Quarterly journal published in SPbPU
and edited by prof. Peter Zegzhda
Peter the Great St. Petersburg Polytechnic University
Institute of computer sciences and technologies
information security of computer systems
Information Security Problems. Computer Systems
Published since 1999.
ISSN 2071-8217
  • 2017 year
  • 2016 year
  • 2015 year
    • № 1 2015
      • INFORMATION SECURITY APPLICATION

        Azhmukhamedov I. M., Knyazeva O. M.

        Assessments of the level of security of information asset methodology based on fuzzy production rules

        Annotation:

        Assessments of the level of security of information asset (confidentiality, integrity, availability,) methodology is offered by applying the knowledge base consisting of fuzzy production rules.

        Keywords:

        Information assets, security service, vulnerability, degree of injury, linguistic variable, fuzzy number
        Pages 7-16
      • INFORMATION SECURITY APPLICATION

        Poltavtseva M. A.

        Ensure the integrity of the administrative information under vigorous communicate with client RDBMS

        Annotation:

        The article deals with presenting the administrative information, having the form of a hierarchy of related events in a relational server and manipulation of this data. It includes the models of data mapping, operations on them, and compares the possible solutions in terms of performance and safety.

        Keywords:

        Relational databases, data models, hierarchies, data integrity
        Pages 17-23

        Khomonenko A. D., Voytsekhovsky S. V., Logashеv S. V., Dashonok V. L.

        Eliminating semantic contradictions in Elibrary.ru based fuzzy inference

        Annotation:

        An approach to solving the problem of eliminating semantic contradictions in mission-critical information systems based on the formation of fuzzy rule base and then applying the algorithm of Mamdani fuzzy inference. Approach is seen by the example of the electronic library elibrary.ru. Substantiates the composition of the compared fields and type of membership functions for the input linguistic variables. Are examples of resolving contradictions to make a decision about the fitness of a particular publication or references to it in a certain category (new or existing publication).

        Keywords:

        Information system, the resolution of contradictions, fuzzy inference
        Pages 24-33
      • SECURE OPERATING SYSTEMS AND TRUSTED ENVIRONMENT

        Efanov D. V., Roschin P. G.

        The method of interaction of graphic applications with D-Bus session services in operating system with multilevel security

        Annotation:

        This article discusses the problems that arise at interaction of graphical applications with D-Bus session services in SELinux aware operating system with multilevel security policy. We propose a method of interaction of graphical applications with D-Bus session services, which uses the polyinstantiation approach. The proposed method allows to achieve high isolation of applications that run with different security levels, while retaining the ability to interact with D-Bus services.

        Keywords:

        Mandatory access control, trusted operating system
        Pages 34-45
      • APPLIED CRYPTOGRAPHY

        Yakovlev V. A., Skachkova V. V.

        Automatic selection of graphical materials for authentication system based on a graphical password

        Annotation:

        An approach for assessing of the suitability of graphic material for use in the graphical password protection (GP) is proposal. It is based on an assessment of the number and lengths of the contours of image objects. We have introduced: coefficient of image fitness and a four-level scale of image fitness. We offer a methodology for automated evaluation of the image coefficient suitability for graphical password protection, that includes a specially designed of “Contour Analysis” program. The experimental results of evaluation of the suitability for the seven types of images and recommendations on the choice of images for graphical password protection are given.

        Keywords:

        Authentication, password, graphical password
        Pages 64-73
      • INFORMATION SECURITY ASPECTS

        Elin V. M.

        The importance civil-legal mechanisms of protection computer information in the information society

        Annotation:

        The peculiarities of civil regulation and construction of the system of civil protection of computer information in the Russian Federation. The concept of computer information is subject to a comprehensive analysis by application of the legislation on electronic documents and computer programs (databases).

        Keywords:

        International exchange of information, data protection, civil law regulation, information and communication networks, computer software, european patent convention
        Pages 74-82
      • SPECIAL IT

        Sikarev I. A., Shakhnov S. F., Kiselevich G. V.

        Special features of the account of the influence of the underlying surface in the radio channels of river local differential subsystem GLONASS/GPS

        Annotation:

        The article analyzes the influence of the electrical properties of soils most common on the inland waterways (IWW) of Russia on the behavior of the field attenuation function of medium-wave range from a vertical point dipole in the zone of action of the control and correction stations (CCS) of the river local differential subsystem (RLDSS) of GLONASS/GPS. The conditions are given, with which the replacement of real soils by the ideal underlying surface is valid.

        Keywords:

        Attenuation function, complex dielectric permittivity, specific conductivity, numerical distance, underlying surface, piecewise-uniform route
        Pages 83-87

        Sikarev I. A., Shakhnov S. F., Kiselevich G. V.

        Methodology of the calculation of the noise protection of the radio channels of river local differential subsystem GLONASS/GPS

        Annotation:

        The article examines the methodology of the calculation of the noise protection of the radio channels of the control and correction stations (CCS) of the river local differential subsystem (RLDSS) of GLONASS/GPS on the inland waterways (IWW) of Russia, based on a study of the coefficient of a mutual difference between the signal and mutual disturbance with the use of the frequency modulated binary Baudot code.

        Keywords:

        Potential disturbance stability, mutual disturbances, coefficient of mutual difference, field of defeat, coefficient of electromagnetic protection, probability of the error of piece-by-piece method, power engineering of interference
        Pages 88-93
    • № 2 2015
      • INFORMATION SECURITY APPLICATION

        Baranov A

        PERSPECTIVE INFORMATION SECURITY RESEARCH DIRECTIONS

        Annotation:

        The article examines directions of research considering the paradigm of perspective development and mass usage of computer technology. Attention is drawn to trends that exist because of wide usage of information systems having over 10 million users. The effect of transition from quantity to quality takes place virtually for all kinds of information security systems and often leads to rejection of traditional a priori principles of confidentiality, integrity and availability. This is true both for all the principles simultaneously and for each of them in particular or in combinations. Partial completion of a priori information security measure complex combined with a posteriori methods of data protection with respect to risk assessment forms an urgent necessity for mass application of information technology.

