Quarterly journal published in SPbPU
and edited by prof. Peter Zegzhda
Peter the Great St. Petersburg Polytechnic University
Institute of computer sciences and technologies
information security of computer systems
Information Security Problems. Computer Systems
Published since 1999.
ISSN 2071-8217
  • 2019 year
    • №1 2019
      • NETWORK AND TELECOMMUNICATION SECURITY

        Malyshev E. V., Moskvin D. A., Zegzhda D. P.

        NEURAL NETWORK APPLIANCE FOR ATTACK DETECTION ON VANET-NETWORKS

        Annotation:

        This work contains results of artificial neural network development, with is designed for automatically attacks detection in VANET-networks. In the course of the thesis were used such research methods as analysis and modeling, they were applied to select the most prospective method of Gray Hole attack detection in VANET-networks. According to the results of experimental studies, there was evaluated an effectiveness of this method, a method was characterized as great.

        Keywords:

        VANET-networks
        Pages 11-17

        Lavrova D. S., Khushkeev A. A.

        DETECTION OF INFORMATION SECURITY BREACHES IN DISTRIBUTED CONTROL SYSTEMS BASED ON VALUES PREDICTION OF MULTIVARIATE TIME SERIES

        Annotation:

        Proposed an approach for information security breaches detection in distributed control systems based on prediction of multivariate time series formed of sensor and actuator data.

        Keywords:

        data prediction, multivariate time series, network attacks, convolutional neural networks.
        Pages 18-30
      • APPLIED CRYPTOGRAPHY

        Aleksandrova E.B., Shmatov V.S.

        Zero-knowledge protocol for control of products and services reviews

        Annotation:

        A control protocol in the systems for goods and services reviews, based on non-interactive zero-knowledge proof, is proposed. The user keys are stored as Merkle tree. The protocol ensures anonymity of the author of the reviews and does not allow one user to leave more than one review per product or service.

        Keywords:

        zero-knowledge, control of reviews, Merkle tree
        Pages 31-40

        Ivanov A.V.

        On goodness-of-fit test for testing pseudorandom binary sequences

        Annotation:

        In the article some properties of the «alternations» statistic are proved. For example, we investigate properties of the scheme when «alternations» are independent. This fact allows us to construct new goodness-of-fit test.

        Keywords:

        goodness-of-fit test, series, binary sequence
        Pages 41-44
      • ASPECTS OF INFORMATION SECURITY

        Vladimir I. Budzko, Dmitry A. Melnikov
        Victor S. Gorbatov
        Igor Y. Zhukov

        ON THE ISSUE OF THE BLOCKCHAIN UNIVERSALITY

        Annotation:

        Currently, there is a tendency to over-promote the phenomenon of blockchain technology (BC), which is supposedly universal and has all-pervasive possibilities for revolutionary transformation of the various areas of social activity, including business and state governance. As an example, the relatively successful development of the so-called cryptocurrencies, which have already won a certain share of public relations at both the national and global levels, is given. The presence of such mass statements is explained by the fact that the description of the obvious advantages of the BС is carried out without a detailed and comprehensive risk analysis of the practical implementation of its basic concepts, including information security of the appropriate applications. The proposed work shows methods for ensuring a consensus between fundamentally distrustful users, who ensure the relative stability of cryptocurrency systems even in the absence of a centralized (state and, moreover, international) level of regulation. An appropriate classification of systems based on the BC and their features are given. Along with this, this paper focuses on the need for a thorough and comprehensive analysis of the information security risks associated with the BC use. It is shown that at the present stage of the BC systems development, they do not provide reliable user authentication, reliable system management, guarantees of secure generation, distribution and storage of cryptographic keys, guaranteed possibility of returning the values stolen by hackers, and also do not implement the principle of non-repudiation. The conclusion is made about the expediency of its further comprehensive application, based on the fact that the BC unreasonable use can cause considerable damage at the level of the whole sector of the economy. This article is a continuation of publications about the properties and features of blockchain technology.

        Keywords:

        blockchain; cryptocurrency; digital wallet; digital signature; transaction; fork; smart contract; authentication; non-repudiation; information security
        Pages 45-54
      • EDUCATION PROBLEMS

        Kulik S. D.

