Персона: Милославская, Наталья Георгиевна
Загружается...
Email Address
Birth Date
Научные группы
Организационные подразделения
Организационная единица
Институт интеллектуальных кибернетических систем
Цель ИИКС и стратегия развития - это подготовка кадров, способных противостоять современным угрозам и вызовам, обладающих знаниями и компетенциями в области кибернетики, информационной и финансовой безопасности для решения задач разработки базового программного обеспечения, повышения защищенности критически важных информационных систем и противодействия отмыванию денег, полученных преступным путем, и финансированию терроризма.
Статус
Фамилия
Милославская
Имя
Наталья Георгиевна
Имя
47 results
Результаты поиска
Теперь показываю 1 - 10 из 47
- ПубликацияТолько метаданныеA Brief History and Overview of WISE(2021) Bishop, M.; Drevin, L.; Futcher, L.; Leung, W. S.; Miloslavskaya, N.; Милославская, Наталья Георгиевна
- ПубликацияТолько метаданныеBig Data Analytics for Financial Crime Typologies(2019) Plaksiy, K.; Nikiforov, A.; Miloslavskaya, N.; Плаксий, Кирилл Валерьевич; Никифоров, Андрей Александрович; Милославская, Наталья Георгиевна© 2019, Springer Nature Switzerland AG.The paper proposes a technique to automate the generation of new criminal cases for money laundering from crime and financing terrorism (ML/FT), which are based on ML/FT typologies. At the same time, the paper is focused not on the existing methods, but offer its own implemented on the basis of creating various versions of case typologies and further filtering them by the derived criteria. For this purpose, it is supposed to use Big Data tools. The successful application of the developed technique is shown on examples of the commission and VAT carousel schemes. To implement and verify this technique a program was written that successfully passed the test on case graphs built on ML/FT typologies.
- ПубликацияТолько метаданныеAndragogy as a Scientific Basis for Training Professionals in Information Security(2019) Tolstoy, A.; Miloslavskaya, N.; Толстой, Александр Иванович; Милославская, Наталья Георгиевна© 2019, IFIP International Federation for Information Processing.The paper presents the results of research on the use of the basic provisions of andragogy to improve modern systems of training professionals in a particular professional field (information security). To do this, the characteristics of such systems were determined, the classification of trainees according to the criteria of adulthood was carried out, the possibilities of applying the basic provisions of andragogy to the object (an educational system) and the subject (processes, methods, and technologies of training) of research in the selected area were considered.
- ПубликацияОткрытый доступПРОЦЕСС УПРАВЛЕНИЯ УЯЗВИМОСТЯМИ АКТИВОВ ИТКС С ИСПОЛЬЗОВАНИЕМ СКАНЕРА OPENVAS(GVM)(НИЯУ МИФИ, 2025) ЖОРОВ, Д. В.; МИЛОСЛАВСКАЯ, Н. Г.; Милославская, Наталья ГеоргиевнаЦель работы – разработка регламентированного процесса управления уязвимостями активов информационно-телекоммуникационных сетей (ИТКС) с использованием сканера OpenVAS(GVM), что обеспечивало бы соответствие требованиям ФСТЭК России. Основной результат – замкнутый цикл «обнаружение, оценка, устранение и верификация», интегрированного в методологию регулятора.
- ПубликацияОткрытый доступПРОЦЕСС РАЗРАБОТКИ ПРАВИЛ ДЛЯ СРЕДСТВ ЗАЩИТЫ ИНФОРМАЦИИ(НИЯУ МИФИ, 2025) ШУЛИНИН, Д. В.; МИЛОСЛАВСКАЯ, Н. Г.; Милославская, Наталья ГеоргиевнаЦель работы – создание процесса разработки контента (правил выявления атак, сигнатур сетевых приложений) для средств защиты информации (СЗИ) на примере UserGate NGFW [1]. Основной результат – формирование систематизированного подхода к разработке контента СЗИ, начиная со сбора данных из открытых и закрытых источников, их оценку и приоритезацию, и заканчивая формированием пакета контента и загрузки его на СЗИ.
