Military Review

Computer systems border guards equipped with dynamic protection

13
The Institute for System Programming (ISP) of the Russian Academy of Sciences has developed for the FSB border service a technology to protect computer systems from cyber attacks. News.




The program allows you to significantly reduce losses from cyber attacks - hacking one computer does not mean penetration into the whole system. Such protection is especially important on the eve of the World Cup 2018 - it is expected that next year a large number of foreign fans will cross the Russian border.

According to the director of ISP, Arutyun Avetisyan, the company “Smemel”, which is engaged in technical and service support of state information systems, became interested in the development. As a result, the product "ISP Obfuscator" from this year began to be used in cyber defense of the FSB border guard systems.

If you have infinitely many resources and time, you will find a weak spot in any defense. We set a goal - to minimize damage, to make sure that one attack could hit only one computer of the system and would be harmless to all others. This problem is solved. The vulnerabilities found on one site do not work on all other elements of the system thanks to our solution. If an attacker has hacked one device, then he can hack the next one only if he starts everything from scratch,
told Avetisyan.

He explained that we are talking about “automatic change of program code used by system elements.” The so-called code diversification occurs every time you start the program. This "complicates hacking and the use of detected vulnerabilities, the new development is combined with other means of protection." At the same time to use the tool "does not require special knowledge and experience in the field of security."

As noted by ISP employee Alexei Nurmukhametov, “the use of dynamic protection reduces system performance by no more than 1 – 2%, which is almost imperceptible to the user.”

Each time a program in memory changes during its launch. Every time it is not similar to the previous version in the computer’s memory, another code is needed for its hacking,
added on.
Photos used:
http://www.globallookpress.com
13 comments
Information
Dear reader, to leave comments on the publication, you must to register.

I have an account? Sign in

  1. Chertt
    Chertt 11 December 2017 10: 54
    +8
    I read the headline, startled. I really think they’ll put "Relic" or "Contact" on computers
    1. Maz
      Maz 11 December 2017 13: 06
      +2
      God forbid, otherwise they stood at their checkpoint for four hours, another six hours. Like Reshuffle - a madhouse on the border.
  2. aszzz888
    aszzz888 11 December 2017 10: 57
    +2
    "Well, they can, when they want to!" (P). good
    1. Jedi
      Jedi 11 December 2017 10: 59
      +5
      Hi! hi
      The so-called code diversification occurs every time the program starts. This "makes it difficult for a hacker to hack and exploit detected vulnerabilities, the new development is combined with other security measures."

      In other words, to crack the entire network, you now have to crack the code diversification algorithm.
      1. aszzz888
        aszzz888 11 December 2017 11: 04
        +3
        ... glad to see on the site! hi ... at least hacking the entire computer system will be very difficult ...
        1. Jedi
          Jedi 11 December 2017 11: 06
          +5
          Especially if the code diversification algorithm itself is floating. wink
          1. bk316
            bk316 11 December 2017 19: 02
            +3
            Of course, he is also "diversified"
      2. l7yzo
        l7yzo 11 December 2017 16: 45
        0
        no, just shas everyone will write on pieces of paper, you just need to find it)
  3. bk316
    bk316 11 December 2017 11: 18
    +6
    Finally made a polymorph.
    Less than 10 years have passed (as far as I remember, it was announced in 2008 at a conference on cybersecurity in government information systems)
  4. l7yzo
    l7yzo 11 December 2017 16: 44
    0
    Or maybe just make a token ring technology with filtering? why come up with a bike? If there is a rocket oo?
    1. bk316
      bk316 11 December 2017 19: 03
      +3
      Maybe it's just better to be silent than to write any garbage?
      Well, if I read the article and did not understand anything, why disgrace and comment?
      1. l7yzo
        l7yzo 11 December 2017 20: 25
        0
        I obey and obey the hacking guru)
        1. bk316
          bk316 12 December 2017 10: 15
          +2
          It’s free. Get out!