Разведка по открытым источникам данных и ее применение для решения задач кибербезопасности

Разведка по открытым источникам данных и ее применение для решения задач кибербезопасности

Автор: Сидорова Мария Евгеньевна, Кузьмин Александр Ростиславович

Журнал: Вестник Российского нового университета. Серия: Сложные системы: модели, анализ и управление @vestnik-rosnou-complex-systems-models-analysis-management

Рубрика: Управление сложными системами

Статья в выпуске: 1, 2023 года.

Бесплатный доступ

Разведка по открытым источникам данных (от англ. Open Source Intelligence, OSINT) - это концепция, описывающая поиск, сбор, анализ и использование информации из открытых источников, а также совокупность методов и инструментов для решения этих задач. С развитием инфокоммуникационных технологий области применения OSINT также существенно расширились - от проверки благонадежности и личных связей отдельного физического лица, конкурентной разведки субъектов предпринимательской деятельности до поиска брешей в национальной обороне противоборствующих сторон и выявлении слабых мест в обеспечении информационной безопасности объектов критической инфраструктуры. Целью настоящей статьи является систематизация актуальных методов разведки по открытым источникам данных и анализ их применимости для решения задач кибербезопасности. Контент-анализ общедоступных источников информации и исследований по теме OSINT позволил сформировать систему методов разведки по открытым источникам данных для задач кибербезопасности, которая приведена в виде таблицы в конце статьи.

Еще

Разведка по открытым источникам, osint, информационная безопасность, кибербезопасность, кибертерроризм

Короткий адрес: https://sciup.org/148326633

IDR: 148326633   |   DOI: 10.18137/RNU.V9187.23.01.P.61

Список литературы Разведка по открытым источникам данных и ее применение для решения задач кибербезопасности

