Quarterly journal published in SPbPU
and edited by prof. Dmitry Zegzhda
Peter the Great St. Petersburg Polytechnic University
Institute of computer sciences and technologies
information security of computer systems
Information Security Problems. Computer Systems
Published since 1999.
ISSN 2071-8217
  • 2025 year
    • № 1 2025
      • INFORMATION SECURITY ASPECTS
        M. A. Chizhevsky1,2, O. V. Serpeninov1, A. P. Lapsar1
        1Rostov State University of Economics, Rostov-on-Don, Russia
        2RTK IB LLC, Moscow, Russia
        OPTIMIZATION OF INDICATOR OF COMPROMISE UTILIZATION IN INFORMATION SECURITY TASKS

        Annotation:

        The article deals with the problem of updating indicators of compromise in the field of information security. One of the key difficulties is the growing number of false positives, which slows down the process of incident investigation. To solve this problem, we propose a model for assessing the relevance of indicators of compromise, the purpose of which is to optimise their use. The developed model takes into account various parameters, such as the indicator obsolescence rate, the level of trust in the source, the frequency of detection, the proportion of false positives, the consideration of information from open sources, and the type of malicious activity. The model reduces the number of false positives and improves the efficiency of incident monitoring.

        To quote:

        M. A. Chizhevsky,, O. V. Serpeninov, A. P. Lapsar OPTIMIZATION OF INDICATOR OF COMPROMISE UTILIZATION IN INFORMATION SECURITY TASKS // Information Security Problems. Computer Systems. 2025. № 1. Pp. 9–20. DOI:10.48612/jisp/t99x-zeux-75er

        DOI:

        10.48612/jisp/t99x-zeux-75er

        Keywords:

        indicator of compromise, relevance, assessment model, relevance dynamics, information security

        Pages:

        9–20

        Books list ‣‣‣‣:

        (Russian)

        1. Positive Technologies. Актуальные киберугрозы в странах СНГ 2023–2024. URL: https://www.ptsecurity.com/ru-ru/research/analytics/aktualnye-kiberugrozy-v-stranah-sng-2023-2024/#id3 (дата обращения: 07.10.2024).
        2. ГК «Солар». Кибератаки на российские компании во II квартале 2024 года. URL: https://rt-solar.ru/analytics/reports/4544/?utm_source=vkontakte&utm_medium=smm&utm_campaign=27august (дата обращения: 07.10.2024).
        3. Wagner C., Dulaunoy A., Wagener G., Iklody A. MISP: The design and imple mentation of a collaborative threat intelligence sharing platform // Proceedings of the 2016 ACM on Workshop on Information Sharing and Collaborative Security. ACM, 2016. Pp. 49–56.
        4. Ryan S. The Pyramid of Pain in Cybersecurity. URL: https://rya-sge.github.io/access-denied/2024/11/28/pyramid-of-pain/ (дата обращения: 08.02.2025).
        5. Liao X., Yuan K., Wang X. et al. Acing the ioc game: Toward automatic discovery and analysis of open-source cyber threat intelligence // Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security. ACM, 2016. Pp. 755–766.
        6. Iklody A., Wagener G., Dulaunoy A. et al. Decaying Indica tors of Compromise // arXiv preprint arXiv:1803.11052. 2018.
        7. Mokaddem S., Wagener G., Dulaunoy A., Iklody A. Taxonomy driven indicator scoring in misp threat intelligence platforms // arXiv preprint arXiv:1902.03914. 2019.
        8. Schaberreiter T., Kupfersberger V., Rantos K. et al. A quantitative evaluation of trust in the quality of cyber threat in telligence sources // Proceedings of the 14th International Conference on Availability, Reliability and Security. 2019. Pp. 1–10.
        9. Андрушкевич Д. В., Андрушкевич С. С., Крюков Р. О. Метод реагирования на целевые атаки, основанный на отображении событий информационной безопасности с применением индикационных сигнатур // Проблемы информационной безопасности. Компьютерные системы. 2023. № 4. C. 48–60.
        10. Dulaunoy A., Wagener G., Iklody A. et al. An Indicator scoring method for MISP platforms // TNC 18 At: Trondheim. Norway. 2018.
        11. Bruce M., Lusthaus J., Kashyap R., Phair N. Mapping the global geography of cybercrime with the World Cybercrime Index // PLoS ONE. № 19(4). № e0297312.
        12. ГК «Солар». Lifting Zmiy: взлом SCADA-cистемы и атака на российские компании. URL: https://rt-solar.ru/solar-4rays/blog/4506/?frombanner=4rays_main (дата обращения: 15.10.2024).
        13. Labs Identifies Log4J Attacks. URL: https://www.lacework.com/blog/lacework-labs-identifies-log4j-attackers (дата обращения: 16.10.2024).
        14. Национальный координационный центр по компьютерным инцидентам. Список IP-адресов, используемых в ходе DDoS-атак. URL: https://safe-surf.ru/specialists/news/676114/ (дата обращения: 16.10.2024).
        15. Вредоносная рассылка от имени правоохранительных органов. URL: https://t.me/ptescalator/96 (дата обращения: 16.10.2024).
        16. PTescalator Вредоносная рассылка от имени ФСБ. URL: https://t.me/ptescalator/83 (дата обращения: 16.10.2024).
      • MACHINE LEARNING AND KNOWLEDGE CONTROL SYSTEMS
        P. D. Bezborodov, D. S. Lavrova
        Peter the Great St. Petersburg Polytechnic University, St. Petersburg, Russia
        PROTECTING NEURAL NETWORK MODELS FROM PRIVACY VIOLATION THREATS IN FEDERATED LEARNING USING OPTIMIZATION METHODS