        Keywords:

        INFORMATION SECURITY, DATA PROTECTION, DEVELOPMENT PERSPECTIVES, DEVELOPMENT TRENDS, DEVELOPMENT TENDENCIES, TRADITIONAL PRINCIPLES OF INFORMATION SECURITY, CONFIDENTIALITY, INTEGRITY, AVAILABILITY, A PRIORI INFORMATION PROTECTION, A POSTERIORI INFORMATION PROTECTION, INFORMATION SECURITY SYSTEM.
        Pages 7-20

        Zaytsev A.S. Malyuk A.A.

        analysis of approaches for insider threat countermeasure

        Annotation:

        The paper considers modern researches in the field of insider threat countermeasures; the result of analysis is strengths and weaknesses of existing approaches and recommendations for their improvement.

        Insider threat, system dynamics, Bayesian networks

        Keywords:

        Insider threat, system dynamics, Bayesian networks
        Pages 21-36

        Malthcev G.N., Pankpatov A.V.

        Probabilistic description of the ways to gain access to protected resources using reverse engineering

        Annotation:

        This article provides a probabilistic description of accessing secure technical systems using reverse engineering. The time variation of opportunities to address the protection and conservation in the protected status of the analyzed system is described by a probabilistic model of conflict interaction. Presented by probabilistic and temporal characteristics of opportunities for access to protected resources for different model parameters and to formulate practical recommendations for determining the conditions for reverse engineering.

        Keywords:

        INFORMATION SECURITY, REVERSE ENGINEERING, CONFLICT INTERACTION.
        Pages 37-46
      • NETWORK AND TELECOMMUNICATION SECURITY

        Petr Baranov

        1. On CRC value distribution in binary noise model

        Annotation:

        The article considers cyclic redundant code CRC-value for a fixed-length packet of data. Due to various reasons the data transferred via digital connection channels could be modified. The author proposes to simulate these modifications in form of random additive noises. In the article it is shown that random noise processes cause changes in CRC-value described as special vector sums of noise values. Particularly, with white noise, CRC-value’s change is a sum of random independent differently-distributed vectors over binary field GF(2). The writing formulates the research task of multi-dimension, differently-distributed random values over finite fields of special form with various dependencies of their components. It appears to be that not only limit theorems with large amount of components simulated by big length of data packet are interesting, but exact distributions with small packet lengths are also of certain interest.

        Keywords:

        ELECTRONIC SIGNATURE, CRC, MESSAGE DISTORTION, PROBABILITY MODEL, TELECOMMUNICATION SYSTEM, DISTORTION-FREE TRANSMISSION, ERROR-FREE TRANSFER
        Pages 47-51

        Konoplev A., Kalinin M.

        ACCESS CONTROL METHOD IN DISTRIBUTED COMPUTING NETWORKS SUCH AS GRID

        Annotation:

        The paper reviews the problem of unauthorized access to the data in distributed computing networks. It discusses available implementations of access control mechanisms in Grid systems, considers their disadvantages. There is proposed an access control method that allow to perform security verification of such systems. Also specified security properties which form an initial state of the system.

        Keywords:

        DISTRIBUTED COMPUTING NETWORKS, GRID SYSTEM, UNAUTHORIZED ACCESS, ACCESS CONTROL, SECURITY POLICY
        Pages 62-68

        Kotenko I.V., Chechulin A.A., Komashinsky D.V.

        Automated categorization of web-sites for Inappropriate Content Blocking

        Annotation:

        The paper is devoted to the problem of protection against unwanted and harmful content in the Internet using data mining techniques. The object of the investigation presented in this paper is the process of classification (categorization) of web pages.

        Keywords:

        INAPPROPRIATE INFORMATION, DATA MINING TECHNIQUES, WEB-SITES CLASSIFICATION.
        Pages 69-79

        Lavrova D.S., Pechenkin A.I.

        SECURITY INCIDENTS DETECTION IN THE INTERNET OF THINGS

        Annotation:

        This article describes the main features of the Internet of Things, and a research of security threats. The authors conducted a study of data from the devices of the Internet of Things, the data are classified by type. The authors also propose an approach to the detection of security incidents in the Internet of Things, based on data analysis from devices of the Internet of Things.

        Keywords:

        Internet of Things, security incident, correlation analysis, control flow
        Pages 80-85

        ZhukovI.Yu.,

        MikhaylovD.M.,

        FesenkoS.D.,

        NasenkovI.G.

        INFLUENCE OF IMPLEMENTED SOFTWARE BUGS ON THE SECURITY OF MOBILE PHONES

        Annotation:

        This paper presents an overview of the major attacks that can be committed by an intruder to exploit the vulnerabilities of mobile devices, which are the result of the implementation of the program bugs. With the help of these bugs, the fraudster can force the phone to send messages to paid telephone numbers, record telephone conversations, access personal data as well as the operating system. The authors also give the main recommendations, compliance with which will protect the mobile device from illegal actions of third parties. This overview can be used to improve existing protection of mobile devices.

        Keywords:

        SOFTWARE BUGS, MALICIOUS LOGIC, THEFT OF PERSONAL DATA.
        Pages 86-90

        Moskvin D.A., Ivanov D.V.

