004.056.57
!
"
#
$
%
&
'
#
( &
)
05.13.19 – “
,
”
!
"
#
$
%
&
%
$
"
'
"
– 2011
2
'
(
"
'
:
,
)
*
+, -
. /
"
$
))
:
,
!0 1/
2 + -
3 45 !
"
,
!
4
-
$1
-
%
:
(
*
+
"
001.25.01
2011
“___”___________
____
,
,
.
*
: 100084,
"
.,
"
,
, 108
, e-mail:
d.ganievaa@rambler.ru
.
"
.
2011
"__"________
.
'
-
. .
3
%
& & )
3
& 51- -
5 /.
.
.
)
(
# #"
)
/
.
# #"
UNIX
Linux
.
0
Linux
)
(
#"
)
,
,
Linux
#"
.
–
0
)
,)
.
Linux
)
,
,
)
.
1
,
)
,)
-
,
.
*
,
,
,
,)
/
.
.
# #"
-
,
.
2
,
,)
,
)
# #"
.
)
,
# #"
0
)
,
.
.
# #"
,
)
/
,
.
3 0
.
1
# #"
.
&1
- -
2/ -
-
0
/ , *
.
/
,
0
.
4
,
.
* 4
,
*
.
-
,
$
.
5
, .
.
,
!
.
-
,
5
.
6
.
$
, .
2
.
1
,
4
.
*
.
,
%
.
)
,
'
.
5
.
6
,
*
.
7
.
)
,
. .
,
"
.
&
.
.
,
5
.
5
.
,
*
.
*
.
,
5
. .
-
,
3
.
"
.
,
6
.
&
.
8
,
$
.
8
.
8
.
1
,
,)
,
,
0
,
,
# #"
/
)
.
,)
,
,
-
0
)
,
,
# #"
,
,
.
.
/
.
4
,
,
,
)
,
)
.
4
+ +
/
/!,
/
.
-
. 6
+
.
(
$ )
!
*
&
,
9
17-003
“
*
/
”
(2009-2011 .)
-
.
+ + - -
+*
.
3 0
)
.
+ + - -
5 7
/
.
,
:
1.
#
)
0
.
2.
:
)
)
)
0
.
3.
3 0
,
# #"
.
4.
3 0
)
# #"
.
5.
# #"
,
0
.
6.
3 0
# #"
)
,
.
+ + - -
8/!
!
.9!0
.
#
)
0
/
.
«Linux»
)
)
.
+ +
1*1
/
.
"
,
,
)
)
,
/
,
.
+ +
8 !5 *
.
# #"
0
0
,
,
)
)
5
,
.
(
:
.
" +
; -
* * 4
<
/
:
1.
"
)
)
)
# #"
)
.
2.
3 0
)
)
# #"
.
3.
# #"
0
)
.
4.
3 0
0
.
5.
# #"
0
.
+ + - -
4
:-
.
:
1.
# #"
)
0
.
2.
3 0
# #"
,;
)
.
3.
'
0
.
4.
3 0
)
,
,
.
5.
# #"
0
/
.
+ + - -
4
4
<
:
.
"
,
# #"
0
.
"
0
0
.
7
,
)
.
,
/- -
, / 4
+
-
.
)
/
«Dos
"
link»
'
)
.
6
"
,
/
,
(
$ )
200
-
UzMOT 1.0
)
,
«
- 2010», «
(
/
» (
&
&
)
0
,
,
.
"
,
"
,
0
“
<
”, “Linux
)
”
,
/
,
;
,
5 523509 – "
"
5 523601 – “
<
”
,
.
+ + - -
* -
-
2
(
8/ . = :*
).
«
-
8
2009 –
»
(
"
,
2009
),
«
-
0
»
(
"
, 2009
), «
.
*
»
$ )
(
"
, 2009
), AICT2010
-
,
IEEE
,
(
"
, 2010
)
,
/
.
4
-
,
/ - -
>9 -
+
- -
.
"
10
)
, «UzMOT 1.0
)
» (
9
DGU 01899)
«Uz-Booyo 1.0
)
»
(
9
DGU 01547)
<+*
,
,
,;
.
**!/ = :
- -
15
< ,
.
,
,
,
,
,
0
,
.
"
)
133
(
19
, 7
102
0
,
)
0
.
%
)
&
&
/
+ *
,
,
,
/
)
,
,
.
'
,
,
,
0
,
)
,
,
/
,
,;
0
.
7
. / -"
.2
)
0
,
0
/
=
0
.
# #"
/
0
,
,
.
3 0
:
,
"
)>?
