Тестирование и анализ атак на криптопротокол Kerberos с помощью программного стенда системы аутентификации

Козлов, Александр Владимирович

doi:10.37882/2223-2966.2021.05.16

Cited by 1 publication

(1 citation statement)

References 1 publication

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Если в системе присутствует аутентификация на основе Kerberos, то для выявления воздействий в виде перебора паролей потребуется анализ протокола Kerberos, который заключается в поиске сессий с ошибками [7].…”

Section: рисунок 3 количество атак на протоколы удаленного доступаunclassified

Vulnerability assessment of data transmission protocols in information systems

Rudzeyt

Dobrzhinskii

Titanov

2022

Russian journal of resources, conservation and recycling

View full text Add to dashboard Cite

During the period of rapid digitalization of society, modern technologies have become firmly established in many areas of the economy. Modern enterprises do not conduct business activity without modern means of digital communications, which allow the exchange of information both between the objects of the enterprise and the transmission of data to users outside the external perimeter of the enterprise network. The enterprise infrastructure may have information vulnerabilities that attackers use to intercept data, attack enterprise systems, or to attack the devices of system users. Such attacks can lead to hardware failures, service failures, software errors, data loss, etc. According to statistics from Positive Technologies in 2021, 33 % of Russian companies were exposed to cyberattacks using the vulnerability of the company's data transmission protocols, and 55 % of major global companies have serious vulnerabilities in the perimeter of the system. This article discusses the most common data transmission protocols that are used in automated process control systems. Types of vulnerabilities of protocols of various levels of the OSI model are given. The mechanisms of vulnerability implementation and methods of analyzing enterprise network traffic are considered. The statistics of impacts on data transmission protocols in various industries of their use, as well as statistics on violations of information security regulations in companies are provided. The article is based on the task of determining the signs of impacts and assessing the security of protocols in order to further develop solutions for measures to counteract the impact on the system of companies.

show abstract

Section: рисунок 3 количество атак на протоколы удаленного доступаunclassified