Quarterly journal published in SPbPU
and edited by prof. Peter Zegzhda
Peter the Great St. Petersburg Polytechnic University
Institute of computer sciences and technologies
information security of computer systems
Information Security Problems. Computer Systems
Published since 1999.
ISSN 2071-8217
  • 2018 year
    • №1 2018
      • INFORMATION SECURITY ASPECTS

        Zegzhda P.D., Ivanov D.V., Moskvin D.A., Ivanov A.A.

        APPLIANCE OF CONTIGUITY SEQUENCES FOR RECOGNITION OF SELF-SIMILAR GRAPHS FOR ASSESSING VANET NETWORKS CYBERSECURITY

        Annotation:

        In the paper, the possibility of applying the theory of self-similar graphs for ensuring Vehicular Ad-hoc Networks (VANET) cybersecurity is considered. Developed for this purpose algorithms for self-similar graphs recognition are mentioned.

        Keywords:

        Wireless self-organised networks; Vehicular ad hoc networks, VANET, self-similar graph; self-similarity.
        Pages 10-26

        Zegzhda P.D., Poltavtseva M.A., Pechenkin A.I., Lavrova D.S., Zaitseva E.A.

        HETEROGENEOUS SEMI-STRUCTURED OBJECTS CASE-BASED REASONING IN INFORMATION SECURITY

        Annotation:

        The article is concerned with the development of decision support systems based on the case-based reasoning (CBR) for the problems of information security. Source data can be described as heterogeneous semi-structured objects and formalized as property vectors. The approach to the CBR database building includes a two-level representation: the level of objects-cases and the level of structure cases. The authors consider a method of cases modeling for preparing a basic data set. Methods of heterogeneous semi-structured objects and second level cases similarity evaluation are offered. The authors present the described methods experimental testing and the architecture of the relevant decision support system.

        Keywords:

        smart security, case-based reasoning, heterogeneous semi-structured objects analysis, case modeling, decision support systems, penetration testing
        Pages 17-31

        Kamennay E.V., Putilova S.E., Shcherbinina I.A.

        OVERVIEW OF METHOD TO SECURING THE CLIENT PART OF WEB APPLICATIONS

        Annotation:

        The client part of modern web applications is constantly becoming more difficult. At the same time, information mechanisms of protection in the client part have to be developed with considering to modern and out-of-date technologies, because it requires compatibility. The article considers modern approaches of protecting the client part of web applications and presents typical techniques for circumventing the limitations of this approach.

        Keywords:

        Web application security, http connection, security policies
        Pages 32-42
      • INFORMATION SECURITY APPLICATION

        Kamennay E.V., Putilova S.E., Shcherbinina I.A.

        OVERVIEW OF METHOD TO SECURING THE CLIENT PART OF WEB APPLICATIONS

        Annotation:

        The client part of modern web applications is constantly becoming more difficult. At the same time, information mechanisms of protection in the client part have to be developed with considering to modern and out-of-date technologies, because it requires compatibility. The article considers modern approaches of protecting the client part of web applications and presents typical techniques for circumventing the limitations of this approach.

        Keywords:

        Web application security, http connection, security policies
        Pages 32-42

        Zegzhda P. D., Anisimov V. G., Anisimov E. G., Saurenko T.N. Suprun A. F.

        MODELS AND METHOD OF SUPPORTING DECISION-MAKING TO ENSURE INFORMATION SECURITY OF INFORMATION-CONTROL SYSTEMS

        Annotation:

        Models and a method of support of decision-making on maintenance of information safety are developed. Modeling is based on the representation of the procedure for forming a solution in the form of a discrete optimization problem. The proposed models and methods are the basis for the creation of specific methodologies for the justification of management decisions on the organization of information protection in information-control systems.

        Keywords:

        information-control system, information protection, decision support, model, optimization
        Pages 43-47

        Belim S.V., Belim S.Yu.

        MANDATORY ACCESS CONTROL IMPLEMENTATION IN THE DISTRIBUTED SYSTEMS

        Annotation:

        In the article mandatory access control implementation in the distributed systems taking into account users hierarchy is considered. Access control is based on the keys preliminary distribution scheme, the similar KDP-scheme. The algorithm of subsets family creation considering users hierarchy is developed.

