SYSTEMATIC APPROACH TO SOLVING THE TASK OF PROTECTING INFORMATION IN THE INFOCOMMUNICATION NETWORK FROM THE INFLUENCE OF COMPUTER VIRUSES
DOI:
https://doi.org/10.28925/2663-4023.2025.27.781Keywords:
information; cybersecurity; viruses; protection; identification features; detection of alarming events, information protection, infocommunication networksAbstract
A modern infocommunication network is a distributed system, the basic elements of which are combined into a single information space. The task of ensuring the high-quality functioning of infocommunication networks under the influence of computer viruses necessitates the need to monitor the network status for timely detection of alarming events, which are understood as the detection of signs of infection of network hardware. It is obvious that to achieve the required level of information security in the network, correct and timely management decisions must be provided to prevent undesirable consequences. This necessitates the creation of more advanced methods of protecting information from the influence of computer viruses on network hardware. The purpose of the publication is to form a systematic approach to solving the tasks of protecting information in the infocommunication network from the influence of computer viruses with the justification of the dictionary of signs necessary for detecting alarming events, and ensuring the maintenance of the target state of the infocommunication network. The main scientific and technical tasks for creating an information protection system against the influence of computer viruses, built on the principle of a control system, are substantiated. It is proposed to use digital artifacts that leave malicious software as a result of the impact as identification signs of the state of the infocommunication network to detect alarming events. The possibility of using forensic analysis with an incomplete set of digital artifacts is considered. Universal artifacts are identified, the detection of which indicates one hundred percent infection. Building an information protection system in the form of an automated control system aimed at ensuring the support of the target state of the infocommunication network allows ensuring the required level of information security. The specified dictionary of signs for identifying the state of the infocommunication network is sufficient for making decisions in the control cycles of the information protection system. The practical significance of the results obtained lies in the possibility of their application in various industries to improve methods of protecting information against the influence of computer viruses and more efficient use of the analyst's time when conducting forensic analysis of the infocommunication network.
Downloads
References
Vasylenko, M. D., Rachuk, V. O., & Slatvinska, V. M. (2021). Malware in the Context of Understanding Computer Virology and Technical and Legal Competition: An Interdisciplinary Study [Malware in the context of understanding computer virology and techno-legal adversarialism: an interdisciplinary study]. Naukovi pratsi Natsionalnoho universytetu “Odeska yurydychna akademiia” – Scientific works of the National University “Odesa Law Academy”, 28, 28–36.
Rychka, D.O. (2018). Computer viruses - malicious software, the driving force of modification [Computer viruses are malicious software, the driving force of modification]. Scientific Bulletin of Kherson State University. Series “Legal Sciences”, 1(2), 89–93.
Bashir, M., & Khan, M. (2013). Triage in Live Digital Forensic Analysis. The International Journal of Forensic Computer Science, 8(1), 35–44. https://doi.org/10.5769/j201301005
Kao, D.-Y. & Wu, G.-J. (2015). A Digital Triage Forensics framework of Window malware forensic toolkit: Based on ISO/IEC 27037:2012. 2015 International Carnahan Conference on Security Technology (ICCST), 217–222. https://doi.org/10.1109/CCST.2015.7389685
Kriuchkova, L. P. (2016). Problems of functioning of infocommunication networks in the conditions of destructive influences. Monograph. K.: DUT.
Vasyliev, V. M., & Zhuk, S. Ya.. (2023). Probability theory in radio engineering: a textbook. Kyiv: Publishing House “Polytechnic”.
Bohdanov, O., & Chernihivskyi, I. (2024). Types of digital forensic artifacts in windows computers. Cybersecurity: Education, Science, Technique. 2024, 4(24), 221–228. https://doi.org/10.28925/2663-4023.2024.24.221228
Get-MpPreference (Defender). (n. d.). Microsoft Learn: Build skills that open doors in your career. https://learn.microsoft.com/en-us/powershell/module/defender/get-mppreference?view=windowsserver2022-ps
Access Control: Understanding Windows File And Registry Permissions. (n. d.). Microsoft Learn: Build skills that open doors in your career. https://learn.microsoft.com/en-us/archive/msdn-magazine/2008/november/access-control-understanding-windows-file-and-registry-permissions
Autoruns - Sysinternals. (n. d.). Microsoft Learn: Build skills that open doors in your career. https://learn.microsoft.com/en-us/sysinternals/downloads/autoruns
Scheduled Task Tampering. (n. d.). WithSecure™ Labs Home | WithSecure™ Labs. https://labs.withsecure.com/publications/scheduled-task-tampering
Automated Malware Analysis Report for winserv.exe - Generated by Joe Sandbox. (n. d.). Automated Malware Analysis - Joe Sandbox Cloud Basic. https://www.joesandbox.com/analysis/844004/0/html
RemoteUtilities. (n. d.). Software S0592 | MITRE ATT&CK®. MITRE ATT&CK®. https://attack.mitre.org/software/S0592/
Published
How to Cite
Issue
Section
License
Copyright (c) 2025 Іван Чернігівський , Лариса Крючкова
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
