Methodological aspects of the presentation of information security threats recognition signs in the context of improving technical intelligence

• Main Authors: S. V. Skryl, S. S. Nikulin, A. V. Mazin, V. I. Spivak, V. O. Krylov, V. V. Nikulina
• Format: Article
• Language: English
• Published: CRI «Electronics» 2020-12-01
• Series: Радиопромышленность
• Subjects: transient electromagnetic pulse emanation standard (tempest); computer equipment (ce); recognition of threats of information leakage through tempest channels from ce
• Online Access: https://www.radioprom.org/jour/article/view/748

Formulation of the problem. The completeness of the characteristics of one of the most serious threats to the security of information today – its leakage through the transient electromagnetic pulse emanation standard (TEMPEST) from computer equipment (CE) is determined not only by the number of detectable signs of leakage but also by several other parameters characterizing the dynamics of the implementation of such a threat. The established patterns in the scenarios of violators’ actions associated with the use of technical reconnaissance equipment (TRQ) to intercept informative TEMPEST signals from computer equipment made it possible to form a model of all possible options for using TRQ to obtain confidential information processed by computer equipment. The proposed model provides the implementation of the methodological principles of the recognition theory for a more complete characterization of threats of information leakage through the channels of spurious electromagnetic radiation and interference from CE in the process of their detection.Objective. Development of methodological grounds for presenting signs of the violator’s implementation of certain functions associated with the use of technical reconnaissance equipment to intercept informative signals of spurious electromagnetic radiation and interference from computer equipment as signs that identify the most significant conditions for the recognition and prevention of such threats.Results. Methodological solutions for the identification of three states significant for the prevention of threats are given based on the structuring of the functional representation of the intruder’s actions to implement such threats. Mathematical models for assessing the predicted amount of information disclosed in the process of intercepting TEMPEST informative signals from computer equipment, and assessing the level of security threats in case of interception of information are also presented.Practical significance. The paper presents the main options for the operation of a complex of programs for recognizing threats of information leakage through TEMPEST channels from computer equipment developed within the framework of the presented methodology.