        Annotation:

        The paper is devoted to an approach to counter threats of privacy violations in federated learning. The approach is based on optimization methods to transform the weights of local neural network models and create new weights for transmission to the joint gradient descent node, which, in turn, allows to prevent the interception of local model weights by an attacker. Experimental studies have confirmed the effectiveness of the developed approach

        To quote:

        P. D. Bezborodov, D. S. Lavrova PROTECTING NEURAL NETWORK MODELS FROM PRIVACY VIOLATION THREATS IN FEDERATED LEARNING USING OPTIMIZATION METHODS // Information Security Problems. Computer Systems. 2025. № 1. Pp. 21–29. DOI:10.48612/jisp/fpvk-xpna-9hx5

        DOI:

        10.48612/jisp/fpvk-xpna-9hx5

        Keywords:

        federated learning, neural network models, optimization methods, gradient descent

        Pages:

        21–29

        Books list ‣‣‣‣:

        (Russian)

        1. Полтавцева М. А., Харитонова А. Н. Систематизация атак на медицинские киберфизические системы // Проблемы информационной безопасности. Компьютерные системы. 2021. № 3. С. 118–129. EDN: UKAIOX.
        2. Рудницкая Е. А., Полтавцева М. А. Защита от атак на системы машинного обучения на примере атак уклонения при анализе медицинских изображений // Проблемы информационной безопасности. Компьютерные системы. 2022. № 2. С. 148–159. DOI: 10.48612/jisp/1rgd-dmhp-rd2k. EDN: HNQMOX.
        3. Shokri R., Stronati M., Song C., Shmatikov V. Membership inference attacks against machine learning models // 2017 IEEE symposium on security and privacy (SP). IEEE, 2017. С. 3–18.
        4. Fredrikson M., Jha S., Ristenpart T. Model inversion attacks that exploit confidence information and basic countermeasures // Proceedings of the 22nd ACM SIGSAC conference on computer and communications security. 2015. Pp. 1322–1333.
        5. Zhang J., Chen J., Wu D. et al. Poisoning attack in federated learning using generative adversarial nets // 2019 18th IEEE international conference on trust, security and privacy in computing and communications/13th IEEE international conference on big data science and engineering (TrustCom/BigDataSE). IEEE, 2019. Pp. 374–380.
        6. Крундышев В. М., Ческидов В. К., Калинин М. О. Метод защиты глобальных моделей в системах федеративного обучения на основе модели доверия // Проблемы информационной безопасности. Компьютерные системы. 2024. № 4(62). С. 94–108. DOI: 10.48612/jisp/mf2n-fb13-p7p EDN: XVWNON.
        7. Sutskever I., Martens J., Dahl G., Hinton G. On the importance of initialization and momentum in deep learning // International conference on machine learning. PMLR, 2013. Pp. 1139–1147.
        8. Zegzhda D. P., Nikolsky A. V. Formal security model for virtual machine hypervisors in cloud computing systems // Nonlinear Phenomena in Complex Systems. 2014. Vol. 17. № 3. Pp. 253–262.
        9. Ma J., Yarats D. Quasi-hyperbolic momentum and adam for deep learning // arXiv preprint arXiv:1810.06801. 2018.
        10. Поляк Б. Т. Введение в оптимизацию. М.: Наука, 1983. 384 с.
        11. Нестеров Ю. Е. Метод минимизации выпуклых функций со скоростью сходимости O (1/k2) // Докл. АН СССР. 1983. Т. 269. № 3-С. С. 543–547.
        12. Lessard L., Recht B., Packard A. Analysis and design of optimization algorithms via integral quadratic constraints // SIAM Journal on Optimization. 2016. Vol. 26. № 1. Pp. 57–95.
        13. Kalinin M. O., Krundyshev V. M. Analysis of a huge amount of network traffic based on quantum machine learning // Automatic Control and Computer Sciences. 2021. Vol. 55. № 8. Pp. 1165–1174.
        14. Cyrus S., Hu B., Van Scoy B., Lessard L. A robust accelerated optimization algorithm for strongly convex functions // 2018 Annual American Control Conference (ACC). IEEE, 2018. Pp. 1376–1381.
        15. Krivovichev G. V., Sergeeva V. Y. Analysis of a Two-Step Gradient Method with Two Momentum Parameters for Strongly Convex Unconstrained Optimization // Algorithms. 2024. Vol. 17. № 3. Pp. 126.
        D. N. Biryukov1, A. F. Suprun2
        1Mozhaysky Military Space Academy, St. Petersburg, Russia
        2Peter the Great St. Petersburg Polytechnic University, St. Petersburg, Russia
        FROM “BLACK BOX” TO TRANSPARENCY: PHILOSOPHICAL AND METHODOLOGICAL FOUNDATIONS OF EXPLAINABILITY AND INTERPRETABILITY IN ARTIFICIAL INTELLIGENCE