  • U.S. National Intelligence: An overview 2013. Intelligence Community Information Sharing Executive, 2013. 103 p. URL : https://www.dni.gov/files/documents/USN I%202013%20Overview_web.pdf (accessed 20.03.2023).
  • Minkina M. (2014) Sztuka wywiadu w państwie współczesnym. Warszawa : Bellona.
  • We are the Intelligence Community. Intelligence.gov. URL : http://www.intelligence.gov (accessed 20.02.2023).
  • Lowenthal M.M. (2022) Intelligence: From secrets to policy. Intelligence & Security Academy, LLC . 624 p.
  • Goldman J. (2011) Words of intelligence: An intelligence professional’s lexicon for domestic and foreign threats. 2nd edition. Scarecrow Press. 310 p.
  • Evangelista J.R.G., Sassi R.J., Romero M., Napolitano D. (2021) Systematic literature review to investigate the application of open source intelligence (OS INT) with artificial intelligence. Journal of Applied Security Research. Vol. 16. No. 3. Pp. 345–369. DO I: 10.1080/19361610.2020.1761737
  • Wirtz J.J. (2010) The Sources and Methods of Intelligence Studies. In: The Oxford Handbook of National Security Intelligence. Ed. by L.K. Johnson. Oxford University Press. Pp. 59–69. DO I: 10.1093/oxfordhb/9780195375886.003.0004
  • The Commission on the Intelligence Capabilities of the United States Regarding Weapons of Mass Destruction: Report to the President of the United States, 2005. 366 p. URL : http://fas.org/irp/offdocs/wmd_report.pdf (accessed: 20.03.2023).
  • United States Code, Title 10, §467. URL : http://uscode.house.gov (accessed: 20.03.2023).
  • Jensen III C.J., McElreath D.H., Graves M. (2022) Introduction to intelligence studies. Taylor & Francis. DOI: 10.4324/9781003149569
  • NATO Glossary of Terms and Definitions (AAP-6). North Atlantic Treaty Organisation, NATO Standardization Agency 2010. 451 p. URL : https://www.cimic-coe.org/resources/external-publications/ app-6-c.pdf (accessed 20.03.2023).
  • Sands A. (2005) Integrating open sources into transnational threat assessments. In: Jennifer E.S., Gerber B. Transforming US Intelligence. Washington, DC : Georgetown University Press. Pp. 63–78.
  • Best J.R.A., Cumming A. (2007) Open source intelligence (OSINT): Issues for Congress. December 5. Congressional Research Service. URL : https://sgp.fas.org/crs/intel/RL 34270.pdf (accessed 20.03.2023).
  • Bean H. (2007) The DNI’s Open Source Center: An Organizational Communication Perspective. International Journal of Intelligence and Counter Intelligence. No. 20 (2). Pp. 240–257. DO I: 10.1080/08850600600889100
  • Hulnick A.S. (2010) The dilemma of open sources intelligence: Is OSINT really intelligence? In: The Oxford Handbook of National Security Intelligence. Ed. by L.K. Johnson. Oxford University Press. Pp. 229–241. DO I: 10.1093/oxfordhb/9780195375886.003.0014
  • Harris S. (2014) War: The rise of the military-internet complex. Boston : Houghton Mifflin Harcourt. 263 p.
  • NATO Open Source Intelligence Handbook. November 2001. URL : https://bib.opensourceintelligence.biz/STORAGE/2001.%20OPEN%20SO URCE %20INTELLIGENCE %20HANDBOO K.pdf (accessed 20.03.2023).
  • Lee W.H., Yun M.W., Park J.S. (2013) Intelligence in the Internet Era: Understanding OS INT and Case Analysis. Korean Security Journal. No. 34. Pp. 259–278.
  • Chauhan S., Panda N.K. (2015) Open source intelligence and advanced social media search. Hacking Web Intelligence Open Source Intelligence and Web Reconnaissance Concepts and Techniques. Waltham, MA : Elsevier, Inc. Pp. 15–32. DO I: 10.1016/b978-0-12-801867-5.00002-1
  • Danda M. (2019) Open source intelligence and cybersecurity. Unpublished Master’s Thesis. Webster University, Webster Groves, MO, USA.
  • Kanta A., Coisel I., Scanlon M. (2020) A survey exploring Open Source Intelligence for smarter password cracking. Forensic Science International: Digital Investigation. Vol. 35. Article no. 301075. DO I: 10.1016/j.fsidi.2020.301075
  • Yong-Woon Hwang, Im-Yeong Lee, Hwankuk Kim, Hyejung Lee, Donghyun Kim (2022) Current Status and Security Trend of OS INT. Wireless Communications and Mobile Computing. Vol. 2022, Article no. 1290129. DO I: 10.1155/2022/1290129
  • Dokman T., Ivanjko T. (2020) Open source intelligence (OS INT) issues and trends. In: The Future of Information Sciences: 7th International Conference INFuture2019: Knowledge in the Digital Age. DO I: 10.17234/infuture.2019.23
  • Lee W.H., Yun M.W., Park J.S. (2013) Intelligence in the internet Era: Understanding OS INT and case analysis. Korean Security Journal. No. 34. Pp. 259–278.
  • Shin Kyuyong, Yoo Jincheol, Han Changhee, Kim Kyoung Min, Kang Sungrok, Moon Minam, Lee Jongkwan (2019). A study on building a cyber attack database using Open Source Intelligence (OS INT). Journal of Information and Security. Vol. 19. No. 2. Pp. 113–121. DO I: 10.33778/kcsa.2019.19.2.113
