СИСТЕМА ФИЛЬТРАЦИИ ЛОЖНОПОЛОЖИТЕЛЬНЫХ РЕЗУЛЬТАТОВ OSINT С ИСПОЛЬЗОВАНИЕМ МЕТОДОВ МАШИННОГО ОБУЧЕНИЯ ДЛЯ ОЦЕНКИ ПРИНАДЛЕЖНОСТИ ЦИФРОВЫХ АКТИВОВ КОМПАНИЙ
Abstract
Разведка на основе открытых источников (OSINT) является краеугольным камнем современного аудита информационной безопасности и операций красных команд (red teaming), обеспечивая выявление цифровых активов организации с использованием общедоступных данных. Однако существующие инструменты OSINT часто генерируют избыточное количество ложноположительных результатов при попытке связать IP-адреса и доменные имена с искомыми организациями. В статье предлагается система фильтрации на основе методов машинного обучения, существенно снижающая уровень ложных срабатываний в выборках, полученных с использованием OSINT. Система формирует высокоразмерные векторы признаков на основе данных WHOIS, метаданных DNS, SSL-сертификатов и содержимого веб-страниц. С использованием ансамблевого классификатора на основе градиентного бустинга достигается высокая точность атрибуции при сохранении устойчивости к разнообразным типам инфраструктуры. Эксперимент проведен на более чем 30 000 реальных цифровых объектов, собранных от семи организаций, и показал значительное повышение точности атрибуции, подтверждая практическую применимость предлагаемого подхода для обеспечения информационной безопасности.
References
REFERENECES
1. Pastor-Galindo J., Nespoli P., Gómez Mármol F., Martínez Pérez G. The not yet exploited goldmine of OSINT: opportunities, open challenges and future trends. IEEE Access. 2022. V. 10. P. 10282–10304. DOI: 10.1109/ACCESS.2020.2965257.
2. Evangelista J., Sassi R., Romero M., Napolitano D.M. Systematic literature review to investigate the application of open source intelligence (OSINT) with artificial intelligence. Journal of Applied Security Research. 2020. V. 15, N 1. P. 1–23. DOI: 10.1080/19361610.2020.1761737.
3. Sasaki T., Yoshioka K., Matsumoto T. Who are you? OSINT-based profiling of infrastructure honeypot visitors. Proc. of the 2023 Int. Symposium on Digital Forensics and Security (ISDFS). 2023. P. 1–6. DOI: 10.1109/ISDFS58141. 2023.10131856.
4. Hwang Y.-W., Lee I.-Y., Kim H., Lee H., Kim D. Current status and security trend of OSINT. Wireless Communications and Mobile Computing. 2022. Article ID 1290129. 14 p. DOI: 10.1155/2022/1290129.
5. Best C. OSINT, the Internet and Privacy. European Intelligence and Security Informatics Conference. 2012. P. 4. DOI: 10.1109/EISIC.2012.71.
6. Lee S., Shon T. Open source intelligence-based cyber threat inspection framework for critical infrastructures. Future Technologies Conference (FTC). 2016. P. 1030–1033. DOI: 10.1109/FTC.2016.7821730.
7. Jain M., Jain G., Vasavada J., Patel P., Ojha V. Information security and auditing for distributed network. European Intelligence and Security Informatics Conference. 2012. P. 364–367. DOI: 10.1109/MSNA.2012.6324595.
8. 8. Bryushinin A.O., Dushkin A.V. and Melshiyan M.A. Automation of the Information Collection Process by Osint Methods for Penetration Testing During Information Security Audit. 2022 Conference of Russian Young Researchers in Electrical and Electronic Engineering (ElConRus), Saint Petersburg, Russian Federation. 2022. P. 242-246. DOI: 10.1109/ElConRus54750.2022.9755812.
9. Astrakhantsev R., Chuhno A., Dmukh A. [et al.]. Differences with high probability and impossible differentials for the KB-256 cipher. Journal of Computer Virology and Hacking Techniques. 2024. V. 20, N 3. P. 525-531. DOI 10.1007/s11416-024-00532-2. EDN IQFPUV.
10. Samsonova A.I., Suvorov I.A., Astrakhancev R.G. Intelligent system for analyzing user activity in secure operating environments. Ivecofin. 2025. N 1(63). P. 79-85. DOI 10.6060/ivecofin.2025631.715. EDN ZCDOVL.