        SPECIAL ELEMENTS OF SYSTEM ANALYSIS FOR STUDENTS OF THE INFORMATION SECURITY

        Annotation:

        The main purpose of the article is to present the necessary elements of system analysis necessary for training future university specialists in the field of information security for example, applied information (computer) technologies. The main focus is on the effectiveness of the system, which can be assessed using indicators expressed in posynomials. The indicator is represented by a posynomial. Then apply well-developed tools to minimize posynomial. We used the necessary principles and methods of system analysis, as well as geometric programming. In this case, geometric programming is considered as a tool for solving problems of system analysis in the field of information security. The result of the optimization of the information security effectiveness indicator is presented on a training example while minimizing the posynomial. The students learn the system analysis elements. Students solve optimization problems. Recommendations were developed for solving typical educational problems for students. In conclusion, it is concluded that it is necessary to pay more attention in the framework of the educational process to the elements of system analysis.

        Keywords:

        system analysis, system, indicator, criterion of effectiveness, geometric programming, information security.
        Pages 55-59
      • INFORMATION SECURITY CYBER-PHYSIC SYSTEMS

        Pavlenko E. Yu., Shtyrkina A. A., Zegzhda D. P.

        ESTIMATING THE CYBER-PHYSICAL SYSTEM SUSTAINABILITY BASED ON SPECTRAL GRAPH THEORY

        Annotation:

        Paper proposed an approach to estimating the sustainability of cyber-physical systems based on system state analysis. As a criterion, it is proposed to use the structural characteristic of the graph, which describes the CPS. For a numerical assessment of sustainability, authors propose to use properties of graph spectrum distribution – set of eigenvalues of adjacency matrix corresponding to the graph.

        Keywords:

        sustainability; cyber sustainability; cyber resilience; cyber-physical system; information security; spectral graph theory
        Pages 60-67

        Poltavtseva M.A., Kalinin M.O.

        MODELING OF BIG DATA MANAGING SYSTEMS IN INFORMATION SECURITY

        Annotation:

        The article presents a model of Big data management system designed to solve the problems of information security (IS) systems of this class. The features of this class of systems are highlighted, the mathematical definition of the model and architecture of data processing in accordance with the concept of ANSI/SPARC and the principles of modeling information systems in is are given. The analysis of the model is carried out.

        Keywords:

        data management systems, Big data, information security, system modeling
        Pages 69-78

        Aleksandrova E. B., Lavrova D. S., Yarmak A. V.

        USING BENFORD’S LAW TO DETECT DOS-ATTACKS ON INDUSTRIAL SYSTEMS

        Annotation:

        Benford's law describes the frequency distribution of leading digits in numerical data taken from real processes. In particular, it is widely used to detect anomalies in financial data. The paper proposed applying Benford's law to detect DoS-attacks in components of large-scale industrial systems. The experimental results for the data generated by the system sensors from industrial Tennessee Eastman process are given.

        Keywords:

        information security, Benford’s law, time series, large-scale industrial systems
        Pages 79-88
      • SOFTWARE SECURITY

        E.V. Zhukovskiy, M.O. Kalinin, I.I. Marshev

        Detection of malicious executable files based on machine learning algorithms

        Annotation:

        Detection of malicious software is an essential part of the security of computer systems. This paper presents machine learning-based classifiers which are developed due to the analysis of main characteristics of executable files. The conducted research uses various classification algorithms like decision tree, adaptive and gradient boosting, random forest, Naive Bayes, k-nearest neighbors and neural networks.

        Keywords:

        computer security, malware detection, classification, machine learning, neural network, random forest, decision tree, static analysis.
        Pages 89-99

        Pavlenko E.Y., Suslov S.M.

        IDENTIFICATION OF MALICIOUS APPLICATIONS FOR ANDROID OPERATING SYSTEM USING THE CAPSULE NEURAL NETWORK

        Annotation:

        Proposed an approach to detecting malware for the Android operating system using a capsular neural network. The approach is to build a CMYK image, the pixels of which are formed based on the sequence of actions performed by the application under study. The results of experimental studies of the proposed campaign demonstrate its high efficiency for solving the problem of determining malicious Android applications.

