Home  Journals  National Interests: Priorities and Security  15(300) - 2015 April

Information support when ensuring the security of internet-banking

Vol. 11, Iss. 15, APRIL 2015

Article PDF Version

Available online: 18 April 2015

Subject Heading: THREATS AND SECURITY

JEL Classification: 

Pages: 48-58

Importance Currently, most banking institutions use information systems of Internet banking or distance banking. It is simple and convenient for both banks and their customers, though not always safe.
     Objectives Information security in Internet banking is relevant and vital since fraudulent and malicious activities (cyber-attacks) of cybercriminals (hackers) become more frequent. In reality, cybercrimes are committed more often than statistics indicates. Banking institutions are reluctant to disclose information about successful cyber-attacks cybercriminals performed. The article addresses issues of data protection in information systems of online banking and pursues preserving the integrity and confidentiality of information.
     Methods The research shapes a generalized structure of an information system of Internet banking, which reflects modular architecture of the system, links between users and control loop. I also propose a model of the information system of Internet banking, which, if used, will allow minimizing cyber-attacks, enhancing and improving a comprehensive information security system in economic and social organizations, increasing the efficiency of the protected information system of Internet banking, choosing an adequate strategy for developing Internet banking.
     Results The Internet banking system model will allow evaluating the system protection level, which is ensured by supporting the decision-making process in a poorly structured domain with heterogeneous characteristics. I propose a set-theoretical model to support decision-making in managing information security of information systems of Internet banking that allows accumulating analytical information on ongoing cybercriminals' threats, providing automated support to the process of making decisions on suppression of cyber-attacks, setting safeguards for confidential information, facilitating the elaboration of control actions. The article describes a semantic general scheme for stealing confidential information from information systems of Internet banking, presents a formalized model of a cybercriminal featuring personal parameters and scenarios for stealing confidential information from information systems of Internet banking. The cybercriminal model relies on common images and prototypes of cybercriminals, which will enable to detect a probable offender in the information system of Internet banking.
     Conclusions and Relevance The proposed solutions will facilitate reinforcing information security of the information system of Internet banking, increasing the effectiveness and quality of managerial decisions on confidential information protection.

Keywords: information security, information system, Internet banking, cybercriminal, decision-making, modeling, attacks, threats

References:

