Quarterly journal published in SPbPU

and edited by prof. Peter Zegzhda

and edited by prof. Peter Zegzhda

Peter the Great St. Petersburg Polytechnic University

Institute of computer sciences and technologies

information security of computer systems

Institute of computer sciences and technologies

information security of computer systems

Information Security Problems. Computer Systems

Published since 1999.

ISSN 2071-8217

ISSN 2071-8217

- 2017 year
- №1 2017
- INFORMATION SECURITY APPLICATION
Sukhoparov M.E. Lebedev I.S., Korzhuk V.M., Krivtsova I.E.

DETECTION METHOD FOR PERSONAL NETWORKS ANOMALOUS BEHAVIOUR**Annotation:**Considered the low-power wireless network devices. The analysis of the characteristics of systems based on wireless technologies, resulting from passive surveillance and active devices to the survey, which make up the network infrastructure. A number of external signs of unauthorized access to a wireless network by the potential offender information security.

information security, "soft" space wireless networks, personal network, device availablity, information security model.**Keywords:**Pages 9-15**Akimov D. A., Redkin O. K., Los V. P., Zhukov D. O**CONVOLUTIONAL NEURAL NETWORKS FOR THE PREVENTION OF INFORMATION LEAKAGE IN OPEN INTERNET RESOURCES**Annotation:**This paper considers the architecture of convolutional neural networks: layer types, how they works, the details of their implementation, hyperparameters of layers and features of network training. The possibility of using this type networks for tasks of natural language processing. The possibility of their use for solving allocation problem of web pages constituting single web-resources the most information-packed pages.

convolutional neural networks, machine learning, natural language processing, web pages classification.**Keywords:**Pages 16-22 - NETWORK AND TELECOMMUNICATION SECURITY
**V.V. Platonov, P.O. Semenov**THE ADAPTIVE MODEL OF DISTRIBUTED INTRUSION DETECTION SYSTEM**Annotation:**Proposed the adaptive model of intrusion detection system for distributed compute network. The intrusion detection system is based on different data mining methods that allow analyzing a set of network traffic parameters and determining whether network interaction is normal or anomalous.

intrusion detection system, distributed computer network, data mining methods.**Keywords:**Pages 23-28M. Kalinin, A. MininSECURITY ASSESSMENT OF WIRELESS AD-HOC NETWORKS WITH DYNAMIC TOPOLOGY

SECURITY ASSESSMENT OF WIRELESS AD-HOC NETWORKS WITH DYNAMIC TOPOLOGY**Annotation:**The paper reviews a security estimation approach for wireless ad-hoc networks with dynamic topology (e.g., mesh-networks, MANET/VANET, smart home) based on principal component analysis (PCA) method.

(Russian) сеть с динамической топологией, mesh, adhoc, сенсорная сеть, безопасность, оценка безопасности, метод главных компонент.**Keywords:** - APPLIED CRYPTOGRAPHY
**Yakovlev V.A., Arkhipov V.V., Adadurov S.E.**THE ANALYSIS OF PRINCIPLES AND TECHNIQUE OF RESISTANCE ASSESSMENT OF GRAPHICAL PASSWORDS, TOLERANT TO SHOULDER-SURFING ATTACKS**Annotation:**Recently in scientific literature there were many suggestions for improvement of password system resistance to shoulder-surfing attack. Such passwords are called resistant to the shoulder-surfing attacks (RSS-GP). This paper presents a general methodological approach to the analysis and evaluation RSS-GP, which can be described in terms of the entry table.

authentication, password protection, graphical password, video-recording attack, shoulder-surfing attack**Keywords:**Pages 32 42**Marshalko G.B., Mironkin V.O.**GEOMETRIC ANALYSIS OF A NEURAL SYMMETRIC CIPHER**Annotation:**We consider a variant of a neural symmetric cipher, describe its probabilistic model. We show that this cipher is equivalent to the proportional substitution cipher. We propose an algorithm for reconstruction of a plaintext from cipher text, using properties of the space of enciphered characters.

NEURAL NETWORK, PROBABLISTIC MODEL OF A CIPHER, MESSAGE SOURCE, FREQUENCY ANALYSIS, HAMMING DISTANCE**Keywords:**Pages 43 49**Aleksandrova E.B., Shtirkina A.A., Yarmak A.V.**constructing elliptic curves for isogeny-based cryptosystems**Annotation:**Explorations of supersingular and non-supersingular elliptic curves generation methods for isogeny-based cryptosystems are presented. The influence of class field polynomial is analyzed and comparative characteristics of time of elliptic curve generation with using Weber and Hilbert class polynomials are given. Parameters, which influence cryptographic resistance of isogeny-based cryptosystems, are also reviewed.

elliptic, curves, isogenies, Weber class polynomials**Keywords:**Pages 50-58 - FUNDAMENTAL THEORY OF INFORMATION CONFRONTATION
**Grigoriev V.R., Bogdanova R.E.**MODEL IDENTIFYING EXTERNAL DESTRUCTIVE CONTROL ACTIONS ON SOCIAL NETWORKS BASED ON IMMUNE NETWORKS**Annotation:**The mechanisms of complex dynamical systems control (for example, social networks) are investigated in the face of external destructive control actions and counteract them by means of internal warfare. srocess and methods of organization of internal warfare based on formalization of the human body immune system.