,
.
,
-
,
.
1
,
,
?
)
)>?
)
,
,
0
,?
)>?
,
)
(
)
.
6
)
,
,
)
)
.
3 0
# #"
,
,
)
)
,
)>?
)
0
,
,
.
1
)>?
,
# #"
:
,
,
,
,
,
)
.
+
.
#
0
)
.
3 0
/
# #"
.
"
,
0
,
/
,
.
+
(
,
)
,
)
,
/
0
/
# #"
.
8
,
/
,
)
,
0
,
.
: /
-
)
,
/
.
1
)
Soft Computing (
2
-
)
)
,
)
,
,
,
,
.
8
00 -"
.2
0
/
.
# #"
0
)
)
,
,
,
)
)
.
)
# #"
?
/
.
# #"
0
,
)
,
.
7
0
(
)
/
.
3 0
/
)
(
<"
)
,
.
:
<"
“
+
”, “
$
”, “
<
(
)”
.
,
/
.
,
,;
)
.
.
# #"
.
.
<"
# #"
.
3 0
,
/
)
, 0
.
1
,;
)
.
.
%
1,
%
2, … En
)
)
.
)
,
)>?
0
)
,
,
(1-
).
3 0
,
,
.
*
,
.
# #"
:
,
)
9
,
.
'
:
,
;
,
.
/
.
1-
/ *
.
;-
0!
/1 "
* 1/ /
9* / -
. 0
/ 0
"
?
15
&
'
5
-
"
'
.
* /
%
$
<
.
,
,
,
,
,
+
0
*
"
)>?
(
5
)
?0*8!/
5
10
<"
,
.
.
<"
.
1" -"
.2
0
)
.
:
/
,
0
)>?
.
:
0
)
/
:
•
,
;
•
;
•
,
,
,
;
•
,
,
;
•
,
,
,
,
,
,
;
•
,
,
.
&
,
)
:
•
,
;
•
;
•
,
,
,
,
,
;
•
,
,
;
•
,
,
;
•
,
,
.
:
“
0
,
”
0
)
:
•
0
)
;
•
,
(
)
0
,
;
,
0
.
@
,
,
)
/
:
11
•
,
;
•
,
,
)
;
•
,
;
•
,
,
,
;
•
,
,
,
)
.
(
,
,
,
.
5,
“
0
,
”
0
:
•
0
0
)
;
•
,
0
)
;
•
,
;
•
,
,
0
)
;
•
,
,
,
,
,
0
)
.
*
,
,
0
.
.
0
)
,
,
)
.
#
,
.
"
)
.
*
)
)
,
,
.
:
,
,
.
*
0
))
,
,
/
/
.
#
/
(
)
/
,
.
.
/
,;
.
12
+
: Y = {
7
,
"
}, "
"
"
-
/
0
,
"
7
"
.
.
,
(supervised learning)
,
,
,
,
{
%
}
,)
,
/
.
,
,)
0
/
.
*
,)
,
.
-
-
:
•
;
•
,)
;
•
,)
,
;
•
,)
;
•
,
;
•
,
.
5
,
/
.
.
,;
,)
,
,;
.
,
,
,;
.
<"
/
(
)
(
/
)
(
)
,;
.
(
)
,
/
(
)
,;
.
'
)
.
< )
,)
,
,
.
13
*
,
,
,;
.
:
•
K
d
–
0
(
,;
);
•
K
e1
–
,
,
, (
,
?
);
•
K
e2
–
,
,
, (
0 ;
).
*
)
)
:
•
D
i
— W
s
W
1
;
D (w
s
, w
1
) > D
i
,
,
,
;
•
D
s
- W
s
W
1
;
D (w
s
, w
1
) => D
s
,
,
,
;
•
E
i
–
/
,
0
;
•
G
i
–
W
s
W
1
D(w
s
,
w
1
) =
> D
j
; 0
;
•
G
s
–
W
s
W
1
D
i
=> D(w
s
,w
1
)
=
> D
s
; 0
;
•
G
n
–
W
s
W
1
D(w
s
, w
1
) <= D
s
; 0
.
" /
)
.
)
(
)
(
)
(
)
(
)
(
)
(
)
(
)
(
n
n
i
s
s
i
i
i
i
i
i
i
d
G
p
G
E
p
G
p
G
E
p
G
p
G
G
p
G
p
G
G
p
K
×
+
×
+
×
×
=
(1)
)
(
1
i
i
e
G
E
p
K
=
(2)
)
(
1
2
i
i
e
G
E
p
K
−
=
(3)
*
)
,
,
.
