Annotation:
The purpose of the study is to formally formulate the problem of artificial immunization of complex technical systems to ensure their security against cyber threats. The work draws an analogy between human immunity and the security functions of modern technical systems. A mathematical model of a technical system that describes how the system's immunity counteracts various cyberattacks was developed. The immunization problem is formulated to minimize the number of infected objects in the system and maximize the number of cured objects among the infected ones.Keywords:
immunization, innate immunity, adaptive immunity, cyber-attack.Annotation:
Currently, social information services (SIS) have become one of the important sources of information and allow any user to distribute information without restrictions, which makes it difficult to determine the degree of reliability of information. Revealing unreliable facts from the news using artificial intelligence methods is a difficult problem. To solve this problem, it is necessary to apply several existing models with the calculation of the reality parameter and recognition accuracy, as well as to develop a new algorithm for detecting fake news. The use of effective tools for identifying false information in the SIS and the corresponding algorithm is considered in support and decision-making systems, when determining the degree of information reliability.Keywords:
open sources of information, social information services, false information, reality parameter.Annotation:
This paper presents a new approach for protecting user data of mobile phones. It combines multi-factor authentication, secret sharing, visual cryptography, steganography and uses built-in secure modules of the Android operating system. The proposed protocol ensures privacy of user data even if the mobile phone and its associated storage server are compromised.Keywords:
authentication and key establishment protocol, wireless sensor network, key pre-distribution.Annotation:
This article discusses the security of recommendation systems with collaborative filtering from manipulation attacks. The most common types of attacks are analyzed and identified. A modified method for detecting manipulation attacks on recommendation systems with collaborative filtering is proposed. Experimental testing and comparison of the effectiveness of the modified method with other relevant methods were carried out.Keywords:
recommendation systems, collaborative filtering, shilling attack detection.Annotation:
Any organization, processing personal data of citizens of the European Union is obliged to comply with the requirements of GDPR (General Data Protection Regulation). However, the regulations do not contain information about how to comply with these requirements in practice. The international standard ISO 27701 solves this problem because it contains specific controls to fulfill requirements specified above. In the course of the research, the standard was analyzed and there were made up recommendations that can be applied to all types and sizes of organizations, including public and private companies, government entities and non-profit organizations that process personal data of citizens of the European Union.Keywords:
personal data, controls, requirements, GDPR.Annotation:
The article is devoted to finding rational ways to improve the culture of digital security among future shipbuilders. An objective methodology for the formation of educational content based on the achievements of the theory of multi-parameter choice and the construction of a tuple of preferences when making complex cybernetic decisions is considered. An example of the choice of digital security training technology for students of shipbuilding profile (Saint Petersburg State Maritime Technical University) was considered.Keywords:
digital security, distance learning, safety culture.Annotation:
The paper proposes a method for detecting source code fragments similarity using attribute abstract syntax trees and machine learning algorithms. The advantages of the method are determined based on a comparative analysis of existing approaches of detecting code clones. For approaches, which use AST, it is possible to increase the efficiency of detecting similar source code fragments by detecting semantic clones with usage of method proposed.Keywords:
code clones, syntactic similarity, semantic similarity, open-source software.Annotation:
One of the approaches to form a cryptographically secure encryption range is the use of linear recurrent feedback registers based on primitive polynomials. The operational possibility of choosing the appropriate polynomial can provide the required degree of stability of the algorithm used. At present, primitive polynomials are known for sufficiently large powers, but usually these are the so-called sparse polynomials. To improve cryptographic strength, it is necessary to be able to quickly form new primitive polynomials of given degrees, which is the subject of this study.Keywords:
primitive polynomials, m-sequence, decimation, primitive root.Annotation:
The problem of automating the determination of daily water consumption by continuously measured levels and discrete measurements of water flow using flow curves, which are the simplest characteristic of the capacity of the riverbed (and floodplain) and are widely used in river flow accounting and hydraulic calculations, is considered. Conclusions are made about the optimal analytical representation of the flow curve and the possibilities of constructing a universal model of hydrometric flow accounting.Keywords:
water flow, measured levels, flow curves, profiles, interpolation, approximation, model.Annotation:
The problems of hydrological support of water transport in the territories of Siberia and the Far East of the Russian Federation are considered. The requirements for operational information on the levels of water bodies, on a sharp change in water content, on channel deformations, on the ice situation and forecasts of these phenomena are analyzed. Attention is drawn to the need to use new modern information technologies.Keywords:
water transport, hydrological support, riverbed processes, hydrological regime, information technologies.Annotation:
The article is devoted to a method for evaluating the effectiveness of the use of a group of unmanned aerial vehicles when they perform aerial photography tasks. The approach is based on the principles of a «virtual squad» and assumes decentralized management and adaptive redistribution of roles in unpredictable situations.Keywords:
group of unmanned aerial vehicles, virtual squad, unified flight task.Annotation:
An analysis of existing methods that provide the detection of evasion attacks in the machine learning systems is presented. An experimental comparison of these methods has been performed. The Uncertainty method is the most universal one, but its accuracy in detecting SGM, MS, BA evasion attacks is lower than that of other methods, and it is difficult to determine such values of the uncertainty boundary for adversarial samples that would allow more accurate detection of evasions. A new hybrid method has been proposed and discussed, which is a two-stage verification of input data, supplemented by input data pre-processing. In the proposed method, the threshold of uncertainty for adversarial samples has become distinct and quickly computable. The hybrid method allows detecting OOD attacks with 80% accuracy, and SGM, MS, BA attacks with 93% accuracy.Keywords:
evasion attacks, evasion attack detection, hybrid method, machine learning, adversarial samples, ODIN, Uncertainty.Annotation:
The paper proposes an approach to detection of Distributed Denial of Service (DDoS) attacks using a modular neural network, which is a series of connected neural networks that solve the problem step by step. The task of DDoS attack detection is decomposed into three interrelated subtasks: detection of anomalous network traffic, detection of DDoS attack traffic and identification of the type of realized DDoS attack, which is especially important due to the tendency of implementing multi-vector DDoS attacks. The results of experimental studies on the quality of performance of the constructed modular neural network confirmed the effectiveness of the proposed approach.Keywords:
DDoS attacks, modular neural network, decomposition, machine learning.Annotation:
Considered adversarial attacks on systems of artificial neural networks for image recognition. To increase the security of image recognition systems from adversarial attacks (avoidance attacks), the use of auto-encoders is proposed. Various attacks are considered and software prototypes of autoencoders of fully connected and convolutional architectures are developed as a means of protection against evasion attacks. The possibility of using the developed prototypes as a basis for designing autoencoders for more complex architectures is substantiated.Keywords:
image recognition system, adversarial attack, evasion attack, autoencoder.Annotation:
The article deals with the problem of finding a region of interest for biometric identification based on the pattern of palm veins. An image segmentation method based on the use of convolutional neural networks to search for an area of interest is proposed. The work of this method is compared with methods that use the features of a binarized image, in particular, with the method of searching for local minimums and searching for the minimum threshold value.Keywords:
biometrics, vein pattern, area of interest, segmentation, neural network.Annotation:
The criteria related to the construction of mathematical models of quality indicators for further investigation of the effectiveness of the functioning of information security systems, taking into account destructive influences, are considered. Geometric interpretations of the criteria of three classes are presented. The distinctive features of the concepts «quality indicator» and «quality assessment criterion» are revealed. A mathematical description of each of the criteria under consideration is given.Keywords:
quality assessment criterion, quality indicator, efficiency, information security system.