Безопасность информационных технологий

Статья посвящена эффективности использования информационной энтропии для решения задач информационной безопасности. Проведен анализ характеристик и зависимостей энтропии информации и недостатков ее использования при решении различных задач.

1. Shennon C. A Mathematical Theory of communication // The Bell System Technical Journal. 1948. V. 27. P. 379–423, 623–656.
2. Falcioni M., Loreto V., Vulpiani A. Kolmogorov’s Legacy about Entropy, Chaos, and Complexity // The Kolmogorov Legacy in Physics. 2003. P. 85–108.
3. Хэмминг Р. В. Теория кодирования и теория информации. М.: Радио и связь. 1983. С. 176.
4. Jozwiak I., Kedziora M., Melinska A. Theoretical and Practical Aspects of Encrypted Сontainers Detection – Digital Forensics Approach // Dependable Computer Systems. 2011. V. 97. P. 75–85.
5. Wu Y., Zhou Y., Saveriades G., [etc.] Local Shannon entropy measure with statistical tests for image encryption // Information Sciences: an International Journal. 2013. V. 222. P. 323–342.
6. Digital Forensics File Carving Advances [Электронный ресурс]: KoreLogic DFRWS-2006 Project. 2006. URL: http://www.korelogic. com/Resources/Projects/dfrws_challenge_2006/DFRWS_2006_File_Carving_Challenge.pdf (дата обращения: 12.08.2014).
7. Cardoso A., Crespo R., Kokol P. Assessing Software Structure by Entropy and Information Density // ACM SIGSOFT Software Engineering Notes. 2004. V. 29. I. 2. P. 2.
8. Sorokin I. Comparing files using structural entropy // Journal in Computer Virology. 2011. V. 7. I. 4. P. 259–265.
9. Weston P., Wolthusen S. Forensic Entropy Analysis of Microsoft Windows Storage Volume // Information Security for South Africa. 2013. P. 1–7.
10. Hall G., Davis W. Sliding Window Measurement for File Type Identification // Technical report, Computer Forensics and Analysis Group, ManTech Security and Mission Assurance. 2006.
11. Roussev V. Data fingerprinting with similarity digests // Advances in Digital Forensics VI. 2010. P. 207–226.
12. Sportiello L., Zanero S. Context-based file block classification // Advances in Digital Forensics VIII. 2012. P. 67–82.
13. Sportiello L., Zanero S. Context-Based File Block Classification // Advances in Digital Forensics VIII. 2012. Part 2. P. 67–82.
14. Veenman Cor J. Statistical Disk Cluster Classification for File Carving // IAS’07. Proceedings of the Third International Symposium on Information Assurance and Security. 2007. P. 393–398.
15. Qiming L. A Novel Support Vector Machine Approach to High Entropy Data Fragment // Proceedings of South African Information Security Multi-Conference. Digital Forensics & Incident Analysis. 2010. P. 236–247.
16. Davis T. Utilizing Entropy to Identify Undetected Malware [Электронный ресурс]: Guidance Software.2009. URL: http:// image.lifeservant.com/siteuploadfiles/VSYM/99B5C5E7-8B46-4D14-A53EB8FD1CEEB2BC/43C34073-C29A-8FCE-4B653DBE35B934F7.pdf (дата обращения 12.08.2014).
17. Shannon M. Forensic Relative Strength Scoring: ASCII and Entropy Scoring // International Journal of Digital Evidence. 2004. V. 2. I. 4. P. 1–19.
18. Jóźwiak I., Kędziora M., Melińska A. Methods for Detecting and Analyzing Hidden FAT32 Volumes Created with the Use of Cryptographic Tools // Proceedings of the 8th International Conference on Dependability and Complex Systems DepCoS-RELCOMEX. 2013. P. 237–244.
19. Wu Y., Zhou Y., Saveriades G. [etc.] Local Shannon entropy measure with statistical tests for image randomness // Information Sciences: an International Journal. 2013. V. 222. P. 323–342.
20. Salomon D. Data Privacy and Security. Springer New York, 2003. – 100 p.
21. Guo F., Ferrie P., Chiueh T.-C. A study of the packer problem and its solutions // InRAID’08: Proceedings of the 11th international symposium on Recent Advances in Intrusion Detection. 2008. P. 98–115.
22. Lyda R., Hamrock J. Using Entropy Analysis to Find Encrypted and Packed Malware // IEEE Security and Privacy. 2007. V. 5. I. 2. P. 40–45.
23. Jeong G., etc. Generic Unpacking using Entropy Analysis // Malicious and Unwanted Software (MALWARE). 5th International Conference. 2010. P. 98–105.
24. Сен Н. Д., Котляров В. П., Григорьев Я. Ю. Применение оценок на основе энтропии для сравнения криптостойкости алгоритмов шифрования // Современные наукоемкие технологии. 2013. № 2. С. 105–106.
25. NIST SP800-63, Information Security. NIST. 2006. – 65 p.
26. Androulidakis G., Chatzigiannakis V., Papavassiliou S. Network Anomaly Detection and Classification via Opportunistic Sampling // IEEE Network: The Magazine of Global Internetworking – Special issue title on recent developments in network intrusion detection. 2009. V. 23. I. 1. P. 6–12.
27. Lall A., Sekar V., Ogihara M., [etc.] Data Streaming Algorithms for Estimating Entropy of Network Traffic // SIGMETRICS’06/Performance’06. Proceedings of the Joint International Conference on Measurement and Modeling of Computer Systems. 2006. P. 145–156.
28. Lakhina A., Crovella M., Diot C. Mining Anomalies Using Traffic Feature Distributions // SIGCOMM’05. Proceedings of the 2005 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications. 2005. P. 217–228.
29. Wagner A., Plattner B. Entropy Based Worm and Anomaly Detection in Fast IP Networks // WETICE’05. Proceedings of the 14th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprise. 2005. P. 171–177.
30. Xu K., Zhang Z.-L., Bhattacharyya S. Profiling Internet Backbone Traffic: Behavior Models and Applications // SIGCOMM’05. Proceedings of the 2005 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications. 2005. P. 169–180.
31. Feinstein L., etc. Statistical Approaches to DDoS Attack Detection and Response // DARPA Information Survivability Conference and Exposition. 2003. Proceedings. 2003. V. 1. P. 303–314.