        PREVENTION METHODS OF TRAFFIC ROUTING ATTACKS ON AD-HOC NETWORKS

        Annotation:

        The article considers rapidly developing technology of self-organizing wireless networks. Investigated and analyzed “Wormhole” and “Blackhole” attacks. Also described and estimated prevention methods.

        Keywords:

        SELF-ORGANIZATION, NETWORK, SECURITY, ATTACK.
        Pages 91-97

        Kalinin M.O., Shenets N.N., Rybin D.I.

        SIMULATION MODEL OF HIGH PERFORMANCE NETWORK SECURITY SYSTEM BUILT AT VIRTUALIZED COMPUTING FRAMEWORK

        Annotation:

        The paper reviews the model of network security system which is built on the computing cluster of virtual machines. The experimental results are presented for estimation of optimal parameters of virtualized framework and balancing algorithms.

        Keywords:

        SIMULATION MODEL, VIRTUAL MACHINE, NETWORK TRAFFIC.
        Pages 52-61
      • APPLIED CRYPTOGRAPHY

        Golchevskiy Yu.V., Severin P.A., Nikulov K.V.

        CODE CARD CONSTRUCTING AND CODE DYNAMICS METRICS CALCULATION TO ASSESS THE SAFETY OF DEVELOPING SOFTWARE

        Annotation:

        The problem of analysis and security of software development is investigated using code dynamics metrics, based on the proposed construction of a code card.

        Keywords:

        CODE CARD, CODE DYNAMICS METRICS, ANALYSIS OF SOFTWARE DEVELOPMENT, INFORMATION SAFETY.
        Pages 98-105

        ChilikovA.A., KhoruzhenkoG.I.

        ADVANCED TECHNIQUES IN LIVE-MEMORY ANALYSIS: RECOVERING ENCRYPTED CRYPTOGRAPHIC KEY MATERIAL

        Annotation:

        В работе исследуются механизмы защиты данных в оперативной памяти, применяемые в прикладном программном обеспечении. Авторами представлены алгоритмы восстановления зашифрованной ключевой информации (ключей шифрования и паролей) из образа памяти для ряда распространенных программных средств.

        Keywords:

        DIGITAL FORENSICS, LIVE-MEMORY ANALYSIS
        Pages 157-164
      • FUNDAMENTAL THEORY OF INFORMATION CONFRONTATION

        Gorbachev I.E., Anikanov G.A.

        APPROACH TO REDUCE THE RISK OF FUNCTIONING DISORGANIZATION OF CRITICAL INFRASTRUCTURE IN THE INFORMATION CONFLICT

        Annotation:

        Discusses the approach to reduce the risk of destructive impact on critical infrastructure. Approach is to create the malefactor false image of the object of attack as a result of their conduct remote identification. Reveals the stages of the technology masking information resources to the prediction of the behavior of the malefactor.

        Keywords:

        CRITICAL INFRASTRUCTURE, CYBER ATTACKS, MASKING INFORMATION RESOURCES, RESEARCH MALEFACTOR.
        Pages 106-119
      • SPECIAL IT

        KostarevS.V., LipatnikovV.A., SaharovD.V.

        MODEL PROCESS THE TRANSFER OF AUDIT RESULTS AND CONTROL IN THE AUTOMATED SYSTEM OF ENTERPRISE MANAGEMENT INTEGRATED STRUCTURE

        Annotation:

        Becoming a scientific field related to research and assess the performance of the automated system in the management of the enterprise integrated structure is constrained by the lack of a unified conceptual apparatus in the field of quality management. Model process of evaluation allows to take into account the probability and timing. Decomposed automated management system on line and centers that adequately describes a model of a queuing system with waiting and unreliable devices.

        Keywords:

        automated management system. queuing system
        Pages 120-125

        LokhvitskiiV.A. MatveevS.V., KhomonenkoA.D., LogashevS.V.

        NETWORK MODEL OF INFORMATION SYSTEM OF CRITICAL PURPOSE TAKING INTO ACCOUNT COSTS ON THE IDENTIFICATION AND ELIMINATION OF CONTRADICTIONS

        Annotation:

        A model is proposed, which allows to evaluate the efficiency of information systems (IS) critical destination, including the costs of identification and elimination of contradictions in the data. Describes the approach to the calculation of open queuing networks, the nodes that use multi-channel system with a “warm-up” service time requests and Erlang distribution approximating 2nd order. Describes how the initial data, which allows to take into account the costs of identification and elimination of contradictions in the calculation of residence time distribution requests in a network model for IS.

        Keywords:

        INFORMATION SYSTEM, IDENTIFICATION AND RESOLUTION OF CONTRADICTIONS, FUZZY INFERENCE, ELIBRARY.RU, QUEUING NETWORK, "WARM-UP" CHANNELS.
        Pages 126-129

        Pavlenko E.Y., Moskvin D.A.

        St. Petersburg State Polytechnical University

        security Analysis of unmanned aerial vehicles control

        Annotation:

        Considered structure of UAVs and described in details the communication subsystem. The analysis of existing attacks directed at capturing the control UAVs and according the analysis proposed methods to protect against such attacks.

        Keywords:

        UNMANNED AERIAL VEHICLE, GPS, SUBSTITUTION OF SIGNAL, INTERCEPTION CONTROL.
        Pages 130-133
    • № 3 2015
      • INFORMATION SECURITY ASPECTS

        Biryukov D.N., Lomako A.G., Eremeev M.A., Magnikov P.V.

        Saint-Petersburg, Mozhaisky Military Aerospace Academy

        APPROACH TO IDENTIFY POTENTIALLY DANGEROUS DEFECTS IN THE SPECIFICATION DOCUMENTS GOVERNING THE DEVELOPMENT AND CERTIFICATION OF INFORMATION SECURITY TOOLS

        Annotation:

        The main aspects of the technology, allowing to formalize the specification document with the requirements for data security on the basis of ontological models to produce a semantic ontology replenishment role-relationships of concepts to generate specifications of potential projects sought information security and to carry out verification of potentially dangerous defects in the specifications.

