key factor in the decision to outsource information technology and, in particular, to decide on the migration of organizational data, applications, and other resources to the infrastructure, based on cloud computing. And the key issue in the selection of optimal architecture and the subsequent migration of business applications and data to the cloud organization information environment is the question of the total cost of ownership of IT infrastructure. This paper focuses on solving the problem of minimizing the total cost of ownership cloud. A. А. Malyuk, A. V. Tsaregorodtsev, E. V. Makarenko One of Approaches to Information Security Risk Estimation for Cloud Infrastructure Keywords: cloud computing, information security threats, information risk analysis, information security requirements Due to the fact that cloud computing bring with them new challenges in the field of information security, it is imperative for organizations to control the process of information risk management in the cloud. 139

3 This paper proposes a risk assessment approach for assessing the potential damage from the attack on the implementation of components of confidential data and justify the need for the inclusion of private clouds with a high degree of protection in a hybrid cloud computing environment. I. V. Matveychikov Overview of Dynamic Operating System s Kernel Hooking Methods (Study Case of Linux Kernel) Keywords: hooking, kernel, Linux The article presents an overview of dynamic integration in the kernel Linux, allowed to modify (add, change) its functionality. Traditional methods of integration based on changing in the kernel code (patching), and methods based on using system capabilities (for example, LSM) are considered. Special attention is paid to interception key mechanisms of the kernel, such as exception handlers and system call dispatcher. G. G. Novikov, I. M. Yadykin Geometrical Fuzzy Search Method for the Business Information Security Systems Keywords: information security system, fuzzy search, geometrical fuzzy search method, full text search The main reason of the article is how to use one of new fuzzy search method for information security of business or some other purposes. So many sensitive information leaks are through non-classified documents legal publishing. That s why many intelligence services like to use the mosaic information collection method so much. This article is about how to prevent it. D. A. Postoev Information-flow-based Access Control for Virtualized Systems Keywords: virtualization, data protection tools development, access control, information flow control, security model The article is devoted to the method of information-flow-based access control, adopted for virtualized systems. General structure of access control system for virtual infrastructure is proposed. A. Y. Rodionov Efficient Hardware Implementation of the GOST R , GOST R by FPGA Keywords: digital signature, GOST R 34.10, efficient hardware implementation, Montgomery multiplication, DSP blocks, Jacobi representation, parallel computations Algorithms of Montgomery multiplication, point s group operations in Jacobi representation, scalar multiplication are reviewed. The analysis and adaptation of those algorithms for efficient hardware implementation by FPGA consider several features: DSP blocks, possibility of parallel computations. Results of hardware implementation are presented. 140

4 V. A. Sartakov, A. S. Tarasikov Protection of Microkernel Environment L4Re from Stack-smashed Attacks Keywords: microkernel, operating systems security, stack protection Microkernel-based operating systems provide high level of protection due to the strong isolation of components, small size of Trusted Computing Base and execution of drivers in user space. At the same time, such systems are vulnerable to a stack overflow attacks, because these attacks exploit the hardware features of the platform, such as shared memory space for data and code. Modern architectures, such as AMD64 and ARM, provide opportunities to counteract attacks at the hardware level by disallowing memory allocation for storing executable stack and heap, but this protection mechanism requires additional support from the operating system. This paper presents memory management, program execution model and IPC mechanism of microkernel Fiasco.OC and environment L4Re from non-execution memory support point of view. M. A. Styugin Protection Systems against Unauthorized Access by Modifying the Structures Awareness Subjects Keywords: informational structure, mathematical modeling, information security, information limitations, functional invisibility In this paper, we propose to divide the actual structure of information systems and the subject information structure. An example of such separation on mathematical models of information security is given. It can determine on the basis of mathematical models what subjective images of a system are stable, and define the conditions under which we can confirm that our own subjective image of a system is an objective one. A task of hiding any processes by modifying the structure of information flows in a system is given. A. V. Tsaregorodtsev, E. V. Makarenko Vulnerability Assessment for Various Types of Cloud Structures Keywords: cloud computing, information security threats, attack, damage, system vulnerability assessment, factor counteracting Today organizations increasingly consider cloud computing as an alternative way of using information technology. At the same time, the use of different vulnerabilities of infrastructure components, network services and applications remains are the major threat to the cloud. The article proposes a methodology for vulnerability assessment for any type of cloud structures, which will allow to determine the coefficient of counter to possible attacks and to correlate the amount of damage to the total cost of ownership of organization IT-infrastructure. N. A. Chepik, M. A. Ivanov Kleptographic Attacks on ECDSA Keywords: ECCS, kleptography, SETUP Attack This paper presents secretly trapdoor with universal protection (SETUP) attacks on the elliptic curve digital signature algorithm ECDSA. It allows a malicious manufacturer of black-box cryptosystems to implement these attacks to get access to user s private key. The attacker can obtain user s private key. The way ECDSA can be used for encryption and key exchange is also described. 141

5 D. S. Chernyavskiy Information Security Policy Modeling for Network Security Systems Keywords: information security policy, policy management process, network security system Policy management for network security systems (NSSs) is one of the most topical issues of network security management. Incorrect configurations of NSSs lead to system outages and appearance of vulnerabilities. Moreover, policy management process is a time-consuming task, which includes significant amount of manual work. These factors reduce efficiency of NSSs utilization. The paper discusses peculiarities of policy management process and existing approaches to policy modeling, presents a model aimed to formalize policies for NSSs independently on NSSs platforms and select the most effective NSSs for implementation of the policies. 142