        Keywords:

        (Russian) мандатное разграничение доступа, предварительное распределение ключей, KDP-схема, иерархия пользователей
        Pages mandatory access control, key predistribution, KDP-scheme, users hierarchy

        V.P. Los, G.V. Ross, E.D. Tyshuk

        ABOUT THE USE OF STATISTICAL PROCESSING OF REFERENCE IMAGES IN BIOMETRIC AUTHENTICATION SYSTEMS

        Annotation:

        The article gives an overview of the methods of using statistical methods for processing reference images in the formation of authentication when using a handwritten signature.

        Keywords:

        authentication, handwritten signature, statistical methods.
        Pages 51-56
      • NETWORK AND TELECOMMUNICATION SECURITY

        Markin D. O.

        LOCATION-BASED MOBILE DEVICE SECURITY MODEL IN COMPUTER NETWORKS WITH DIFFERENT SECRECY

        Annotation:

        The article contains the description of Location-based Mobile Device Security Model In Computer Networks With Different Secrecy. The Model is based on classic Bell-LaPadula model, mandatory and role-based access control models. It’s offered to introduce new secure properties and definitions allowed to account objectively significant access conditions to secure services to provide information security. Proof of theorem is provided and based on new secure properties and definitions. Justification of model correctness is presented. The author describes also justification of the fact of the inability to make denied information flows from high level security object to lower security one.

        Keywords:

        mobile device, security model, computer network, networks with different security levels.
        Pages 57-67

        Ovasapyan T.D., Moskvin D.A., Kalinin M.O.

        St. Petersburg, Peter the Great St.Petersburg Polytechnic University

        THE APPLICATION OF NEURAL NETWORKS TO DETECT INTERNAL VIOLATORS IN VANET

        Annotation:

        The article considers the security of Vehicular ad hoc networks (VANET) against malicious nodes. The authors of the article analyzed the features of VANETs. They also analyzed threats and identified actual cyber-attacks. The proposed approach aimed at providing protection using radial-basis neural networks that allows detecting malicious nodes on the basis of behavioral indicators.

        Keywords:

        Vehicular ad hoc networks, VANET, Radial Basis Function Neural Network, RBFN, Ad hoc
        Pages 68-73

        V.V. Platonov, P.O. Semenov

        ANOMALY TRAFFIC DETECTION IN DYNAMIC COMPUTER NETWORKS OF MOBILE CONSUMER DEVISES

        Annotation:

        Proposed the adaptive model of intrusion detection system for distributed compute network. The intrusion detection system is based on different data mining methods that allow analyzing a set of network traffic attributes and determining whether network interaction is normal or anomalous. The proposed model of an intrusion detection system makes it possible to protect a range of Internet of things devices.

        Keywords:

        intrusion detection system, distributed computer network, data mining methods, Internet of things.
        Pages 74-81

        M. Kalinin, V. Krundyshev, E. Rezedinova, D. Reshetov

        THE HIERARCHIC SOFTWARE-DEFINED SECURITY CONTROL FOR LARGE SCALE DYNAMIC NETWORKS

        Annotation:

        The paper suggests an approach to building the hierarchical security control system for large scale dynamic communication networks (MANET, VANET, FANET, WSN, etc) using technologies of software-defined networks (SDN) and elastic supercomputing. The experimental results of efficiency evaluation obtained for the proposed approach are presented.

        Keywords:

        security control, dynamic networks, hierarchic architecture, software-defined network, supercomputer, elastic computing, adhoc, SDN, VANET.
        Pages 82-88

        M. O. Kalinin, E. A. Zubkov

        Peter the Great St.Petersburg Polytechnic University

        PROTECTION AGAINST ATTACKS ON DYNAMIC ROUTING IN SELF-ORGANIZING AD-HOC NETWORKS USING SWARM INTELLIGENCE

        Annotation:

        The paper reviews a new technology for detecting the full range of attacks on dynamic routing in self-organizing adhoc networks (MANET, VANET/FANET/MARINET, IoT/IIoT, WSN, mesh networks, M2M networks, etc.). This technology develops the Watchdog method and the P-Secure method by implementing an ant swarm algorithm for building a safe route at the network in which all hosts act as swarm agents for analyzing security of neighboring hosts. An example is given of constructing a safe route in VANET using the proposed ant algorithm.