        Keywords:

        ONTOLOGY, VERIFICATION, RISK PREVENTION, GYROMAT.
        Pages 7-16

        Zegzhda P.D., Zegzhda D.P., Stepanova T.V.

        AN APPROACH TO GENERALIZED SEMANTIC-FUNCTIONAL CYBERSECURITY MODEL DEVELOPMENT

        Annotation:

        Modern IT trends involve not only and not so much the increase of technical characteristics (performance, network bandwidth, volumes of stored and processed data), but also the ability to create novel information processing circuits, implementing global projects such as e-government, mass public e-services and complex industrial control systems. The development of such projects requires new algorithmic support, new theoretical models and high intellectual level of decision-making systems. In this paper authors propose, as an initial step towards new unified methodological cybersecurity basis, the functional-semantic cybersecurity model, allowing to formalize the requirements of confidentiality, integrity and availability (in terms of cybersecurity), as well as to conclude an ontological knowledge of the system security state.

        Keywords:

        CYBERSECURITY, FUNCTIONAL MODELING, SEMANTIC ANALYSIS, ONTOLOGY.
        Pages 17-25
      • NETWORK AND TELECOMMUNICATION SECURITY

        Ageev S.A.

        INTELLIGENT DISTRIBUTED INFORMATION SECURITY RISK MANADGEMENT SYSTEM FOR PROTECTED MULTISERVICE NETWORKS OF A SPECIAL PURPOSE

        Annotation:

        The paper presents basic approaches to developing intellectual methods and information security risk estimation and management algorithms for protected multiservice networks of a special purpose. The mathematical model of information security risk assessment for protected multiservice networks of a special purpose on the basis of fuzzy inferences is developed and investigated.

        Keywords:

        PROTECTED MULTISERVICE NETWORK, TELEMATIC COMMUNICATIONS SERVICES, INFORMATION SECURITY RISK MANAGEMENT, INTELLIGENT MANAGEMENT, FUZZY INFERENCE, LINGUISTIC VARIABLE.
        Pages 26-37

        Konoplev A.

        UNIVERSAL SECURITY PLATFORM FOR DISTRIBUTED INFORMATION AND TELECOMMUNICATION SYSTEMS

        Annotation:

        The paper reviews the problem of information security in distributed information and telecommunication systems. It describes threat model and security mechanisms that are used to protect such systems against unauthorized access. Security threats related to potential backdoors in hardware are highlighted. Architecture of universal security platform in distributed information and telecommunication systems is proposed.

        Keywords:

        DISTRIBUTED INFORMATION SYSTEMS, THREAT MODEL, INFORMATION SECURITY, UNAUTHORIZED ACCESS, FLOW CONTROL, ACCESS CONTROL GATEWAY.
        Pages 38-44

        Kotenko I.V., Shorov A.V.

        Evaluation of network protection mechanisms against infrastructure attacks based on the approach “Nervous Network System”

        Annotation:

        The approach for modeling of the protection mechanisms against infrastructure attacks based on biological metaphor is developed. Attacks and protection mechanisms are specified as structural models using a set-theoretic approach. An environment for simulation of protection mechanisms based on the biological metaphor is considered, the experiments demonstrating the effectiveness of the protection mechanisms are described. The article shows an assessment of key performance indicators of the developed modeling environment.

        Keywords:

        BIOINSPIRED APPROACHES, NETWORK MODELING AND SIMULATION, SECURITY EVALUATION AND MEASUREMENT, DDOS, NETWORK ATTACKS AND DEFENSE.
        Pages 45-55

        Savchenko I.I., Gatsenko O.Y.

        Analytical review of the methods of anonymity on the Internet

        Annotation:

        Every day the online community become more and more interested in the topic of information security and anonymity online, especially after the revelations of Edward Snowden, when it became known about the mass surveillance by certain structures, such as, for example, the US National Security Agency, of Internet users, companies, political organizations, etc. Therefore, a variety of anonymous networks, VPN-services and different proxy servers has been actively developed. The purpose of this article – to consider the popular methods of ensuring anonymity online, compare them, identify their strengths and weaknesses.

        Keywords:

        ONLINE ANONYMITY, PROXY, VPN, SSH, NETWORK PROTOCOLS, TOR, I2P.
        Pages 56-64
      • APPLIED CRYPTOGRAPHY

        Aleksandrova E.B., Kuznetsova E.A.

        Revocation mechanism for lattice-based group signature

        Annotation:

        An approach to the solution of signature revocation problem in lattice-based group signatures is suggested. The security of VLR- revocation schemes is based on additional delegated powers of the issuing manager, who checks if user’s certificate is included into the revocation list.

        Keywords:

        group signature, Lattice, VLR-revocation.
        Pages 65-71

        Belim S.V.Belim S. Yu, Polyakov S.Yu.

        THE IMPLEMENTATION OF DISCRETIONARY ACCESS SEPARATION USING A MODIFIED BLOM’S SCHEME OF KEY DISTRIBUTION

        Annotation:

        In the article the modification of the Blom’s scheme encryption key distribution is investigated. This modification implements security policy, which based on access matrix. The general view of the polynomial to generate key material is developed.

        The stability of the proposed scheme to compromise the key materials is studied.

        Keywords:

        KEY DISTRIBUTION, BLOM'S SCHEME, DISCRETIONARY SECURITY POLICY.
        Pages 72-76

        Shenets N.N.