11. Astrakhantseva I.A., Astrakhantsev R.G., Usoltsev S.D. [et al.]. K-means analysis of spectral properties of BODIPY dye during compression on air - water interface: construction of dataset for effective clustering. Liquid Crystals and their Application. 2024. V. 24, N 2. P. 43-53. DOI 10.18083/ LCAppl .2024. 2.43. EDN CXAIQV.
12. Astrakhantseva I.A., Gorev S.V., Astrakhantsev R.G. Fractal analysis in assessing the efficiency and reliability of complex technical systems. Modern high technology. Regional application. 2023. N 4(76). P. 60-68. DOI 10.6060/snt. 2023 7604. 0008. EDN NBDYHR.
13. Zimnurov M.F., Astrakhantseva I.A. Methodology for creating multi-linked data structures using LLM in working projects. Modern high technology. Regional application. 2025. N 1(81). P. 76-83. DOI 10.6060/snt.20258101.0009. EDN STBGGB.
14. Bobkov S.P., Astrakhantseva I.A., Gushchin A.A. Bobkova E.S., Astrakhantsev R.G., Shutov D.A. Using a discrete probabilistic approach for modeling flow tubular reactors. ChemChemTech [Izv. Vyssh. Uchebn. Zaved. Khim. Khim. Tekhnol.]. 2025. V. 68. N 2. P. 96-101. DOI 10.6060/ivkkt.20256802.7109. EDN OWCXJD.
15. Bobkov S.P., Astrakhancev R.G., Samarskiy A.A., Pavlova E.A. Simulation model of substance movement in a technological apparatus. Ivecofin. 2024. N 2(60). P. 32-40. DOI 10.6060/ivecofin.2024602.681. EDN QOQPLV.
16. Telegin F.Y., Karpova V.S., Makshanova A.O. [et al.]. Solvatochromic Sensitivity of BODIPY Probes: A New Tool for Selecting Fluorophores and Polarity Mapping. International Journal of Molecular Sciences. 2023. V. 24, N 2. P. 1217. DOI 10.3390/ijms24021217. EDN ZDSWJC.
17. Astrakhantseva I.A., Kotenev T.E., Gorev S.V. Integration of linear regression and random forest methods into intelligent control support systems for cryogenic transport systems. Ivecofin. 2024. N 3(61). P. 81-90. DOI 10.6060/ivecofin.2024613.692.
1. Pastor-Galindo J., Nespoli P., Gómez Mármol F., Martínez Pérez G. The not yet exploited goldmine of OSINT: opportunities, open challenges and future trends. IEEE Access. 2022. V. 10. P. 10282–10304. DOI: 10.1109/ACCESS.2020.2965257.
2. Evangelista J., Sassi R., Romero M., Napolitano D.M. Systematic literature review to investigate the application of open source intelligence (OSINT) with artificial intelligence. Journal of Applied Security Research. 2020. V. 15, N 1. P. 1–23. DOI: 10.1080/19361610.2020.1761737.
3. Sasaki T., Yoshioka K., Matsumoto T. Who are you? OSINT-based profiling of infrastructure honeypot visitors. Proc. of the 2023 Int. Symposium on Digital Forensics and Security (ISDFS). 2023. P. 1–6. DOI: 10.1109/ISDFS58141. 2023.10131856.
4. Hwang Y.-W., Lee I.-Y., Kim H., Lee H., Kim D. Current status and security trend of OSINT. Wireless Communications and Mobile Computing. 2022. Article ID 1290129. 14 p. DOI: 10.1155/2022/1290129.
5. Best C. OSINT, the Internet and Privacy. European Intelligence and Security Informatics Conference. 2012. P. 4. DOI: 10.1109/EISIC.2012.71.
6. Lee S., Shon T. Open source intelligence-based cyber threat inspection framework for critical infrastructures. Future Technologies Conference (FTC). 2016. P. 1030–1033. DOI: 10.1109/FTC.2016.7821730.
7. Jain M., Jain G., Vasavada J., Patel P., Ojha V. Information security and auditing for distributed network. European Intelligence and Security Informatics Conference. 2012. P. 364–367. DOI: 10.1109/MSNA.2012.6324595.
