Software Integrity Control

Autor: Tatiana Omelchenko, Yuriy Umnitsyn, Arina Nikishova
Rok vydání: 2019
Předmět:
Zdroj: 2019 International Russian Automation Conference (RusAutoCon).
DOI: 10.1109/rusautocon.2019.8867606
Popis: In this article the tool for software integrity control is introduced. With its help the risk of violation of enterprise's information system's software integrity can be reduced. The tool implements the algorithm of integrity control based on the Russian standard of hashing function “GOST R 34.11-2012”. The functionality of developed tool allows to create the initial state of the enterprise's information system by obtaining a set of hash values for each program. These values are saved in the database of initial hashes. The tool carries out periodic integrity check, firstly by calculating the current hash values for software based on the algorithm of the hashing function “GOST R 34.11-2012”, and then by comparing the current hash values with the initial ones. If modification of the program is authorized, its hash value is modified. The tool provides report of the performed software integrity check. The experimental studies are carried out. To confirm the functionality of developed tool, the malware “12Trojan.Win32.Krepper.ab” is modeled. It is shown that the use of the developed tool reduces information security risk by 5%.
Databáze: OpenAIRE