CASPIAN JOURNAL

MANAGEMENT AND HIGH TECHNOLOGIES

CLASSIFICATION OF MESSENGERS BASED ON ANALYSIS OF THE SECURITY LEVEL OF STORED DATA

Read Putyato Michael M., Makaryan Alexander S. CLASSIFICATION OF MESSENGERS BASED ON ANALYSIS OF THE SECURITY LEVEL OF STORED DATA // Caspian journal : management and high technologies. — 2019. — №4. — pp. 135-143.

Putyato Michael M. - Cand. Sci (Engineering), Associate Professor, Kuban State Technological University, 2 Moskovskaya St., Krasnodar, 350072, Russian Federation, putyato.m@gmail.com

Makaryan Alexander S. - Cand. Sci (Engineering), Associate Professor, Kuban State Technological University, 2 Moskovskaya St., Krasnodar, 350072, Russian Federation, msanya@yandex.ru

The article presents the analysis and classification of instant messengers based on the analysis of the level of security of stored data. A review of the current state of the market for mobile applications of the IM class is carried out and criteria for assessing the security of instant messaging systems based on the actual implementation of the claimed encryption algorithms and methods are introduced. Aspects in the field of security, protection and storage of messenger data are considered: user data on the device, event logs, encryption keys, critical information in the databases, the security of instant messengers from attacks with physical access to the device. The Signal messenger mechanism is being studied: organizing data storage and implementing security principles for stored data. On his example, schemes for the implementation and use of databases of a mobile device are considered. Disadvantages of using the encryption subsystems and organizing databases of telephone numbers, user registration marks, text messages and media files have been identified. In this connection, it becomes possible to automatically extract critical information. As a result, recommendations for securing messengers for developers and users were formulated: encrypt messenger attachments, move all data from the user’s available memory space to the application’s private storage, use confusing file names, encrypt critical data in databases (messages, attachment path, information about contacts, etc.), use an additional layer of encryption critical for data, provided that an add-in is provided that makes it mandatory enter a passphrase to open the application on your smartphone, directly encrypt the databases themselves.

Key words: анализ, кибербезопасность, форензика, мессенджер, протокол шифрования, защита информации, база данных, analysis, cybersecurity, forensics, messenger, encryption protocol, information security, database