RU2558625C1 - Method of protecting information from leakage through compromising emanation channel and noise pickup - Google Patents

Abstract

FIELD: physics.

SUBSTANCE: method of protecting information from leakage through a compromising emanation channel and noise pickup includes creating N files and breaking down the files into M parts. Each part contains files which, when passing through connecting lines and units of computer equipment, generate signals with a defined power frequency spectrum, after which said parts of files are copied into M digital storages and files randomly selected from a list on each storage are simultaneously read from M digital storages and written into a region of the internal memory of the computer equipment, followed by repeated reading and writing of the files for a period of time needed to mask the information signal.

EFFECT: high overlapping coefficient of the spectra of the informative and non-informative signals emitted by computer equipment.

2 cl, 6 dwg

Description

The invention relates to the field of computer technology and can be used to protect information processed by computer technology (CBT), in particular, from leakage through the channel of secondary electromagnetic radiation and interference (PEMIN).

A known method of protecting information in a communication line (RF patent No. 2237371), based on the superposition of an additional signal on the main signal and on the fact that at the time of the start of transmission of the main signal, an additional signal is formed on the receiving side of the communication line, which is transmitted towards the main signal, and the amplitude and the average transmission frequency of the additional signal is set approximately equal to the amplitude and average frequency of the main signal, and to restore the main signal on the receiving side of the communication line The voltage from the current flowing in the communication line is multiplied by a factor proportional to the resistance of the communication line and summed with an additional signal. The disadvantage of this method is that there is the possibility of restoring information from the "portrait" of secondary electromagnetic radiation (PEMI) due to the possible difference in the frequencies of the primary and secondary signals.

A known method of protecting information in a communication line from leakage due to spurious electromagnetic radiation and interference, implemented in a known device (RF patent No. 74722, publ. 10.07.2008), based on the conversion of an information signal on the transmitting side immediately before transmission from the serial code to parallel transferring it over the communication line, which is a parallel interface, to the receiving side and converting the signal at the receiving side from the parallel code again to the original serial code before applying it to Directly to the receiver. The disadvantage of the presented method is the ability to restore information for serial interfaces, the capacity of which is small.

A known method of protecting information in a communication line (RF patent No. 2427903, publ. 1.02.2011), based on the imposition of an additional signal on the main signal and on the fact that they suspend the transmission of digital signals on the communication line, supplement this line with an additional line and synchronously with by transmitting along the protected line, signals are transmitted along this additional line, the amplitude and time-frequency parameters of which are selected so that the portrait of the total PEMI from both lines arising in the surrounding space during the transmission of information tion was identical for each transmission cycle. The disadvantage of this method is the high complexity of the technical implementation and the decrease in the speed of the CBT, which are introduced by making additional changes. Another disadvantage of the presented method is the impossibility of complete overlapping in the frequency domain of the PEMI from the main and additional lines due to the use of the same and equal power signals in both lines.

The closest in technical essence to the claimed method and selected as a prototype is a method of protecting the CBT from information leakage through the channel of spurious electromagnetic radiation and interference (RF patent No. 2479022), which consists in the formation of N files whose contents do not need to be protected, then the first part of the files from the general list, corresponding to 0.5N, is written to the first digital drive, and the second part of the files from the general list, corresponding to 0.5N, to the second digital drive, I read from the first digital drive t a file selected from the list according to a random law, and write it to the second digital drive, and simultaneously from the second digital drive, read a file selected from the list according to a random law, and write it to the first digital drive, write and read files repeatedly over time required to mask an informative signal, while the same files are repeatedly recorded at the same place in digital drives to fulfill the condition of not exceeding the total size of all copied files of the memory size of the digital drive on which the generated files are recorded, when passing along the connecting lines of typical nodes and blocks of computer equipment, their own uninformative spurious electromagnetic radiation occurs, and the spectrum of the informative signal coincides with the maximum intensity of the spectrum of non-informative spurious electromagnetic radiation by means of envelope correction spectrum of non-informative spurious electromagnetic radiation due to structural changes ry bit sequence generated files.