1. Bezmalyi V. Zashchita internet-bankinga [Protection of Internet banking]. Windows IT Pro/RE, 2012, no. 11, pp. 22–25.
2. Bogdanova M.I. O roli sotsial'noi inzhenerii pri atakakh na informatsionnuyu bezopasnost' predpriyatiya [On the role of social engineering in attacks against information security]. V mire nauchnykh otkrytii = In World of Scientific Discoveries, 2010, no. 1-4, pp. 145–150.
3. Bystrova E.N., Saraev A.A. Internet-banking v Rossii: tendentsii i perspektivy razvitiya [Internet Banking in Russia: development trends and prospects]. Novyi universitet. Seriya Ekonomika i pravo = New University. Economics and Law Series, 2013, no. 1, pp. 44–46.
4. Bikmaev Sh.R. Razvitie sistemy internet-bankinga kak neobkhodimoe uslovie modernizatsii ekonomiki Rossii [The development of Internet banking as a necessary condition for modernizing the Russian economy]. Finansovaya analitika: problemy i resheniya = Financial Analytics: Science and Experience, 2013, no. 23, pp. 22–26.
5. Zadorozhnaya I.V. Internet-banking kak osnova strategii modernizatsii bankovskikh uslug [Internet banking as a basis of the strategy for modernizing banking services]. Problemy sovremennoi ekonomiki = Problems of Modern Economics, 2012, no. 7, pp. 208–214.
6. Zakirov M.R. Issledovanie ugroz narusheniya bezopasnosti v sistemakh distantsionnogo bankovskogo obsluzhivaniya [Investigation of security threats in distance banking systems]. Informatsionnoe protivodeistvie ugrozam terrorizma = Information Counteraction to Terrorism Threats, 2014, no. 22, pp. 43–47.
7. Ignatenko Yu.P. Modelirovanie optimal'noi struktury sistemy zashchity informatsii v raspredelennoi korporativnoi informatsionnoi sisteme [Modeling the optimal structure of an information security system in a distributed corporate information system]. Informatsionnye tekhnologii modelirovaniya i upravleniya = Information Technologies of Modeling and Management, 2007, no. 9, pp. 1029–1032.
8. Kertsenbaum K.M. Informatsionnaya bezopasnost', ili prosto o slozhnom [Information security or simple words about complex things]. Pravo i kiberbezopasnost’ = Law and Cyber Security, 2012, no. 1, pp. 30–32.
9. Kosenkov A.N., Chernyi G.A. Obshchaya kharakteristika psikhologii kiberprestupnika [General description of the cybercriminal’s psychology]. Kriminologicheskii zhurnal Baikal'skogo gosudarstvennogo universiteta ekonomiki i prava = Criminology Journal of Baikal National University of Economics and Law, 2012, no. 3, pp. 87–94.
10. Mytenkov S.S. Informatsionnaya bezopasnost' banka [Bank information security]. Natsional'nye interesy: prioritety i bezopasnost' = National Interests: Priorities and Security, 2006, no. 1, pp. 68–75.
11. Makarov V.V., Kolotov Yu.O. Razvitie Internet-kommertsii [E-commerce development]. Ekonomicheskii analiz: teoriya i praktika = Economic Analysis: Theory and Practice, 2009, no. 26, pp. 60–64.
12. Petrovskii V.I., Tumbinskaya M.V., Petrovskii M.V. Optimizatsiya kompleksnoi sistemy zashchity informatsii na predpriyatiyakh razlichnykh form sobstvennosti: monografiya [Optimization of a comprehensive data protection system in entities with different ownership and legal structures: a monograph]. Kazan, Otechestvo Publ., 2014, 636 p.
13. Rudakova O.S., Rodina Yu.V. Analiz ugroz informatsionnoi bezopasnosti kreditnykh organizatsii [An analysis of threats to information security of credit institutions]. Natsional'nye interesy: prioritety i bezopasnost' = National Interests: Priorities and Security, 2009, no. 23, pp. 61–67.
14. Sazonov S.P., Belonozhkina E.A. [Information technologies and Internet banking as a marketing tool to promote banking services in the Russian market]. Teoreticheskie i prikladnye aspekty sovremennoi nauki: materialy IV Mezhdunarodnoi nauchnoi konferetsii: g. Belgorod, 31 okt. 2014 g [Proc. 4th Int. Sci. Conf. “Theoretical and Applied Aspects of Modern Science”, Belgorod, October 31, 2014]. Belgorod, Agentstvo perspektivnykh nauchnykh issledovanii (APNI) Publ., 2014, vol. 2, pp. 178–181.
15. Sirotskii A.A. Sovershenstvovanie metodov obespecheniya bezopasnosti pri avtorizatsii v sistemakh distantsionnogo bankovskogo obsluzhivaniya [Improvement of methods for ensuring log-in security in distance banking services]. Tekhnologii tekhnosfernoi bezopasnosti = Technologies for Technosphere Safety, 2013, no. 6, pp. 14–19.
16. Tedeev A.A. O problemakh i perspektivakh razvitiya elektronnoi bankovskoi deyatel'nosti (internet-bankinga) v Rossii [On issues and prospects of developing e-banking (Internet banking) in Russia]. Finansy i kredit = Finance and Credit, 2010, no. 33, pp. 55–58.
17. Tomilin A.N., Kraineva I.A., Tregubov V.M., Tumbinskaya M.V. Tret'ya mezhdunarodnaya konferentsiya “Istoriya vychislitel'noi tekhniki i ee programmnogo obespecheniya v Rossii i stranakh byvshego SSSR: istoriya i perspektivy” (SoRuCom-2014) [Proc. 3rd Int. Sci. Conf. “History of computer technology and software in Russia and the former Soviet Union: History and Prospects” (SoRuCom-2014)]. Voprosy istorii estestvoznaniya i tekhniki = Questions of History of Science and Technology, 2015, no. 1, pp. 173–180.
18. Tulup'eva T.V., Tulup'ev A.L., Azarov A.A. Psikhologicheskie aspekty otsenki bezopasnosti informatsii v kontekste sotsioinzhenernykh atak [Psychological aspects of evaluating information security in the context of social engineering attacks]. Mediko-biologicheskie i sotsial'no-psikhologicheskie problemy bezopasnosti v chrezvychainykh situatsiyakh = Medical and Biological, Social and Psychological Problems of Safety in Emergency Situations, 2013, no. 1, pp. 77–83.
19. Chernyavskaya E.Yu. [Internet banking and online acquiring: economic aspects of development]. Sovremennye tendentsii v ekonomike i upravlenii: novyi vzglyad: materialy nauchnoi konferentsii: Novosibirsk, 28 iyunya 2013 [Proc. Sci. Conf. “Current Trends in Economics and Management: A Fresh Approach”, Novosibirsk, June 28, 2013]. Novosibirsk, Tsentr razvitiya nauchnogo sotrudnichestva Publ., 2013, vol. 21, pp. 153–157.
20. Chirkov D.K., Sarkisyan A.Zh. Prestupnost' v sfere vysokikh tekhnologii: tendentsii i perspektivy [Crime in high technologies: trends and prospects]. Voprosy bezopasnosti = Issues of Security, 2013, no. 2, pp. 160–181.
21. Tsaregorodtsev A.V. Analiz riskov bezopasnosti dannykh v korporativnykh setyakh kreditno-finansovykh organizatsii na osnove oblachnykh vychislenii [An analysis of data security risks in corporate networks of banking and financial institutions through cloud computing]. Natsional'nye interesy: prioritety i bezopasnost' = National Interests: Priorities and Security, 2013, no. 39, pp. 30–41.
22. Tsaregorodtsev E.I., Smyshlyaeva A.N. Otsenka pokazatelei riskov platezhnykh sistem, postroennykh na tekhnologii internet-bankinga [Assessment of risks associated with payment systems based on the internet banking technology]. Finansy i kredit = Finance and Credit, 2010, no. 1, pp. 19–22.

View all articles of issue

ISSN 2311-875X (Online)
ISSN 2073-2872 (Print)

Journal current issue

Vol. 20, Iss. 4 April 2024

Archive