Konferensiyasi


“ZAMONAVIY TA‟LIM TIZIMINI RIVOJLANTIRISH VA UNGA QARATILGAN KREATIV G‟OYALAR


Download 1.48 Mb.
Pdf ko'rish
bet16/36
Sana25.10.2023
Hajmi1.48 Mb.
#1720390
1   ...   12   13   14   15   16   17   18   19   ...   36
Bog'liq
63ed0704130b8 19 respublika ilmiy onlayn 10-TA

“ZAMONAVIY TA‟LIM TIZIMINI RIVOJLANTIRISH VA UNGA QARATILGAN KREATIV G‟OYALAR, 
TAKLIFLAR VA YECHIMLAR” MAVZUSIDAGI 19-SONLI RESPUBLIKA ILMIY-AMALIY ON-LINE 
KONFERENSIYASI 
www
.
bestpublishing.
org
166 
sequence of actions in breach is known) and protect its completeness. A review of the 
breach sequence will identify vulnerabilities in the services, locate the culprit, determine the 
amount and area of damage, and return to normal operation. 
The task of the audit is to identify attempts to violate information security. Until now, 
the term audit has been used to refer to the review of various reports and documents to 
determine whether they are flawed. That is, an analysis of what happened would lead to a 
conclusion. The essence of the audit we are discussing is a bit different, because it is related 
to the operation of automated systems. The audit of systems is carried out in two different 
ways - periodically, ie in a passive manner, after a certain period of time, when the account 
of events that took place during this period is analyzed and conclusions are presented, in the 
active form, each the current shocks are analyzed and the necessary recommendations or 
notifications are generated. For example, during the Soviet era, the reason for exposing the 
activities of German hackers working on behalf of the KGB secret service was to check that 
the daily reports of a large computer center differed by a few cents each day. Once more 
vulnerabilities are identified, it increases the effectiveness of the ability to address the 
system by repeatedly reconfiguring and rebuilding and performing performance checks. 
III. RESULTS 
The first and second types of errors in relation to active audit tools are: missed attacks 
or unnecessary bells, respectively. The first type of mistake is not to mention how 
undesirable it is to miss an attack, but the second is a very unpleasant situation. Because it 
wastes valuable time and money, distracts from important tasks, and possibly misses a new 
attack. The advantage of the signaling method is that it is fast, leads to less errors of the 
second type, and the conclusions are based. The main drawback is that it does not recognize 
new attacks and old ones. Signature method is universal, based on conclusions, and has the 
ability to recognize attacks in an unfamiliar way, which reduces the first type of error.
IV. DISCUSSION 
Active audit tools can be located in any part of the security system - detecting 
suspicious activity at points of connection to the external network at the border (not only to 
try to gain unauthorized access, but also to determine the capabilities of security services). It 
can stop suspicious actions of internal and external customers, detect security problems in 
the operation of services or problems with hardware and software, and protect them from 
possible attacks. However, despite the fact that active auditing has been developing for ten 
or fifteen years, it is still circulating. 
V. CONCLUSION 
There are transition cases. Although it was initially possible to quickly identify similar 
attacks, now there are many problems in detecting previously unknown-looking attacks
distributed and time-lapse, and other similar attacks. it has been. It is unlikely that a solution 
will be found in the near future. Fighting by filling out the signature database on time alone 
will not be the solution. Nevertheless, active audit is one of the important layers of layer-by-
layer proction. 



Download 1.48 Mb.

Do'stlaringiz bilan baham:
1   ...   12   13   14   15   16   17   18   19   ...   36




Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©fayllar.org 2024
ma'muriyatiga murojaat qiling