№ 1 (35)

The purpose of the article is to develop a method to improve the security of important objects of critical information infrastructure in the conditions of non-standard mode of their operation caused by destructive information impact.
Methods: analysis of available methods and mathematical models for assessing the state of complex technical systems and the choice of optimal; synthesis of diffusion Markov model of the object under study in parametric form. The result: the basis of the well-known apparatus of diffusion Markov processes, the paper proposes an original method of rapid assessment of the state of important objects of critical information infrastructure in the process of their functioning to improve the safety of their operation. Increasing the efficiency of evaluation is achieved by dividing the evaluation process into two periods, with the most time-consuming and time-consuming process of obtaining basic solutions of evolutionary equations modeling the behavior of the object under study, carried out in advance. Calculation of stochastic characteristics of the object of critical information infrastructure, characterizing its technical condition, is carried out directly upon detection of destructive impact on the basis of previously obtained basic solutions. The resulting assessment of the technical condition allows you to plan measures to improve the safety of the object. The paper considers the process of synthesis of evolutionary equations describing the behavior of the object of study in parameterized form, obtaining their basic solutions, as well as the algorithm for the implementation of the proposed method. The results of the study can be used in the development of technical specifications (private technical specifications) for the modernization of security systems of critical information infrastructure.
Keywords: complex technical object, destructive influence, non-standard operation mode, safety, Markov models,
evolutionary equations, basic solutions, condition assessment, score state, speed of assessment.

1. Zegzhda D.P., Vasil`ev Yu.S., Poltavceva M.A., Kefeli I.F., Borovkov A.I. Kiberbezopasnost` progressivny`x proizvodstvenny`x texnologij v e`poxu cifrovoj transformacii // Voprosy` kiberbezopasnosti. 2018. №2. S. 2-15. DOI:10.21681/2311-3456-2018-2-2-15
2. Gos`kova D.A., Massel` A.G. Texnologiya analiza kiberugroz i ocenka riskov kiberbezopasnosti kriticheskoj infrastruktury` // Voprosy` kiberbezopasnosti. 2019. №2. S. 42-49. DOI:10.21681/2311-3456-2019-2-42-49
3. Kolosok I.N., Gurina L.A., Povy`shenie kiberbezopasnosti intellektual`ny`x e`nergeticheskix sistem metodami ocenivaniya sostoyaniya // Voprosy` kiberbezopasnosti. 2018. №3. S. 63-69. DOI:10.21681/2311-3456-2018-3-63-69
4. Vasil`eva V.I., Kirillova A.D., Kuxarev S.N. Kiberbezopasnost` avtomatizirovanny`x sistem upravleniya promy`shlenny`x ob``ektov
(sovremennoe sostoyanie, tendencii) // Vestnik UrFO. Bezopasnost` v informacionnoj sfere. 2018. № 4. S. 66-74.
5. Severcev N.A. Sistemny`j analiz i modelirovanie bezopasnosti. M.: Vy`sshaya shkola, 2018. 462 s.
6. Pugachev V.S., Sinicyn I.N. Teoriya stoxasticheskix sistem. M.: Logos, 2000. 1000 s.
7. Viktorova V. S., Stepanyancz. A.S. Modeli i metody` rascheta nadezhnosti texnicheskix sistem. M.: Lenand, 2014. 256 c.
8. Ostrejkovskij V.A. Teoriya nadezhnosti. M.: Vy`sshaya shkola, 2004. 462 s.
9. Danilyuk S.G., Murashko A.A. Primenenie veroyatnostno-lingvisticheskogo podxoda pri reshenii zadach ocenivaniya uyazvimosti sistem
obespecheniya bezopasnosti e`kspluatacii vazhny`x texnicheskix ob``ektov // Izvestiya Instituta inzhenernoj fiziki, 2016 № 2. S. 5-10.
10. Gurina L.A., Zerkal`cev V.I., Kolosok I.N., Korkina I.S., Mokry`j I.V. Ocenivanie sostoyaniya e`lektroe`nergeticheskoj sistemy`: algoritmy`
i primery` linearizovanny`x zadach. Irkutsk: ISE`M SO RAN, 2016. 37 s.