COMPLEX DYNAMIC SYSTEMS; WARFARE MODELS; SOCIAL NETWORKS; DESTRUCTIVE CONTROL ACTIONS; IMMUNOLOGY; ACTORS-DESTRUCTORS NETWORK.**Keywords:**Pages 59-69 - SPECIAL INFORMATION TECHNOLOGY.
**Самойленко Д.В., Еремеев М.А.**г. Санкт-Петербург, Военно-космическая академия имени А.Ф. Можайского

**Финько О.А.**г. Краснодар, Краснодарское высшее военное училище имени С.М. Штеменко

METHOD FOR PROVIDING INTEGRITY INFORMATION GROUP ROBOTIC SYSTEMS CRYPTOCODING BASED STRUCTURES**Annotation:**A system cryptocoding conversion information, based aggregate block use of encryption algorithms and polynomial code system of residual classes. Complexed method restores the integrity of the information stored in the robotic systems group (RS), exposed to the offender (algebraic manipulation) and both the physical loss of a predetermined maximum number of RS does not lead to a partial or complete loss of it.

Robotic systems, cryptography, modular arithmetic, noiseless coding in residue classes, the integrity.**Keywords:**Pages 70-78**Sikarev I.A., Volkova T.A.,Kislevich G.V.**DEPRIVATION FIELDS FOR COMPLEX DISCRETE-MANIPULATED SIGNALS WITH DISCONTINUOUS IN TIME STRUCTURE**Annotation:**The problem of calculating deprivation fields for complex discrete-manipulated signals (DMS) with discontinuous in time structure in terms of (measure of) determining the degree of electromagnetic protection is considered.

DISCRETE-MANIPULATED SIGNALS (DMS), SIGNALS WITH DISCONTINUOUS IN TIME STRUCTURE, NARROW-BAND INTERFERENCE, COEFFICIENT OF MUTUAL DIFFERENCE (CMD), DEPRIVATION FIELDS.**Keywords:**Pages 79-82 - SOFTWARE SECURITY
**Golchevskiy Yu.V.****Shakhov A.N.**PROBLEM OF ANDROID MALICIOUS PROAGRAM CODE RESEARCH IN COMPUTER EXPERTISE PROCESS**Annotation:**The problem of malicious Android application code analysis for computer forensics was investigated. The algorithm of effective actions and software improvement were suggested. Approbation of the proposed methodology was performed.

forensics, computer expertise, malicious program code, static analysis, dynamic analysis, Android**Keywords:**Pages 83-91**Pavlenko E. Yu., Yarmak A. V., Moskvin D. A.**HIERARCHICAL APPROACH FOR ANALYSIS OF SECURITY BREACHES IN INFORMATION SYSTEMS**Annotation:**In this paper proposed a hierarchical approach for analysis of information security in modern information systems. It is based on multi-level events collection, analysis, and control. Performed analysis of mechanisms and characteristics of malicious software for every information system level. Identified mechanisms of malicious software action, its hiding and of possible methods for its detection.

information security, malware, hypervisor, security management, virtualization technology.**Keywords:**Pages 92-99

- INFORMATION SECURITY APPLICATION
- №2 2017
- INFORMATION SECURITY APPLICATION
**Akimov D. A., Sachkov V. E., Alyoshkin A. S., Umanskii V. I.**PROCESSING AND COMPUTER ANALYSIS FOR INFORMATION PUBLISHED ZERO-DAY VULNERABILITIES OF NATURAL LANGUAGE TEXTS**Annotation:**Natural language processing (Natural language Processing, NLP), is an important direction of development of application software, and zero-day vulnerabilities.

Word Processing from natural language used to address a vast number of tasks, such as: search, annotation, classification, speech recognition, query analysis. Also used to expand the functionality of the applications, for example to simplify the user data input and text in more convenient forms, used to search for information about the vulnerabilities on the Internet.

NLP, NER, POS, SBD, processing, natural language, tokenization, search suggestions borders, zero-day attacks.**Keywords:****A. Baranov, P. Baranov**Models of CRC and checksum values forming in multiple distortions conditions**Annotation:**The paper considers certain probability-theoretic models of packet mode-transferred information distortions. Attention is drawn mainly to distortions, including possible interferences influencing multiple transfer cycles. Distortions are modeled by a consequential impacts that are defined by dependent random variables. K-dimensioned values of CRC, respectively allow representation as a sum of k-dimensioned independent random variables.

In some cases it is possible to bring them to a sum of independent terms in a k-dimensioned vector space over a two-element field and, afterwards, apply to them existing limit theorems dealing with convergence to uniform distributions.