        Annotation:

        This article examines the problem of the "black box" in artificial intelligence systems, focusing on the role of explanation (revealing cause-and-effect relationships) and interpretation (adapting meaning for the audience) in the context of machine learning. The philosophical foundations of these concepts are presented, along with an overview of modern methods in explainable AI (XAI). The article emphasizes the need to develop common perspectives on the issues of "explainability" and "interpretability" as they apply to machine learning models and the solutions they generate.

        To quote:

        D. N. Biryukov, A. F. Suprun FROM “BLACK BOX” TO TRANSPARENCY: PHILOSOPHICAL AND METHODOLOGICAL FOUNDATIONS OF EXPLAINABILITY AND INTERPRETABILITY IN ARTIFICIAL INTELLIGENCE // Information Security Problems. Computer Systems. 2025. № 1. Pp. 30–42. DOI:10.48612/jisp/x8ve-86ez-fv94

        DOI:

        10.48612/jisp/x8ve-86ez-fv94

        Keywords:

        artificial intelligence, explanation, interpretation, understanding, XAI

        Pages:

        30–42

        Books list ‣‣‣‣:

        (Russian)

        1. Рассел Б. Человеческое познание, его сферы и границы. Киев: Ника-Центр, 2001. 560 с.
        2. Савченко В. Н., Смагин В. П. Начала современного естествознания: тезаурус: учебное пособие. Ростов н/Д: Феникс, 2006. 330 с.
        3. Большой энциклопедический словарь / гл. ред. А. М. Прохоров. М.: Советская энциклопедия; СПб.: Фонд «Ленинградская галерея», 2002. 1628 с.
        4. Педагогический энциклопедический словарь / гл. ред. Б. М. Бим-Бад. М.: Большая российская энциклопедия, 2002. 527 с.
        5. Культурология. XX век: Словарь / гл. ред., сост. и авт. проекта А. Я. Левит. СПб.: Университетская книга, 1997. 630 с.
        6. Тульчинский Г. Л. Проблема осмысления действительности: логико-философский анализ. Л.: Изд-во ЛГУ, 1986. 175 с.
        7. Успенский В. А. Теорема Геделя синтаксическая версия. URL: http://www.mccme.ru/dubna/2010/courses/vau.htm (дата обращения: 25.01.2025).
        8. Успенский В. А. Теорема Геделя о неполноте в элементарном изложении // УМН. 1974. Т. 29. № 1. С. 3–47.
        9. Успенский В. А. Теорема Геделя о неполноте и четыре дороги, ведущие к ней // Математическое просвещение. Третья серия. Вып. 15. М.: МЦНМО, 2011. С. 35–76.
        10. Успенский В. А. Теорема Геделя о неполноте. М.: Наука, 1982. 111 с.
        11. Ушаков Д. Н. Большой толковый словарь русского языка: современная редакция. М.: Дом Славянской книги, 2008. 959 с.
        12. Бетти Э. Герменевтика как общая методология наук о духе / пер. с нем. Е. В. Борисова. М.: Канон+, 2011. 144 с.
        13. Большой энциклопедический словарь / гл. ред. А. М. Прохоров. 2-е изд., перераб. и доп. М.: Большая Российская энциклопедия; СПб.: Норинт, 2004. 1456 с.
        14. Шишова Н. В., Новиков А. Ю., Волкова Д. В., Топчий И. В. Культурология: словарь-справочник. Ростов н/Д: Феникс, 2009. 596 с.
