Персона: Милославская, Наталья Георгиевна
Загружается...
Email Address
Birth Date
Научные группы
Организационные подразделения
Организационная единица
Институт интеллектуальных кибернетических систем
Цель ИИКС и стратегия развития - это подготовка кадров, способных противостоять современным угрозам и вызовам, обладающих знаниями и компетенциями в области кибернетики, информационной и финансовой безопасности для решения задач разработки базового программного обеспечения, повышения защищенности критически важных информационных систем и противодействия отмыванию денег, полученных преступным путем, и финансированию терроризма.
Статус
Фамилия
Милославская
Имя
Наталья Георгиевна
Имя
36 results
Результаты поиска
Теперь показываю 1 - 10 из 36
- ПубликацияОткрытый доступStream Data Analytics for Network Attacks' Prediction(2020) Miloslavskaya, N.; Милославская, Наталья Георгиевна© 2020 The Authors. Published by Elsevier B.V.Nowadays stream data, flowing over the modern networks between disparate data sources, become the norm. The broadband Internet, the Internet of Things (IoT) and cloud computing require to analyze the data from streams to make data-driven decisions in real time. In today's world of more complex and increasing in the number of network attacks, one of their most important data is the data from network security (NS) tools, ensuring their secure and resilient operations and uninterrupted provision of services to its users. At Gartner Data & Analytics Summit-2019 augmented analytics and data management, as well as continuous intelligence and explainable artificial intelligence were indicated among the top trends in data and analytics technology that have significant disruptive potential over the next 3-5 years. In practice, complexities of the modern attack scenarios often make it difficult for NS administrators to understand the current NS-related status and to recognize emerging patterns of attacks in a vast amount of raw data before they make a substantial impact. To benefit from the NS-related stream data, businesses require powerful analytics tools for ingesting and processing it. There are four consequent levels of analytics maturity-namely descriptive, diagnostic, predictive, prescriptive. In this paper, a simplified NS-related stream data architecture, suitable for predicting attacks against network assets and services provided is proposed. In turn, MITRE ATT&CK Matrix is proposed as a source for attacks' Indicators of Compromise (IoCs) development.
- ПубликацияТолько метаданныеA Brief History and Overview of WISE(2021) Bishop, M.; Drevin, L.; Futcher, L.; Leung, W. S.; Miloslavskaya, N.; Милославская, Наталья Георгиевна
- ПубликацияТолько метаданныеCyber Polygon Site Project in the Framework of the MEPhI Network Security Intelligence Center(2021) Miloslavskaya, N.; Tolstoy, A.; Милославская, Наталья Георгиевна; Толстой, Александр Иванович© 2021, The Author(s), under exclusive license to Springer Nature Switzerland AG.At present, the market for information protection tools (IPTs) is much wider than a couple of years ago. But not only technology protects and carries a threat. People are still at the forefront as the most common cause of errors is the lack of experience and low competency. The only right solution is the creation of cyber polygons as specially equipped and controlled network infrastructures for developing practical skills to combat information security (IS) threats. The National Research Nuclear University MEPhI (Moscow Engineering Physics Institute) could not remain aloof from this process as the leading institute for IS training in Russia. Therefore, it was decided to create such a cyber polygon within the framework of the educational and research Network Security Intelligence Center (NSIC) for intelligent network security management established at the MEPhI Institute of Cyber Intelligence Systems in 2016. The paper describes the first results achieved in making this project a reality. It introduces the “Cyber Polygon” term, briefly analyzes a state of the current cyber polygons development worldwide, and introduces the MEPhI Cyber Polygon objectives and provision to be used within the framework of the “Business Continuity and Information Security Maintenance” Master’s degree programme. Further activities in its development conclude the paper.
- ПубликацияОткрытый доступA Brief Evolution of Network Protection Tools and Methods(2021) Miloslavskaya, N.; Милославская, Наталья Георгиевна© 2020 Elsevier B.V.. All rights reserved.The network protection tools (NPTs) and methods (NPMs) have already passed a fairly long evolutionary path since 1970. The main milestones of this evolution from 1984 to 2011 were shown by Clod Conrad. The goal of the paper is to revise a brief Conrad's evolution of the main NPTs and NPMs until now in the form of the timeline that allows further refinements and extensions both in time and in methods and tools.
- ПубликацияОткрытый доступSecurity Zone Infrastructure for Network Security Intelligence Centers(2020) Miloslavskaya, N.; Милославская, Наталья Георгиевна© 2020 The Authors. Published by Elsevier B.V.Today's businesses need to enhance their security via quick adaptation to the challenges of modern perimeterless network security. Under numerous targeted network attacks, the lack of advanced threat detection and response capabilities, as well as busy information technology and information security teams, lacked in-depth security expertise exacerbate the situation. In this landscape, the well-known Detect-Investigate-Respond triad must be added by the fourth very critical component named Adapt , which should be based on Security Intelligence approach. In this paper, continuing our research on designing a Network Security Intelligence Center as a combination of a Security Intelligence Center and a Network Operations Center we propose the NSIC's security zone infrastructure with five zones, a few subzones and sandboxing. Future areas of research are indicated.