        Keywords:

        VANET, MANET, black hole attack, grey hole attack, worm hole attack, DoS attack, swarm intelligence, swarm algorithms, Watchdog, P-Secure, routing.
        Pages 89-98
      • APPLIED CRYPTOGRAPHY

        E.B. Aleksandrova, E.N. Shkorkina

        ELLIPTIC CURVE UNDENIABLE SIGNATURE FOR SERVER VERIFICATION IN OUTSOURCE COMPUTATIONS

        Annotation:

        When executing cryptographic outsource computations, not only errors in server calculations are possible, but interaction with malicious computing server may also occur. The undeniable signature protocol adapted for elliptic curve points group is offered. The outsource algorithm of elliptic curve point multiplication is given.

        Keywords:

        lightweight cryptography, FANET, undeniable signature, outsourcing algorithm.
        Pages 97-101

        Il’chenko L.M., Zajcev S.I., Bragina E.K., Egorov I. EH.

        DEVELOPMENT OF THE INFORMATION CUSTOMER CENTER PROTECTION SYSTEM IN THE EXECUTIVE AUTHORITY BODY

        Annotation:

        In the article features of creation of system of protection of the certifying center in the executive authority are considered. The main stages of the establishment of the certifying center are given, with an emphasis on the expected duration of each of the necessary activities. It also compares the information protection certified by the FSTEC of Russia and special cryptographic, on the basis of which an accredited certification center can operate.

        Keywords:

        Certification authority, electronic document management, information security, information security means, cryptographic means of information protection, state information system, information system processing personal data.
        Pages 102-112

        Dali F.A., Mironkin V.O.

        ON THE TREE MODES OF HASH FUNCTIONS

        Annotation:

        Two models of the tree modes of hash functions are introduced. For each model algorithms of computing of the hash code are formulated and their numerical characteristics are obtained. In terms of the constructed models we classify some existing algorithms for parallel hashing and identify some weaknesses of corresponding primitives.

        Keywords:

        hash function, mode, tree, hashing, algorithm, complexity, absorbing phase, squeezing phase, collision, the second preimage
        Pages 113-121

        V. S. Gorbatov, I. Y. Zhukov, O. N. Murashov

        THE SECURITY OF THE KEY SYSTEM OF THE FISCAL INDICATION

        Annotation:

        The paper describes a master-key generation protocol for fiscal signs exchange system. The key is used for generation of a fiscal sign key with authentication of fiscal creation and verification tools installed on a fiscal storage system in a cash register or on-line cash register and fiscal data operator or authorized authority. The protocol was developed in accordance with the Rosstandart recommendations and complies with the development and modernization principles for data protection encryption (cryptographic) means. The protocol was suggested as a national standard draft and is open for public discussion in accordance to the established procedure. The study is based on formulating certain security tasks identical to those used by potential intruders to compromise the protocol. This allows to account for structural features that will ensure further protocol compliance to the target security characteristics. It also guarantees subsequent justification of feature set sufficiency.

        Keywords:

        Fiscal sign, cash register, cryptographic protocol, evaluation of cryptographic properties, security properties
        Pages 122-128
      • TECHNICAL SOLUTION

        A.A.Sikarev, I.A. Sikarev, A.V.Garanin

        INTERFERENCE MARGIN OF INCOHERENT RECEPTION UNDER THE COMPLEX NOISES INFLUENCE TO MONITORING AND COMMUNICATION CHANNELS OF AUTOMATED INFORMATION SYSTEMS ON THE INLAND WATERWAYS OF THE RUSSIAN FEDERATION

        Annotation:

        Interference margin of single incoherent reception algorithms optimal in monitoring and communication channels of automated information systems (AIS) with noises, concentrated interferences under the influence of fluctuation noise, concentrated interference and impulsive interferences is investigated. Expressions for error probabilities are obtained, examples of calculation are given.

        Keywords:

        Interference margin, inland waterways, AIS, fluctuation noise, concentrated interferences, impulsive interferences.
        Pages 129-135
      • SOFTWARE SECURITY

        K.I. Salakhutdinova, I.S. Lebedev, I.E. Krivtsova, Sukhoparov M.E.

