Abstract
The usage of known protection tools in information systems, including cryptographic ones, does not allow ensuring the confidentiality of information about its composition, structure and functioning algorithms, due to the fact that modern network technologies require addressable information in the service headers of the transmitted message packets. Strict dependence of information systems configurations on the quality requirements for the architecture, as well as established security policies set by regulators, causes them to have the properties of static, homogeneous and deterministic network parameters. This gives the adversary a number of indisputable advantages to non-compromising conduct network reconnaissance, high reliability of its results over a long period of time, as well as advance (planned) formation and application of the optimal set of tools to implement computer attacks. In this regard, there is a need to develop security technologies that replace static parameters of information systems with the dynamic ones. The analysis of existing technologies in the subject area under consideration showed a number of their inherent disadvantages, consisting in high resource intensity, insufficient performance and narrowness of the scope. In order to solve this problem, the author proposed a new technical solution that allows to level the disadvantages of known analogues and surpasses them by a number of criteria. The technical shape of the suite, consisting of three interconnected subsystems, that allows to mask information directions, the parameters of local area networks and manage the parameters of network connections with network reconnaissance tools, is presented and justified.
Published Version
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call