11. Lifshicz I.I., Fatkieva R.R. Model` integrirovannoj sistemy` menedzhmenta dlya obespecheniya bezopasnosti slozhny`x ob``ektov // Voprosy` kiberbezopasnosti. 2018. №1. S. 64-71. DOI:10.21681/2311-3456-2018-1-64-71
12. Chislo DDoS – atak v 2018 godu snizilos`, no oni stali slozhnee [E`lektronny`j resurs] https://www.itweek.ru/security/news-company/detail. php?ID=205254 (data obrashheniya k resursu: 14.03.2019 g.).
13. Bratchenko A.I., Butusov I.V., Kobelyan A.M., Romanov A.A. Primenenie metoda nechetkix mnozhestv k ocenke riskov narusheniya kriticheski vazhny`x svojstv zashhishhaemy`x resursov avtomatizirovanny`x sistem upravleniya // Voprosy` kiberbezopasnosti. 2019.
№1. S. 18-24. DOI:10.21681/2311-3456-2019-1-18-24
14. Andryuxin E.V. , Ridli M.K., Pravikov D.I., Prognozirovanie sboev i otkazov v raspredelenny`x sistemax upravleniya na osnove modelej prognozirovaniya vremenny`x ryadov // Voprosy` kiberbezopasnosti. 2019. №3. S. 24-32. DOI:10.21681/2311-3456-2019-3-24-32
15. Pyatkova N.I., Beresneva N.M. Modelirovanie kriticheskix infrastruktur e`nergetiki s uchetom trebovanij e`nergeticheskoj bezopasnosti. // Informacionny`e i matematicheskie texnologii v nauke i upravlenii. 2017. № 3. S 54-65.
16. Tixonov V.I., Mironov M.A. Markovskie processy`. M.: Sovetskoe radio, 1977. 488s.
17. Kochnev S.V., Lapsar` A.P. Sintez izmeritel`no-upravlyayushhix sistem dlya potencial`no opasny`x slozhny`x texnicheskix ob``ektov na baze parametrizovanny`x markovskix modelej // Problemy` bezopasnosti i chrezvy`chajny`x situacij. 2014. №5. S. 77-85.
18. Kantorovich L.V., Akilov G.P. Funkcional`ny`j analiz. M.: SPb: BHV, 2017. 816 s.
19. Tanana V.P. Metody` resheniya operatorny`x uravnenij. M.: Nauka, 2015. 160 s.
20. Baxvalov N.S., Zhidkov N.P., Kobel`kov G.M. Chislenny`e metody`. M.: Binom, 2011. 640 s.
21. Samarskij A.A., Gulin A.V. Chislenny`e metody` matematicheskoj fiziki. M.: Al`yans, 2016. 432 s.
22. Grishko A.K., Ly`senko A.V., Moiseev S.A. Prognozirovanie i optimizaciya upravleniya processov proektirovaniya slozhny`x sistem v masshtabax real`nogo vremeni // Nadezhnost` i kachestvo slozhny`x sistem. 2018. №1. S. 40-45.
23. Kudinov Yu.I, Kelina A.Yu, Kudinov I.Yu., Pashhenko A.F. Nechetkie modeli i sistemy` upravleniya. M.: Lenard, 2017. 237 s.

The paper proposes a protection system of active data in a distributed computing system. The analysis of existing technical solutions is carried out, the scientific problem consisting in necessity of effective protection of terminal programs against the analysis and restoration of algorithms of functioning is allocated. The object of protection in the presented work are terminal programs or active data functioning in nodes of the distributed computing system. The aim of the work is to increase the security of terminal programs against the analysis and restoration of the algorithm of their functioning. The proposed solution is based on the application of virtual machine technology with a secret architecture. The architecture of the virtual machine in this paper refers to the used alphabet of byte-code and functional objects used in protected terminal programs. The models of threats and software security violator are developed and described. The requirements are formed on the basis of the analysis of the operating conditions, as well as models of threats and security violator. A mathematical model of the active data protection system against analysis based on code virtualization and its software implementation in the form of applications in C/C++ and Java is proposed. The efficiency of the system was experimentally tested according to particular indicators of quality (efficiency) of the proposed system, confirming its effectiveness. The proposed solution makes it possible to effectively complicate the analysis and restoration of algorithms for the functioning of terminal programs in a distributed computer system.
