A. Baranov, P. Baranov
The paper considers certain probability-theoretic models of packet mode-transferred information distortions. Attention is drawn mainly to distortions, including possible interferences influencing multiple transfer cycles. Distortions are modeled by a consequential impacts that are defined by dependent random variables. K-dimensioned values of CRC, respectively allow representation as a sum of k-dimensioned independent random variables.
In some cases it is possible to bring them to a sum of independent terms in a k-dimensioned vector space over a two-element field and, afterwards, apply to them existing limit theorems dealing with convergence to uniform distributions.
The paper discusses prospects for impacts stretching to m cycles of acquiring convergence conditions for CRC distribution as a sum of m-dependent terms or ones not interconnected to a non-homogeneous Markov chain.
Keywords:information security, CRC, error probability, multiple distortions, telecommunication protocols.
Dali F.A., Mironkin V.O.
Some tree-hashing modes are considered. The main requirements to tree-hashing modes are formulated.
Keywords:A HASH FUNCTION, A TREE MODE, A HASH TREE, AN ALGORITHM.
N. N. Shenets
In this work a new authentication and key establishment method in ad-hoc networks without secure channels, which is used only verifiable homomorphic secret sharing, is presented. The security of the method in standard assumptions to active adversary model which includes pre-threshold number of the network nodes is proven. In the passive adversary model this method provides perfect security.
Keywords:authentication and key establishment protocol, ad-hoc networks, verifiable secret sharing, perfectness, homomorphic property
Group authentication in self-organized networks with group signature is suggested. Besides of technical features of unmanned aerial vehicles, elliptic curve EDR-BBS scheme is chosen for FANET. Elliptic curves over extended fields of pseudo-mersenne characteristic are used.
Keywords:VANET, FANET, group authentication
A. S. Zaitsev, A. A. Malyuk
The paper considers classifying models that allow to detect potential insider basing on technical and behavioural indicators under conditions of incomplete information about his behaviour.
Keywords:information security insider threats, data mining, classifying models, CHAID, neural networks, decision trees
Sh. G. Magomedov, T. Yu. Morozova, D. A. Akimov
The paper proposes a procedure for the use of residual classes of systems in the formation of the encryption keys that allows for modification and key exchange without any interaction with the network security system in a continuous mode as needed on the basis of residual classes of systems.
Keywords:residue number system, encryption, information security, computer network
O. V. Trubienko, V. I. Kuznetsov
On the basis of statistical data the EMERCOM of Russia on emergency situation the authors come to the conclusion about the need to create a complex system of intellectual-term monitoring of dynamic objects of industrial facilities and residential buildings. The article describes the composition and operation of the monitor system of complex the monitor.
Keywords:innovation, safety, security complex
A. A. Grusho, N. A. Grusho, M. I. Zabezhailo, E. E. Timonina
Now there is a large number of the directions and of the results of development of artificial intelligence systems. The paper is devoted to the available description of connection of some problems of information security and the opportunities given by data mining.
Keywords:information security, data mining, the distributed information systems
V. G. Anisimov, E. G. Anisimov, D. A. Bazhin, P. D. Zegzhda, A. F. Suprun
The article considers the methodological statements, concerning the creation of models and methods for decision support in the sphere of security monitoring organization for information systems. The designation of monitoring is to neutralize the internal and external impacts leading to occasional or intentional access to stored or processed data, as well as to its damage or distortion.
Keywords:information system, security, risk, monitoring organization, model
D. S. Lavrova
In this paper proposed an ontological model of the subject field of the Internet of Things, which provides a detailed view of the linkages and relationships between the elements of the system at different levels of abstraction, with varying degrees of detail. Designed ontological model allows us to understand the technical aspects of the development of SIEM-system for the identification and analysis of security incidents in the Internet of Things
Keywords:Internet of things, security incident, data analysis, aggregation, large volumes of data, SIEM system, ontology
N. A^. Bazhaev, I. E. Krivtsova, I. S. Lebedev, M. E. Sukhoparov
Considered a wireless network under “broadcast storm” attack, in order to determine the availability of stand-alone units, the ability to carry out their tasks in the functional impact of the information. Identified a number of conditions for the organization of attack by a potential intruder. The analysis of system availability of devices based on wireless technologies.
