Evaluación de la seguridad real del sistema de información mediante el estudio de la equivalencia de las tecnologías aplicadas

Vista sencilla de ítem
dc.contributor.authorTatarkanov, Aslan A.
dc.contributor.authorGlashev, Rasul M.
dc.contributor.authorNazarova, Ekaterina S.
dc.contributor.orcidTatarkanov, Aslan A. [0000-0001-7334-6318]spa
dc.contributor.orcidGlashev, Rasul M. [0000-0002-8649-9740]spa
dc.contributor.orcidNazarova, Ekaterina S. [0009-0008-7938-7995]spa
dc.date.accessioned2024-09-19T15:31:35Z
dc.date.available2024-09-19T15:31:35Z
dc.date.issued2023-12-13
dc.description.abstractEsta investigación está dedicada a uno de los problemas urgentes en el ámbito de la provisión de seguridad, aplicado en diversas áreas de la actividad humana relacionadas con los sistemas de información. Se asocia a una situación típica de discrepancia entre los costes de mejora de los métodos de seguridad y el nivel de seguridad alcanzado en este caso. Se demuestra que uno de los enfoques metodológicos más prometedores para encontrar una solución a este problema está relacionado con el estudio de las perspectivas de adaptación de las soluciones existentes con integración en el entorno informático que implementan la nueva tecnología. De acuerdo con este concepto, la transición equivalente entre las tecnologías de la información debe llevarse a cabo manteniendo el nivel de seguridad general de la información. Se determinó el objetivo principal de la investigación, que se refiere al desarrollo de un modelo analítico para controlar la equivalencia de las tecnologías de la información en los sistemas de seguridad de la información. Se analizó el estado actual en el campo de la seguridad de la información. Se puso de manifiesto que las herramientas y mecanismos existentes hoy en día y presentados en el mercado pertinente que previenen los riesgos y amenazas para el funcionamiento de los sistemas de información asociados al robo y la distorsión de datos son "estrechos", es decir, adaptados para resolver los problemas locales a los que se enfrentan los atacantes.spa
dc.description.abstractenglishThis research is devoted to one of the urgent problems in the field of security provision, implemented in various areas of human activity related to information systems. It is associated with a typical situation of discrepancy between the costs of improving security methods and the level of security achieved in this case. It is shown that one of the most promising methodological approaches aimed at finding a solution to this problem is related to the study of the prospects for adapting existing solutions with integration into the computing environment that implement the new technology. In accordance with this concept, the equivalent transition between information technologies should be implemented while maintaining the level of overall information security. The main research goal was determined – it concerns the development of an analytical model for controlling the equivalence of information technologies in information security systems. The current state in the field of information security was analyzed. It was revealed that the tools and mechanisms existing today and presented on the relevant market that prevent risks and threats to the functioning of information systems associated with data theft and distortion are “narrow”, that is, adapted to solving local problems facing attackers.eng
dc.format.mimetypeapplication/pdfspa
dc.identifier.doihttps://doi.org/10.29375/25392115.4707
dc.identifier.instnameinstname:Universidad Autónoma de Bucaramanga UNABspa
dc.identifier.issnISSN: 1657-2831spa
dc.identifier.issne-ISSN: 2539-2115spa
dc.identifier.repourlrepourl:https://repository.unab.edu.cospa
dc.identifier.urihttp://hdl.handle.net/20.500.12749/26632
dc.language.isospaspa
dc.publisherUniversidad Autónoma de Bucaramanga UNABspa
dc.relationhttps://revistas.unab.edu.co/index.php/rcc/article/view/4707/3831spa
dc.relation.referencesAboaoja, F. A., Zainal, A., Ghaleb, F. A., Al-rimy, B. A. S., Eisa, T. A. E., & Elnour, A. A. H. (2022). Malware detection issues, challenges, and future directions: A survey. Applied Sciences, 12(17), 8482. https://doi.org/10.3390/app12178482
dc.relation.referencesAl-Asli, M., & Ghaleb, T. A. (2019). Review of signature-based techniques in antivirus products. 2019 International Conference on Computer and Information Sciences (ICCIS). https://doi.org/10.1109/iccisci.2019.8716381
dc.relation.referencesBarbosa, R. R. R., Sadre, R., & Pras, A. (2013). Flow whitelisting in SCADA networks. International Journal of Critical Infrastructure Protection, 6(3–4), 150–158. https://doi.org/10.1016/j.ijcip.2013.08.003
