Volodymyr Koshkin, Andriy Mandra


The frequency of unauthorized actions to information systems (IS) in the process of their integration is steadily increasing, which inevitably leads to huge financial and material losses. According to statistics, internal users of IS, commit more than half of all violations. All of this forms "a dangerous group of risk". Existing approaches for IS security are mainly provided by specialized tools of differentiation of user access to information resources. The legal maintenance of information security is a set of laws, legal documents, regulations, instructions, manuals, requirements which are required in the information security system. Organizational and administrative support of the information security is a regulation of industrial activity and the relationship between performers in the legal and regulatory basis in the way that disclosure, leakage and unauthorized access to information come impossible or significantly hampered by carrying out organizational activities. The technical tools of protection include the hardware, software and cryptographic protection, which make difficult to attack, and help detect the fact of its occurrence, and help to get rid of the consequences of an attack. Behavioral methods, unlike signature, is based on models of IS with regular process operation and not based on information attacks models. The principle of behavioral methods is to detect discrepancies between the current modes of the operation of IS and full-mode model is laid down in the method parameters. Any such discrepancy is considered as an information attack. The algorithm of the signature method concerns to find the source of attack signatures in the data collected by the network and host intrusion detection system sensors. In the case that the required signatures are founded, intrusion detection system records the fact of the information attack, which corresponds to the signature found. The disadvantage of this group of methods is the difficulty of creating accurate models of the normal mode of IS functionality.


Information system; intrusion detection system; behavioral method; signature method; security of information systems

Full Text:



Information System Security Associated. 2013. Available at:

Chang SE, Ho CB. Organizational factors to the effectiveness of implementing information security management. Industrial Management & Data Systems. 2006, no. 106 (3), pp. 345-361.

Chari SN, Cheng PC. BlueBox: A policy-driven, host-based intrusion detection system. ACM Transactions on Information and System Security (TISSEC). 2003, no. 6 (2), pp. 173-200.

Chebrolu S., Abraham A., Thoma J. P. Feature deduction and ensemble design of intrusion detection systems. Computers & Security. 2005, no. 24 (4),. pp. 295-307.

Hinde S. Privacy legislation: A comparison of the US and European approaches. Computers & Security. 2003, no. 22 (5), pp. 378.

Kenkre P. S., Pai A., Colaco L. Real-time intrusion detection, and prevention system. Proceedings of the 3rd International Conference on Frontiers of Intelligent Computing: Theory and Applications (FICTA) 2014. Springer International Publishing, 2015, pp. 405-411.

GOST Style Citations



  • There are currently no refbacks.

Copyright (c) 2018 Volodymyr Koshkin, Andriy Mandra

Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

Strategic Management Department, NTU «KhPI»
All rights reserved © 2017 Kharkiv, Ukraine