        THE SYSTEM OF CRYPTOGRAPHIC STANDARDS OF THE REPUBLIC OF BELARUS

        Annotation:

        The cryptographic standards of the Republic of Belarus are considered and analyzed. It’s shown that these standards cover almost all the needs for security in information systems. Importance of these documents is pointed out within the scope of the interstate cooperation of the Republic of Belarus and Russian Federation.

        Keywords:

        CRYPTOGRAPHIC ALGORITHM, STANDARD, INFORMATION SYSTEM.
        Pages 77-80
      • SPECIAL IT

        Boruchinkin А.Yu., ZhukovI.Yu., NasenkovI.G., KhakimovR.R.

        SECURE VOICE COMMUNICATION SYSTEM BASED ON HANDS-FREE HEADSET WITH HARDWARE ENCRYPTION OF AUDIO DATA

        Annotation:

        The article deals with the development of the prototype system providing secure voice communication with device authentication through digital signatures. Its main elements are the headset hands-free, which microcontroller supports hardware-line symmetric block encryption algorithm, switching server application on a mobile device and signing center.

        Keywords:

        INFORMATION SECURITY, HANDS-FREE DEVICE, SIGNALING PROTOCOL, STREAM ENCRYPTION ALGORITHMS.
        Pages 81-84

        Dvoryankin S.V., Mikhaylov D.M., Panfilov L.A.,

        Bonch-Bruevich A.M., Kozlachkov S.B.,

        Nasenkov I.G.

        INTERPRETATION AND CONTOUR ANALYSIS OF SPECTROGRAMS OF SOUND SIGNALS IN THE NOISE REDUCTION

        Annotation:

        This article focuses on the development of tools for noise reduction of audio signals. The article presents a series of algorithms for noise reduction of speech signals. The description of spectrograms as the most successful audio visualization of signals is provided. The algorithms of single-channel and multi-channel noise reduction are considered. Examples of the various corrections are given and the parameters set for the maximum effectiveness are described.

         

        Keywords:

        SPECTROGRAM, SIGNAL NOISE CANCELLATION, INTERFERENCE, CONTOUR ANALYSIS.
        Pages 88-99

        Pilkevich S.V.,

        Eremeev M.A.,

        Magnikov P.V.

        Saint-Petersburg, Mozhaisky Military Space Academy

        APPROACH TO DEVELOPMENT OF BEHAVIOR MODEL USER GROUPS MODERN MASS MEDIA

        Annotation:

        Abstract. An approach to storage and processing of declarative and procedural knowledge of behavior of single and group of social actors. Combining the results obtained in social psychology, knowledge engineering, and higher algebra allowed to develop the basic elements of the model behavior of user groups modern mass media, especially taking into account both the simulated social communities and their surrounding socio-cultural environment.

        Keywords:

        SOCIALLY IMPORTANT INTERNET RESOURCE, TYPES OF BEHAVIOR, MODEL OF REPRESENTATION AND PROCESSING OF KNOWLEDGE, FORMAL CONCEPT ANALYSIS, FAKTORRESHETKA, CONTEXT, SOCIAL PSYCHOLOGY.
        Pages 100-110
      • SOFTWARE SECURITY

        Anikin I.V.

        VULNERABILITY ASSESSMENT METHOD BASED ON FUZZY LOGIC AND CVSS V.2.0 METRICS

        Annotation:

        We suggested vulnerability assessment method in computer networks based on fuzzy logic. This method is based on CVSS v.2.0 metrics, fuzzy rules, new fuzzy inference scheme. This method is able to produce vulnerability fuzzy scores under the uncertainty and different vulnerability metrics weights.

        Keywords:

        VULNERABILITY ASSESSMENT, FUZZY LOGIC.
        Pages 111-117

        Chernov A., Konoplev A.

        APPLYING VIRTUALIZATION technology FOR DYNAMIC Program ANALYSIS

        Annotation:

        The paper reviews the problem of software security analysis. It shows topicality of dynamic program analysis methods in conditions of source code absence. Modern techniques of the problem solution are described. There is a class of dynamic program analysis methods based on virtualization technology highlighted. The methodology of emulators applying is proposed to perform dynamic program analysis.

        Keywords:

        UNDECLARED CAPABILITIES, DYNAMIC PROGRAM ANALYSIS, VIRTUALIZATION, EMULATORS.
        Pages 118-122

        Severin P.A., Golchevskiy Yu.V.

        ANALYSIS OF THE SOFTWARE CODE SAFETY BASED ON PREDICTIVE MODEL OF VULNERABILITIES DETECTION

        Annotation:

        Analysis of the software code safety using the predictive model of vulnerabilities detection, proposed on the basis of the code dynamics metrics is observed.

        Keywords:

        VULNERABILITIES DETECTION, SOFTWARE CODE, METRICS FOR SOFTWARE CODE ANALYSIS, INFORMATION SECURITY.
        Pages 123-127
    • № 4 2015
      • NETWORK AND TELECOMMUNICATION SECURITY

        Maksimov E.A, Kornev V.A., Vitenburg E.A.

        MARKOV CHAIN FOR PREDICTING INSIDER INTRUSION

        Annotation:

        Implementation of the various threats may be partially or completely paralyze the work of the organization. Correctly, set up the forecast will allow security experts to choose the right tool for the elimination of threats to information security and reduce the probability of insider attacks. For this article solved the problem of forecasting the probability of success of the intrusion on the subject of insider information. The research tasks: predicting the number of insider intrusion attempts and calculating the probability of each insider invasion using Markov chains.

        Keywords:

        TAGS OF THE ARTICLE: FORECASTING, INTRUSION DETECTION SYSTEM, AN INTERNAL ATTACKER INSIDER INTRUSION, DATA PROTECTION, INFORMATION SECURITY, MODELING, MARKOV CHAINS.
        Pages 9-12

        PavlenkoE.U., MoskvinD.A., ReshetovD.V.