-
K
e1
-
, D
i
K
d
)
K
e2
,
.
!
,
D
i
,
K
d
)
K
e2
, K
e1
.
1
K
d
,
,
D
i
)
,
)
.
/
0
0
,
)
,
:
14
)
(
)
(
)
(
)
(
)
(
)
(
)
(
)
(
)
(
)
(
n
n
i
s
s
i
i
i
i
s
s
i
i
i
i
d
G
p
G
E
p
G
p
G
E
p
G
p
G
E
p
G
p
G
E
p
G
p
G
E
p
K
×
+
×
+
×
×
×
×
=
(4)
)
(
1
n
i
e
G
E
p
K
=
(5)
)
(
1
2
n
i
e
G
E
p
K
−
=
(6)
#
,
,
,
D
i
D
s
,;
,
)
,
.
.
,
,
,)
;
.
< )
,
0
.
.
)
,
)
,
.
+
)
,
-
?
,
.
2/ -"
.2
.
1
)
)
,
,
.
3 0
# #"
:
>
)
>
.
.
,
?
-
(2,3-
).
# #"
0
)
,
:
•
# #"
-
;
•
,
;
•
;
•
,
.
15
2-
/ *
.
3 4
8!/ = : /
7
@ /
/ , *
/-
5 := :
+
3-
/ *
.
*0
8!/ = : /
7
@ /
/ , *
5 := :
+
'
,
/
)
,
.
/
:
-
,
20
*.
,
,
0
,
)
;
- “
@ 0
,
”
0
)
;
16
- “
@ 0
,
”
)
,
,
0
.
"
,
UzMOT (Uzbek Milliy Operatsion Tizimi)
)
, Intel Celeron
)
, 1,73
--
1024
*.
)
)>?
.
"
,
,
.
"
1-
.
1-
20
*.
,
( / 0
!*
* -
-
2 0 5
+
,
*
'
1484
@ 0
,
1506
'5
@ 0
,
3052
'
1013
( 0
,
1022
+
@ 0
,
1011
'
2682
:
,
,
2803
2" /
@ 0
,
2951
,
)
.
:
)
)
:
,
,
,
0
,;
/
,
.
,
,
.
:
1.
#
)
0
.
3 0
)
,
.
3 0
/
.
17
2.
7
/
)
,
0
)
)
)
.
3.
'
0
/
)
)
0
/
.
# #"
0
,;
)
.
3 0
/
<"
.
.
,
)
,
.
4.
'
.
"
.
7
0
.
5.
)
>
.
3 0
)
,
,
,
,
.
# #"
# #"
/
.
6.
3 0
# #"
ISP «Dostlink»
*AB
.
,
,
,
,
<"
/
,
0
.
?A
)
1.
5
.
5
.
:
,
B
B
5
,
5
5
,
7
.
<
.
*
,
#
.
7
.
, .
7
.
$
,
5
.
7
.
.
. Uz-booyo 1.0 operatsion tizimi
.
//
(
$ )
)
.
-
9
DGU
01547. 19.06.2008 .
2.
5
.
5
.
:
,
.
7
.
$
,
*
.
C
.
*
.
#
)
– i18n/l10n
,
,
//
!
" '"
. –
"
, 2009. -
9
2. –
5
. 15-18.
3.
5
.
5
.
:
,
.
7
.
$
,
2
.
5
.
.
#
)
SourseForge
,
//
!
" '"
. –
"
, 2009. -
9
3. –
5
. 10-14.
18
4.
.
7
.
$
. Problems of safety of information systems //
*
.
> =
)
=
)
–
>
8
2009. –
"
, 2009. –
5
.
143-144.
5.
.
7
.
$
.
#)
)
0
//
$ )
.
'
)
>
.
6
=
)
. –
"
, 2009. –
5
. 59-61.
6.
.
7
.
$
. Modern technology to detect and prevent attacks //
*
.
6
=
-
=
)
. –
"
, 2009. –
5
. 140-144.
7.
5
.
5
.
:
,
.
7
.
$
. A comparison mechanism of security to
authentifications and identifications on operating systems Linux and Solaris //
5
.
6
=
-
=
)
. –
"
, 2009. –
5
. 110-114.
8.
5
.
5
.
:
, .
7
.
$
.
*
=
D =
=
=
//
!
" '"
. –
"
, 2010. -
9
1. –
5
. 7-10.
9.
5
.
5
.
:
,
5
5
,
7
.
<
.
*
,
#
.
7
.
, .
7
.
$
,
$
.
'
.
$
,
#
.