Keywords: information security system, active data, obfuscation methods, virtual machine, byte‑code.

1. Petrov A.A. Metodi zashhity programmnogo koda // Informatika i bezopasnost’ sovremennogo obshchestva. 2019. Vol. 1. No 1. P. 24–28.
2. Petrov A.S., Petrov A.A. Tehnologija zashhity programmnogo koda posredstvom primenenija virtual’noi mashini // Vestnik VNU. 2009. № 9 (103), No 1. pp. 117–122.
3. Aranov V.Y. Metod i sredstva zashhity ispolnjaemogo programmnogo koda ot dinamicheskogo i staticheskogo analiza: avtoref. dis. … kand. tehn. nauk : 05.13.19 Sankt-Peterburg, 2014. 18 p.
4. Rechistov G.S., Yulyugin Е.A. Simulation of instruction set extension for transactional memory of modern central processors // Prikladnaya informatika. 2014. No 5 (53). P. 16–24.
5. Kazarin O.V., Shubinskii I.B. Nadegnost’ i bezopasnost’ programmnogo obespechenija / Moscow: Izdatel’stvo Yurait. 2018. 342 p.
6. Varnavskii N.P., Zaharov V.A., Kuzyurin N.N., Shokurov A.V. Sovremennoe sostojanie issledovanii v oblasti obfuskacii programm : opredelenie stoikosti obfuskacii // Trudi ISP RAN. Vol. 26. No 3. 2014. pp. 167–198. DOI: 10.15514/ISPRAS-2014-26(3)-9.
7. Kaiyuan Kuang, Zhanyong Tang, Xiaoqing Gong, Dingyi Fang, Xiaojiang Chen, Zheng Wang Enhanced virtual-machine-based code obfuscation security through dynamic bytecode scheduling // Computers & Security. 2018. No 74. P. 202–220. DOI: 10.1016/j.cose.2018.01.008.
8. Barak B., GoldreichO., Impagliazzo R., Rudich S., Sahai A., Vadhan S., Ke Yang On the (im)possibility of obfuscating programs // Advances in Cryptology – CRYPTO’01, Lecture Notes in Computer Science, Vol. 2139, 2001, pp. 1–18. DOI: 10.1145/2160158.2160159.
9. Kuleshov S.V., Cvetkov O.V. Aktivnye dannye v cifrovyh programmno-opredeljaemyh sistemah // Informacionno-izmeritel’nie i upravljayushhie sistemy. 2014. Vol. 12. № 6. pp. 12–19.
10. Aleksandrov V.V., Kuleshov S.V., Cvetkov O.V., Zaiceva A.A. Koncepcija postroenija infotelekommunikacii (prototip SDR) // Trudi SPIIRAN. 2008. No 6. pp. 51–57. DOI: 10.15622/sp.6.5.
11. Markin D.O., Galkin A.S., Arhipov P.A. Organizatsija anonimnogo dostupa s pomosch’ju veb-proksi // Naukoemkie tehnologii v kosmicheskih issledovanijah Zemli. 2016. No 8, № 5. pp. 44–49.
12. Markin D.O., Galkin A.S., Arhipov P.A. Issledovanie ustojchivosti anonimnoj seti na osnove tehnologij veb-proksi // Voprosy kiberbezopasnosti. 2016. No 2 (15). pp. 21–28. DOI: 10.21681/2311-3456-2016-2-21-28.
13. Markin D.O, Pavlov D.I., Zvjagintsev S.A. Analiz metodov i sredstv issledovanija programmnogo obespechenija // Aktual’nye napravlenija razvitija sistem ohrany, spetsial’noj svjazi i informatsii dlja nuzhd organov gosudarstvennoj vlasti Rossijskoj Federatsii: XI Vserossijskaja mezhvedomstvennaja nauchnaja konferentsija: materialy i doklady (Orjol, 5–6 feb. 2019) Vol. 10 / pod obsch. red. P. L. Malysheva. Orjol: Akademija FSO Rossii, 2019. 200 p. pp. 34–37.