dc.relation.referencesBashendy, M., Tantawy, A., & Erradi, A. (2023). Intrusion response systems for cyber-physical systems: A comprehensive survey. Computers & Security, 124, 102984. https://doi.org/10.1016/j.cose.2022.102984
dc.relation.referencesBist, A. S. (2013). Code emulation technique for computer virus detection. International Journal of Engineering Sciences and Research Technology, 2(12), 3479–3481.
dc.relation.referencesDhanasekar, D., Di Troia, F., Potika, K., & Stamp, M. (2018). Detecting Encrypted and Polymorphic Malware Using Hidden Markov Models. Guide to Vulnerability Analysis for Computer Networks and Systems, 281–299. https://doi.org/10.1007/978-3-319-92624-7_12
dc.relation.referencesGopinath M., & Sethuraman, S. C. (2023). A comprehensive survey on deep learning based malware detection techniques. Computer Science Review, 47, 100529. https://doi.org/10.1016/j.cosrev.2022.100529
dc.relation.referencesHuh, J. H., Lyle, J., Namiluko, C., & Martin, A. (2011). Managing application whitelists in trusted distributed systems. Future Generation Computer Systems, 27(2), 211–226. https://doi.org/10.1016/j.future.2010.08.014
dc.relation.referencesKaur, J., & Ramkumar, K. R. (2022). The recent trends in cyber security: A review. Journal of King Saud University - Computer and Information Sciences, 34(8), 5766–5781. https://doi.org/10.1016/j.jksuci.2021.01.018
dc.relation.referencesKhayrutdinov, M. M., Golik, V. I., Aleksakhin, A. V., Trushina, E. V., Lazareva, N. V., & Aleksakhina, Y. V. (2022). Proposal of an algorithm for choice of a development system for operational and environmental safety in mining. Resources, 11(10), 88. https://doi.org/10.3390/resources11100088
dc.relation.referencesKirilchuk, S., Reutov, V., Nalivaychenko, E., Shevchenko, E., & Yaroshenko, A. (2022). Ensuring the security of an automated information system in a regional innovation cluster. Transportation Research Procedia, 63, 607–617. https://doi.org/10.1016/j.trpro.2022.06.054
dc.relation.referencesLevy, A., & Shalom, B. R. (2020). Online parameterized dictionary matching with one gap. Theoretical Computer Science, 845, 208–229. https://doi.org/10.1016/j.tcs.2020.09.016
dc.relation.referencesLing, X., Wu, L., Zhang, J., Qu, Z., Deng, W., Chen, X., Qian, Y., Wu, C., Ji, S., Luo, T., Wu, J., & Wu, Y. (2023). Adversarial attacks against Windows PE malware detection: A survey of the state-of-the-art. Computers & Security, 128, 103134. https://doi.org/10.1016/j.cose.2023.103134
dc.relation.referencesMadan, S., Sofat, S., & Bansal, D. (2022). Tools and techniques for collection and analysis of internet-of-things malware: A systematic state-of-art review. Journal of King Saud University - Computer and Information Sciences, 34(10), 9867–9888. https://doi.org/10.1016/j.jksuci.2021.12.016
dc.relation.referencesMeridji, K., Al-Sarayreh, K. T., Abran, A., & Trudel, S. (2019). System security requirements: A framework for early identification, specification and measurement of related software requirements. Computer Standards & Interfaces, 66, 103346. https://doi.org/10.1016/j.csi.2019.04.005
dc.relation.referencesMoreira, N., Molina, E., Lázaro, J., Jacob, E., & Astarloa, A. (2016). Cyber-security in substation automation systems. Renewable and Sustainable Energy Reviews, 54, 1552–1562. https://doi.org/10.1016/j.rser.2015.10.124
dc.relation.referencesRehman, Z.-U., Khan, S. N., Muhammad, K., Lee, J. W., Lv, Z., Baik, S. W., Shah, P. A., Awan, K., & Mehmood, I. (2018). Machine learning-assisted signature and heuristic-based detection of malwares in Android devices. Computers & Electrical Engineering, 69, 828–841. https://doi.org/10.1016/j.compeleceng.2017.11.028
dc.relation.referencesSeo, J., & Lee, S. (2018). Abnormal behavior detection to identify infected systems using the APChain algorithm and behavioral profiling. Security and Communication Networks, 2018, 1–24. https://doi.org/10.1155/2018/9706706
dc.relation.referencesSharma, A., Gupta, B. B., Singh, A. K., & Saraswat, V. K. (2022). Orchestration of APT malware evasive manoeuvers employed for eluding anti-virus and sandbox defense. Computers & Security, 115, 102627. https://doi.org/10.1016/j.cose.2022.102627
dc.relation.referencesShaukat, K., Luo, S., & Varadharajan, V. (2022). A novel method for improving the robustness of deep learning-based malware detectors against adversarial attacks. Engineering Applications of Artificial Intelligence, 116, 105461. https://doi.org/10.1016/j.engappai.2022.105461
dc.relation.referencesShukla, A., Katt, B., Nweke, L. O., Yeng, P. K., & Weldehawaryat, G. K. (2022). System security assurance: A systematic literature review. Computer Science Review, 45, 100496. https://doi.org/10.1016/j.cosrev.2022.100496
