Quarterly journal published in SPbPU
and edited by prof. Peter Zegzhda
Peter the Great St. Petersburg Polytechnic University
Institute of computer sciences and technologies
information security of computer systems
Information Security Problems. Computer Systems
Published since 1999.
ISSN 2071-8217
  • 2019 year
  • 2018 year
  • 2017 year
  • 2016 year
  • 2015 year
  • 2014 year
  • 2013 year
  • 2012 year
  • 2011 year
  • 2010 year
    • № 1 2010
      • INFORMATION SECURITY ASPECT

        Belim S. V., Belim S. Yu., Usov S. V.

        The object-oriented modificaction of models of security HRU

        Annotation:

        The object-oriented modification of model HRU is developed.

        Keywords:

        Model of security policy, discretionary access, object-oriented system.
        Pages 7-15
      • INFORMATION SECURITY APPLICATION

        Kalinin M. O.

        The solution for selecting the adequate security prevention measures at the server program platform

        Annotation:

        The paper discusses a problem of selecting the control measures targeted at security of frameworks that include web-servers, operating systems, and data base management systems. The solution of that problem is presented: it is based on integral estimation of system security configuration.

        Keywords:

        Information security, security control, network, web-server, database management system, security state.
        Pages 16-26

        Kalinin M. O., Moskvin D. A.

        Methodology of security maintenance estimation and security configuration optimization for operating environments

        Annotation:

        The paper presents the characteristic of IT-system security maintenance and depicts the formula of its estimation for the case of discretionary access control. On the base of that calculus, the method targeted at the configuration optimization is discussed.

        Keywords:

        Information security, operating environment, administrative effectiveness, security optimization, security settings.
        Pages 27-31
      • NETWORK AND TELECOMMUNICATION SECURITY

        Baranov P. A., Kalinin M. O., Stepanova T. V.

        Battery-based anomaly detection on mobile devices

        Annotation:

        Detection of unknown attack types for mobile devices stays up-to-date, but existing mobile security software aims at detecting known attacks. Offered method of anomaly detection in mobile devices' behavior is based on power consumption homogeneity analysis. Method allows to detect deviations in normal behavior for anomalies of any type (anomalous network activity, anomalous computing resources' usage etc.), because power consumption is the universal characteristic, which depends on any system activity.

        Keywords:

        Anomaly detection, power consumption, homogeneity analysis, mobile devices.
        Pages 32-38

        Kort S. S.

        Exploring efficiency of anomaly detection based on Markov chains

        Annotation:

        This article is devoted to the program activity anomaly detection based on Markov chains. Also advantages and challenges of applying this mathematical method for anomaly detection discussed.

        Keywords:

        Markov chain, attack, intrusion detection, host system, software, vulnerability, unknown attack.
        Pages 39-47

        Yakovlev V., Levin I.

        Combined method of tracing DDoS-attack sources

        Annotation:

        This article describes a new combined method of tracking and blocking the sources of distributed network attacks, combining the methods used by both routers and end-hosts. The essence of the method is that each router marks the network packet that passes through it using a random hash function from the set. At the receiving side this information is stored and used to filter unwanted traffic and traceback the source of distributed attack.

        Keywords:

        The distributed network attacks, the undesirable traffic, label.
        Pages 48-61
      • APPLIED CRYPTOGRAPHY

        Rostovtsev A. G.

        Schoof-Elkies-Atkin algorithm and specification of direction on isogeny cycle

        Annotation:

        Isogenies of elliptic curves over finite fields are considered. It is shown that isogeny class group is isomorphic to ideal class group for Frobenius discriminant. Two methods for direction specification on isogeny cycle are proposed. The first one specifies direction according to minimal degree of field extension obtained adjoining isogeny kernel. The second one specifies direction according to precomputed eigenvalue of Frobenius endomorphism by Schoof-Elkies-Atkin algorithm.

        Keywords:

        Elliptic curves, class group, isogenies, SEA algorithm.
        Pages 62-70
      • TECHNICAL SOLUTION

        Gasin A. I., Maligin A. Y., Malysh V. N.