The disadvantage of the prototype method is the low coefficient of overlap of the spectra of informative and non-informative signals, due to the following factors:

1) in the prototype method by changing the method of forming bit sequences, it is impossible to achieve an exact match of the frequency spectra of the masking and informative signals;

2) the possibility of periodic correction of the envelope of the spectrum in real time due to changes in the structure of the bit sequence implies the measurement of CBT radiation, which during operation will already contain uninformative radiation.

The frequency spectrum of the signal generated by the passage of non-informative files along the connecting lines is divided into K frequency bands and the integral value of the power U ^{(p) of} this signal in the p-th band (1≤p≤K) is calculated. The overlap coefficient of the spectra of non-informative and informative signal in the p-th frequency band is equal to:

where U ^(p) is the integral value of the power of the non-informative signal in the p-th frequency band;

Z ^(p) is the integral value of the power of the informative signal in the p-th frequency band.

The overlap coefficient of the spectra of non-informative and informative signal in the entire frequency range S is equal to:

in this case, if S≥0.95, then an uninformative signal will provide signal overlap in the entire spectrum.

The objective of the invention is to increase the overlap coefficient of the spectra of informative and non-informative (masking) signals emitted by CBT.

In the claimed method, this problem is solved by the fact that N files are generated, the contents of which do not need to be protected, files are written and read repeatedly during the time required to mask the informative signal, when files pass along connecting lines of typical nodes and blocks of computer equipment, their own non-informative side electromagnetic radiation, while the coincidence of the spectrum of the informative signal with the maximum intensity of the spectrum of non-informative side electrons of electromagnetic radiation is provided by correcting the envelope of the spectrum of non-informative spurious electromagnetic radiation by changing the structure of the bit sequence in the generated files, in addition to this, after N files are generated, they are divided into M parts, each of which contains files generating signals with a specific frequency power spectrum . Each part of the files from the general list is recorded on a separate digital drive. After that, simultaneously with the i-th (i = 1 ... M) digital drive, a file selected from the list according to a random law is read and written to the internal memory area of the CBT. In this case, the same files are repeatedly recorded at the same place in the internal memory area of the CBT to satisfy the condition that the total size of all copied files does not exceed the size of the internal memory area into which the generated files are written.

In addition, the correction of the envelope of the spectrum of non-informative spurious electromagnetic radiation is provided by changing the recording (reading) order of M parts of files on M digital storage devices.

The analysis of the prior art made it possible to establish that there are no analogues that are characterized by a combination of features identical to all the features of the claimed method of protecting information from leakage through the channel of spurious electromagnetic emissions and interference. Therefore, the claimed invention meets the condition of patentability "novelty."

Search results for known solutions in this and related fields of technology in order to identify features that match the distinctive features of the claimed object from the prototype showed that they do not follow explicitly from the prior art. The prior art also did not reveal the popularity of the impact provided by the essential features of the claimed invention, the transformations on the achievement of the specified technical result. Therefore, the claimed invention meets the condition of patentability "inventive step".

The claimed invention is illustrated by the following figures:

figure 1 - algorithm for generating masking signals according to the proposed method;

figure 2 - algorithm for forming a list of file sets;

figure 3 - tree overlapping masking signals implemented by the proposed method, and the desired masking signal;

figure 4 - frequency spectrum of the informative signal emitted by the CBT;

5 is a frequency spectrum of a masking signal implemented according to the prototype method;

6 is a frequency spectrum of a masking signal implemented according to the claimed method.

As digital drives are considered flash drives connected to a PC via USB hubs and interface cables. In general, their number M is limited by the number of free interface ports in the CBT and the number of transceiver pairs of interface cables.

The claimed method is implemented as follows (figure 1).

N non-informative files of 1 MB in size, which are bit sequences, are generated using a pseudo-random number generator or using a 16-bit bitmask. When generating a file using a 16-bit bitmask, its combination of bits will be repeated periodically. File content does not require protection. The nature of the distribution of bits in the file affects the spectrum parameters (intensity and spectrum width) of the generated masking signals. In addition, the spectrum intensity is also determined by the characteristics of the interface cable.