The paper discusses prospects for impacts stretching to m cycles of acquiring convergence conditions for CRC distribution as a sum of m-dependent terms or ones not interconnected to a non-homogeneous Markov chain.

information security, CRC, error probability, multiple distortions, telecommunication protocols.**Keywords:****A.A. Grusho, N.A. Grusho, E.E. Timonina**(Russian) СИНТЕЗ АРХИТЕКТУРЫ ИНФОРМАЦИОННОЙ БЕЗОПАСНОСТИ В РАСПРЕДЕЛЕННЫХ ИНФОРМАЦИОННО-ВЫЧИСЛИТЕЛЬНЫХ СИСТЕМАХ1**Annotation:**In the paper the problem of synthesis of information security architecture in the distributed information systems is considered. This synthesis is based on usage of elementary constructions which are described in the form of diagrams of problems decision of protection of actions during calculating process in computer system and in case of network exchange.

information security, synthesis of secure architecture, the distributed information systems**Keywords:**Pages 23-30 - NETWORK AND TELECOMMUNICATION SECURITY
**A.M. Sukhov, I.E. Gorbachev, V.I. Yakunin**A METHOD FOR SIMULATING THE OPERATION OF THE INTRUSION DETECTION SYSTEM IN COMPUTER NETWORK THE OBJECTIVES OF THE STUDY THE EFFECTIVENESS OF**Annotation:****The article discusses an integrated approach to the study of quality of functioning of systems of detection of intrusions in computer network intruders in the protected objects. The feature of the proposed method of modeling is a complex disci-those are all factors affecting the efficiency of the process under study.**

intrusion detection system, the effectiveness of the targeted application, the theory of efficiency.**Keywords:**Pages 23-30**Pavlenko E.Y., Yarmak A.V., Moskvin D.A.**Security managing of information system based on the analysis of the event graph**Annotation:**In this paper proposed the model based on event graph, which can provide the behavior analyse of a program. The graph is built by events generated during program execution. The architecture of the system is presented, and a list of events tracked at each level is listed. The metrics that allow comparing a structure of obtained graph with structure of legitimate program’s graphs are also presented. The experiment’s results experimental results illustrate the effectiveness of the proposed approach.

information security, malware, hypervisor, security management, virtualization technology**Keywords:**Pages 31-38 - APPLIED CRYPTOGRAPHY
A. Baranov, P. Baranov

Models of CRC and checksum values forming in multiple distortions conditions**Annotation:**The paper considers certain probability-theoretic models of packet mode-transferred information distortions. Attention is drawn mainly to distortions, including possible interferences influencing multiple transfer cycles. Distortions are modeled by a consequential impacts that are defined by dependent random variables. K-dimensioned values of CRC, respectively allow representation as a sum of k-dimensioned independent random variables.

In some cases it is possible to bring them to a sum of independent terms in a k-dimensioned vector space over a two-element field and, afterwards, apply to them existing limit theorems dealing with convergence to uniform distributions.

The paper discusses prospects for impacts stretching to m cycles of acquiring convergence conditions for CRC distribution as a sum of m-dependent terms or ones not interconnected to a non-homogeneous Markov chain.

information security, CRC, error probability, multiple distortions, telecommunication protocols.**Keywords:**Pages 39-45**Dali F.A., Mironkin V.O.**A SURVEY OF SEVERAL TREE-HASHING MODES**Annotation:**Some tree-hashing modes are considered. The main requirements to tree-hashing modes are formulated.

A HASH FUNCTION, A TREE MODE, A HASH TREE, AN ALGORITHM.**Keywords:**Pages 46-55**N. N. Shenets**AUTHENTICATION IN DYNAMIC AD-HOC NETWORKS BASED ON HOMOMORPHIC SECRET SHARING**Annotation:**In this work a new authentication and key establishment method in ad-hoc networks without secure channels, which is used only verifiable homomorphic secret sharing, is presented. The security of the method in standard assumptions to active adversary model which includes pre-threshold number of the network nodes is proven. In the passive adversary model this method provides perfect security.

authentication and key establishment protocol, ad-hoc networks, verifiable secret sharing, perfectness, homomorphic property**Keywords:**Pages 56-67**E.B. Aleksandrova**Methods of group authentication for low-resource vehicle and flying self-organized networks**Annotation:**Group authentication in self-organized networks with group signature is suggested. Besides of technical features of unmanned aerial vehicles, elliptic curve EDR-BBS scheme is chosen for FANET. Elliptic curves over extended fields of pseudo-mersenne characteristic are used.

VANET, FANET, group authentication**Keywords:**Pages 68-83 - SPECIAL INFORMATION TECHNOLOGY.
PROTECTION OF INFORMATION IN THE RADIO CHANNELS OF LOCAL DIFFERENTIAL SUBSYSTEMS SATELLITE NAVIGATION
- SOFTWARE SECURITY

- INFORMATION SECURITY APPLICATION

- №1 2017
- 2016 year
- 2015 year
- 2014 year
- 2013 year
- 2012 year
- 2011 year
- 2010 year
- 2009 year
- 2008 year
- 2007 year
- 2006 year
- 2005 year
- 2004 year
- 2003 year
- 2002 year
- 2001 year
- 2000 year
- 1999 year