Maksimova E.A., Omelchenko T.A., Umnitsyn Yu.P., Guzhakovskaya K.P. Audit of Information Security of the User’s Computer Workstation Based on System Registry Data

AUDIT OF INFORMATION SECURITY OF THE USER’S COMPUTER WORKSTATION BASED ON SYSTEM REGISTRY DATA

Elena Aleksandrovna Maksimova

Candidate of Technical Sciences, Associate Professor,

Head of Department of Information Security,

Volgograd State University

This email address is being protected from spambots. You need JavaScript enabled to view it.

Prosp. Universitetsky, 100, 400062 Volgograd, Russian Federation

Tatyana Aleksandrovna Omelchenko

Postgraduate Student, Researcher, Department of Information Security,

Volgograd State University

This email address is being protected from spambots. You need JavaScript enabled to view it.

Prosp. Universitetsky, 100, 400062 Volgograd, Russian Federation

Yuriy Petrovich Umnitsyn

Associate Professor, Department of Information Security,

Volgograd State University

This email address is being protected from spambots. You need JavaScript enabled to view it.

Prosp. Universitetsky, 100, 400062 Volgograd, Russian Federation

Kristina Petrovna Guzhakovskaya

Candidate of Physical and Mathematical Sciences, Associate Professor,

Department of Information Security,

Volgograd State University

This email address is being protected from spambots. You need JavaScript enabled to view it.

Prosp. Universitetsky, 100, 400062 Volgograd, Russian Federation

Abstract. Information security audit is an independent assessment of the current state of information security, determinig the level of its compliance with certain criteria, and providing results in the form of recommendations.

There are many approaches to the maintenance of the required level of security of the computer workstation, while the approaches vary in the degree of their effectiveness and value characteristics. The use of traditional active and passive means of information protection in the enterprise is not always possible due to various reasons. One way out of this situation can be a continuous audit of the information system as a whole and its individual vital nodes.

An audit is an independent examination of the individual areas of functioning of the organization. There are two types of audit: external and internal. To protect your system registry from malicious attacks, it is necessary to control the undesirable activities that occur in the registry during the installation of each new program. To do it manually is impossible since the registry contains millions of records. It is therefore necessary to analyse the current external software tool designed to audit information security of the system registry on the workstation user.

The results of the audit with the help of the developed program identified 15 changes, 2 of which were potentially dangerous for the stable operation of the workstation user.

Key words: system registry, information security audit, computer workstation, information security, external attack.

This work is licensed under a Creative Commons Attribution 4.0 International License.