Dynamic Ontologies in Information Security Systems

Different types of ontologies and knowledge or metaknowledge connected to them are considered and analyzed aiming at realization in contemporary information security systems (ISS) and especially the case of intrusion detection systems (IDS) or intrusion prevention systems (IPS). Human-centered methods INCONSISTENCY, FUNNEL, CALEIDOSCOPE and CROSSWORD are algorithmic or data-driven methods based on ontologies. All of them interact on a competitive principle ‘survival of the fittest’. They are controlled by a Synthetic MetaMethod SMM. It is shown that the data analysis frequently needs an act of creation especially if it is applied to knowledge-poor environments. It is shown that human-centered methods are very suitable for resolutions in case, and often they are based on the usage of dynamic ontologies

Investigating the Relations of Attacks, Methods and Objects in Regard to Information Security in Network TCP/IP Environment

Possibilities for investigations of 43 varieties of file formats (objects), joined in 10 groups; 89 information attacks, joined in 33 groups and 73 methods of compression, joined in 10 groups are described in the paper. Experimental, expert, possible and real relations between attacks’ groups, method’ groups and objects’ groups are determined by means of matrix transformations and the respective maximum and potential sets are defined. At the end assessments and conclusions for future investigation are proposed.

Research of the Influence of Methods of Compression on the Co-efficient of Information Security of Objects Under Attacks

In this paper a possibility for quantitative measuring of information security of objects, exposed to information attacks and processed with methods of compression, is represented. A co-efficient of information security, which reflects the influence of the level of compression obtained after applying methods of compression to objects and the time, required by the attack to get access to the corresponding object, is proposed. Methods’ groups with the highest and respectively the lowest values of the co-efficient of information security for all methods’ groups in relation to all attacks’ groups are determined. Assessments and conclusions for future investigations are proposed.

Application of Methods of Multi-criteria Evaluation in Choosing a Method of Compression as a Means of Heightening the Information Security of System and Applied Objects

In this paper is proposed a model for researching the capability to influence, by selected methods’ groups of compression, to the co-efficient of information security of selected objects’ groups, exposed to selected attacks’ groups. With the help of methods for multi-criteria evaluation are chosen the methods’ groups with the lowest risk with respect to the information security. Recommendations for future investigations are proposed.

Analysis of Information Security of Objects under Attacks and Processed by Methods of Compression

In this paper a methodology for evaluation of information security of objects under attacks, processed by methods of compression, is represented. Two basic parameters for evaluation of information security of objects – TIME and SIZE – are chosen and the characteristics, which reflect on their evaluation, are analyzed and estimated. A co-efficient of information security of object is proposed as a mean of the coefficients of the parameter TIME and SIZE. From the simulation experiments which were carried out methods with the highest co-efficient of information security had been determined. Assessments and conclusions for future investigations are proposed.

Study of the Information Security of File Objects under Information Attacks with a Record of Effect of the Methods of Compression

This report examines important issues pertaining to the different ways of affecting the information security of file objects under information attacks through methods of compression. Accordingly, the report analyzes the three-way relationships which may exist among a selected set of attacks, methods and objects. Thus, a methodology is proposed for evaluation of information security, and a coefficient of information security is created. With respects to this coefficient, using different criteria and methods for evaluation and selection of alternatives, the lowest-risk methods of compression are selected.

Analysis of Security in Archiving

Some basic types of archiving programs are described in the paper in addition to their advantages and disadvantages with respect to the analysis of security in archiving. Analysis and appraisal are performed on the results obtained during the described experiments.

Examination of Passwords’ Influation on the Compressing Process of Non-Encrypted Objects

The principal methods of compression and different types of non-encrypted objects are described. An analysis is made of the results obtained from examinations of the speed of compression for objects when using passwords with different length. The size of the new file obtained after compression is also analyzed. Some evaluations are made with regard to the methods and the objects used in the examinations. In conclusion some deductions are drawn as well as recommendations for future work.

The Cloud Computing and Computer Virology

Евгений Николов, Димитрина Полимирова - Докладът представя текущото състояние на “облачните изчисления” и “облачните информационни атаки” в светлината на компютърната вирусология и информационната сигурност. Обсъдени са категориите “облачни възможни информационни атаки” и “облачни успешни информационни атаки”. Коментирана е архитектурата на “облачните изчисления” и основните компоненти, които изграждат тяхната инфраструктура, съответно “клиенти” (“clients”), „центрове за съхранение на данни“ (“datacenters”) и „разпределени сървъри“ (“dirstributed servers”). Коментирани са и услугите, които се предлагат от “облачните изчисления” – SaaS, HaaS и PaaS. Посочени са предимствата и недостатъците на компонентите и услугите по отношение на “облачните информационни атаки”. Направен е анализ на текущото състояние на “облачните информационни атаки” на територията на България, Балканския полуостров и Югоизточна Европа по отношение на компонентите и на услугите. Резултатите са представени под формата на 3D графични обекти. На края са направени съответните изводи и препоръки под формата на заключение.

Visible and Invisible Bulgarian Heritage (One research under the Bulgarian Heritage published on the Web)

This paper dials with presentations of the Bulgarian Cultural and Historical Heritage in the Cyberspace. The study was taking place at the Information management course with bachelor students in Information Technologies, Information Brokerage and Information Security at the University of Library Studies and Information Technologies. The students describe about 300 different objectives – cultural and historical, material and immaterial.

Conceptual Model and Security Requirements for DRM Techniques Used for e-Learning Objects Protection

This paper deals with the security problems of DRM protected e-learning content. After a short review of the main DRM systems and methods used in e-learning, an examination is made of participators in DRM schemes (e-learning object author, content creator, content publisher, license creator and end user). Then a conceptual model of security related processes of DRM implementation is proposed which is improved afterwards to reflect some particularities in DRM protection of e-learning objects. A methodical way is used to describe the security related motives, responsibilities and goals of the main participators involved in the DRM system. Taken together with the process model, these security properties are used to establish a list of requirements to fulfill and a possibility for formal verification of real DRM systems compliance with these requirements.

Code Access Security in Microsoft’s .NET

This paper introduces basic concepts of code access security, using and implementing security features, as well as types of security syntax and mechanism of checking and requesting specific permissions.

Google - Security Testing Tool

Using Google as a security testing tool, basic and advanced search techniques using advanced google search operators. Examples of obtaining control over security cameras, VoIP systems, web servers and collecting valuable information as: Credit card details, cvv codes – only using Google.

ICT Security Management

Security becomes more and more important and companies are aware that it has become a management problem. It’s critical to know what are the critical resources and processes of the company and their weaknesses. A security audit can be a handy solution. We have developed BEVA, a method to critically analyse the company and to uncover the weak spots in the security system. BEVA results in security scores for each security factor and also in a general security score. The goal is to increase the security score Ss to a postulated level by focusing on the critical security factors, those with a low security score.

Analysis of Spatial-temporal Dynamics in the System of Economic Security of Different Subjects of Economic Management

The importance to solve the problem of spatial-temporal dynamics analysis in the system of economic security of different subjects of economic management is substantiated. Various methods and approaches for carrying out analysis of spatial-temporal dynamics in the system of economic security are considered. The basis of the generalized analysis of spatial-temporal dynamics in economic systems is offered.