        DISCLOSURE OF TOR USERS ANONIMITY USING DATA FLOW ANALYSIS

        Annotation:

        In this paper we consider the TOR anonymous network and known attacks to it. We present an attack to TOR network using data flow analysis.

        Keywords:

        ANONYMITY, TOR, DEANONIMIZATION, DISCLOSURE OF ANONYMITY, TRAFFIC ANALYSIS, TRAFFIC PATTERNS.
        Pages 13-16

        Bezzateev S.V., Zharinov R.F., Petrov V.I., Zybin V.A.

        AUDIT AND ACCESS CONTROL TO THE WORK STATION IN THE INTERNET OF THINGS CONTEXT

        Annotation:

        The system of user authentication and control of its presence in the workplace to prevent unauthorized access to information on the workstation is considered. RFID technology and cryptographic protocol OPACITY are proposed.

        Keywords:

        ACCESS CONTROL, RADIO FREQUENCY IDENTIFICATION, OPACITY
        Pages 17-22

        Branitskiy A.A., Kotenko I.V.

        DESIGNING THE nEURAL NETWORK AND IMMUNE CELL SYSTEM OF INTRUSION DETECTION

        Annotation:

        The methods of detection and classification of anomalous instances of network connections using the technique of artificial neural networks and evolutional model of the immune system are considered.

         

        Keywords:

        INTRUSION DETECTION, NEURAL NETWORKS, IMMUNE DETECTORS, PRINCIPAL COMPONENT ANALYSIS
        Pages 23-27

        Goncharov N.O., Gorchakov D.S.

        INVESTIGATION INTO ACCIDENTS RELATED TO MOBILE BOTNETS AND MALWARE

        Annotation:

        The problem of mobile viruses have become a real problem for large banks and payment systems. The easiest way to disclose the technical component of the financial botnets for mobile devices is by efforts of the communication provider. In order to automate the process of investigation of these kinds of incidents the hardware-software system was developed. It allows to monitor the activity of malware, fixes attempts to send data to fraudsters, identifies control centers of infected devices as well as account numbers and e-wallets wherethrough stolen funds are withdrawn.

        Keywords:

        BOTNETS, MOBILE BOTNETS, BOTNETS HAZARD, MALWARE, MOBILE MALWARE, INFORMATION SECURITY, INVESTIGATION OF INCIDENTS
        Pages 28-34

        DesnitskyV.A., KotenkoI.V.

        FORMING EXPERT KNOWLEDGE FOR DEVELOPMENT OF SECURE SYSTEMS WITH EMBEDDED DEVICES

        Annotation:

        An approach for forming expert knowledge to develop secure systems with embedded devices is outlined. Security component combination, detection of anomalous data in the system and structural incompatibilities of security components is based on knowledge on the target system, requirements and security components.

        Keywords:

        EMBEDDED SECURITY, SECURITY COMPONENTS, EXPERT KNOWLEDGE, ANOMALIES AND INCOMPATIBILITIES
        Pages 35-41

        Kotenko I.V., Novikova E.S., Chechulin A.A.

        Visualization of Security Metrics for security monitoring and event management

        Annotation:

        An analysis of techniques for security information visualization is considered. A model for visualization security metrics is proposed. This model helps to perform the comparative analysis of these metrics. The implementation of this model is outlined.

        Keywords:

        VISUALIZATION, SECURITY METRICS, TREEMAPS, NETWORK SECURITY EVALUATION
        Pages 42-47

        Kuralenko A.I.

        METHODS OF AUDIT INFORMATION SECURITY INFORMATION SYSTEMS

        Annotation:

        The technique of information security audit of information systems that allow quantitative evaluation of the effectiveness of information security systems, taking into account the impact of information security threats and destructive action on the implementation of such threats. An example of the application of techniques in auditing information security information system of the certification center. A brief comparison of the results with those obtained using the assessment tool of security “GRIF 2006” software package from Digital Security.

        Keywords:

        Information security audit, information security threats, information security management system
        Pages 48-51

        Porkhun A.O., Gamayunov D.Yu.

        INPUT DATA PROCESSING FILTERS AS A SOURCE OF WEB-APPLICATION VULNERABILITIES

        Annotation:

        The article unveils the problem of detection of a special class of web-applications vulnerabilities, which are caused by errors in the implementation or usage of such filters when an intruder may generate specially crafted input data (e.g., images, video) which will be converted by the chain of filters into another data type, for example, in executable code, which may lead to remote code execution.

        Keywords:

        WEB APPLICATION VULNERABILITIES, VULNERABILITY DETECTION, REMOTE CODE EXECUTION.
        Pages 59-63

        Razdobarov A. V., Petukhov A. A., Gamayunov D.Yu.

        PROBLEMS OVERVIEW FOR MODERN WEB APPLICATIONS VULNERABILITIES DISCOVERY

        Annotation:

        This paper provides and overview of typical problems, which arise in the black-box vulnerability scanning of dynamic web-applications, and provides analysis of theoretical and technical difficulties on the path to complete problem solution. As the result we provide the list of requirements, which must be met by vulnerability scanners for effective analysis of dynamic web interfaces.

        Keywords:

        web applications vulnerabilities, vulnerability detection, static analysis, dynamic analysis
        Pages 64-69
      • SECURE OPERATING SYSTEMS AND TRUSTED ENVIRONMENT

        Bezzateev S.V., Zharinov R.F., Petrov V.I., Zybin V.A.

        AUDIT AND ACCESS CONTROL TO THE WORK STATION IN THE INTERNET OF THINGS CONTEXT

        Annotation:

        The system of user authentication and control of its presence in the workplace to prevent unauthorized access to information on the workstation is considered. RFID technology and cryptographic protocol OPACITY are proposed.