        15. Жеребило Т. В. Словарь лингвистических терминов. Назрань: Пилигрим, 2005. 376 с.
        16. Конт-Спонвиль А. Философский словарь / пер. с фр. Е. В. Головиной. М.: Этерна, 2012. 752 с.
        17. Философский словарь / под ред. И. Т. Фролова. М., 1991. 163 с.
        18. Педагогический энциклопедический словарь / гл. ред. Б. М. Бим-Бад. М.: Большая российская энциклопедия, 2002. 527 с.
        19. Мышление: определение, виды, типы, формы, свойства. URL: https://studopedia.ru/19_302076_mishlenie-opredelenie-vidi-tipi-formi-svoystva.html(дата обращения: 25.01.2025).
        20. Ribeiro M. T., Singh S., Guestrin C. «Why Should I Trust You?»: Updates on Local Interpretable Model-agnostic Explanations // Nature Machine Intelligence. 2021. Vol. 3. № Pp. 406–415. DOI: 10.1038/s42256-021-00338-7.
        21. Lundberg S. SHAP for Deep Learning: Advancements in Explainable AI // IEEE Transactions on Neural Networks. Vol. 33. № 4. Pp. 1234–1245. DOI: 10.1109/TNNLS.2021.3112314.
        22. Vaswani A., N. Shazeer, N. Parmar et al. Beyond Transformers: Interpretable Attention in Multimodal Models // ACM Computing Surveys. 2023. Vol. 55. № 2. Pp. 1–35. DOI: 10.1145/3578931.
        23. Wachter S. Counterfactual Explanations in Algorithmic Decision-Making // Artificial Intelligence. 2021. Vol. 297. P. 103502. DOI: 10.1016/j.artint.2021.103502.
        24. Alvarez-Melis D., Jaakkola T. Self-Explaining Neural Networks for Trustworthy AI // Proceedings of the AAAI Conference on Artificial Intelligence. Vol. 35. № 8. Pp. 1234–1242. DOI: 10.1609/aaai.v35i8.16823.
        25.  Agarwal R., Melnick L., Frosst N. et al. Neural Additive Models: Interpretable Machine Learning with Neural Nets // Advances in Neural Information Processing Systems (NeurIPS). 2021. Vol. 34. Pp. 1234–1245.
        I. S. Velichko, S. V. Bezzateev
        Saint Petersburg State University of Aerospace Instrumentation, St. Petersburg, Russia
        FROM EXPLOITATION TO PROTECTION: A DEEP DIVE INTO ADVERSARIAL ATTACKS ON LLMS

        Annotation:

        Modern large language models possess impressive capabilities but remain vulnerable to various attacks that can manipulate their responses, lead to leakage of confidential data, or bypass restrictions. This paper focuses on the analysis of prompt injection attacks, which allow bypassing model constraints, extracting hidden data, or forcing the model to follow malicious instructions.

        To quote:

        I. S. Velichko, S. V. Bezzateev FROM EXPLOITATION TO PROTECTION: A DEEP DIVE INTO ADVERSARIAL ATTACKS ON LLMS // Information Security Problems. Computer Systems. 2025. № 1. Pp. 43–58. DOI:10.48612/jisp/mbvv-n1u7-z7be

        DOI:

        10.48612/jisp/mbvv-n1u7-z7be

        Keywords:

        large language models, artificial intelligence, adversarial attacks, defense methods, model output manipulation

        Pages:

        43–58

        Books list ‣‣‣‣:

        (Russian)