14. Markin D.O. Makeev S.M., Viharev A.N. Kompleks algoritmov zaschischennyh tumannyh vychislenij na osnove tehnologii aktivnyh dannyh // Izvestija Tul’skogo gosudarstvennogo universiteta. Tehnicheskie nauki. 2019. No 3. pp. 263–269.
15. Markin D.O., Makeev S.M., Lenchuk V.D., Ohrimenko A.A., Shapkin R.V. Avtomatizirovannaja sistema upravlenija soderzhaniem udalennyh informatsionnyh resursov № 2016617298 ; declared 29.06.2016. 
16. Markin D.O., Trohachjov M.A., Zemtsov A.E., Jurkin A.A. Programmnyj agent obespechenija raspredelennyh vychislenij na osnove tehnologii aktivnyh dannyh dlja uzla vychislitel’noj seti na baze mobil’nyh ustrojstv pod upravleniem operatsionnoj sistemy Android № 2018660343 ; declared 22.08.2018 g.
17. Markin D.O., Trohachev M.A. Razrabotka agenta tumannyh vychislenij dlja mobil’nyh ustrojstv pod upravleniem operatsionnoj sistemy Android // Informatsionnaja bezopasnost’ i zaschita personal’nyh dannyh: Problemy i puti ih reshenija: materialy XI Mezhregional’noj nauchno-prakticheskoj konferentsii / pod red. O.M. Golembiovskoj, M.Ju.Rytova. Brjansk: BGTU, 2019. pp. 136–141.
18. Markin D.O., Zemtsov A.E. Algoritm reshenija zadachi faktorizatsii sredstvami tumannyh vychislenij // Informatsionnaja bezopasnost’ i zaschita personal’nyh dannyh. Problemy i puti ih reshenija : materialy XI Mezhregional’noj nauchno-prakticheskoj konferentsii / pod red. O. M. Golembiovskoj, M. Ju. Rytova. Brjansk : BGTU, 2019. p. 126–129.
19. Petrov A.S., Petrov A.A. Tehnologija zaschity programmnogo koda posredstvom primenenija virtual’noj mashiny // Vestnik VNU. 2009. No 9 (103), Vol. 1. pp. 117–122.
20. Sahai A., Waters B. How to Use Indistinguishability Obfuscation: Deniable Encryption, and More // CRYPTO ePrint, 2013. DOI: 10.1145/2591796.2591825.
21. Auguste Kerckhoffs. La cryptographie militaire. Journal des sciences militaires, 1883.
22. Interpretatory bajt-kodov svoimi rukami / Blog kompanii Badoo. URL: https://habr.com/company/badoo/blog/425325/. Accessed: 17.09.2019.

A significant part of the projects for the development of cyber risk management systems in oil and gas projects, either does not lead to the expected results, or in fact requires more resources than planned. One of the reasons for this situation seems to be the lack of reliable and practically tested risk management tools at the disposal of senior management and the project team, especially in the early stages of the life cycle. The presented publication will consider an example of a significant duration of the project for which the development of a risk management system was carried out.
Purpose. Analysis of existing approaches to cyber risk management and development of recommendations for information security in oil and gas projects of holding companies.Research methods. Methods of system analysis and methods of theoretical and comparative analysis are used. The risks arising at various stages of preparation of oil and gas projects are investigated.
Results. A system of identifying sources, identification and analysis of cyber risks that can affect the implementation of oil and gas projects for holding companies has been developed. The stages of the life cycle are considered and the need to ensure information security with the involvement of consulting companies is noted. It is recommended to pay attention to the degree of maturity of the consulting companies involved. Information security is proposed to be implemented at different levels: in assessing the competencies of specialists used it, culture analysis and preparation of reporting documents. The results of the study were applied in the implementation of oil and gas projects.
Keywords: Project, oil and gas project, risks, cyber risks, management system, integrated management system, information security, audit.