        STUDY OF THE EFFECT OF SELECTION FEATURE AND COEFFICIENT (RATIO) IN THE SIGNATURE FORMATION IN THE TASK OF PROGRAM IDENTIFICATION

        Annotation:

        Peculiarities of using different assembler commands are discovered, their collective application to create the final grade of belonging to a certain program. Conclusions for the impact of coefficient (ratio) used in the formation of the unified signature on the identification results are presented.

        Keywords:

        information security, program identification, elf-files, assembler commands
        Pages 136-141

        Demidov R.A, PechenkinA.I., Zegzhda P.D., Kalinin M.O.

        APPLICATION MODEL OF MODERN ARTIFICIAL NEURAL NETWORKS FOR THE SECURITY ANALYSIS OF INFORMATION SYSTEMS

        Annotation:

        The paper deals with the problem of security analysis for software control mechanisms of the modern cyber-physical and industrial information systems, of distributed cyberspaces of VANET, FANET, MARINET, IIoT and WSN. There is proposed a representation of the security threat as the system’s property described by the complex function. As a part of this representation, security analysis method is described in the form of approximation of this function and calculation of its values for specific conditions. The paper considers different approaches to interpolation of this function, and it shows that the most promising option is the use of modern artificial neural networks, especially deep neural network.

        Keywords:

        security analysis, deep learning, distributed representations, artificial neural network, security threat, security
        Pages 142-148
      • INFORMATION SECURITY CYBER-PHYSIC SYSTEMS

        Pavlenko E.Y., Lemets A.A.

        OBTAINING INFORMATION ABOUT USERS OF SOCIAL NETWORKS BASED ON PUBLICLY AVAILABLE INFORMATION WITH DATA MINING TECHNIQUES

        Annotation:

        This article describes the developed approach for obtaining information about social networks’ users based on methods of data mining. The hierarchical model for classification of the received data is represented here. This model describes the information extracted from social networks and allows choosing which algorithms should be used for a particular class of information. It is proposed an iterative deep searching method, intellectual analysis and revealing information about account owner identity using the developed algorithms for social graph analysis. The feature of the algorithm is to cluster and further analyze user communities within social graph, identify users on different social networks, analyze text information. The results of testing the proposed method show high accuracy in determining information about owners of social network accounts.

        Keywords:

        data mining; social networks; social graph; social mining; information security; social networks security
        Pages 149-159

        Zegzhda D.P., Pavlenko E.Y.

        Peter the Great St. Petersburg Polytechnic University

        SITUATIONAL MANAGEMENT FOR CYBER-SUSTAINABILITY OF SOFTWARE-DEFINED NETWORKS

        Annotation:

        Proved the viability and efficiency of homeostatic approach implementation to achieving cyber-sustainability based on software defined networking technology. Using of this technology cyber-physical system of “Smart home” was simulated. Authors conducted a number of experiments in which system counteracted to various attacks. As part of the experiment, software-defined network applied three self-adaptation mechanisms that provide cyber-sustainability. Experiments have confirmed that the “Smart home” system, built on the basis of software-defined networks, has retained the stability of its functioning within the framework of destructive actions.

        Keywords:

        software-defined network; situational management; homeostasis; sustainability; information security; self-similarity.
        Pages 160-168

        Dakhnovich A.D., Moskvin D.A., Zegzhda D.P.

        Saint Petersburg, Peter the Great St.Petersburg Polytechnic University

        APPLIANCE OF GARLIC ROUTING TO SECURE NETWORK COMMUNIATIONS IN DIGITAL MANUFACTURING

        Annotation:

        In the paper, specifics of ensuring cybersecurity and weaknesses of existing tools for information security in next-generation digital manufacturing networks are considered. To provide secure communication between digital manufacturing network segments new approach based on garlic routing principals is proposed.

        Keywords:

        digital manufacturing, industrial control systems, information security, cybersecurity, cyber-physical systems, industrial internet of things, garlic routing, network segmentation
        Pages 169-176
  • 2017 year
  • 2016 year
  • 2015 year
  • 2014 year
  • 2013 year
  • 2012 year
  • 2011 year
  • 2010 year
  • 2009 year
  • 2008 year
  • 2007 year
  • 2006 year
  • 2005 year
  • 2004 year
  • 2003 year
  • 2002 year
  • 2001 year
  • 2000 year
  • 1999 year