  • Wells D. (2016) Taking Stock of Subjective Narratives Surrounding Modern OS INT. In: Akhgar B., Bayerl P., Sampson F. (Eds) Open Source Intelligence Investigation. Advanced Sciences and Technologies for Security Applications. Springer, Cham. Pp. 57–65. DO I: 10.1007/978-3-319-47671-1_5
  • Tabatabaei F., Wells D. (2016) OS INT in the Context of Cyber-Security In: Akhgar B., Bayerl P., Sampson F. (Eds) Open Source Intelligence Investigation. Advanced Sciences and Technologies for Security Applications. Springer, Cham. Pp. 213–231. DO I: 10.1007/978-3-319-47671-1_14
  • Chen H., Chiang R.H.L., Storey V.C. (2012) Business intelligence and analytics: From big data to big impact. MIS quarterly. Vol. 36. No. 4. Pp. 1165–1188. DO I: 10.2307/41703503
  • Iqbal F., Fung B.C.M., Debbabi M. (2012) Mining criminal networks from chat log. 2012 IEEE/ WIC/ACM International Conferences on Web Intelligence and Intelligent Agent Technology. IEEE, Macau, China, 2012. Vol. 1. Pp. 332–337. DO I: 10.1109/wi-iat.2012.68
  • Ansari A.Q., Patki T., Patki A.B., Kumar V. (2007) Integrating fuzzy logic and data mining: Impact on cyber security. Fourth International Conference on Fuzzy Systems and Knowledge Discovery (FSKD 2007). Haikou, China. IEEE. Vol. 4. Pp. 498–502. DO I: 10.1109/fskd.2007.365
  • Wu Jiayan, Zhang Liwei, Liang Jian, Qu Sheng, Ni Zhiqiang (2010). A comparative study for fastflux service networks detection. The 6th International Conference on Networked Computing and Advanced Information Management. Seoul, IEEE. Pp. 346–350. URL : https://ieeexplore.ieee.org/document/557 2048?arnumber=5572048 (accessed 20.03.2023).
  • Berman D.S., Buczak A.L., Chavis J.S., Corbett C.L. (2019) A survey of deep learning methods for cyber security. Information. Vol. 10. No. 4. Pp. 122. DO I: 10.3390/info10040122
  • Koester B., Schmidt S.E. (2009) Information superiority via formal concept analysis. In: Argamon S., Howard N. (Eds) Computational Methods for Counterterrorism. Springer, Berlin, Heidelberg. Pp. 143–171. DO I: 10.1007/978-3-642-01141-2_9
  • Srihari R.K. (2009) Unapparent information revelation: Text mining for counterterrorism. In: Argamon S., Howard N. (Eds) Computational methods for counterterrorism. Springer, Berlin, Heidelberg. Pp. 67–87. DO I: 10.1007/978-3-642-01141-2_5
  • Chen A., Gao S., Karampelas P., Alhajj R., Rokne J. (2011). Finding Hidden Links in Terrorist Networks by Checking Indirect Links of Different Sub-Networks. In: Wiil U.K. (Ed) Counterterrorism and Open Source Intelligence. Series: Lecture Notes in Social Networks. Springer Vienna. Pp. 143–158. DO I: 10.1007/978-3-7091-0388-3_8
  • Wiil U.K., Gniadek J., Memon N. (2011). Retraction Note to: A Novel Method to Analyze the Importance of Links in Terrorist Networks. In: Wiil U.K. (Ed) Counterterrorism and Open Source Intelligence. Series: Lecture Notes in Social Networks. DO I: 10.1007/978-3-7091-0388-3_22
  • He P., Karabatis G. (2012) Using semantic networks to counter cyber threats. 2012 IEEE International Conference on Intelligence and Security Informatics. IEEE. Pp. 184–184. DO I: 10.1109/ISI.2012.6284294
  • Spyridopoulos T., Karanikas G., Tryfonas T., Oikonomou G. (2013). A game theoretic defence framework against DoS/DDoS cyber attacks. Computers & Security. Vol. 38. Pp. 39–50. DO I: 10.1016/j.cose.2013.03.014
  • Li B., Batten L. (2009) Using mobile agents to recover from node and database compromise in pathbased DoS attacks in wireless sensor networks. Journal of Network and Computer Applications. Vol. 32. No. 2. Pp. 377–387. DO I: 10.1016/j.jnca.2008.02.017
  • Kshetri N. (2005) Pattern of global cyber war and crime: A conceptual framework. Journal of International Management. Vol. 11. No. 4. Pp. 541–562. DO I: 10.1016/j.intman.2005.09.009
  • Gottschalk P., Filstad C., Glomseth R., Solli-Sæther H. (2011) Information management for investigation and prevention of white-collar crime. International journal of information management. Vol. 31. No. 3. Pp. 226–233. DO I: 10.1016/j.ijinfomgt.2010.07.002
  • Lagazio M., Sherif N., Cushman M. (2014) A multi-level approach to understanding the impact of cyber crime on the financial sector. Computers & Security. Vol. 45. Pp. 58–74. DO I: 10.1016/j.cose.2014.05.006
  • Song J. (2011) The analysis of military intelligence early warning based on open source intelligence. Proceedings of 2011 IEEE International Conference on Intelligence and Security Informatics. IEEE. Pp. 226–226. DO I: 10.1109/isi.2011.5984775
Еще
Статья научная
SciUp 2024 © 2024 ©