1. Teilans A.A., Romanovs A.V., Merkuryev Yu.A., Dorogovs P.P., Kleins A.Ya., Potryasaev S.A. / Assessment of Cyber Physical System Risks with Domain Specific Modelling and Simulation. SPIIRAS Proceedings. 2018. Issue 4(59). 115 -139 / DOI 10.15622/sp.59.5
2. Biro M., Mashkoor A., Sametinger J., Seker R. Software Safety and Security Risk Mitigation in Cyber-physical Systems // IEEE Software. 2018. vol. 35. no. 1. pp. 24–29. DOI: 10.1109/MS.2017.4541050
3. Hu F. Cyber-Physical Systems: Integrated Computing and Engineering Design // New York: CRC Press. 2018. 398 p.. ISBN 9781466577008
4. Eling M. What do we know about cyber risk and cyber risk insurance? // The Journal of Risk Finance. 2017. Іss. 5. Р. 474–491. DOI: 10.1108/JRF-09-2016-0122
5. Subhayu Bandyopadhyay, The Economic Impact of Terrorism on Developing Countries. January 29, 2018
6. Subhayu Bandyopadhyay, Javed Younas. Trade and Terror: The Impact of Terrorism on Developing Countries. December 11, 2017
7. Bandyopadhyay, Subhayu; Sandler, Todd; and Younas, Javed. Foreign Direct Investment, Aid, and Terrorism. Oxford Economic Papers, January 2014, Vol. 66, No. 1, pp. 25-50.
8. James Andrew Lewis. The Economic Impact of Cybercrime — No Slowing Down. CSIS. February 21, 2018
9. Max Metzger. FBI says Ransomware soon becoming a billion dollar business. SC Media UK, January 10, 2017.
10. Arctic Potential: Realizing the Promise of U.S. Arctic Oil and Gas Resources. National Petroleum Council 2015.
11. World Energy Outlook 2017. OECD/IEA, September 14, 2017
12. World Energy Outlook 2018. The gold standard of energy analysis. OECD/IEA, 2018.
13. Livshits I. Podhodi k primeneniy modeli integrirovannoy sistemy memegzhmenta dly provedeniy auditov slozhnyh promishlennyh objectov – aeroportovyh kompleksov // Trydi SPIIRAN. 2014. 6. 72–94 pp.
14. Livshitz I. Metodika vypolneniy kompleksnyh auditov promishlennyh objectov dly obespechenia effectivnigo vnegrenia system energomenegzhmenta // Energobezopasnost’ I Energosberezhenie. 2015. 3. 10-15 pp.
15. Zabaikin Y., Zaernyk V., Soversnenstvovanie mechanism usto’chivogo rezvitiya promyshlennogo predpriyatia. M.: Nauchnie technolii. 2017. 263 p.. ISBN 978-5-4443-0116-6
16. Poletikin A. Formalizovannyi’ metod ocenki I upravleniya riskami dly obespechenia kiberbezopasnosti bol’shih system upravlenia/ Materialy VIII Mezdunarodno’ konferencii “Upravlenie razvitiem krupnomashtabnih sistem” MLSD’2015, Moskva. M. IPU RAN. 2015. 1. 123-129 pp.. MLSD’2015
17. Zairnyk V., Snitko N. Ocenka technogennyh riskov v gornodobivayshei otrasly // Izvestia vysshih uchebnich zavedeni’. Geologia I razvedka. 2016. 5. 73-78 pp.
18. Revenkov P., Bergugin A. Kiberbezopasnost’ v usloviyah internet veshe’ I elektonnogo bankinga // Nacional’nie interesy: prioritety I bezopasnost’. 2016. 11 (344). 158-169 pp.. ISSN 2311-875X
19. Pluchevskay E., Ovinnikova K. Aktual’nost’ processnogo podhoda pri upravlenii proektami v neftegazovoi otrasli // Ekonomika I predprinimatel’stvo. 2014. 12-2 (53). 681-686 pp.. ISSN: 1999-2300
20. Ryabov A. Proekti rukovodstva po bezopasnosti na opasnih proizvodstvennih ob’ektah neftegazovogo kompleksa // Bezopasnost’ truda v promishlennosti. 2014. 12. 68-70 pp.
21. Mastepanov A. Neftegazovye proekty na arkticheskom shel’fe v usloviyah vysokih I nizkih cen na energoresursy // Nauchni’ zhurnal rossi’skogo gazovogo obshestva. ISSN: 2412-6497. 2016. 4. 11-18 pp.. ISSN: 2412-6497
22. Ermolina L., Il’ina L. Osobennosti upravleniya proektami akseleracii razvitiy biznesa neftegazovih predpriyati’ // Izvestiy Volgogradskogo gosudarstvennogo tehnicheskogo universiteta. 2016. 16 (195). 80-84 pp.