        Synthesis of robust automatic fragmentator-classifier of elementary sounds arbitrary speech announcer during his biometrics identification

        Annotation:

        A new generation of adaptive fragmentators of speech taking into account individual peculiarities of speech of concrete person and fragmentation of speech into sound segments with homogenous biometrics parameters is considered.

        Keywords:

        Continuous identification, continuous autentification, fragmentation, biometrical sign, fragmentator-classificator, defragmentator-classificator, biometrical characteristic, main tone, sound-wave vibration..
        Pages 71-76

        Funtikov V. A.

        The «Biometry-code» neuronet converters testing using multidimensional entropy viewer

        Annotation:

        It is shown that the “biometry-code” converters outputs research changing to the Hamming interval code assignment research allows to increase greatly the entropy viewer dimension. The natural codes field changing to the Hamming codes field allows to simplify calculations and to provide the view using the small dimension grosses.

        Keywords:

        Testing, neural nets, distribution of hamming metric, entropy, converters of biometry-code.
        Pages 77-80
    • № 2 2010
      • INFORMATION SECURITY ASPECT

        Belim S. V., Bogachenko N. F., Rakitsky J. S.

        Theoretical-graph approach to the problem of combining role-based and mandatory security policies

        Annotation:

        The mathematical structures, necessary for modeling the role-based and mandatory access control to information, are analyzed in this article. The possibility of combining these security policies in a computer system is proved.

        Keywords:

        Security policy, role-based and mandatory access control, lattice, directed graph.
        Pages 9-17

        Belim S. V., Brechka D. M.

        The basic approach in models of security HRU

        Annotation:

        The space of access matrix is investigated. The model of security HRU is extended.

        Keywords:

        Model of security policy, discretionary access.
        Pages 18-23

        Maluk A. A.

        On the question of information protection approaches periodization

        Annotation:

        Based on a retrospective analysis of publications on information protection problems separation of several historical stages in the development of protection approaches is proposed. Each approach is characterized by some fundamental features that cause the transformation of the very formulation of a protection goal - from the counteraction to known threats to the development of original secured information technologies.

        Keywords:

        Information protection, secured information technologies, information security, information protection approaches.
        Pages 24-30

        Semenova N. A.

        Application of formal concept analysis methods to RBAC models building and optimization

        Annotation:

        This paper describes a formal concept analysis approach to role-based access control models building and optimization. Several algorithm modifications are presented for different sets of input data types. A method for evaluation of generated model is described.

        Keywords:

        RBAC model, role mining, role hierarchy engineering.
        Pages 31-44
      • INFORMATION SECURITY APPLICATION

        Avramenko V. S.

        Adaptive information security monitoring from not authorized access on the basis of information patterns

        Annotation:

        In article ways and private methods of the decision of a problem of adaptation of the monitoring system of information protection from unauthorized access on the basis of information patterns are considered.

        Keywords:

        Monitoring of information protection, unauthorized access, adaptation, information pattern, level of false alarms.
        Pages 45-49
      • APPLIED CRYPTOGRAPHY

        Babash A. V.

        Agreement method for determining the initial state and the input key sequence of the serial connection encryption machines

        Annotation:

        We estimate the complexity of determining the keys serial communications encryption machines.

        Keywords:

        Method of the coordination, condition, key sequence, the consecutive connection, the ciphering automatic machine, labour input.
        Pages 50-55
      • NETWORK AND TELECOMMUNICATION SECURITY

        Baranov V. A.

        Formalization of the insider conception for computer systems

        Annotation:

        This paper is devoted to formal and informal definition of the insider conception. Consideration includes threats from insider for computer system resources. Also original model, which describe insider behavior, is proposed. With this model we can obtain description of insider behavior scenarios.

        Keywords:

        Threats, scenarios of infringement of safety, unapproved access to the information, leak of the confidential information.
        Pages 56-62

        Kort S. S., Rudina E. A., Pavlichenko M. V.

