ABSTRACT MODEL OF INFLUENCE OF MALICIOUS OF SOFTWARE AND METHOD OF ENSURING THE FAILURE RESISTANCE OF SPECIALIZED INFORMATION TECHNOLOGIES

Abstract

The proposed abstract model of the effects of malicious software (SDR) allows us to consider the objects of the computer system that may be affected by SDR and computer attacks. Therefore, it was used as a basis for a new method of ensuring the resilience of specialized IT in the face of SDR and computer attacks.

As a result, the application of the developed method is carried out in a system that has mechanisms for restructuring and uses redundancies. A feature of the main steps of the developed method according to the parametric control of program file integrity is the possibility of its application to a group of program files that do not have a fixed checksum and thus it expands the possibilities of the known method of detecting. Compared with the known application of this method, in previous work, this method could not be used to control the integrity of a certain group of executable files that have a heterogeneous internal structure. This group includes files of type mde, which are obtained when compiling programs written in MS Access. Their feature is the fact that they have a complex internal structure, which includes, in addition to program code, structures that are elements of the database, such as tables, indexes, relational database schema and others. This step of the method is designed for application in IP with increased fault tolerance and enhanced protection against RAM and computer attacks, namely in the second, local security loop integrated into specialized IT software. This is dictated by the fact that its implementation requires specific information about the parameters of the program file, which is unknown at the system level, but known locally, as it is information obtained in the design and implementation of this part of specialized IT as a whole. Therefore, the scope of the SCR detection method based on checksum calculation for files with volatile checksums as a step of the IT fault tolerance method has been expanded.

As a result, the application of the developed method is carried out in a system that has mechanisms for rebuilding and uses redundancies. To study the developed method, a method of evaluating its effectiveness in terms of redundancy and redundancy has been developed. Experimental studies and evaluation calculations confirm the effectiveness of the developed method of ensuring the resilience of IT in the face of SDR and computer attacks.