Currently, to connect to computers any external devices, starting with flash drives, photo and video cameras and ending with office equipment and sophisticated medical devices, more and more actively used serial USB data interface. The wide use of USB devices for data storage and transmission is due to their versatility, reliability, performance, simplicity and convenience. At the same time, USB devices are one of the most dangerous and actively used tools and channels for implementing information security threats. The purpose of the study, the results of which are presented in this article, is to increase the security of autonomous automated workplaces from threats to information security implemented with the help of USB-devices. Research methods: to achieve this goal, the technical characteristics and functionality of USB-devices were investigated, the potential vulnerabilities and ways of their operation for the implementation of information security threats were identified, and the advantages and disadvantages of existing approaches and means of protection were analyzed. The result of research and work: created software complex for access control of USB-devices, which provides protection of autonomous automated workplaces operating under Windows OS by detecting connected devices, checking their legitimacy on a secure database of allowed USB-devices, blocking illegitimate connections, registering events associated with these operations. This software complex can also be used to detect the facts of illegal use of USB-devices, tracking and recording operations performed with their help to identify and analyze insider activity. The description of the composition, structure and functioning algorithms of this software complex is given. The main directions of its development and improvement are defined.

Keywords: access control, information security threats, security algorithms and tools, USB devices, USB vulnerabilities.

1. USB Complete: The Developer’s Guide (Complete Guides series) Fifth Edition, Fifth edition. Edition by Jan Axelson. Published by Lakeview Research LLC, March 1, 2015. 524p.
2. Polezhaev P.N., Malahov A.K., Sagitov A.M. «Ahillesova pyata» USB-ustrojstv: ataka i zashchita // Filosofskie problemy informacionnyh tekhnologij i kiber-prostranstva. 2015. № 1(9). C. 106–117.
3. Nir Nissim, Ran Yahalom, Yuval Elovici: USB-based attacks, in Computers & Security, vol. 70, pp. 675-688, 2017.
4. Abhijeet Ramani, Somesh Kumar Dewangan: Auditing Windows 7 Registry Keys to track the traces left out in copying files from system to external USB Device” in International Journal of Computer Science and Information Technologies, vol. 5 ,2, pp.1045-1052, 2014.
5. Angel, S., Wahby, R.S., Howald, M., Leners, J.B., Spilo, M., Sun, Z., Blumberg, A.J., Walfish, M.: Defending against malicious peripherals with Cinch. In: USENIX Security Symposium (2016).
6. Francisco Ramírez Pablo González Carmen Torrano José María Alonso. Discovering and Plotting Hidden Networks created with USB Devices. CDO, Telefónica Madrid, Spain. https://www.exploit-db.com/docs/english/44947-discovering-and-plotting-hidden-networkscreated-with-usb-devices.pdf?rss
7. A.Crenshaw. Plug and Prey: Malicious USB devices. In Proceedings of ShmooCon, Jan. 2011.
8. J. Maskiewicz, B. Ellis, J. Mouradian, and H. Shacham. Mouse trap: Exploiting firmware updates in USB peripherals. In Proceedings of the USENIX Workshop on Offensive Technologies, Aug. 2014.
9. T.V. Vahnij, S.YU. Kuz’min. Razrabotka apparatno-programmnogo sredstva zashchity ot uyazvimosti BadUSB. Matematicheskie struktury i modelirovanie 2016. №2(38). S. 116–125.
10. Thunderclap: Exploring Vulnerabilities in Operating System IOMMU Protection via DMA from Untrustworthy Peripherals. Network and Distributed Systems Security (NDSS) Symposium 2019 24-27 February 2019, San Diego, CA, USA ISBN 1-891562-55-X https://dx.doi.org/10.14722/ndss.2019.23194 www.ndss-symposium.org
11. S. Gallagher, “New WikiLeaks dump: The CIA built Thunderbolt exploit, implants to target Macs,” Mar. 2017. [Online]. Available: https://arstechnica.com/security/2017/03/new-wikileaks-dump-the-ciabuilt-thunderbolt-exploit-implants-to-target-macs.
