The article discusses new models and methods for timely identification and blocking of malicious code of critically important information infrastructure based on static and dynamic analysis of executable program codes. A two-stage method for detecting malicious code in the executable program codes (the so-called "digital bombs") is described. The first step of the method is to build the initial program model in the form of a control graph, the construction is carried out at the stage of static analysis of the program. The article discusses the purpose, features and construction criteria of an ordered control graph. The second step of the method is to embed control points in the program’s executable code for organizing control of the possible behavior of the program using a specially designed recognition automaton - an automaton of dynamic control. Structural criteria for the completeness of the functional control of the subprogram are given. The practical implementation of the proposed models and methods was completed and presented in a special instrumental complex IRIDA.
[1]
Eric D. Vugrin,et al.
Advancing Cyber Resilience Analysis with Performance-Based Metrics from Infrastructure Assessments
,
2012,
Int. J. Secur. Softw. Eng..
[2]
P. Chandrasekharan.
Robust Control of Linear Dynamical Systems
,
1996
.
[3]
H. Wildon Carr,et al.
I.—The Problem of Recognition
,
1917
.
[4]
Sergei Petrenko,et al.
Big Data Technologies for Monitoring of Computer Security: A Case Study of the Russian Federation
,
2018,
Springer International Publishing.
[5]
Kay Boardman,et al.
The Publishing House
,
2010
.
[6]
Igor Linkov,et al.
Features of resilience
,
2017,
Environment Systems and Decisions.
[7]
Will Kanyusik.
The Problem of Recognition: The Disabled Male Veteran and Masculinity as Spectacle in William Wyler's The Best Years of Our Lives
,
2012
.