        Integrated method of distributed attack detection

        Annotation:

        Distributed attack is an attack, that corresponds to the interrelation «many intruders – one goal». Distributed attacks present a serious threat for servers, functioning in the Internet. In this paper we introduce the extension of the existing algorithm of intrusion expansion dynamics analysis for distributed attacks’ detection. Two main distributed attacks’ groups were singled out, the methods of their detection were selected, the proposed methods were integrated into IDS. The integration of these methods into IDS is described below.

        Keywords:

        Distributed attack, intrusion detection system, intrusion automata model, event correlation.
        Pages 63-72
      • SOFTWARE SECURITY

        Romanov K. O., Ryzhov Y. N., Skiba V. Y.

        Computer-assisted system of protected information leakage channel diagnostics in informational systems of federal executive bodies of Russian Federation

        Annotation:

        In this particular article we cover the subjects of protected data classification and the main security threats identification in informational systems of federal executive bodies of Russian Federation; creating computer-assisted system of protected information leakage channel diagnostics which allows to neutralize almost all threats and provides clear user operating mode with the protected information.

        Keywords:

        Informational systems, computer-assisted system of protected information leakage channel diagnostics, security threats, insider.
        Pages 73-79

        Yavno D. M.

        On inadequacy of built-in protection against rootkits in Microsoft Windows x64 operating systems

        Annotation:

        An object-oriented model of rootkit functioning within a computing system is proposed. Relationships between a rootkit and other objects of a computing system are picked out. These relationships are used to determine factors of rootkit presence, that can be later used for rootkit detection.

        Keywords:

        Rootkit, detection, model.
        Pages 80-87
    • № 3 2010
      • INFORMATION SECURITY ASPECT

        Kalinin M. O.

        Setting the task of reliability estimation for secured it systems

        Annotation:

        The paper reviews an approach to formal task of analysis of secure IT systems with application of reliability theory. Formal based method of reliability estimation is suggested for highly secured IT systems.

        Keywords:

        Estimation, reliability, security, synthesis, system.
        Pages 7-11

        Semenova N. A.

        Set theory-based approach to building RBAC models

        Annotation:

        This paper describes an algorithm of building formal RBAC model based on representation of user access rights as an algebraic lattice. Some theoretical and practical proofs are given to show the effectiveness of proposed approach.

        Keywords:

        RBAC model, lattice theory, role hierarchy engineering.
        Pages 12-21
      • INFORMATION SECURITY APPLICATION

        Kruglov S. N., Kopchak Y. M., Saenko I. B.

        Optimization of discretionary access schemes to files in automated systems based on free software

        Annotation:

        Mechanisms of discretionary access control to the files of the operating system MSMF are discussed. The problem of optimization of discretionary access schemes to files and algorithm of its solution are given.

        Keywords:

        Automated system, information security, unauthorized access, file system.
        Pages 22-26
      • NETWORK AND TELECOMMUNICATION SECURITY

        Nyrkov A. P., Bashmakov A. V., Sokolov S. S.

        Information security of wireless networks with the use of non cryptographic methods

        Annotation:

        The article is devoted to the question of information security maintenance in wireless net-works with the use of non cryptographic methods. The current study considers the ways of limiting the network field coverage in view of the influence of Fresnel zone on the radio signals propagration.

        Keywords:

        Wireless networks, radiation field, covering area, vulnerability.
        Pages 27-30
      • APPLIED CRYPTOGRAPHY

        Azhmukhamedov I. M.

        Use steganografic and cryptographic algorithms in electronic identity cards

        Annotation:

        Proposed scheme manufacture autonomous electronic identity based on stego and cryptographic algorithms, which allows you to create a qualitatively new bandwidth system with enhanced security. Described approach to manufacturing electronic documents can be applied not only to the Organization of a crossing regime, but also for other identity documents (for example, permit, social cards, passports, etc.).

        Keywords:

        The scheme of manufacturing of the independent electronic identification card, stego and cryptographic algorithms.
        Pages 31-35

        Babash A. V.

        Using approximate models of the automaton in the task of determining the initial state and input word automaton on the output word

        Annotation:

        The formulas for the parameters of methods for determining the state and the input word automaton, based on the preliminary construction of his entourage of models.