12. USBlock: Blocking USB-Based Keypress Injection Attacks: 32nd Annual IFIP WG 11.3 Conference, DBSec 2018, Bergamo, Italy, July 16–18, 2018, Proceedings.
13. Tian, Dave & Bates, Adam & Butler, Kevin. (2015). Defending Against Malicious USB Firmware with GoodUSB. 261-270.
10.1145/2818000.2818040.
14. Obzor DLP-sistemy InfoWatch Traffic Monitor 6.7 https://www.anti-malware.ru/reviews/infowatch-traffic-monitor-6-7.
15. Overview of data loss prevention. https://docs.microsoft.com/en-us/office365/securitycompliance/data-loss-prevention-policies.
16. Best data loss prevention service of 2019: Choose the right DLP to protect your assets. https://www.techradar.com/best/best-data-lossprevention-service.
17. López G., Richardson N.; Carvajal J. Methodology for Data Loss Prevention Technology Evaluation for Protecting Sensitive Information. Revista Politécnica – Septiembre 2015, Vol. 36, No. 3.
18. Фергюсон Н. Шнайер Б. Практическая криптография. – М.: Издательский дом «Вильямс». 2005. – 424 с.
19. Э. М. Габидулин, А. С. Кшевецкий, А. И. Колыбельников. «Защита информации: учебное пособие». – М.: МФТИ, 2011. -- 262 с. -- ISBN 5-7417-0377-9.
20. Apple and Microsoft are both making a big bet on the future of USB. https://www.businessinsider.com/apple-microsoft-surfaceusb-c-2018-10.
21. USB flash drive market report.http://thescrippsvoice.com/market-research-news/154618/usb-flash-drive-market-report-a-completeoverview-of-market-segments-and-the-regional-outlook-of-usb-flash-drive-industry

The article describes the analysis and evaluation of undetectability parameters to the developed text electronic documents marking approach. A comparative analysis of existing approaches to steganographic analysis of images is carry out. The potentially best steganalysis methods applicable to the developed approach were identified. The following parameters were quantitatively evaluated: stegoanalysis resistance, data extraction reliability, information embedding ratio, image quality after watermark embedding, and watermark secrecy. In the course of the steganalysis, the embedding parameters, which characterize the developed approach as steganalysis resistant, were determined. The perceptual invisibility boundaries of embedded data to visual analysis are established. The obtained results of quantitative and qualitative estimates made it possible to establish the dependence of embedded data invisibility on data embedding parameters used.

Keywords: text information marking, digital watermarking, steganalysis, data classification, ROC-analysis.

1. Cherez bumazhnye dokumenty sluchaetsya kazhdaya devyataya utechka konfidencial’nyh dannyh // Analiticheskij centr InfoWatch. 2019. URL: https:// www.infowatch.ru/ analytics/digest/15511 (accessed 03.06.2019). [In Russ.]
2. Text marking approach for data leakage prevention / A. V. Kozachok [et al.] // Journal of Computer Virology and Hacking Techniques, 2019. URL: https://doi.org/10.1007/s11416-019-00336-9.
3. Podhod k izvlecheniyu robastnogo vodyanogo znaka iz izobrazhenij, soderzhashchih tekst / A. Kozachok [et al.] // Trudy SPIIRAN [SPIIRAS Proceedings], 2018. 5(60). pp. 128-155. [In Russ.]
4. Kozachok A.V., Kopylov S.A., Bochkov M.V. Robastnyj vodyanoj znak kak sposob zashchity tekstovyh dannyh ot utechki // Zashchita informacii. INSIDE, 2018, Vol. 82, no. 4. pp. 26-32. [In Russ.]
5. Kozachok A.V., Kopylov S.A. Podhod k vnedreniyu robastnogo vodyanogo znaka v tekstovye dannye. 2018. URL: http//www.ruscrypto.ru/resource/archive/rc2018/files/11_ Kozachok_Kopylov. pdf (accessed 13.06.2018). [In Russ.]
