Кафедри
Постійне посилання на розділhttps://repository.kpi.kharkov.ua/handle/KhPI-Press/35393
Переглянути
2 результатів
Результати пошуку
Документ Development of a heuristic antivirus scanner based on the file's pe-structure analysis(Вінницький національний технічний університет, 2017) Gavrylenko, Svitlana; Melnyk, М. S.; Chelak, ViktorMethods for constructing antivirus programs, their advantages and disadvantages are considered. The PE-structure of malicious and secure software is analyzed. The API-functions and strings inherent in these files are found and some of them are selected for further analysis. The selected features are used as inputs for the system of fuzzy inferences. A model of a fuzzy inference system based on the Mamdani fuzzy logic method is developed and tested. The obtained results of the research showed the possibility of using the developed malicious software identification system in heuristic analyzers of intrusion detection systems.Документ Investigation of intrusion in computer systems based on the Hurst exponent(NTU "KhPI", 2017) Gavrylenko, Svitlana; Chelak, Viktor; Bilogorskiy, NickThe subjectof the research in this article is the analysis of intrusion detection methods in computer systems.The purpose of the article is to develop effective methods and technologies for countering computer viruses. Tasks: research of modern means of antivirus protection of computer systems; a study of the Hurst index for assessing the state of the computer system; development of a software model for assessing the state of a computer system based on the Hurst index, analysis of the experimental data. The methods usedare: self-similarity assessment of the process based on the Hurst index. The following results are obtained. A method for identified abnormal behavior of a computer system based on the Hurst index is proposed. It is based on the analysis of CPU and RAM. The results of the research showed that theinfluence of a number of viruses on the computer system leads to the aspiration of the Hurstindex to an average value of 0.5, which indicates the randomness of the process. Conclusions. Experimental studies confirm the possibility of using the Hurst index as an integral part of the intrusion detection system in computer systems.