        Keywords:

        The automatic machine, entrance sequence, condition, the total method, the approached model, labor input.
        Pages 36-41

        Bezzateev S. V.

        Multilevel access control system on Mc Eliece scheme

        Annotation:

        Multilevel access control system based on embedded Goppa codes is consider.

        Keywords:

        Multilevel access control system, Goppa codes.
        Pages 42-44

        Gatsenko O. Y., Аristarkhov I. V., Maksimov S. V.

        Time study of registration authority on end entities public key certificate request in electronic documents verification system

        Annotation:

        In this article we present the model of Certification Authority on End Entities Public Key Certificate Request in Electronic Documents Verification System. Closed Queueing Systems are used in the capacity of mathematical apparatus. The model let to estimate probabilistic-time characteristics with a glance different time of request processing while end entity initial registration (or after key compromising) and while key update request.

        Keywords:

        Electronic documents verification system, certification authority, registration authority, request processing, public key certificate, time study, queueing systems.
        Pages 45-51

        Kanunnikov D. S., Dobritsa V. P.

        Neural network approach to key distribution

        Annotation:

        In article attempt of an involvement of an artificial neural network for distribution of keys of symmetric cryptography is undertaken. The description of algorithm of distribution is resulted. Rules of formation neural network are specified.

        Keywords:

        Neural network algorithm of distribution of keys.
        Pages 52-54
      • TECHNICAL SOLUTION

        Karetnikov V. V., Rudih S. V., Sikarev I. A.

        Influence of mutual hindrances on the operative range of the automated identification systems

        Annotation:

        The question of influence mutual on range of action of base stations of the automated identification systems is considered.

        Keywords:

        Topology of an operative range of automatic information systems, optimum radius of a cellular zone, mutual hindrances.
        Pages 55-57
      • SPECIAL IT

        Nyrkov A. P., Sokolov S. S., Bashmakov A. V.

        Technique of designing safeinformation systems on transport

        Annotation:

        The model of construction safe uniform information exchange space and management for a transport-logistical complex is considered.

        Keywords:

        The transportno-logistical centre, the centre of system of the dispatching management, the automated control system, modular principle.
        Pages 58-61
      • EDUCATION PROBLEMS

        Starodubcev Y. I., Risman O. V., Grechihnicov E. V., Misyrko S. V.

        Problems of preparation of experts in the field of information safety telecommunication systems

        Annotation:

        In article the analysis of a current situation in the field of preparation of experts in maintenance of information safety of telecommunication systems in the Russian Federation is carried out. The basic directions on perfection of system of preparation of experts in maintenance of information safety of telecommunication systems in Russia are offered.

        Keywords:

        Information safety, preparation of experts.
        Pages 62-72
    • № 4 2010
      • INFORMATION SECURITY ASPECT

        Semenova N. A.

        Verification of RBAC model with linear time logic methods

        Annotation:

        This paper describes a RBAC verification method which considers RBAC as a set of LTL sentences. It also contains LTL sentences representing basic RBAC policies, which can be used for construction a RBAC of arbitrary complexity.

        Keywords:

        RBAC model, linear time logic, security policy verification.
        Pages 7-13
      • INFORMATION SECURITY APPLICATION

        Rudina E. A.

        Selection of the method of computing systems virtualization

        Annotation:

        In this paper is proposed the approach to the selection of virtualization method. It depends on the target system application and goals of it’s virtualization. This approach is based on the analysis of the goals and methods of modern computing systems virtualization.

        Keywords:

        Virtualization, computing resources, virtualization methods.
        Pages 14-20

        Sobakin I. B.

        Characteristics of modern international information security risk management standards

        Annotation:

        The article provides an overview and analysis of basic international standards concerned information security risk management. Comprehensively reviewed ISO / IEC 27005:2008 as one of the major standards. The article also contains the scheme of information security risk management process.

        Keywords:

        Risk management, information security, information risk.
        Pages 21-25
      • APPLIED CRYPTOGRAPHY

        Atmashkin M. I., Belim S. V.

