A. A. Grusho, E. E. Timonina, N. A. Grusho, I. Yu. Teryokhina, “Identifying anomalies using metadata”, Inform. Primen., 14:3 (2020), 76

Informatika i Ee Primeneniya [Informatics and its Applications]

RUS ENG

JOURNALS PEOPLE ORGANISATIONS CONFERENCES SEMINARS VIDEO LIBRARY PACKAGE AMSBIB

JavaScript is disabled in your browser. Please switch it on to enable full functionality of the website

	General information
	Latest issue
	Archive
	Impact factor

	Search papers
	Search references

	RSS
	Latest issue
	Current issues
	Archive issues
	What is RSS

Inform. Primen.:
Year:
Volume:
Issue:
Page:
	Find

Personal entry:
Login:
Password:
	Save password
	Enter
	Forgotten password?
	Register

Informatika i Ee Primeneniya [Informatics and its Applications], 2020, Volume 14, Issue 3, Pages 76–80
DOI: https://doi.org/10.14357/19922264200311 (Mi ia682)

This article is cited in 2 scientific papers (total in 2 papers)

Identifying anomalies using metadata

A. A. Grusho^a, E. E. Timonina^a, N. A. Grusho^a, I. Yu. Teryokhina^b

^a Institute of Informatics Problems, Federal Research Center “Computer Sciences and Control” of the Russian Academy of Sciences, 44-2 Vavilov Str., Moscow 119133, Russian Federation
^b Faculty of Computational Mathematics and Cybernetics, M. V. Lomonosov Moscow State University, 1-52 Lenin- skiye Gory, GSP-1, Moscow 119991, Russian Federation

Full-text PDF (162 kB) Citations (2)

References:

PDF

HTML

DOI: https://doi.org/10.14357/19922264200311

Abstract: The paper discusses the problem of information technology security control based on computer audit data. These data are the sequence of small samples, each of which describes the transmission of information from one transformation to another. Information technologies are represented by mathematical models in the form of oriented acyclic graphs. In the article, such graphs describing data transmission are called metadata. In integrated computer audit data, there may be at the same time traces of the execution of several information technologies described by their graphs. This makes it difficult to recognize information flows that correspond to arcs of different graphs. The concept of legal information flow is introduced in the paper, which corresponds to the transfer of data of all information technologies being performed. Information flows that do not correspond to the execution of existing information technologies are called illegal or anomalies. Such information flows can occur due to hostile activities of insiders or due to errors in user actions. The article solves the problem of effective identification of legal information flows and anomalies on the basis of metadata.

Keywords: information security, information flow, anomalies, metadata, systems of different representatives.

Funding agency	Grant number
Russian Foundation for Basic Research	18-07-00274_а
The paper was partially supported by the Russian Foundation for Basic Research (project 18-07-00274).

Received: 15.07.2020

Bibliographic databases:

Document Type: Article

Language: Russian

Citation: A. A. Grusho, E. E. Timonina, N. A. Grusho, I. Yu. Teryokhina, “Identifying anomalies using metadata”, Inform. Primen., 14:3 (2020), 76–80

Citation in format AMSBIB

\Bibitem{GruTimGru20}

\by A.~A.~Grusho, E.~E.~Timonina, N.~A.~Grusho, I.~Yu.~Teryokhina

\paper Identifying anomalies using metadata

\jour Inform. Primen.

\yr 2020

\vol 14

\issue 3

\pages 76--80

\mathnet{http://mi.mathnet.ru/ia682}

\crossref{https://doi.org/10.14357/19922264200311}

\elib{https://elibrary.ru/item.asp?id=44000267}

Linking options:

https://www.mathnet.ru/eng/ia682

https://www.mathnet.ru/eng/ia/v14/i3/p76

This publication is cited in the following 2 articles:

Citing articles in Google Scholar: Russian citations, English citations
Related articles in Google Scholar: Russian articles, English articles

Что такое QR-код?

Registration to the website

Logotypes