dc.relation.referencesSibi Chakkaravarthy, S., Sangeetha, D., & Vaidehi, V. (2019). A Survey on malware analysis and mitigation techniques. Computer Science Review, 32, 1–23. https://doi.org/10.1016/j.cosrev.2019.01.002
dc.relation.referencesSyed, N. F., Shah, S. W., Trujillo-Rasua, R., & Doss, R. (2022). Traceability in supply chains: A Cyber security analysis. Computers & Security, 112, 102536. https://doi.org/10.1016/j.cose.2021.102536
dc.relation.referencesTatarkanov, A., Lampezhev, A., Polezhaev, D., & Tekeev, R. (2022a). Development of components of a distributed fault tolerant medical data storage system. International Journal of Engineering Trends and Technology, 70(12), 76–89. https://doi.org/10.14445/22315381/ijett-v70i12p209
dc.relation.referencesTatarkanov, A., Lampezhev, A., Polezhaev, D., & Tekeev, R. (2022b). Suboptimal biomedical diagnostics in the presence of random perturbations in the data. International Journal of Engineering Trends and Technology, 70(11), 129–137. https://doi.org/10.14445/22315381/ijett-v70i11p213
dc.relation.referencesUchendu, B., Nurse, J. R. C., Bada, M., & Furnell, S. (2021). Developing a cyber security culture: Current practices and future needs. Computers & Security, 109, 102387. https://doi.org/10.1016/j.cose.2021.102387
dc.relation.referencesVouvoutsis, V., Casino, F., & Patsakis, C. (2022). On the effectiveness of binary emulation in malware classification. Journal of Information Security and Applications, 68, 103258. https://doi.org/10.1016/j.jisa.2022.103258
dc.relation.referencesWang, G.-Y. (2022). Churn prediction for high-value players in freemium mobile games: Using random under-sampling. Statistika: Statistics and Economy Journal, 102(4), 443–453. https://doi.org/10.54694/stat.2022.18
dc.relation.referencesWang, Y., Jia, P., Peng, X., Huang, C., & Liu, J. (2023). BinVulDet: Detecting vulnerability in binary program via decompiled pseudo code and BiLSTM-attention. Computers & Security, 125, 103023. https://doi.org/10.1016/j.cose.2022.103023
dc.relation.referencesWang, Y., Li, Q., Chen, Z., Zhang, P., & Zhang, G. (2020). A survey of exploitation techniques and defenses for program data attacks. Journal of Network and Computer Applications, 154, 102534. https://doi.org/10.1016/j.jnca.2020.102534
dc.relation.referencesYang, Z., Liu, X., Li, T., Wu, D., Wang, J., Zhao, Y., & Han, H. (2022). A systematic literature review of methods and datasets for anomaly-based network intrusion detection. Computers & Security, 116, 102675. https://doi.org/10.1016/j.cose.2022.102675
dc.relation.referencesZelinka, I., Das, S., Sikora, L., & Šenkeřík, R. (2018). Swarm virus - Next-generation virus and antivirus paradigm? Swarm and Evolutionary Computation, 43, 207–224. https://doi.org/10.1016/j.swevo.2018.05.003
dc.relation.referencesZhai, X., Appiah, K., Ehsan, S., Howells, G., Hu, H., Gu, D., & McDonald-Maier, K. (2015). Exploring ICMetrics to detect abnormal program behaviour on embedded devices. Journal of Systems Architecture, 61(10), 567–575. https://doi.org/10.1016/j.sysarc.2015.07.007
dc.relation.urihttps://revistas.unab.edu.co/index.php/rcc/issue/view/293spa
dc.rights.accessrightsinfo:eu-repo/semantics/openAccessspa
dc.sourceVol. 24 Núm. 2 (2023): Revista Colombiana de Computación (Julio-Diciembre); 29-38spa
dc.subjectTecnologías aplicadasspa
dc.subjectSistemas de seguridad de la informaciónspa
dc.subjectSeguridad de la informaciónspa
dc.subjectModelo de sistemaspa
dc.subject.keywordsApplied Technologieseng
dc.subject.keywordsInformation Security Systemseng
dc.subject.keywordsInformation Securityeng
dc.subject.keywordsSystem Modeleng
dc.titleEvaluación de la seguridad real del sistema de información mediante el estudio de la equivalencia de las tecnologías aplicadasspa
dc.title.translatedAssessment of the actual security of the information system by studying the equivalence of the applied technologieseng
dc.type.coarhttp://purl.org/coar/resource_type/c_2df8fbb1
dc.type.coarversionhttp://purl.org/coar/version/c_ab4af688f83e57aaspa
dc.type.driverinfo:eu-repo/semantics/article
dc.type.hasversioninfo:eu-repo/semantics/publishedVersion
dc.type.localArtículospa
dc.type.redcolhttp://purl.org/redcol/resource_type/ART

Archivos

Bloque original

Mostrando 1 - 1 de 1
Miniatura
Nombre:
Artículo.pdf
Tamaño:
435.22 KB
Formato:
Adobe Portable Document Format
Descripción:
Artículo
Descargar

Bloque de licencias

Mostrando 1 - 1 de 1
Miniatura
Nombre:
license.txt
Tamaño:
347 B
Formato:
Item-specific license agreed upon to submission
Descripción:
Descargar

Colecciones

Revista Colombiana de Computación