Due to the uncertainty in the relative position of the spectrum of the informative signal and the maximum intensity of the spectrum of the non-informative signal, it is possible that the maximum intensity of the spectrum of the masking signal does not coincide with the frequency of the informative signal. This leads to a decrease in the overlap coefficient of the spectra of an uninformative and informative signal in the entire frequency range. The control of the spectrum intensity of the masking signal is possible by correcting the envelope of the spectrum of the masking signal by changing the structure of the bit sequence of non-informative files. The structure of the bit sequence of non-informative files depends on the method used to generate them.

The frequency spectra of the signals generated as a result of passing each generated file along the connecting lines are divided into K frequency bands and the integral value of the power U ^{(p) of} this signal in the p-th band (1≤p≤K) is calculated.

Compare U ^(p) with the value of the integrated power of the desired noise signal V ^(p) . The required noise signal is obtained as a result of the analysis of the emitting properties of the CBT or indicated in the documentation.

Then divide N files into M parts as follows. The file that generates a signal while passing through connecting lines of typical nodes and blocks of computer equipment is written to the ith (i = 1 ... M) drive if the inequality U ^(p) ≥ V ^(p) is satisfied for all p such that

If none of the generated files are recorded on the i-th medium, then the process of generating files is repeated.

After that, simultaneously with the i-th (i = 1 ... M) digital drive, a file selected from the list according to a random law is read and written to the internal memory area of the CBT. Simultaneous transfer of more than 2 files is possible with several Hub devices for the interface used.

While continuing the process of processing information on the SVT, reading and writing of files is carried out repeatedly during the time necessary to mask the informative signal. Repeatedly non-informative files are copied to the same place in the internal memory area of the CBT, so the amount of occupied internal memory does not exceed the total volume of all copied files. The storage capacity of at least 4 GB, which allows you to store enough to ensure the randomness of the transmitted signal number of files.

When implementing the method, a situation arises when the integrated power values of the noise signals emitted during the passage of files located on different media within the same frequency band exceed the value of the required noise signal, i.e. when writing and reading this file. Thus, with a large number of information carriers M, situations arise when the required total uninformative radiation is generated by an excessive number of simultaneously transmitted files, on which the load on the central processor (CPU) depends directly. To reduce the involved hardware resource (CPU utilization), it is necessary to carry out the following steps before writing and reading files (figure 2).

, если интегральное значение энергии сигнала, формируемого при прохождении c-го файла с b-го накопителя в полосе частот p больше, чем у требуемого шумового сигнала V^(p). Узлы на соседних уровнях соединяются, причем в каждой из ветвей образованного дерева может находиться только по одному файлу с каждого накопителя.A tree of graphs is formed as follows (Fig. 3), nodes are left at each level i $$U_{bc}^{(p)}$$

if the integral value of the energy of the signal generated during the passage of the c-th file from the b-th drive in the frequency band p is greater than that of the required noise signal V ^(p) . Nodes at neighboring levels are connected, and in each of the branches of the formed tree there can be only one file from each drive.

Assign weight to each node in the graph as follows: if the node U _bc occurs in the tree branch for the first time, it is assigned weight 1, if it is repeated, then 0.

Perform a depth search on the tree starting from the root. On the return route from the lower level to the root, it is established which files must be transferred simultaneously to achieve the required level of information security. The number of simultaneously transmitted files D is equal to the sum of the weights of all nodes on the way from the root to the lower level.

If D <M, then the set of files that must be transferred simultaneously is entered into the list.

Thus, before transferring a collection of files resulting from a random selection of a file on each drive, they are checked for belonging to any collection of files from the above list. If the entire set of files from the list is included in the set of files checked before transfer, then files not included in the set in the list are not transferred. Moreover, the comparison occurs first with the populations in the list having the smallest number of elements.

