Page 5 - ISCI’2017
P. 5

Introduction


            On the one hand, Internet has enabled one to commit previously traditional offences more effectively

            and avoid punishment. On the other hand, it has produced new, recently unknown types of social
            assaults, the complexity of which is reflected in such a negative social phenomenon as Internet-crime,

            especially, for the critical infrastructures (CIN). Under new fast changing realities in a country (for
            example, in Ukraine) it becomes necessary to study Internet-crimes systematically and diligently,

            both the general and the most popular types thereof. It is indispensable to develop effective measures

            or approaches to combat and prevent crimes in the global network.


            In the present dynamically developing world various CINs (for example, it can be banks, hospitals,
            institutes, i.e., any entities in the sphere of healthcare) run into problems when certain their employees

            (referred to as insiders), being affected by various factors (external and internal), are beginning to
            produce and pass to recipient (outsiders) confidential information (e.g., medical, personal, corporate,

            etc.). Up to now, the existing approaches to identifying such insider activities (or insiders in person)

            in CINs, such as psychological, technical, physical searching methods, are not efficient. Indeed, they
            are mostly applied only after an incident (leakage, distortion, substitution, etc.) has occurred. Besides,

            these measures (actions and events) do not allow to predict or to prevent the similar incidents (for

            example, leakages of medical or personal information) in the early stages of insiders’ activities.


            Therefore, for the modern CINs (taking into account their activity and financial position, medical
            image), the problem of insider detection may be considered as one of the most important task required

            to be fulfilled. According to the authors’ opinion (on the base of the Pareto principle) a leakage of
            20% of medical and some other secrets of CINs, in 80% of cases leads to the collapse of the latter.



            Many CINs have learned how to defend themselves from the external threats (such as cyber-attacks,
            unauthorized intrusions, viruses, etc.). However, the majority of CINs are almost helpless against the

            internal threats (e.g., the insiders).


            As a second approach, the authors would like to show some time-frequency distributions of the main
            definitions in this research area, which could characterize the modern tendencies and their popularity

            for critical infrastructure protection all over the world.


            In addition, a synthetic concept of the  information and analytical support for the  CIN’s  security

            system will be proposed. Its structure under the Information Technology Infrastructure Library (ITIL)
                                                                                                            5
   1   2   3   4   5   6   7   8   9   10