        1. Ebrahimi J., Rao A., Lowd D., Dou D. HotFlip: White-Box Adversarial Examples for Text Classification. URL: https://arxiv.org/pdf/1712.06751v1 (дата обращения: 09.01.2025).
        2. Belinkov Y., Bisk Y. Synthetic and natural noise both break neural machine translation. URL: https://arxiv.org/pdf/1711.02173v1 (дата обращения: 09.01.2025).
        3. Guo C., Sablayrolles A., Kiela H. J. D. Gradient-based Adversarial Attacks against Text Transformers // Conference on Empirical Methods in Natural Language Processing. 2021. Pp. 5747–5757.
        4. Rajaraman A., Ullman J. D. Mining of Massive Datasets. Cambridge University Press, 2012. 310 p.
        5. Zhang T., Kishore V., Wu F. et al. BERTScore: Evaluating Text Generation with BERT // Proceedings of the 8th International Conference on Learning Representations.
        6. Brown T. B. Language Models are Few-Shot Learners // Advances in Neural Information Processing Systems. 2020. Vol. 33.
        7. Lample G., Conneau A. Cross-lingual Language Model Pretraining // Advances in Neural Information Processing Systems. 2019. Vol. 32.
        8. Devlin J., Chang M.-W., Lee K., Toutanova K. BERT: Pre-training of Deep Bidirectional Transformers for Language Understanding // Proceedings of the North American Chapter of the Association for Computational Linguistics (NAACL 2019). 2019.
        9. Wallace E., Feng S., Kandpal N. et al. Universal Adversarial Triggers for Attacking and Analyzing NLP // Proceedings of the 9th International Joint Conference on Natural Language Processing. 2021.
        10. Zou A., Wang Z., Carlini N. et al. Universal and Transferable Adversarial Attacks on Aligned Language Models. URL: https://arxiv.org/pdf/2307.15043v1 (дата обращения: 16.10.2024).
        11. Shin T., Razeghi Y., Logan IV R. L. et al. AutoPrompt: Eliciting Knowledge from Language Models with Automatically Generated Prompts // Proceedings of the 2020 Conference on Empirical Methods in Natural Language Processing (EMNLP). 2020.
        12. Touvron H., Lavril T., Izacard G. et al. LLaMA: Open and Efficient Foundation Language Models. URL: https://arxiv.org/pdf/2302.13971 (дата обращения: 16.10.2025).
        13. Enis M., Hopkins M. From LLM to NMT: Advancing Low-Resource Machine Translation with Claude. URL: https://arxiv.org/pdf/2404.13813 (дата обращения: 16.10.2024).
        14. Qin L., Welleck S., Khashabi D., Choi Y. Cold decoding: Energy-based constrained text generation with langevin dynamics // Advances in Neural Information Processing Systems. 2022. Vol. Pp. 9538–9551.
        15. Ou Zh. Energy-Based Models with Applications to Speech and Language Processing // Foundations and Trends in Signal Processing. 2024. Vol. 18. № 1–2. Pp. 1–199.
        16. Jiang A. Q., Sablayrolles A., Mensch A. et al. Mistral 7B. URL: https://arxiv.org/pdf/2310.06825 (дата обращения: 20.11.2024).
        17. Kulkarni S., Shah K. D., Arora N. et al. PPL Bench: Evaluation Framework For Probabilistic Programming Languages. URL: https://www.researchgate.net/publication/344756800_PPL_Bench_Evaluation_Framework_For_Probabilistic_Programming_Languages (дата обращения: 20.11.2024).
        R. B. Kirillov, M. O. Kalinin
        Peter the Great St. Petersburg Polytechnic University, St. Petersburg, Russia
        DETECTING ADVERSARIAL SAMPLES IN INTRUSION DETECTION SYSTEMS USING MACHINE LEARNING MODELS

        Annotation:

        The problem of protecting machine learning models used in intrusion detection systems from adversarial attacks is considered. Possible methods of protection against adversarial samples based on data anomaly detectors and an autoencoder are analyzed. The results of an experimental study of protective mechanisms that demonstrated high efficiency in detecting distorting data using a Random Forest model are presented.

        To quote:

        R. B. Kirillov, M. O. Kalinin DETECTING ADVERSARIAL SAMPLES IN INTRUSION DETECTION SYSTEMS USING MACHINE LEARNING MODELS // Information Security Problems. Computer Systems. 2025. № 1. Pp. 59–68. DOI:10.48612/jisp/2741-bb1k-hf3x

        DOI:

        10.48612/jisp/2741-bb1k-hf3x

        Keywords:

        adversarial attack, machine learning security, adversarial sample detection, machine learning, intrusion detection system, Random Forest

        Pages:

        59–68

        Books list ‣‣‣‣:

        (Russian)