The process of changing the recording and reading order of files is illustrated by the example for 3 drives (M = 3) and when dividing the signal spectra into 6 bands (K = 6). Each medium contains two files. For the first file on the first drive, it is true that the integral value of the power of the signal generated when this file passes through the connecting lines and nodes of the CBT is greater than the reference in the 1 and 2 frequency bands (U ₁₁ ^(p) ≥V ^(p) for p∈ [1 ; 2]). Similarly, for the remaining files, U ₁₂ ^(p) ≥V ^(p) for p∈ [1; 3]; U ₂₁ ^(p) ≥V ^(p) for p∈ [3; four]; U ₂₂ ^(p) ≥V ^(p) for p∈ [3; four]; U ₃₁ ^(p) ≥V ^(p) for p∈ [5; 6]; U ₃₂ ^(p) ≥V ^(p) for p∈ [4; 6]. After compiling the graph tree (Fig. 3) and calculating the path weights, the set of files (U ₁₂ , U ₃₂ ) is entered into the list, since the weight of the path with the nodes U ₁₂ and U ₃₂ is 2 (D = 2). If, as a result of a random selection of a file on each medium, it is necessary to simultaneously copy a set of files (U ₁₂ , U ₂₁ , U ₃₂ ) or (U ₁₂ , U ₂₂ , U ₃₂ ), then copying files from the second medium is not carried out. Thus, the envelope of the spectrum of uninformative spurious electromagnetic radiation is corrected by changing the recording order and reading of uninformative files in the internal memory area.

When implementing the proposed method, a result is achieved that is equivalent to an increase in the overlapping coefficient of informative and non-informative (masking) signals emitted by the CBT, which greatly complicates or excludes the decision to detect and recognize (classify) informative PEMIs received at the input of the interception receiver. The intensity of uninformative interference does not exceed the standards for industrial interference.

The validity of the results is confirmed experimentally. Figure 4 shows the frequency spectrum of the emitted CBT informative signal. Figure 5 shows the frequency spectrum of the masking signal obtained as a result of the practical implementation of the prototype method, and figure 6 - the frequency spectrum of the masking signal obtained as a result of the practical implementation of the proposed method for 2 digital storage devices. The measurements were carried out in a shielded chamber with a attenuation coefficient of at least 60 dB in the frequency range from 1 Hz to 480 MHz. The level of spurious electromagnetic emissions was estimated by the FSP-30 spectrum analyzer with the SAS-550-1B active whip antenna. The indicated spectra are divided into 128 equal frequency bands in the range from 1 to 480 MHz and the overlap coefficient of the informative and non-informative signal in the whole spectrum is calculated. For the spectra shown in FIGS. 4 and 5, the overlap coefficient was S ₁ = 0.82031. The obtained result indicates an insufficient degree of masking of the information signal, which allows us to conclude that the information processed by the SVT is insufficiently protected. For the spectra in FIG. 4 and FIG. 6, the overlap coefficient is S ₂ = 0.974375.

The gain in the coefficient of overlap for the claimed method relative to the prototype method amounted to

Therefore, the technical result claimed in the objective of the invention is achieved.

The advantages of the proposed method are as follows:

- during the operation of the CBT, an increase in the level of information security in the required frequency range of the signal from leakage due to PEMIN is provided;

- key information is not used;

- its implementation does not require structural changes of nodes and blocks of CBT and is carried out with a slight involvement of the resource of the central processor.

Thus, the present invention allows, at low financial cost, to increase the level of security of information of the CBT in the entire frequency range from leakage due to spurious electromagnetic radiation and interference.

Claims (2)

1. A method of protecting information from leakage through the channel of spurious electromagnetic radiation and interference, which consists in generating N files, the contents of which do not need to be protected, writing and reading of files is carried out repeatedly during the time required to mask an informative signal, during which connecting lines of typical nodes and blocks of computer technology have their own non-informative spurious electromagnetic radiation, with the coincidence of the spectrum of the informative signal with the maximum intensity of the spectrum of non-informative spurious electromagnetic radiation is provided by correcting the envelope of the spectrum of non-informative spurious electromagnetic radiation by changing the structure of the bit sequence in the generated files, characterized in that after N files are generated, they are divided into M parts, each of which contains files forming signals with a specific frequency power spectrum, each part of the files from the general list is recorded on a separate digital drive, after which at the same time, from the i-th (i = 1 ... M) digital storage device, a file selected from the list according to a random law is read and written to the internal memory area of the computer, while the same files are repeatedly written to the same place in the field of internal memory, means of computer technology to satisfy the condition of not exceeding the total size of all copied files, the size of the area of internal memory into which the generated files are written. 2. The method according to claim 1, characterized in that the correction of the envelope of the spectrum of uninformative spurious electromagnetic radiation is provided by changing the order of writing (reading) M parts of the files in the internal memory.

Images