Proposed model can be used to determine the technical characteristics of a wireless ad hoc network of devices.
Keywords:information security, wireless networks, multi-agent systems, vulnerability, accessibility of devices, information security model
D. V. Ivanov, D. A. Moskvin, A.V. Myasnikov
The article presents results of analyze of user data replication mechanisms. The authors have classified replication mechanisms, have identified its advantages and disadvantages, and have proposed a method that uses NFC technology to establish a secure channel data replication.
Keywords:REPLICATION, USER PROFILE, SECURE CHANNEL, NFC, EMULATION, DATA TRANSFER
N. N. Shenets, I. V. Bulatov
In this work the modular threshold secret sharing schemes are considered, in particular, Shamir’s scheme and general modular scheme in the univariate polynomial ring over Galois field. Different qualitative and numerical properties of such schemes are compared; the problems of its optimal realization are studied.
Keywords:words: modular secret sharing schemes, ideality, perfectness, computational complexity.
E. B. Aleksandrova, E. N. Shkorkina
In cryptographic protocols, being implemented in the systems using resource-constrained devices, hard computations can be outsourced to cloud servers. Light-weight arithmetic operations are carried out on the device. The tripartite key-agreement protocol with two servers in the one-malicious version of two untrusted program model is suggested.
Keywords:Outsourcing algorithm, bilinear pairing, tripartite Diffie–Hellman protocol
D. P. Zegzhda, E. B. Aleksandrova, A. S. Konoplev
The paper reviews the problem of unauthorized access to the data in distributed computing networks. Available implementations of authentication mechanisms in Grid systems are discussed, their disadvantages are considered. The group signature approach is proposed, which exceeds unauthorized access to computing environment and provides integrity of transmitted data.
Keywords:distributed computing networks, Grid system, unauthorized access, authentication, group signature, elliptic curve
Sikarev I.A., Volkova T.A., Galochkin R.N.
The problem of calculating coefficients of mutual difference (CMD) for complex discrete-manipulated signals (DMS) with discontinuous in time structure in terms of (measure of) determining the degree of electromagnetic protection is considered.
Keywords:DISCRETE-MANIPULATED SIGNALS (DMS), SIGNALS WITH DISCONTINUOUS IN TIME STRUCTURE, NARROW-BAND INTERFERENCE, COEFFICIENT OF MUTUAL DIFFERENCE (CMD).
PavlenkoE.Yu., YarmakA.V., MoskvinD.A.
The article presents results of the malware identification problem research in Google Android operating system. To resolve this problem authors have created the system, based on the fuzzy clustering method which use an application parameters vector. This vector is result of the static and dynamic analysis of the application code. The paper describes the application settings that are used for drawing vector features, and also highlights the efficiency of the use of different criteria of separability in relation to the task and given the format of the input data. An experimental evaluation of the proposed system, showing a high level of malware detection for the Google Android operating system.
Keywords:Google Android, security of mobile devices, cluster analysis, machine learning, malware, static analysis, dynamic analysis.
ZegzhdaP.D., MalyshevE.V., PavlenkoE.Y.
In this paper, authors consider the problem of identifying automatically managed accounts (bots) in social networks and propose a method for bots detection based on machine learning methods. The paper describes an example of a method based on artificial neural network training, also were represented parameters of user account in social network for bots detection. An experimental evaluation of the proposed system shows a high degree of bots detection in social networks.
Keywords:information security, social networks, bots in social networks, neural network, bot detection
Kalinin M., Busygin А., Konoplev A.
The paper reviews the problem of TLS protocol based applications. It highlights attack scenarios to such applications, using certificate revocation vulnerabilities. There is a comparison of X.509 certificate status verification methods is presented which is applied in conjunction with TLS protocol, their advantages and disadvantages are specified.
Keywords:certificate revocation, TLS protocol, authentication, man-in-the-middle attacks, Grid system, X.509 standard.