7
. UzMOT 1.0 operatsion tizimi
.
//
(
$ )
)
.
-
9
DGU 01899.
04.03.2010 .
10.
.
7
.
$
.
6
)
=
)
=
//
!
" '"
. –
"
,
2010. -
9
2. –
5
. 39-42.
11.
5
.
5
.
:
,
.
7
.
$
.
=
/
=
)
//
4-
IEEE
*
)
) >
?
-
=
- AICT2010. –
"
, 2010. –
5
. 289-
293.
12.
5
.
5
.
:
,
.
7
.
$
,
.
*
.
"
)
=
)
//
4-
IEEE
*
)
) >
?
-
=
- AICT2010. –
"
, 2010. –
5
. 349-353.
19
"
$
7
05.13.19 –
,
"
,
”
#
)
0
”
B&
:-"
(
>-
1<
)
*25 /
:
)
,
,
,
,
,
0
,
)
,
,
.
+ +
.9!0
/
:
)
0
.
- -
+*
:
0
)
.
+ +
1*1
/
:
,
,
)
)
,
/
,
.
- -
-
,
/
1 /- -
:-
:
# #"
)
0
;
0
# #"
,;
,
)
;
0
;
0
)
,
,
;
# #"
0
/
.
4
<
:
:
,
)
.
. +
>
/ , *
+ *
4
*
/
/
:
"
“
<
”
“
”
,
0
,
*AB
ISP «DosTlink»
'
)
.
2
-
(
7 4
-
)
* < *
:
C
Linux
)
0
)
0
,
.
20
B
&
$
7
: "
6
=
D =
=
)
)
=
= =
"
)
)
)
>
05.13.19 –
*
=
=
D =
,
)
>
C"! D!
*
:
)
=
=
= =
,
,
,
,
,
=
)
=
,
)
,
)
>
,
=
)
.
.9!0 D
** !
- :
:
=
)
=
D =
)
=
= =
=
)
.
%! @
/ . D
:
)
=
)
D
=
)
#5#
.
&!
D
** !
- :
:
=
D =
,
=
>
,
=
)
=
)
=
,
,
/
-
)
.
$ 1"!--D!
/!51 @
D
-
5-
:
)
=
=
=
)
,
=
)
)
D =
#5#
;
)
)
>
D =
#5#
=
)
;
=
)
)
;
)
)
=
=
)
,
)
)
>
)
=
D =
;
=
)
=
)
=
)
D =
#5#
.
$/ 0 "!*0 :
5- "
* @
:
=
,
=
,
)
=
)
?
>
)
=
=
)
)
=
D =
>
.
!8!-@
-! /!- :
>0 -
"!*0 :
>77!0
- * @
:
6
=
>
=
) > ?
)
«
<
» «
'
)
>
»
"
=
,
=
) >
=
'
)
###
ISP «DosTlink».
. * @
8/
!-!- :
:
=
)
=
= >
)
>
D =
)
=
= =
=
)
) > ?D
#5
Linux.
21
RESUME
Thesis of Rahmatov Dilshod on the scientific degree competition of the doctor of
philosophy in technical on specialty 05.13.19 – “Methods and systems of
protecting information, information security” subject: “Software protection against
malicious programs operating systems with open source"
Key words
: operating systems with open source software, knowledge base,
blocking, insulation, classifier, malicious software, expert system, information
security, unauthorized access.
Subject of research
: algorithms and security software operating systems
with open source (OSOS) software against malicious software.
Purpose of work
: development of algorithms and software tools to detect
and prevent malicious software at the core of OSOS.
Methods of research
: methods for detection of threats to information
security, theory and methods of inventive problem solving, methods of production
of expert systems, theory of algorithms, object-oriented programming.
The results obtained and their novelty
: a modified method and algorithm
for blocking malicious programs based on the proposed concept of protection
OSOS; built with production of knowledge about anti-nuclear OSOS from
malicious programs designed an algorithm that simulates malware insulation level
applications built structure of expert system to block and isolate malicious
programs, within which the technique of making real-time by choice of remedy
developed programs to block and isolate malicious behavior for protection systems
OSOS.
Practical value
: developed models, algorithms, software tools allow to build
expert systems for decision-making to assess the threat and the choice of remedies
in real time.
Degree of embed and economic effectivity
: The results are used in the
learning process in the departments "E-commerce" and "Information Security"
Tashkent University of Information Technology, as well as implemented and used
in the Internet Service Provider Ltd ISP «DosTlink».
Field of application
: developed software tools can be used to protect
operating systems, open source software against malicious programs in
organizations using servers based on Linux.