- ПубликацияТолько метаданныеOn the assessment of compliance with the requirements of regulatory documents to ensure information security(2020) Tolstaya, S.; Miloslavskaya, N.; Милославская, Наталья Георгиевна© The Editor(s) (if applicable) and The Author(s), under exclusive license to Springer Nature Switzerland AG 2020.Examples of different types of assessments are all around us, providing our assurance that the goods we use won’t harm us, that the system components will work correctly, that services are being delivered consistently, that manufacturers are effectively managing the impact of their activities on health, safety, and the environment, etc. One of the essential forms of assessment is a compliance assessment designed to check how the requirements of regulatory documents to ensure information security (IS) are fulfilled or not on the assessment object, for example, a product, process, system, or service. This short paper discusses work-in-progress results as a part of research aimed at determining the ways of possible improvement, unification and greater formalization of an objective assessment of compliance with the mandatory requirements of regulatory documents on ensuring IS for the selected assessment objects based on the development of recommendations for applying a risk-based approach.
- ПубликацияОткрытый доступРАСШИРЕННАЯ МОДЕЛЬ ЗРЕЛОСТИ SOC КОМПАНИИ CYBEREASON(НИЯУ МИФИ, 2025) Листратов, И. С.; Милославская, Н. Г.; Сирбай, И. С.; Рейносо, Б. А.; Милославская, Наталья ГеоргиевнаПредлагаемая расширенная модель зрелости центра мониторинга безопасности (Security Operations Center – SOC), разработанная на основе модели компании Cybereason, формирует системный подход к оценке уровня зрелости и совершенствованию SOC за счет эволюционного перехода от более низкого уровня к более высокому. Целью данного исследования является расширение модели зрелости SOC компании Cybereason за счет формулирования дополняющих ее основных критериев, характеризующих эффективность SOC, включая показатели среднего времени обнаружения инцидентов информационной безопасности (ИБ) MTTD, среднего времени реагирования ни инциденты ИБ MTTR и процента ложноположительных срабатываний FPR, а также степени автоматизации АС основных процессов SOC. При оценке уровня зрелости SOC необходимо также учитывать комплексный подход к применению в центре передовых технологических решений (SIEM-, SOAR-, XDR-, UEBA-систем), международных стандартов (NIST CSF 2.0, ISO/IEC 27001), принципов долговременного хранения данных, а также общепризнанных подходов (MITRE ATT&CK, Threat Intelligence), искусственного интеллекта, машинного обучения и больших языковых моделей (LLM). Результаты исследования демонстрируют, как внедрение унифицированных подходов к обработке инцидентов ИБ, автоматизация рутинных задач, выполняемых в SOC, и организация единого озера данных повышают качество аналитики и сокращают время отклика на компьютерные атаки. Предлагаемая в статье расширенная модель зрелости SOC применима в различных секторах деятельности, где важна киберустойчивость, и служит инструментом для планирования развития SOC с учётом динамики угроз ИБ. Выводы указывают на необходимость комплексного внедрения технологических и организационных мер, позволяющих переходить к более высоким уровням зрелости SOC и обеспечивать эффективную кибербезопасность активов организаций.
- ПубликацияТолько метаданныеOpen Source INTelligence Tools(2022) Stodelov, D.; Miloslavskaya, N.; Стоделов, Денис Николаевич; Милославская, Наталья Георгиевна
- ПубликацияТолько метаданныеPreface(2022) Drevin, L.; Miloslavskaya, N.; Leung, W. S.; von Solms, S.; Милославская, Наталья Георгиевна
- ПубликацияТолько метаданныеDesigning Competency Models for Cybersecurity Professionals for the Banking Sector(2020) Vybornov, A.; Miloslavskaya, N.; Tolstoy, A.; Милославская, Наталья Георгиевна; Толстой, Александр Иванович© 2020, IFIP International Federation for Information Processing.The research results for the main stages of designing competency models (CMs) for cybersecurity (CS) professionals are presented. A strategy for designing such models was formulated. The CS-related terminology and conceptual framework were clarified. Areas, objects, and types of professional activity (PA) as a whole for CS professionals and the banking sector, in particular, were determined. It is proposed to use the role and process models to determine the tasks that employees of banking organizations should solve. The practical issues of developing CMs, which allowed to determine the order of their development and the typical structure, as well as to formulate recommendations on the content of a specific CM, are considered.