M. O. Kalinin, A. A. Minin
This paper reviews security problems in computer networks with dynamic topology (e.g. mesh, MANET, computing grid). There is suggested a method of security threats detection in such networks based on graph modeling
Keywords:network with dynamic topology, mesh, adhoc, sensor network, security, security node, traffic statistics
A. A. Grusho, N. A. Grusho, M. V. Levykin, E. E. Timonina
In the paper the concept of integrated virtualization of information technology and tasks for the purpose of isolation of valuable information from risk hosts is entered. The technology of realization of business processes and in parallel the technology of realization of the principles of isolation for ensuring information security is considered. At a certain stage of realization of business processes the security model and model developed for business process is unified. The resulted model can be implemented with the help of integrated system of virtual computers and the operated information flows.
Keywords:information security, the distributed information systems, virtualization
A. Y. Chernov, A. S. Konoplev
The paper reviews the problem of construction trusted executable environment on modern PC architecture. It shows main features of software execution on different privilege levels. Intel ME architecture has been reviewed. There are Intel ME potential threats highlighted and shown possible ways to solve them.
Keywords:Trusted execution, PC architecture, hypervisor, virtualization, BIOS, Intel ME
Zegzhda D.P., Moskvin D.A., Dakhnovich A.D.
The article presents results of analyze of WiFi network protection mechanisms. The authors propose the access point authentication method, which can be used in various designed networks.
Keywords:WiFi, client protection, access point, wireless client, authentication
D. P. Zegzhda, E. S. Usov, A. V. Nikolsky, E. Y. Pavlenko
In this paper is considered the problem of users’ data confidentiality in cloud systems from attacks by the provider. The system of secure cloud computing using Intel Software Guard Extensions technology (SGX) is also considered. The paper describes Intel SGX technology, the basic concepts and security mechanisms. Possibility of using this technology in the cloud system is shown. An experimental scheme of the proposed system provides data confidentiality for cloud systems users, and provides a method of implementation of the scheme in existing cloud systems.
Keywords:Intel SGX, enclave, cloud systems, data confi dentiality, encryption, hypervisor, protected memory.
D. V. Kostin, O. I. Sheluhin
The objective of this work is to assess the robustness of machine learning based encrypted traffic classification to detect network intrusion. In this work, we have focused on the identification of four types of encrypted traffic: Skype, Tor, PuTTY (SSHv2) and CyberGhost (VPN). In order to classify encrypted traffic five different machine learning algorithms are employed. These are Naive Bayes, C4.5, AdaBoost and Random Forest. We describe a comparison the two methods of traffic classification based on machine learning: generation and analysis of network flows and analysis of each network packet.
Keywords:TRAFFIC CLASSIFICATION, ENCRYPTED TRAFFIC, MACHINE LEARNING, INTRUSION DETECTION SYSTEM.
D. V. Ivanov, D. A. Moskvin, T. D. Ovasapyan
The article describes the approaches to the detection of active network nodes in the IPv6 address space. Two main families of approaches are described: with and without using the initial sample.
Keywords:networks, information security audit, internet, ipv6, network nodes
I. V. Alekseev, V. V. Platonov
Method of detecting malware that uses encryption as a disguise. The paper describes the modification of statistical spectral test based on entropy analysis.
Keywords:potential malware detection, cryptоr, statistical tests, entropy.
L. V. Utkin, V. S. Zaborovsky, S. G. Popov
Anomaly detection of the robot system behavior is one of the important components of the information security control. In order to control robots equipped with many sensors it is difficult to apply the well-known Mahalanobis distance which allows us to analyze the current state of the sensors. Therefore, the Siamese neural network is proposed to intellectually support the security control. The Siamese network simplifies the anomaly detection of the robot system and realizes a non-linear analogue of the Mahalanobis distance. This peculiarity allows us to take into account complex data structures received from the robot sensors.
Keywords:multi-robot system; security control; anomaly detection; Siamese neural network; Mahalanobis distance; sensor
Systems that have a complex technical implementation usually contain many vulnerabilities which cannot be found at the development stage. The present paper reviews a method of modeling information systems, which allows formalizing the amount of information obtained by a researcher. Two methods of establishing systems protected from research are presented. One method is related to complicating the algorithms and the other one is related to their multiplication.