8. 8. Bryushinin A.O., Dushkin A.V. and Melshiyan M.A. Automation of the Information Collection Process by Osint Methods for Penetration Testing During Information Security Audit. 2022 Conference of Russian Young Researchers in Electrical and Electronic Engineering (ElConRus), Saint Petersburg, Russian Federation. 2022. P. 242-246. DOI: 10.1109/ElConRus54750.2022.9755812.
9. Astrakhantsev R., Chuhno A., Dmukh A. [et al.]. Differences with high probability and impossible differentials for the KB-256 cipher. Journal of Computer Virology and Hacking Techniques. 2024. V. 20, N 3. P. 525-531. DOI 10.1007/s11416-024-00532-2. EDN IQFPUV.
10. Samsonova A.I., Suvorov I.A., Astrakhancev R.G. Intelligent system for analyzing user activity in secure operating environments. Ivecofin. 2025. N 1(63). P. 79-85. DOI 10.6060/ivecofin.2025631.715. EDN ZCDOVL.
11. Astrakhantseva I.A., Astrakhantsev R.G., Usoltsev S.D. [et al.]. K-means analysis of spectral properties of BODIPY dye during compression on air - water interface: construction of dataset for effective clustering. Liquid Crystals and their Application. 2024. V. 24, N 2. P. 43-53. DOI 10.18083/ LCAppl .2024. 2.43. EDN CXAIQV.
12. Astrakhantseva I.A., Gorev S.V., Astrakhantsev R.G. Fractal analysis in assessing the efficiency and reliability of complex technical systems. Modern high technology. Regional application. 2023. N 4(76). P. 60-68. DOI 10.6060/snt. 2023 7604. 0008. EDN NBDYHR.
13. Zimnurov M.F., Astrakhantseva I.A. Methodology for creating multi-linked data structures using LLM in working projects. Modern high technology. Regional application. 2025. N 1(81). P. 76-83. DOI 10.6060/snt.20258101.0009. EDN STBGGB.
14. Bobkov S.P., Astrakhantseva I.A., Gushchin A.A. Bobkova E.S., Astrakhantsev R.G., Shutov D.A. Using a discrete probabilistic approach for modeling flow tubular reactors. ChemChemTech [Izv. Vyssh. Uchebn. Zaved. Khim. Khim. Tekhnol.]. 2025. V. 68. N 2. P. 96-101. DOI 10.6060/ivkkt.20256802.7109. EDN OWCXJD.
15. Bobkov S.P., Astrakhancev R.G., Samarskiy A.A., Pavlova E.A. Simulation model of substance movement in a technological apparatus. Ivecofin. 2024. N 2(60). P. 32-40. DOI 10.6060/ivecofin.2024602.681. EDN QOQPLV.
16. Telegin F.Y., Karpova V.S., Makshanova A.O. [et al.]. Solvatochromic Sensitivity of BODIPY Probes: A New Tool for Selecting Fluorophores and Polarity Mapping. International Journal of Molecular Sciences. 2023. V. 24, N 2. P. 1217. DOI 10.3390/ijms24021217. EDN ZDSWJC.
17. Astrakhantseva I.A., Kotenev T.E., Gorev S.V. Integration of linear regression and random forest methods into intelligent control support systems for cryogenic transport systems. Ivecofin. 2024. N 3(61). P. 81-90. DOI 10.6060/ivecofin.2024613.692.
Published
2025-10-02
How to Cite
Астраханцева, И., Брюшинин, А., Астраханцев, Р., & Котинев, Т. (2025). СИСТЕМА ФИЛЬТРАЦИИ ЛОЖНОПОЛОЖИТЕЛЬНЫХ РЕЗУЛЬТАТОВ OSINT С ИСПОЛЬЗОВАНИЕМ МЕТОДОВ МАШИННОГО ОБУЧЕНИЯ ДЛЯ ОЦЕНКИ ПРИНАДЛЕЖНОСТИ ЦИФРОВЫХ АКТИВОВ КОМПАНИЙ. Modern High Technologies. Regional Application, 83(3), 57-67. Retrieved from https://snt-isuct.ru/article/view/6753
Section
Инженерно-технически науки, машиностроение и технологии
