Кафедри
Постійне посилання на розділhttps://repository.kpi.kharkov.ua/handle/KhPI-Press/35393
Переглянути
6 результатів
Результати пошуку
Документ Development of the disable software reporting system on the basis of the neural network(2018) Gavrylenko, Svitlana; Babenko, O.; Ignatova, E.The PE structure of malicious and secure software is analyzed, features are highlighted, binary sign vectors are obtained and used as inputs for training the neural network. A software model for detecting malware based on the ART-1 neural network was developed, optimal similarity coefficients were found, and testing was performed. The obtained research results showed the possibility of using the developed system of identifying malicious software in computer systems protection systems.Документ Processing information on the state of a computer system using probabilistic automata(Institute of Electrical and Electronics Engineers, 2017) Semyonov, S. G.; Gavrylenko, Svitlana; Chelak, ViktorThe paper deals with the processing of information about the state of a computer system using a probabilistic automaton. A model of an intelligent system for detection and classification of malicious software is proposed, which compares a set of features that are characteristic for different classes of viruses with multiple states of the machine. The analysis process is reduced to modeling the operation of the automaton taking into account the probability of transition from state to state, which at each step is recalculated depending on the reaction of the environment. The received results of research allow to reach a conclusion about the possibility of using the offered system for detection of the harmful software.Документ Development of a heuristic scanner for an antivirus program on the basis of the mamdani fuzzy logic method(Technical University of Sofia, 2018) Gavrylenko, Svitlana; Chelak, Viktor; Gornostal, AlekseyThe article considers the means of antivirus protection of information, their advantages and disadvantages. An analysis of modern decision-making systems is carried out. The system of fuzzy logic is chosen. A module based on the Mamdani fuzzy logic method was developed, and the developed system was tested. The obtained results of the research showed the possibility of using the developed module in heuristic analyzers of intrusion detection systems.Документ Development of a heuristic antivirus scanner based on the file's pe-structure analysis(Вінницький національний технічний університет, 2017) Gavrylenko, Svitlana; Melnyk, М. S.; Chelak, ViktorMethods for constructing antivirus programs, their advantages and disadvantages are considered. The PE-structure of malicious and secure software is analyzed. The API-functions and strings inherent in these files are found and some of them are selected for further analysis. The selected features are used as inputs for the system of fuzzy inferences. A model of a fuzzy inference system based on the Mamdani fuzzy logic method is developed and tested. The obtained results of the research showed the possibility of using the developed malicious software identification system in heuristic analyzers of intrusion detection systems.Документ Investigation of intrusion in computer systems based on the Hurst exponent(NTU "KhPI", 2017) Gavrylenko, Svitlana; Chelak, Viktor; Bilogorskiy, NickThe subjectof the research in this article is the analysis of intrusion detection methods in computer systems.The purpose of the article is to develop effective methods and technologies for countering computer viruses. Tasks: research of modern means of antivirus protection of computer systems; a study of the Hurst index for assessing the state of the computer system; development of a software model for assessing the state of a computer system based on the Hurst index, analysis of the experimental data. The methods usedare: self-similarity assessment of the process based on the Hurst index. The following results are obtained. A method for identified abnormal behavior of a computer system based on the Hurst index is proposed. It is based on the analysis of CPU and RAM. The results of the research showed that theinfluence of a number of viruses on the computer system leads to the aspiration of the Hurstindex to an average value of 0.5, which indicates the randomness of the process. Conclusions. Experimental studies confirm the possibility of using the Hurst index as an integral part of the intrusion detection system in computer systems.Документ Development of the method and program model of the static analyzer of harmful files(НТУ "ХПІ", 2017) Gavrylenko, Svitlana; Saenko, DmitriyThe subject of research in this article is the methods of analyzing malicious software. The goal is to improve the secure functioning of computer systems (CS) and protect them from the effects of computer viruses. Research target: the research of modern means of software antivirus protection; analysis of the methods of creating a file signature; the development of a software model for static file detection, based on the analysis of the PE structure; the generation of tables of features that are inherent to families of viruses such as Worms, Backdor, Trojan; the obtainment binary signatures of malicious and secure software. The methods used are: analysis of the code in a Hex file, file hashing algorithms. The following results are obtained. The PE-structure of the file has been analyzed; sections have been selected for further analysis. A software model of static file detection has been developed and the analysis of secure and malicious files has been performed. Features in the form of strings and API functions have been selected; a bitmask has been formed for further file analysis. 3500 files of malicious and safe software has been scanned, their analysis has been performed. Signatures of each malicious file have been encoded and stored in the signature database. Using the developed software model, a study has been made of the possibility of detecting modifications to malicious software. Conclusions. A method and software model of static detection of malicious files has been developed, which allow automatic obtainment of a set of file features and draw a conclusion about the severity of the file.