| Developers: | PNIPU Perm National Research Polytechnic University |
| Date of the premiere of the system: | 2023/05/05 |
| Technology: | Information Security - Antispam, Information Security - Authentication of Information Security, - Information Security Leak Prevention, - Fraud Detection System (Fraud), Information Security Information and Event Management (SIEM) |
2023: Developing a model for assessing file infestation
Perm Polytechnic scientists have developed a model for assessing the infection of files transmitted in corporate networks, which will help companies counter cybercriminals. The university announced this on May 5, 2023.
Scientists from Tambov State Technical University also took part in the development.
One of the main vectors implemented attacks in production enterprises and companies of various fields of activity is infected files received along with, e-mails messages messengers and other sources. There is already a so-called layered defense of corporate networks, which can consist of a cascade of anti-virus programs, various methods authentications identifications and other security mechanisms, but this structure greatly complicates the search. harmful content
 | The use of layered defense from many security mechanisms, for example, more than one antivirus product and online services for analyzing suspicious files, complicates the decision about its infection, and also creates prerequisites for false positives. Our model involves improving the quality of detection of malicious content. In addition, the processing time of the same suspicious messages will not be increased, - said the head of the department of automation of technological processes of the Bereznikovsky branch of the Perm Polytechnic, Doctor of Technical Sciences, Professor Andrei Zatonsky. |  |
To solve the problem, polytechnics have created an architectural solution of information and communication technologies, which implies the use of various mechanisms for extracting files transmitted as a result of information exchange. Next, scientists propose using 2 options to analyze and identify unwanted content. For documents that do not contain confidential information, they recommend using online services to study them. It is proposed to use local data stores for files containing trade secrets, and analyze them with their own infrastructure in the form of a cluster of virtual machines with various antivirus software installed . After studying the files, a special model created by scientists estimates the degree of infection of the files, and then decides how to deal with them.
| | Based on the results of the analysis of the proposed solution, we noted that its use reduces the risk of receiving infected files by 14%. In addition, the model reduces the likelihood of false positives. At the same time, the processing time does not increase, since the solution uses typical mechanisms. The very decision on the infection of files is made in accordance with the class that the model assigns to them, - said Evgeny Mityukov, candidate of technical sciences at PNIPU. | |
Thanks to the technology created by Perm Polytechnic scientists, companies will be able to minimize the risks of cybercriminals entering corporate networks and, as a result, reduce costs arising from cyber incidents. The development will be especially relevant for industrial enterprises, in which many documents with different levels of access can be stored and transmitted.
| The site content is translated by machine translation software powered by PROMT. The machine-translated articles are not always perfect and may contain errors in vocabulary, syntax or grammar. Read original article If you find inaccuracies or errors in the results of machine translation, please write to editor@tadviser.ru. We will make every effort to correct them as soon as possible. |