Intelligent System of Analytical Processing of Digital Network Content for Protection against Inappropriate Information

Currently, the Internet and social networks as a medium for the distribution of digital network content are becoming one of the most important threats to personal, public and state information security. There is a need to protect the individual, society and the state from inappropriate information. In scientific and methodological terms, the problem of protection from inappropriate information has an extremely small number of solutions. This determines the relevance of the results presented in the article, aimed at developing an intelligent system of analytical processing of digital network content to protect against inappropriate information. The article discusses the conceptual foundations of building such a system, revealing the content of the concept of inappropriate information and representing the overall architecture of the system. Models and algorithms for the functioning of the most characteristic components of the system are given, such as a distributed network scanning component, a multidimensional classification component of network information objects, a component for eliminating incompleteness and inconsistency, and a decision-making component. The article presents the results of the implementation and experimental evaluation of system components, which demonstrated the ability of the system to meet the requirements for the completeness and accuracy of detection and counteraction of unwanted information in conditions of its incompleteness and inconsistency.

Wireless Interference Analysis for Home IoT Security Vulnerability Detection

The integrity of wireless networks that make up the clear majority of IoT networks lack the inherent security of their wired counterparts. With the growth of the internet of things (IoT) and its pervasive nature in the modern home environment, it has caused a spike in security concerns over how the network infrastructure handles, transmits, and stores data. New wireless attacks such as KeySniffer and other attacks of this type cannot be tracked by traditional solutions. Therefore, this study investigates if wireless spectrum frequency monitoring using interference analysis tools can aid in the monitoring of device signals within a home IoT network. This could be used enhance the security compliance guidelines set forth by OWASP and NIST for these network types and the devices associated. Active and passive network scanning tools are used to provide analysis of device vulnerability and as comparison for device discovery purposes. The work shows the advantages and disadvantages of this signal pattern testing technique compared to traditional network scanning methods. The authors demonstrate how RF spectrum analysis is an effective way of monitoring network traffic over the air waves but also possesses limitations in that knowledge is needed to decipher these patterns. This article demonstrates alternative methods of interference analysis detection.

Addressless: A new internet server model to prevent network scanning

Eliminating unnecessary exposure is a principle of server security. The huge IPv6 address space enhances security by making scanning infeasible, however, with recent advances of IPv6 scanning technologies, network scanning is again threatening server security. In this paper, we propose a new model named addressless server, which separates the server into an entrance module and a main service module, and assigns an IPv6 prefix instead of an IPv6 address to the main service module. The entrance module generates a legitimate IPv6 address under this prefix by encrypting the client address, so that the client can access the main server on a destination address that is different in each connection. In this way, the model provides isolation to the main server, prevents network scanning, and minimizes exposure. Moreover it provides a novel framework that supports flexible load balancing, high-availability, and other desirable features. The model is simple and does not require any modification to the client or the network. We implement a prototype and experiments show that our model can prevent the main server from being scanned at a slight performance cost.

Complex of Models for Network Security Assessment of Industrial Automated Control Systems

The modern enterprises apply network technologies to their automated industrial control systems. Along with advantages of the above approach the risk of network attacks on automated control systems increases significantly. Hence there is an urgent need to develop automated monitoring means being capable of unauthorized access detection and of an adequate response to it. The enterprise security system should take into account components interaction and involve the ability of self-renewal throughout the entire life cycle. The partial models of functioning of automated control systems of an enterprise under information threats are offered taking into account parameters of states of the enterprise at its different levels, realization of network threats, counteraction measures, etc. For each model it is possible to form the state space of a part of an enterprise and on the basis of the series of tests to define state transition parameters thus enabling model representation in the form of a marked graph. The sequences of states possess the properties of semi-Markov processes so semi-Markov apparatus is applicable. Probabilities of state transitions could be computed as a result of numerical solution of the corresponding system of integral equations by Lagrange-Stieltjes technique. Application of Semi-Markov apparatus for the detection of non-authorized activities during data transfer under network scanning attack proved the validity of the above methods. In addition its application results in creation of a set of security assurance measures to be undertaken. Having obtained state transition probabilities the development of integral security indicator becomes possible thus contributing to the enterprise performance enhancement.

EXPLORATION OF COMPUTER NETWORK BY VULNERABILITY SCANNER NESSUS

For today, computer networks are an integral part of our daily lives. As the analysis shows, the network is ex-tremely vulnerable, it can serve as a place of information leakage, changes of configuration of settings and modification of data by the attackers. There are many more threats, and the security of the network requires a great deal of attention to ensure the security of the network in order to maintain the confidentiality and integrity of the data. Organizations must regularly assess the vulnerability of the entire network to test the security level and strengthen the network. We use vulnerability scanners to find weaknesses, which are useful for detecting security vulnerabilities on a case-by-case basis and across the network as a whole. The purpose of the work is to explore the computer network for vulnerabilities using the Nessus Professional scanner. Research Methods – network scanning by Nessus Professional vulnerability scanner. The Nessus Professional vulnerability scanner from Tenable Network Security, which is freely available, was used for the research. The Nessus Professional scanner has been found to have better functionality and performance than other available scanners. The only downside to the scanner is its cost per year, as well as scanning a large number of hosts on the network at a time (over 100 hosts). After the scanner was successfully installed, carried out it was in-spected from the moment it was launched to the generation of host test reports. For the work, the Lviv State University of Life Safety network was tested. In the post-scan report, which is displayed in HTML format, you can see scan details for each host; the number and nature of vulnerabilities; the error correction dashboard. According to the results of testing, vulnerabilities of low, medium and high levels of hazards were identified, totaling 376. Vulnerabilities were ana-lyzed based on the obtained results, namely: a brief description and a way to solve the problem.

Phosphorylated cellulose nanofibers exhibit exceptional capacity for uranium capture

We investigate the adsorption of hexavalent uranium, U(VI), on phosphorylated cellulose nanofibers (PHO-CNF) and compare the results with those for native and TEMPO-oxidized nanocelluloses. Batch adsorption experiments in aqueous media show that PHO-CNF is highly efficient in removing U(VI) in the pH range between 3 and 6. Gelling of nanofiber hydrogels is observed at U(VI) concentration of 500 mg/L. Structural changes in the nanofiber network (scanning and transmission electron microscopies) and the surface chemical composition (X-ray photoelectron spectroscopy) gave insights on the mechanism of adsorption. The results from batch adsorption experiments are fitted to Langmuir, Freundlich, and Sips isotherm models, which indicate a maximum adsorption capacity of 1550 mg/g, the highest value reported so far for any bioadsorbent. Compared to other metals (Zn, Mn, and Cu) and typical ions present in natural aqueous matrices the phosphorylated nanofibers are shown to be remarkably selective to U(VI). The results suggest a solution for the capture of uranium, which is of interest given its health and toxic impacts when present in aqueous matrices.