Korniyenko B.Y., Snishko V.V.

National aviation university, Ukraine

Analysis of threats to information security of computer systems

 

The role of information in society is extremely high. Appropriate behavior of each member of society is possible only with complete and accurate information about the environment and its activities, while ensuring the security of confidential information in its possession. Accordingly, the performance of computer systems (CS) functions may, subject to the same conditions.

Threat - a set of conditions and factors that pose a potential threat actually exists or breach of confidentiality, availability, and (or) the integrity of the information [1].

 Speaking of threats to information and technical nature, there are elements such as information theft, malware, hackers, spam, negligence staff, hardware and software failures, financial fraud, theft of equipment. The most common information theft and malware. Currently, extensive development received such threats to information security as theft database growth insider threats, the use of information on various information systems, increased damage applied attacker[2].

Among the internal threats of information security release privacy information distortion, loss of information failures in the equipment and information systems, theft of equipment. Again, based on statistics, is most prevalent with privacy and distortion. Either way, information leakage occurs through the leak. Most of this aspect is the so-called "human factor". That employees of the organization, which is not surprising, because who but they have enough power and features for the acquisition of information. But it is not necessary to steal information, such as sale. If employees want to spoil the reputation of the company, or cause damage due to some circumstances (ex officio reduction, reduction, disagreements with management, etc.), rather distort information that represents value to the organization, and as a consequence, this information may become irrelevant and the value of, or be simply false, not true, that may result, for example, cheated customers and partners. Fortunately, such staff not so much. As for the motives for man, a member of the following actions, the first place is stealing money from electronic invoicing (change programs accrued salaries and transferred it to the individual accounts create files with fictional depositors withdrawal from storage of financial institutions bank card and PIN codes to them, rigging companies in the database of customer information). But not without falsification of information or damage to software, extracts from job sites, and more. The most dangerous are unintentional actions of staff. An example would be, is ordinary thing for modern man - "stick", or USB storage device based Flash-memory. Often, members of organizations use "stick" to work. A person can take some information home to work on it (such as training or statements or other documents). In this case, a large percentage of leaks due to the loss of the media - "flash".

Types of information security threats are very diverse and have many classifications:

The nature of violations:

- Violation of privacy;

- Violation of performance CS;

- Unlawful interference with the functioning CS.

In response to violations:

- Minor bug;

- Disorderly conduct;

- Serious disturbances, natural and man-made disasters.

By anticipating the consequences of wrongdoing:

- Intentional violation;

- Unintentional violations.

On motivation:

- Malicious violation;

- Unintentional violation.

At the place of occurrence:

- External threats;

- Internal threats (threats from insiders).

For completeness:

- Realized;

- Unrealized.

The object of the following:

- Threats that target the entire computer system;

- Threats that target individual components of the CS.

Because of appearances:

- Threats that have arisen due to the lack of technical protection;

- Threats that have arisen due to lack of institutional arrangements.

For channel origin:

- Threats that have penetrated through software vulnerabilities, uncontrolled media;

- Threats that have penetrated through the vulnerability of authorization systems, disadvantages of filing.

In the form of threats:

- Malware, spam messages, software bookmark attacks by hackers;

- Vulnerable authorization procedures and other regulations information security;

- Natural disasters.

By origin:

- Man;

- Man-made;

- Natural.

The size of the loss:

- Minor;

- Significant;

- Critical.

If you qualify threat to nature of the violation, we can distinguish six basic types:

1. Disclosure of confidential information.

2. Hacking (illegal intervention in the computer system).

3. The destruction and distortion of information.

4. Denial of authorship and transactions.

5. Excess power unprivileged users.

6. Derivation of the computer system down, reducing its efficiency.

Consider a generic list of potential threats to information security standard for any cop. Conventionally, all possible threats can be divided into three groups according to three types of sources of threats. Threats to information security are independent of the first group of people. They are either related to a direct effect on the physical elements of CS (hurricanes, floods, fires, etc.) and lead to disruption of the CS and the physical destruction of media, tools and data processing, staff, or provide an electromagnetic effect on magnetic data carriers, electronic processing and transmission of data, staff and lead to failures and malfunctions of equipment, mutilation or destruction of information, human error.

Threats second group associated with the reliability of hardware systems for the COP. These include the sudden suspension of the CS, leading to a loss of information and the management of the heads of the CS and unreliable operation of hardware and software, leading to distortion and loss of information, irregularities in the management of objects.

Threats to the same group are electromagnetic radiation by which the unauthorized transfer of information outside of the CS, which leads to leaks and leaks through legal channels by removing the existing possibilities of special sensors or by direct connection.

Threats third group associated with the presence of people in the CS and beyond. This group includes the occasional unintended user actions, errors, operators, programmers, management, employees, archival services and security services, leading to distortion or destruction of information, violation of cop execution of their functions, errors in the applications and management tools security cop.

Threats to information security third group associated with the deliberate actions of people aimed at harm CS obtain personal benefits and income. This group is the most numerous threats. Available:

- Disguise legitimate user;

- Print or output to screen large numbers of files in order to ensure leaks;

- Penetration of the safety management system in order to change its characteristics;

- Organization of failure for users to use resources;

- Transfer the caller information wrong;

- Malicious destruction of resources;

- The introduction of erroneous data;

- Unauthorized copying or stealing carriers, intercepting alien message, generating plausible messages or modification of messages, strikes, sabotage;

- Libel hoax threats, blackmail;

- Distortion software implementation virus "Trojan horses", etc. (This kind of threats can refer to other groups due to the fact that this type of program can be developed for various purposes, including specially designed "combat viruses" to disrupt military installations, however, these programs can be made by staff or not intentional CS);

- Installation intelligence apparatus.

The various information systems, as well as objects of one information system may be different range of threats determined by the characteristics of a particular information system, its facilities and the nature of possible actions a threat.

The procedure for constructing a model of information security threats consists of several consecutive steps:

1. Identify sources of threats.

2. Identification of critical facilities information system.

3. Identifying a list of threats to each critical object.

4. Identify ways of threats.

5. Assessment of material damage and other consequences of possible threats.

To assess the risk of information system security of every valuable resource is determined by analyzing the threats that are specific to the resource and vulnerabilities through which data threats can be realized. In assessing the likelihood of a valuable resource for current threats and the impact of threats to resources, risk analyzes information resources of the organization. In order to assess the risk of information necessary to analyze all the threats that act on the information system, and vulnerability, which can be realized through threats. Based on the owner of the entered information system data, the model of threats and vulnerabilities relevant to the information system of the company. Based on the resulting model will analyze the reliability of information security threats to each resource and, therefore, calculated risks to new levels of information security of computer systems.

References:

1.                     Безбогов А.А., Яковлев А.В., Шамкин В.Н. Методы и средства защиты компьютерной информации: Учебное пособие. - Тамбов: ТГТУ, 2006. – 196 c.

2.                     Антонюк А.А., Жора В.В., Мостовой В.Н. Угрозы информации и услуги безопасности. Проблеми програмування. — 2003. — № 4. — С. 65—71