<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE article PUBLIC "-//NLM//DTD JATS (Z39.96) Journal Publishing DTD v1.3 20210610//EN" "JATS-journalpublishing1-3.dtd">
<article article-type="research-article" dtd-version="1.3" xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xml:lang="ru"><front><journal-meta><journal-id journal-id-type="publisher-id">sustain</journal-id><journal-title-group><journal-title xml:lang="ru">Надежность</journal-title><trans-title-group xml:lang="en"><trans-title>Dependability</trans-title></trans-title-group></journal-title-group><issn pub-type="ppub">1729-2646</issn><issn pub-type="epub">2500-3909</issn><publisher><publisher-name>RAMS Journal Limited liability company</publisher-name></publisher></journal-meta><article-meta><article-id pub-id-type="doi">10.21683/1729-2646-2017-17-4-36-43</article-id><article-id custom-type="elpub" pub-id-type="custom">sustain-238</article-id><article-categories><subj-group subj-group-type="heading"><subject>Research Article</subject></subj-group><subj-group subj-group-type="section-heading" xml:lang="ru"><subject>ФУНКЦИОНАЛЬНАЯ БЕЗОПАСНОСТЬ. ТЕОРИЯ И ПРАКТИКА</subject></subj-group><subj-group subj-group-type="section-heading" xml:lang="en"><subject>FUNCTIONAL SAFETY. THE THEORY AND PRACTICE</subject></subj-group></article-categories><title-group><article-title>МОДЕЛИ ВРЕДОНОСНЫХ ПРОГРАММ И ОТКАЗОУСТОЙЧИВОСТИ ИНФОРМАЦИОННО-ТЕЛЕКОММУНИКАЦИОННЫХ СЕТЕЙ</article-title><trans-title-group xml:lang="en"><trans-title>MODELS OF MALICIOUS SOFTWARE AND FAULT TOLERANCE OF INFORMATION COMMUNICATION NETWORKS</trans-title></trans-title-group></title-group><contrib-group><contrib contrib-type="author" corresp="yes"><name-alternatives><name name-style="eastern" xml:lang="ru"><surname>Климов</surname><given-names>С. М.</given-names></name><name name-style="western" xml:lang="en"><surname>Klimov</surname><given-names>S. M.</given-names></name></name-alternatives><bio xml:lang="ru"><p>доктор технических наук, профессор, начальник управления,</p><p>Королёв</p></bio><bio xml:lang="en"><p>Doctor of Engineering, Professor, Head of Division,</p><p>Korolyov</p></bio><email xlink:type="simple">klimov.serg2012@yandex.ru</email><xref ref-type="aff" rid="aff-1"/></contrib><contrib contrib-type="author" corresp="yes"><name-alternatives><name name-style="eastern" xml:lang="ru"><surname>Купин</surname><given-names>С. В.</given-names></name><name name-style="western" xml:lang="en"><surname>Kupin</surname><given-names>S. V.</given-names></name></name-alternatives><bio xml:lang="ru"><p>научный сотрудник,</p><p>Королёв</p></bio><bio xml:lang="en"><p>Researcher,</p><p>Korolyov</p></bio><email xlink:type="simple">serkup1970@mail.ru</email><xref ref-type="aff" rid="aff-1"/></contrib><contrib contrib-type="author" corresp="yes"><name-alternatives><name name-style="eastern" xml:lang="ru"><surname>Купин</surname><given-names>Д. С.</given-names></name><name name-style="western" xml:lang="en"><surname>Kupin</surname><given-names>D. S.</given-names></name></name-alternatives><bio xml:lang="ru"><p>преподаватель,</p><p>Королёв</p></bio><bio xml:lang="en"><p>teacher,</p><p>Korolyov</p></bio><email xlink:type="simple">t3ft3lb@gmail.com</email><xref ref-type="aff" rid="aff-2"/></contrib></contrib-group><aff-alternatives id="aff-1"><aff xml:lang="ru"><institution>4 ЦНИИ Минобороны России</institution><country>Россия</country></aff><aff xml:lang="en"><institution>4th Central Research and Design Institute of the Ministry of Defence of Russia</institution><country>Russian Federation</country></aff></aff-alternatives><aff-alternatives id="aff-2"><aff xml:lang="ru"><institution>МГТУ им. Н.Э. Баумана</institution><country>Россия</country></aff><aff xml:lang="en"><institution>Bauman MSTU</institution><country>Russian Federation</country></aff></aff-alternatives><pub-date pub-type="collection"><year>2017</year></pub-date><pub-date pub-type="epub"><day>22</day><month>11</month><year>2017</year></pub-date><volume>17</volume><issue>4</issue><fpage>36</fpage><lpage>43</lpage><permissions><copyright-statement>Copyright &amp;#x00A9; Климов С.М., Купин С.В., Купин Д.С., 2017</copyright-statement><copyright-year>2017</copyright-year><copyright-holder xml:lang="ru">Климов С.М., Купин С.В., Купин Д.С.</copyright-holder><copyright-holder xml:lang="en">Klimov S.M., Kupin S.V., Kupin D.S.