Keywords:protection from research, researcher model, indistinguishability, cryptography, block ciphers.
The task of cryptanalysis of methods of cryptography protection with use of new model of optimization methods – the genetic algorithms imitating processes of evolution of wildlife is considered. Application of genetic algorithms for cryptanalysis of the block standard of encoding of AES is described. The block diagram and a information -logical graph-scheme of algorithm, an estimation of necessary minimum number of processors for implementation of algorithm of cryptanalysis, and also some experimental results and the main conclusions are provided.
Keywords:CRYPTANALYSIS, GENETIC ALGORITHM, BLOCK METHODS OF ENCIPHERING, INFORMATION-LOGICAL GRAPH SCHEMЕ, POPULATION OF KEYS, СROSSING-OVER, QUASI-OPTIMUM KEY, INDEPENDENCE MATRIX
Shenets N., Truhina E.
In this work the Password Authenticated Connection Establishment (PACE) protocol, wish is used in European smartcard environments, is considered. The modifications of the PACE are proposed. They accelerate the protocol but don’t reflect on its overall security. The new version of PACE is called X‑PACE.
Keywords:password authenticated connection establishment protocol, smartcard security.
R. N. Zharkih, A. A. Kornev
Outlines the conceptual aspects of the problems of protection management systems that implement the principle of setecentrizma, characteristic of the era of information confrontation between the conflicting sides. Discusses possible directions of studies based on extensive use of mathematical modeling to enable system positions analyze problematic aspects of control systems. Attention is drawn to the logical dependence of the investigated issues of modern network-centric paradigm of governance.
Shows preference for the proposed solutions to the problem as compared to traditional management methods and technologies.
Keywords:data protection, information confrontation, modeling, network-centric technology paradigm real-time management, control system
R. N. Zharkih, A. A. Kornev
The paper reviews problems of usage of sensor input panels in secured computer equipment. The challenge is to implement both sufficient screening of device’s electronic components, including display as well, and provide usage of the panel at the same time. The article provides survey of different aspects of using existing sensory panels and a possibility of developing an own one, designed in accordance with the formed requirements. Described the concept of building such a panel and technical details obtained with a prototype are given.
Keywords:optical sensor panel, secured input device, information security
Parshutkin A.V., Egin A.V., Zaytsev S.A.
This article discusses formation of stray electromagnetic radiation from raster display systems using interfaces data organization exchange standard DVI. Submitted description model of jamming intercept stray electromagnetic radiation optimal receiver.
Keywords:JAMMING, STRAY ELECTROMAGNETIC RADIATION, RASTER DISPLAY SYSTEMS, DVI INTERFACE
Rudy’kh S.V., Sikarev I.A., Galochkin R.N., Kiselevich G.V.
The purpose of article is research of questions of fight against the narrow-band hindrances on a range in automated control systems of technical and auxiliary fleet and system of monitoring of navigation signs.
Keywords:INTERNAL WATERWAYS, AUTOMATED IDENTIFICATION SYSTEMS (AIS), ADDITIVE AND MULTIPLICATIVE INTERFERENCE, COEFFICIENT OF MUTUAL DIFFERENCE (CMD)
Anisimov V.G., Anisimov E.G., Zegzhda P.D., Saurenko T.N., Prisyazhnyuk S.P.
The article deals the indicators to evaluate the effectiveness of information security system of information interaction in complex distributed organizational management objects and the methods of their determination. The methodology laid stochastic representation of a stream of destructive effects on the process of information interaction between the control elements distributed organizational object.
Keywords:Complex distributed organizational object, information interaction, information security, efficiency, performance
Kucheryavyi M., Storozhik V., Vovenda J.
The article considers the security staffing issues in the information field. It focuses on activities FSTEC of Russia in the framework of training in the specialty “Information security”. The article deals with a set of measures for the implementation FSTEC of Russia powers of the center of responsibility for determining the annual admission quotas.
Keywords:information field; security staffing; information security; professional training; responsibility center