        Keywords:

        ACCESS CONTROL, RADIO FREQUENCY IDENTIFICATION, OPACITY
        Pages 17-22

        OleynikP.P.

        THE MODEL OF PERMISSIONS FOR OBJECT-ORIENTED APPLICATIONS

        Annotation:

        The article provides an overview of current approaches to setting security and differentiation of user access rights in various architectural applications. The paper presents the author’s approach to the delimitation of the rights to the classes, attributes, and objects that meet certain criteria. This is done with the help of the class hierarchy, the composition and structure of which is described in detail in the work. At the end of the work described in the application, which is already implemented and in which the authors used the security model.

        Keywords:

        SECURITY OF INFORMATION SYSTEMS, OBJECT-ORIENTED APPLICATIONS, OBJECT SYSTEM METAMODEL, MODEL OF PERMISSIONS.
        Pages 70-78
      • APPLIED CRYPTOGRAPHY

        KorzhikV.I., YakovlevV.A., TikhonovS.V.

        KEYLESS CRYPTOSYSTEM SECURE ON PHYSICAL LEVEL: MYTH OR REALITY

        Annotation:

        Cryptosystem recently proposed by two scientists from Stanford University is considered. In the current paper we investigate both theoretical and practical possibilities to design such cryptosystem.

        Keywords:

        CRYPTOSYSTEMS, WIRELESS CHANNEL WITH FADING, MIMO TECHNOLOGY, HARD PROBLEMS ON LATTICES, WIRE-TAP CHANNEL CONCEPT.
        Pages 79-89

        Agafin S.S.

        RANDOM NUMBER GENERATOR BASED ON MEMORY ACCESS TIME MEASUREMENT

        Annotation:

        Random number generators (RNG) are a cornerstone of any means of providing information cryptographic protection. This paper proposes an improved method for generating random numbers from the CPU frequency instability and, as a result, a continuous change of memory access time.

        Keywords:

        RANDOM NUMBERS, RANDOM NUMBER GENERATORS, X86 ARCHITECTURE, MEMORY ACCESS TIME.
        Pages 90-95

        Babash A.V.

        DEGREE DISTINGUISHABLE A CONNECTED PERMUTATION AUTOMATA

        Annotation:

        We givean upper bound forthe degree ofdistinctivenessof a connectedpermutationautomatonwith a givendiameter.

        Keywords:

        STATE MACHINE, THE DEGREE OF DISTINCTIVENESS, THE DIAMETER OF THE MACHINE.
        Pages 96-105

        Guselev A.M., Kosolapov D.O.

        COMPARATIVE SURVEY OF IDENTITY-BASED ENCRYPTION SCHEMES BASED ON BILINEAR MAPPINGS IN FINITE GROUPS

        Annotation:

        This article presents a set of characteristics for comparison of identity-based encryption schemes, based on bilinear mappings in finite groups. One provides a comparative survey of most popular schemes, among them schemes included into international standard ISO/IEC 18033-5.

        Keywords:

        DENTITY-BASED ENCRYPTION SCHEME, PRIVATE KEY GENERATOR, BILINEAR MAP, BILINEAR DIFFIE-HELLMAN PROBLEM.
        Pages 106-114

        Egorova V.V., Chechulina D.K., Krendelev S.F.

        APPLICATION OF THE HOMOMORPHIC ENCRYPTION FOR CONSTRUCTING THE PUBLIC-KEY CRYPTOSYSTEM

        Annotation:

        In this paper we discuss the practical usage of proprietary developed fully homomorphic encryption. We show the application of this encryption for construction the public-key cryptosystems. These cryptosystems are based on the Hill cipher and the RSA algorithm. Their implementations demonstrate the correctness of arithmetical calculations over the encrypted data and prove that the multiplication of ciphertext does not lead to increasing the dimension of the multiplication result.

        Keywords:

        HOMOMORPHIC ENCRYPTION, PUBLIC-KEY CRYPTOSYSTEM, HILL CIPHER, RSA ALGORITHM.
        Pages 115-120

        Krendelev S. F.

        SOVIET SUPERCOMPUTER K-340A AND THE SECRET COMPUTATIONS

        Annotation:

        The variant of fully homomorphic encryption for modular computation without increasing the size of data after multiplication is suggested.

        Keywords:

        HOMOMORPHIC ENCRYPTION, MODULAR ARITHMETIC, MULTIPLICATION TABLE.
        Pages 121-123

        Lubushkina I.E., Panasenko S.P.

        STRIBOG COMPRESSION FUNCTION OUTPUT SEQUENCES STATISTIC PROPERTIES

        Annotation:

        In this paper we focus on statistic analysis of the Stribog compression function output sequences. The aim of the analysis is to search groups of input values that bring to non-random behavior of compression function output. As an exhaustive search over all possible input values is computationally infeasible, we perform local search over predefined subsets of input values with strong input bits correlation. Based on the performed experiments we can make the conclusion about an application correctness and adequacy of confusion and diffusion transformations used in Stribog compression function.

        Keywords:

        HASH FUNCTION, STRIBOG, GOST R 34.11-2012, COMPRESSION FUNCTION, STATISTICAL TEST, LOCAL SEARCH.
        Pages 124-130

        Matveeva V.S.

        A NEW APPROACH TO DIFFERENTIATE COMPRESSED FILE FORMATS FROM ENCRYPTED FILES

        Annotation:

        Specialists in digital forensics have conducted researches in the field of file format identification by its statistical properties for data carving purposes. As a result a challenge in differentiating compressed file formats from encrypted files was revealed because of their statistical properties similarity. In the article author suggests a new approach for data analyses, which testing has shown good results in detection of encrypted files.