</copyright-holder><license xml:lang="ru" license-type="creative-commons-attribution" xlink:href="https://creativecommons.org/licenses/by/4.0/" xlink:type="simple"><license-p>Данная работа распространяется под лицензией Creative Commons Attribution 4.0.</license-p></license><license xml:lang="en" license-type="creative-commons-attribution" xlink:href="https://creativecommons.org/licenses/by/4.0/" xlink:type="simple"><license-p>This work is licensed under a Creative Commons Attribution 4.0 License.</license-p></license></permissions><self-uri xlink:href="https://www.dependability.ru/jour/article/view/238">https://www.dependability.ru/jour/article/view/238</self-uri><abstract/><trans-abstract xml:lang="en"><p>The aim of this paper is to develop a model that would enable a standardized representation of malicious software’s structure, functions and to get a quantitative estimation of the fault tolerance of information and telecommunication networks affected by malicious software. The paper shows the relevance and importance of the malicious software models and evaluation of the fault tolerance of information and telecommunication networks affected by malicious software. Malicious software refers to software systems able to covertly deploy, establish unauthorized virtual data communication channel, self-propagate, self-modify, conduct unauthorized collection of information on the network and information technology interference against it. The structural and functional model of malicious software developed in this paper is composed of the following set of diagrams and function descriptions: structures of covert deployment and malicious software installation using electronic mail, structural and functional diagram of the main module of malicious software and covert deployment modules, structural and functional diagram of malicious software while implementing malicious functions, malicious software certificate. The diagrams detail the standard functions, operating procedures and information interaction of malicious software modules of the external and internal networks via an unauthorized virtual data communication channel. Primary malicious software modules are considered through the example of the Careto targeted computer attack. The model of fault tolerance of information and telecommunication networks affected by malicious software is described by indicators that characterize the ability of the networks and information security facilities to maintain and recover specified probabilistic and temporal characteristics over the period of malicious software activity. The following indicators are considered: probability that information and telecommunication networks and information security facilities maintain the specified probabilistic and temporal characteristics over the period of malicious software activity, probability that information and telecommunication networks and information security facilities recover the probabilistic and temporal characteristics after the effects of malicious software activity, factor of operation availability of information and telecommunication networks to perform the specified probabilistic and temporal characteristics under malicious software activity at an arbitrary moment in time, mathematical expectation of the duration of malicious software activity, mathematical expectation of the recovery time of the probabilistic and temporal characteristics of information and telecommunication networks and information security facilities. It is assumed that the values of the parameters required for the calculation of the indicators of the fault tolerance model of information and telecommunication networks were obtained as the result of a testbed simulation of the networks affected by malicious software. In the conclusion it is noted that the developed models enable the identification of the general structure of covert deployment and installation of attacking malicious software using electronic mail, structural and functional diagram of the main module of malicious software and covert deployment modules, structural and functional diagram of malicious software while implementing malicious functions, malicious software certificate, as well as evaluate the fault-tolerance of information and telecommunication networks and information security facilities affected by malicious software, quantify the probabilistic and temporal fault tolerance, recoverability and availability characteristics of networks.