ANALYSIS OF SECURITY INCIDENT INVESTIGATION TECHNOLOGI AT CRITICAL INFRASTRUCTURE FACILITIES
DOI:
https://doi.org/10.28925/2663-4023.2024.26.699Keywords:
object of critical infrastructure; cyber security; cyber protection; security incidents; investigation of security incidents; information security incident management; information security incident response teams, security incident investigation tools.Abstract
This article aims to analyze and review modern technologies used in the investigation of security incidents at critical infrastructure facilities. Research and implementation of the latest strategies and approaches in this area can contribute to increasing the level of protection of important systems, as well as to the detection and response to new cyber threats, while maintaining the reliability of the functioning of society as a whole. Today, the urgent issue of the security industry is to address the state of information security of critical infrastructure objects with the effective application of appropriate measures to maintain it in proper condition. The information space, resources, infrastructure and technologies significantly affect the level of potential of the state and its armed forces. Today, more than ever, the information component in the strategy of ensuring the national and military security of the state has come to the fore [1], [2]. The study and implementation of technological trends of cyber protection in the sector of critical infrastructure allows to respond to the complexity of modern cyber threats and ensures an increase in the security of systems in real time.
Downloads
References
On the Decision of the National Security and Defence Council of Ukraine of 6 May 2015 ‘On the National Security Strategy of Ukraine’, Decree of the President of Ukraine No. 287/2015 (2020) (Ukraine). https://zakon.rada.gov.ua/laws/show/287/2015#Text.
On the Decision of the National Security and Defence Council of Ukraine of 14 May 2021 ‘On the Cybersecurity Strategy of Ukraine’, Decree of the President of Ukraine No. 447/2021 (2021) (Ukraine). https://zakon.rada.gov.ua/laws/show/447/2021#Text
On the Basic Principles of Ensuring Cybersecurity of Ukraine, Law of Ukraine No. 2163-VIII (2024) (Ukraine). https://zakon.rada.gov.ua/laws/show/2163-19#Text
Khlaponin, Y., Kozubtsova, L., Kozubtsov, I., & Shtonda, R. (2022). Functions Of The Information Security And Cybersecurity System Of Critical Information Infrastructure. Electronic Professional Scientific Journal «Cybersecurity: Education, Science, Technique», 3(15), 124–134. https://doi.org/10.28925/2663-4023.2022.15.124134
Kozhedub, Y., Vasylenko, S., Maksymets, A., & Girda, V. (2021). Conceptual model of information protection of critical information infrastructure of Ukraine. Information Technology and Security, 9(2(17)), 151–164. https://doi.org/10.20535/2411-1031.2021.9.2.249889
Gnatyuk, S., Berdibayev , R., Sydorenko, V., Zhyharevych, O., & Smirnova, T. (2023). System for cyber security events correlation and incident management in critical infrastructure objects. Electronic Professional Scientific Journal «Cybersecurity: Education, Science, Technique», 3(19), 176–196. https://doi.org/10.28925/2663-4023.2023.19.176196
Mashtaliar, Y., Kozachok, V., Brzhevska, Z., Bohdanov, O., Oksanych, I., & Lytvynov, V. (2023). Research of development and innovation of cyber protection at critical infrastructure facilities. Electronic Professional Scientific Journal «Cybersecurity: Education, Science, Technique», 2(22), 156–167. https://doi.org/10.28925/2663-4023.2023.22.156167
Information security incident management (IDT). (2004). Information technology - Security techniques - (ISO/IEC TR 18044:2004).
Kent, K., Chevalier, S., Grance T., Dang H. (2006). Guide to Integrating Forensic Techniques into Incident Response – Recommendations of the National Institute of Standards and Technology (NIST). https://doi.org/10.6028/NIST.SP.800-86
CERT Coordination Center. (б. д.). CERT Vulnerability Notes Database. https://www.kb.cert.org
About CSIRT. (n.d.). CSIRT of the State Research Institute of Cybersecurity and Information Protection Technologies. https://csirt.csi.cip.gov.ua/uk/pages/about-csirt
CERT-UA. (б. д.). https://cert.gov.ua/
opsy | Digital Forensics. (б. д.). Autopsy. https://www.autopsy.com/
Wireshark · Go Deep. (б. д.). Wireshark. https://www.wireshark.org/
Magnet Forensics | Unlock the truth. Protect the innocent. (б. д.). Magnet Forensics. https://www.magnetforensics.com/
NETRESEC - Network Forensics and Network Security Monitoring. (б. д.). Netresec. https://www.netresec.com/
Nmap: the Network Mapper - Free Security Scanner. (б. д.). https://nmap.org/
Belkasoft: Intelligent Software for Digital Forensics and Cyber Incident Response. (б. д.). https://belkasoft.com/
HashMyFiles: Calculate MD5/SHA1/CRC32 hash of files. (б. д.). NirSoft. https://www.nirsoft.net/utils/hash_my_files.html#google_vignette
*NEW* Community Tool: CrowdResponse. (б. д.). CrowdStrike: We Stop Breaches with AI-native Cybersecurity. https://www.crowdstrike.com/en-us/blog/new-community-tool-crowdresponse/
USB 3.1 WriteBlocker | WiebeTech. (б. д.). WiebeTech | Digital Forensics. https://wiebetech.com/products/usb-3-1-writeblocker/
DSi USB Write Blocker. (2018). Hackercombat. https://www.hackercombat.com/digital-forensic-tools-availability-in-the-nutshell/dsi-usb-write-blocker/
Published
How to Cite
Issue
Section
License
Copyright (c) 2024 Валерій Козачок, Михайло Драпатий
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
