ally technical decision, became a global phenomenon many spheres of activity. Nowadays it is difficult to imagine any IT project that does not provide informatization safety in all functional levels. With the steady increase of volumes of information that is processed and by the increase of her value, as to the commodity so, the first place sets the questions of reliable and safe work of the informative systems.detection of computer attacks is one of the major elements of networks systems informatization security of any modern enterprise, including, a great number of problems that are related with computer security. It happened historically, that all the systems attacks detection can be divided into two categories: anomaly detection and misuse detection [2] .most modern commercial systems (Cisco IPS, ISS RealSecure, NFR) are based on the first type of methods - they use the signature expert methods of detections.methods of A-one are based on the presence of the prepared description of normal behavior of objects of the distributed informative systems (DIS), and any deviation from normal behavior is considered anomalous violation. The methods of abuses detection are based on description of well-known violations or attacks: if there is behavior of some object DIS coincides with description of well-known attack, behavior of object is considered as an attack.approach that will be used in the basis of the developed system with make cardinal changes. The centralization, hard management and global optimization, will concede a place to decentralization. The expected result is high efficiency, flexibility and reliability of the systems of production and distribution [1] .one of the tasks, is to work out the hybrid method of attacks, detection that will unite a signature method and method of system analysis of transitions for the exposure of deviations from normal behavior. The association of these methods will help to save verification, firmness and low calculable complication during abuses exposure and complement their property of adaptation to the unknown attacks. The presence of these properties will allow to use a method in the system of exposure of attacks of general-purpose, and also in the off-line systems for that all are listed above to property is critical.analysis of existent literary sources, showed that none of the systems can covere all types of attacks. The enormous amount of accessible realization of СВА is presented, mainly by the commercial systems, that are lack of information about programmatic architecture and usage of formal methods of attacks detection exposure.is suggested to develop the method of attacks detection on the distributed informative systems ( DIS). The creation of computer attack s model and it s method of automatic exposure, will allows to find out computer attacks during behavior, watching of DIS objects .:
. Amoroso, Edward, G., Intrusion Detection//1st ed., Intrusion.Net Books, Sparta, New Jersey, USA, 1999.
. Denault M., Gritzalis D., Karagiannis D., and Spirakis P. (1994). Intrusion Detection: Approach and Performance Issues of the SECURENET System.// Computers and Security Vol. 13, No. 6, pp. 495-507.
ДОДАТОК Б
/* ======================================== ===== */
/* DBMS name: MySQL 5.0 */
/* Created on: 06.07.2014 8:46:17 */
/* ======================================== ===== */table if exists Prewikka_Filter; table if exists Prewikka_Filter_Criterion; table if exists Prewikka_Permission; table if exists Prewikka_Session; table if exists Prewikka_User; table if exists Prewikka_Version;
/* ======================================== === */
/* Table: Prewikka_Filter */
/* ======================================== ===== */table Prewikka_Filter
(_ f bigint not null, varchar (32) not null, varchar (255) not null, varchar (255) not null, key (id_f)
);
/* ======================================== ===== */
/* Table: Prewikka_Filter_Criterion */
/* ======================================== ===== */table Prewikka_Filter_Criterion
(_ f_c bigint not null, _f varchar (32) not null, _f bigint not null, varchar (255) not null, varchar (8) not null, _f varchar (255) not null, key (id_f_c, name_f)
);
/* ======================================== ===== */
/* Table: Prewikka_Permission */
/* ======================================== ===== */table Prewikka_Permission
(_ p bigint not null, varchar (32) not null, varchar (32) not null, ke...