- ПубликацияТолько метаданныеBlockchain and Its Security: Ignore or Insert into Academic Training?(2019) Miloslavskaya, N.; Tolstoy, A.; Милославская, Наталья Георгиевна; Толстой, Александр Иванович© 2019, IFIP International Federation for Information Processing.At present, the blockchain technologies (BCT) cause a serious burst of interest of young people in the first place. Not to meet the rising demand and not to pay attention to the BCT during the training means not to be modern. Any educational institution, which doesn’t offer courses in the BCT, is going to be left behind as a non-competitive. The paper analyzes a state of the current training in the BCT worldwide, paying special attention to security issues. It also lists standards and books, which can support this training. On these bases, the desired competencies after mastering a full-time BCT course and an exemplary structure of this course are proposed.
- ПубликацияТолько метаданныеOn the assessment of compliance with the requirements of regulatory documents to ensure information security(2020) Tolstaya, S.; Miloslavskaya, N.; Милославская, Наталья Георгиевна© The Editor(s) (if applicable) and The Author(s), under exclusive license to Springer Nature Switzerland AG 2020.Examples of different types of assessments are all around us, providing our assurance that the goods we use won’t harm us, that the system components will work correctly, that services are being delivered consistently, that manufacturers are effectively managing the impact of their activities on health, safety, and the environment, etc. One of the essential forms of assessment is a compliance assessment designed to check how the requirements of regulatory documents to ensure information security (IS) are fulfilled or not on the assessment object, for example, a product, process, system, or service. This short paper discusses work-in-progress results as a part of research aimed at determining the ways of possible improvement, unification and greater formalization of an objective assessment of compliance with the mandatory requirements of regulatory documents on ensuring IS for the selected assessment objects based on the development of recommendations for applying a risk-based approach.
- ПубликацияТолько метаданныеNew SIEM system for the internet of things(2019) Miloslavskaya, N.; Tolstoy, A.; Милославская, Наталья Георгиевна; Толстой, Александр Иванович© Springer Nature Switzerland AG 2019. Based on the available standards, the generalized architecture and the reference model of the IoT as a security object to be protected are presented. On the IoT layers, different security controls collecting data for further detection of security-related events are located. The security incident management process for the IoT needs automation, for which Security Information and Event Management (SIEM) systems are the best applicable solutions. But modern challenges dictate the need to modify these systems for the IoT. A new blockchain-based SIEM system for the IoT is proposed.
- ПубликацияТолько метаданныеNetwork Security Intelligence Centres for Information Security Incident Management(2021) Furnell, S.; Miloslavskaya, N.; Милославская, Наталья Георгиевна© 2021, The Author(s), under exclusive license to Springer Nature Switzerland AG.Intensive IT development is driving current information security (IS) trends and require sophisticated structures and adequate approached to manage IS for different businesses. The wide range of threats is constantly growing in modern intranets; they have become not only numerous and diverse but also more disruptive. In such circumstances, organizations realize that IS incidents’ timely detection and prevention in the future (what is more important) are not only possible but imperative. Any delay leaves only reactive actions to IS incidents, putting assets at risk as a result. A properly designed IS incident management system (ISIMS), operating as an integral part of the whole organization’s governance system, reduces IS incidents’ number and limits damage caused by them. To maximally automate IS incident management (ISIM) within one organization and to deepen its knowledge of IS level, this research proposes to unite together all advantages of a Security Intelligence Centre (SIC) and a Network Operations Centre (NOC) with their unique and joint toolkits and techniques in a unified Network SIC (NSIC). This paper presents the research, which is focused upon the designing and evaluating the concept of NSICs, and represents a novel advancement beyond existing concepts of security and network operations centres in current security monitoring scenarios. Key contributions are made in relation to underlying taxonomies of threats and attacks, leading to the requirements for NSICs, the related design, and then evaluation in a practical context and the implications arising from this (e.g. training requirements).
- ПубликацияОткрытый доступПОСТРОЕНИЕ ГРАФА КОРПОРАТИВНОЙ СЕТИ НА ОСНОВЕ ПАССИВНОГО АНАЛИЗА СЕТЕВОГО ТРАФИКА(НИЯУ МИФИ, 2025) РАЗЕНКОВ, И. Г.; МИЛОСЛАВСКАЯ, Н. Г.; Милославская, Наталья ГеоргиевнаРассматриваются вопросы обеспечения информационной безопасности (ИБ) корпоративных сетей (КС) и мониторинга трафика в них. Цель исследования – разработка методики построения графа КС на L2/L3-уровнях модели OSI/ISO. Создан программный комплекс, позволяющий строить граф КС на основе пассивного анализа сетевого трафика.