        Keywords:

        malicious applications, malware detection, Android operating system, application security analysis, capsule neural network, Android security
        Pages 100-111

        E.V. Zhukovskiy

        DETECTION MALWARE WITH SELF-PROTECTION MECHANISM USING DEEP ANALYSIS OF SOFTWARE FUNCTIONALITY

        Annotation:

        he article describes an approach to identify malicious software based on the analysis of its functionality. To ensure the completeness of the analysis, it is proposed to use dynamic symbolic execution to determine the conditions for reaching the target program blocks. To optimize the process of searching for the ways of program execution leading to the execution of malicious operations, the methods reinforcement learning are used

        Keywords:

        computer security, malware detection, malicious activity, machine learning, symbolic execution, reinforcement learning, targeted attacks
        Pages 112-122
    • №2 2019
      К ЮБИЛЕЮ Ю.С. ВАСИЛЬЕВА

      Annotation:

      (Russian) Ю.С. Васильев родился 10.04.1929 г. в Иркутске. Окончил гидротехнический факультет Ленинградского политехнического института им. М.И. Калинина по специальности «Возобновляющиеся источники энергии и гидроэнергетики». Прошел путь от ассистента до доктора технических наук, профессора – заведующего кафедрой «Использование водной энергии», а в 2000 г. избран действительным членом Российской Академии наук. Главными направлениями научной деятельности Юрия Сергеевича являются: гидроэнергетика, физико-математическое моделирование в гидроэнергетике, охрана окружающей среды при использовании гидроэнергетических ресурсов и возобновляемых источников энергии. Ю.С. Васильев разработал научные основы автоматизированной системы проектирования объектов водного хозяйства. Руководил комплексными научно-техническими программами «Человек и окружающая среда, проблемы охраны природы» и «Энергетика» Минвуза РСФСР, которые объединяли 260 вузов страны. Возглавляет ряд научно-технических программ. Создатель научной школы по возобновляющимся источникам энергии и гидроэнергетике и один из основоположников комплексных экологических исследований, связанных с энергетическим и водохозяйственным строительством. Подготовил более 70 кандидатов наук, научный консультант по 36 докторским диссертациям. Автор многих фундаментальных научных трудов, в том числе более 70 книг и 320 статей, более 20 изобретений. Представлял интересы России в более чем 20 зарубежных странах, что способствовало укреплению международного авторитета вуза. Многочисленные ученики и последователи Ю. С. Васильева, продолжатели его научных идей всегда найдут у своего учителя добрый совет, поддержку и участие, что вместе с непрекращающейся научной и педагогической деятельностью свидетельствует о непоколебимом авторитете Ю.С. Васильева как наставника, руководителя, специалиста и мудрого человека. Ю. С. Васильев всегда на передовых рубежах прогресса, принимает участие в решении самых актуальных научных задач, в последние годы уделяет внимание проблемам кибербезопасности энергетических систем. Ю. С. Васильев награждён орденами: «За заслуги перед Отечеством IV ст.», «Трудового Красного Знамени», «Знак Почета» и 26 медалями. В честь Ю.С. Васильева названа малая планета Солнечной систем «ВЮС». Юрий Сергеевич Васильев – выдающийся ученый, талантливый руководитель, опытнейший педагог и наставник. Его отличают высокое чувство ответственности, преданность науке, целеустремленность, необыкновенная работоспособность. Эти качества сочетаются в нем с исключительной интеллигентностью, добротой и внимательным отношением к людям. Редакция журнала «Проблемы информационной безопасности. Компьютерные системы» сердечно поздравляет Юрия Сергеевича с 90-летием! Желаем здоровья, долголетия, творческой энергии, дальнейших достижений во благо России!
  • 2018 year
  • 2017 year
  • 2016 year
  • 2015 year
  • 2014 year
  • 2013 year
  • 2012 year
  • 2011 year
  • 2010 year
  • 2009 year
  • 2008 year
  • 2007 year
  • 2006 year
  • 2005 year
  • 2004 year
  • 2003 year
  • 2002 year
  • 2001 year
  • 2000 year
  • 1999 year