        Keywords:

        COMPRESSION, ENCRYPTED FILES, WAVELET TRANSFORM, NORMAL DISTRIBUTION.
        Pages 131-139

        Mironkin V.O

        ON SOME PROBABILISTIC CHARACTERISTICS OF KEY DERIVATION FUNCTION «CRYPTOPRO KEY MESHING»

        Annotation:

        A comparative analysis of the probability characteristics of the test algorithm and the development of key reference model. A statistical method for determining nonequiprobability generated key sequence. Exact formula for the probability of collision through a fixed number of steps in a random mapping is obtained.

        Keywords:

        RANDOM MAPPING, CARDINALITY OF AN IMAGE OF RANDOM MAPPING, CYCLE NODES, SEGMENT NONPERIODICITY, COLLISION.

        SmyshlyaevS.V., ShishkinV.A., MarshalkoG.B., RudskoyV.I., LavrikovI.V.

        OVERVIEW OF HASH-FUNCTIONS GOST R 34.11-2012 CRYPTANALYSIS

        Annotation:

        Overview of published results on hash functions GOST R 34.11-2012 (also known as «Streebog») cryptanalysis and implementations is given.

        Keywords:

        147-153
        Pages GOST R 34.11-2012, «STREEBOG», HASH FUNCTION, CRYPTANALYSIS, IMPLEMENTATION.

        Fomichev V.M.

        IMPROVEMENT OF MIXING PROPERTIES ESTIMATION FOR CRYPTOGRAPHIC FUNCTION COMPOSITIONS BY MATRIX-GRAPH APPROACH

        Annotation:

        The review of main results connected with research of primitivity and exponent estimation of matrix and graphs is given. New research directions are presented.

        Keywords:

        MIXING GRAPH, PRIMITIVE GRAPH, EXPONENT OF GRAPH.

        ShishkinV.A., MarshalkoG.B., Lavrikov I.V.

        ON THE CONSTRUCTION OF TREE HASHING MODES OF OPERATIONS

        Annotation:

        A short survey of papers about tree hash modes of operations is given.

        Keywords:

        HASH-FUNCTION, MODES OF OPERATIONS, TREE HASHING.
        Pages 165-168
      • SOFTWARE SECURITY

        Grigoriev V R.

        ABOUT ONE APPROACH TO THE MODELING OF CONFLICT IN THE INFORMATION SOCIETY

        Annotation:

        In the article an attempt is made of research of mechanism of subversive western political technologies, which are aimed at the creation of managed conflicts in the information era. In the basis of the proposed approach relevant to acceptances of information era there are 2 methodological bases which accumulate achievements of the last years in research of complex organizational systems- the theory of nonlinear dynamical systems (controlled chaos) and the theory of «reflexive games» in relation to the subject area of information warfare.

        Keywords:

        NETCENTRIC WAR, THE STRATEGY OF INDIRECT ACTIONS, MANAGED CONFLICTS, SYNERGETIC APPROACH, REFLEXIVE GAMES, DYNAMIC CHAOS, «SOFT» AND «HARD» WARFARE MODELS.
        Pages 169-181

        Sukhoparov Mikhail Yevgenievich

        EVALUATION OF INFORMATIVE OF LINGUISTIC USER PROFILE

        Annotation:

        The aim of the work is to evaluate the informativeness of linguistic features of text messages, allowing you to capture the author’s profile for face detection, when posting under multiple accounts. Are the features of text messages, we propose a model of the message. An experiment showing the possibilities of using the analyzer adapted to compute syntactic patterns and structures. The structure of the user profile for the identification and authentication portal on the Internet. Estimated informative features using an approach based on the Shannon entropy.

        Keywords:

        EVALUATION OF INFORMATION CONTENT, LINGUISTIC PROFILE, SHANNON ENTROPY.
        Pages 182-186

        AvetisyanA.I., BatuzovK.A., EfimovV.Y., PadaryanV.A., TikhonovA.Y.

        WHOLE SYSTEM EMULATORS FOR MOBILE PLATFORM BINARY CODE ANALYSIS

        Annotation:

        The article describes the problem of adaptation desktop and server software analysis techniques to software of mobile platforms. A combined binary code analysis method is suggested. Taking into account whole system software allows detecting leaks of sensitive data. The method requires execution trace, but trace gathering for a firmware is the problem. Difficulties of tracing mobile platform software with the emulator are described and possible approaches to solve such difficulties are shown.

        Keywords:

        BINARY CODE, DYNAMIC ANALYSIS, SOFTWARE EMULATOR, MOBILE PLATFORMS.
        Pages 187-194

        Vasiliev I.A., Fursova N.I., Dovgaluk P.M.,

        Klimushenkova M.A., Makarov V.A.

        MODULES FOR INSTRUMENTING THE EXECUTABLE CODE IN QEMU SIMULATOR

        Annotation:

        This article discusses the mechanism of the instrumentation system that running in the QEMU. The paper formulates requirements for instrumentation mechanism and describes the implementation. Some of important features are: the implementation mechanism instrumentation based on TCG, a description of the process instrumentation in separate modules, the interaction between plugins for analysis of high-level data.

        Keywords:

        DYNAMIC BINARY INSTRUMENTATION, VIRTUAL MACHINE, EMULATOR.
        Pages 195-203
  • 2014 year
  • 2013 year
  • 2012 year
  • 2011 year
  • 2010 year
  • 2009 year
  • 2008 year
  • 2007 year
  • 2006 year
  • 2005 year
  • 2004 year
  • 2003 year
  • 2002 year
  • 2001 year
  • 2000 year
  • 1999 year