6. Salomon D. Data privacy and security: encryption and information hiding. // Springer Science & Business Media, 2003. 469 p.
7. Woo C.-S. Digital image watermarking methods for copyright protection and authentication. // Queensland University of Technology,2007. 197 p. 
8. Phadikar A. Robust Watermarking Techniques for Color Images. 2009. URL: https://www.isical.ac.in/~scc/seminars/ROBUST%20WATERMARKING%20TECHNIQUES.pdf (accessed. 13.03.2019).
9. Algoritm vstraivaniya informacii v szhatye cifrovye izobrazheniya na osnove operacii zameny s primeneniem optimizacii / O. Evsyutin [et al.] // Komp’yuternaya optika [Computer optics], 2017. Vol. 41, no. 3. pp. 412-421. [In Russ.]
10. Petitcolas F. A., Anderson R. J., Kuhn M. G. Information hiding-a survey // Proceedings of the IEEE, 1999. Vol. 87, no. 7. pp. 1062–1078.
11. Electronic marking and identification techniques to discourage document copying / J. T. Brassil [et al.] // IEEE Journal on Selected Areas in Communications, 1995. Vol. 13, no. 8. pp. 1495-1504.
12. Brassil J. T., Low S., Maxemchuk N. F. Copyright protection for the electronic distribution of text documents // Proceedings of the IEEE, 1999. Vol. 87, no. 7. pp. 1181–1196.
13. Marking text features of document images to deter illicit dissemination / J. T. Brassil [et al.] // Proceedingsof the 12th IARP International Conference on Pattern Recognition, Vol. 3-Conference C: Signal Processing (Cat. No. 94CH3440-5). Vol. 2. IEEE, 1994. pp. 315-319.
14. Fawcett T. An introduction to ROC analysis // Pattern recognition letters, 2006. Vol. 27, no. 8. pp. 861-874.
15. Powers D. M. Evaluation: from precision, recall and F-measure to ROC, informedness, markedness and correlation // Journal of Machine Learning Technologies, 2011. Vol. 2, no. 1. pp 37-63.
16. Sammut C., Webb G. I. Encyclopedia of machine learning // Springer Science & Business Media, 2011. 1032 p.
17. Cifrovaya steganografiya i cifrovye vodyanye znaki. CHast’ 1. Cifrovaya steganografiya / V. Korzhik [et al.] // Sankt-Peterburg: SPb GUT, 2016. 226 p. [In Russ.]
18. Steganograficheskie sistemy. Cifrovye vodyanye znaki / V.G. Gribunin [et al.] // Ucheb.-metod. posobie/pod red. d-ra tekh. nauk V.G. Gribunina. Sarov: FGUP “RFYAC-VNIIEF”, 2016. 210 p. [In Russ.]
19. Gribunin V., Okov I., Turincev I. Cifrovaya steganografiya // Moskva: SOLON-Press, 2017. 262 p. [In Russ.]
20. Meghanathan N., Nayak L. Steganalysis algorithms for detecting the hidden information in image, audio and video cover media // International journal of Network Security & Its application (IJNSA), 2010. Vol. 2, no. 1. pp. 43-55.
21. Vyas A. O., Dudul S. V. Study of Image Steganalysis Techniques. // International Journal of Advanced Research in Computer Science, 2015. Vol. 6, no. 8. pp. 7-11.
22. Shvidchenko I. Metody steganoanaliza dlya graficheskih fajlov // Iskusstvennyj intellekt [Artificial intelligence], 2010, no. 50. pp. 697-705. [In Russ.]
23. Bachrach M., Shih F. Y. Image steganography and steganalysis // Wiley Interdisciplinary Reviews: Computational Statistics. 2011. Vol. 3, no. 3. pp. 251-259.
24. Kaur M., Kaur G. Review of various steganalysis techniques // International Journal of Computer Science and Information Technologies, 2014. Vol. 5, no. 2. pp. 1744-1747.
25. ROC curve estimation: An overview / L. Gonçalves [et al.] // REVSTAT–Statistical Journal, 2014. Vol. 12, no. 1. pp. 1–20.
26. Cook J. A. ROC curves and nonrandom data // Pattern Recognition Letters. 2017. Vol. 85. pp. 35-41.