        The subliminal channels of the GOST R 34.10-2001 digital signature algorithm

        Annotation:

        The article describes the various ways of organizing subliminal channels in the GOST R 34.10-2001 digital signature algorithm. This paper proposes examples of using subliminal channels for messaging, for the covert transfer of the private key, as well as for the creation of cryptographic protocols. The article also presents a method for elimination of subliminal channels.

        Keywords:

        Subliminal channels, digital signature scheme, cryptographic protocols, elimination of subliminal channelsability.
        Pages 26-35

        Kanunnikov D. S., Dobritsa V. P.

        Neural network approach to encrypt information

        Annotation:

        In article attempt of an involvement of an artificial neural network to enciphering the information is undertaken. The detailed description of algorithm of enciphering is resulted. Rules of formation of an artificial neural network, and as restrictions on use of algorithm are specified. Besides possible advantage of the described algorithm in comparison with already existing analogues speaks.

        Keywords:

        Neural network, cryptography, enciphering, algorithm, a key.
        Pages 35-38

        Kolesova N. A.

        Technique of definition a stegamessage in images

        Annotation:

        The technique is offered and proved. It allows to define presence stegamessage in the image with help of the analysis quality of the sequences, consisting of lower bits of each color channel of pixels in this image.

        Keywords:

        A sequence of random numbers, information security, steganography, stegamessage, cognitive model, lower bits of pixel.
        Pages 39-44

        Rostovtsev A. G., Bogdanov A. G.

        Protection of smart card, generating digital signature, against some side channel attacks

        Annotation:

        Method for side channel attack protection of smart card, generating digital signature, is proposed. Method is based on binary representation of secret exponent using digits 1 and -1 only.

        Keywords:

        Digital signature, smart card, side channel attacks.
        Pages 45-50

        Yakovlev V., Korzhik V., Kovajkin Yu.

        Key sharing protocol for wireless local area networks based on the use of randomly excited antenna with variable diagram under the condition of multipath wave propagation (Part 1. Channel model for key sharing based on the use of smart antenna)

        Annotation:

        We describe a method based on the use of randomly excited smart antenna that results under the condition of multipath wave propagation in an opportunity to share a cryptographic key in secret manner. In the first part of this paper the statistical characteristics of the variable antenna diagram given a random antenna exciting are investigated. Multipath channel model is presented and a correlation between the values producing the keys of legal and illegal users depending on their location is estimated. This creates a basis for further investigation of both security and reliability of the shared keys in the second part of this paper.

        Keywords:

        Model of the channel of signaling, wireless local networks, orientation diagrams.
        Pages 51-64
      • EDUCATION PROBLEMS

        Azhmukhamedov I. M.

        Technique of an estimation of competences in the field of information security

        Annotation:

        Proposed technique evaluation competencies based on fuzzy cognitive models that can be useful not only in determining the level of competence of experts on directions and specialties of the condensed directions 090000 "information security", but also other specialties of higher vocational education.

        Keywords:

        Fuzzy cognitive model, competence, manage educational process, poor ranking, weight of Fishburnhms.
        Pages 65-70
      • TECHNICAL SOLUTION

        Zaitzev A. I.

        Operative ranges topology of the AIS base stations in the automated managing system of movement small sized fleet in gulf of Finland

        Annotation:

        Influence of a condition of the information channel, blocking relief and mutual moving ship transponders concerning base stations on range and topological structure of AIS action in Gulf of Finland is analyzed.

        Keywords:

        Information channel, blocking relief, ship transponders.
        Pages 71-77

        Nyrkov A. P., Vikulin P. V.

        Security of information flow in ASVTM

        Annotation:

        The article discusses the implementation of information security in the structure of the AIS in order to prevent unauthorized access to the data being transferred. The author proposes to use the PAC in the process of protecting data about shipping situation when the data being transferred over public networks.

        Keywords:

        AIS, information flow, VPN, authentication, encryption, software and hardware protection.
        Pages 78-82
  • 2009 year
  • 2008 year
  • 2007 year
  • 2006 year
  • 2005 year
  • 2004 year
  • 2003 year
  • 2002 year
  • 2001 year
  • 2000 year
  • 1999 year