</p></trans-abstract><kwd-group xml:lang="ru"><kwd>вредоносные программы</kwd><kwd>информационно-телекоммуникационные сети</kwd><kwd>средства защиты информации</kwd><kwd>отказоустойчивость</kwd></kwd-group><kwd-group xml:lang="en"><kwd>malware</kwd><kwd>information and telecommunication networks</kwd><kwd>information security facilities</kwd><kwd>fault tolerance</kwd></kwd-group></article-meta></front><back><ref-list><title>References</title><ref id="cit1"><label>1</label><citation-alternatives><mixed-citation xml:lang="ru">Анатомия таргетированной атаки. В. Левцов, Н. Демидов. Журнал «Information Security/ Информационная безопасность» № 2, 2016. – с. 36 – 39.</mixed-citation><mixed-citation xml:lang="en">Levtstov V., Demidov N. Anatomia targetirovannoy ataki [Anatomy of a targeted attack]. Information Security 2016;2:36–39.</mixed-citation></citation-alternatives></ref><ref id="cit2"><label>2</label><citation-alternatives><mixed-citation xml:lang="ru">Угрозы информационной безопасности в кризисах и конфликтах XXI века / Под ред. А.В. Загорского, Н.П. Ромашкиной – М.:ИМЭМО РАН, 2015. – 151 с.</mixed-citation><mixed-citation xml:lang="en">Zagorsky A.V., Romashkina N.P., editors. Ougrozy informatsionnoy bezopasnosti v krizisakh i konfliktakh XXI veka [Information security threats in the XXI century’s crises and conflicts]. Moscow: IMEMO RAS; 2015 [in Russian].</mixed-citation></citation-alternatives></ref><ref id="cit3"><label>3</label><citation-alternatives><mixed-citation xml:lang="ru">Сорванная «Маска» – замаскированный АРТ. Аналитические материалы Лаборатории Касперского. https:// kasperskycontenthub.com/wp-content/uploads/sites/43/ vlpdfs/unveilingthemask_v1.0.pdf</mixed-citation><mixed-citation xml:lang="en">Unveiling “Careto” – The Masked APT. Kaspersky Llab’s Analytical materials.</mixed-citation></citation-alternatives></ref><ref id="cit4"><label>4</label><citation-alternatives><mixed-citation xml:lang="ru">Климов С.М., Астрахов А.В., Сычев М.П. Методические основы противодействия компьютерным атакам. Электронное учебное издание. – М.: МГТУ имени Н.Э. Баумана, 110 с, 2013.</mixed-citation><mixed-citation xml:lang="en">Klimov S.M., Astrakhov А.V., Sychiov М.P. Metodicheskie osnovy protivodeystvia kompiuternim atakam. Elektronnoye ouchebnoe izdanie [Basic methods of computer attack reaction. Electronic study guide]. Moscow: Bauman MSTU; 2013 [in Russian].</mixed-citation></citation-alternatives></ref><ref id="cit5"><label>5</label><citation-alternatives><mixed-citation xml:lang="ru">Шубинский И.Б. Надежные отказоустойчивые информационные системы. Методы синтеза/ И.Б. Шубинский. – Ульяновск: Областная типография «Печатный двор», 2016. – 544 с., ил. – («Журнал надежность»).</mixed-citation><mixed-citation xml:lang="en">Shubinsky I.B. Nadiozhnie otkazoustoychivie informatsionnie sistemy. Metodi sinteza [Dependable failsafe information systems. Synthesis methods]. Ulianovsk: Oblastnaya tipografia Pechatny dvor; 2016 [in Russian].</mixed-citation></citation-alternatives></ref><ref id="cit6"><label>6</label><citation-alternatives><mixed-citation xml:lang="ru">К. Капур, Л. Ламберсон. Надежность и проектирование систем. Под ред. И.А. Ушакова. Пер. с англ. – М.: «Мир», 1980. – 604 с., ил.</mixed-citation><mixed-citation xml:lang="en">Kapur K., Lamberson L. Reliability in engineering design. Moscow: Mir; 1980.</mixed-citation></citation-alternatives></ref><ref id="cit7"><label>7</label><citation-alternatives><mixed-citation xml:lang="ru">Величко В.В., Попков Г.В., Попков В.К. Модели и методы повышения живучести современных систем связи. – М.: Горячая линия – Телеком, 2016. – 270 с.: ил.</mixed-citation><mixed-citation xml:lang="en">Velichko V.V., Popkov G.V., Popkov V.K. Modeli i metody povyshenia zhivuchesty sovremennykh sistem sviazi [Models and methods of improving the resilience of present day communication systems]. Мoscow: Goriachaia linia-Telekom; 2016 [in Russian].</mixed-citation></citation-alternatives></ref></ref-list><fn-group><fn fn-type="conflict"><p>The authors declare that there are no conflicts of interest present.</p></fn></fn-group></back></article>