        1. Kerle N., Gerke M., Lefèvre S. GEOBIA 2016: Advances in Object-Based Image Analysis – Linking with Computer Vision and Machine Learning // Remote Sensing. 2019. № 11. Pp. 1–3.
        2. Asharul I. K., Salim A. Machine Learning in Computer Vision // Procedia Computer Science. 2020. Vol. 167. Pp. 1444–1451.
        3. Peña-Cáceres O., Silva-Marchan H., Albert M., Gil M. Recognition of Human Actions through Speech or Voice Using Machine Learning Techniques // Computers, Materials and Continua. 2023. Vol. 77. Pp. 1873–1891.
        4. Zada I., Alatawi M. N., Saqlain S. M. et al. Fine-Tuning Cyber Security Defenses: Evaluating Supervised Machine Learning Classifiers for Windows Malware Detection // Computers, Materials and Continua. 2024. Vol. 80. Pp. 2917–2939.
        5. Asmar M., Tuqan A. Integrating machine learning for sustaining cybersecurity in digital banks // Heliyon. 2024. Vol. 10. Pp. 1–18.
        6. Szegedy C., Zaremba W., Sutskever I. et al. Intriguing properties of neural networks // International Conference on Learning Representations. 2014. Pp. 1–10.
        7. Goodfellow I. J., Shlens J., Szegedy C. Explaining and harnessing adversarial examples // Proceedings of the International Conference on Learning Representations. 2015. Pp. 1–11.
        8. Kurakin A., Goodfellow I., Bengio S. Adversarial machine learning at scale // International Conference on Learning Representations. 2017. Pp. 1–15.
        9. Moosavi-Dezfooli S.-M., Fawzi A., Frossard P. Deepfool: A simple and accurate method to fool deep neural networks // Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition. 2016. Pp. 2574–2582.
        10. Papernot N., McDaniel P., Jha S. et al. The limitations of deep learning in adversarial settings // 2016 IEEE European Symposium on Security and Privacy. IEEE, 2016. Pp. 372–387.
        11. Carlini N., Wagner D. Towards evaluating the robustness of neural networks // 2017 IEEE Symposium on Security and Privacy. IEEE, 2017. Pp. 39–57.
        12. Rudnitskaya E. A., Poltavtseva M. A. Adversarial machine learning protection using the example of evasion attacks on medical images // Automatic Control and Computer Sciences. 2022. Vol. 56. № 8. Pp. 934–941.
        13. Madry A., Makelov A., Schmidt L. et al. Towards deep learning models resistant to adversarial attacks // International Conference on Learning Representations. 2018. Pp. 1–28.
        14. Chen P.-Y., Zhang H., Sharma Y. et al. Zoo: Zeroth order optimization based black-box attacks to deep neural networks without training substitute models // Proceedings of the 10th ACM Workshop on Artificial Intelligence and Security. 2017. Pp. 15–26.
        15. Жуковский Е. В., Зегжда Д. П. Повышение устойчивости к состязательным атакам моделей машинного обучения, используемых в современных средствах защиты // Методы и технические средства обеспечения безопасности информации. № 29. С. 73–74.
        16. Ilyas A., Engstrom L., Athalye A., Lin J. Black-box adversarial attacks with limited queries and information // International Conference on Machine Learning. 2018. Pp. 2142–2151.
        17. Ilyas A., Engstrom L., Madry A. Prior convictions: Black-box adversarial attacks with bandits and priors // International Conference on Learning Representations. 2019. Pp. 1–23.
        18. Duddu V. A survey of adversarial machine learning in cyber warfare // Defence Sci. 2018. Vol. 68. № 4. Pp. 356–366.
        19. Meng D., Chen H. MagNet: A two-pronged defense against adversarial examples // arXiv:1705.09064. 2017.
        20. Marshev I. I., Zhukovskii E. V., Aleksandrova E. B. Protection against adversarial attacks on malware detectors using machine learning algorithms // Automatic Control and Computer Sciences. 2021. Vol. 55. № 8. Pp. 1025–1028.
        21. Papernot N., McDaniel P., Wu X. et al. Distillation as a defense to adversarial perturbations against deep neural networks // arXiv:1511.04508. 2015.
        22. Papernot N., McDaniel P., Sinha A., Wellman M. Towards the science of security and privacy in machine learning // arXiv:1611.03814. 2016.
        23. Югай П. Э., Москвин Д. А. Способы выявления состязательных атак на алгоритмы машинного обучения в системах обнаружения вторжений // Методы и технические средства обеспечения безопасности информации. 2023. № 32. С. 21–
        24. Papernot N. Practical black-box attacks against machine learning // arXiv:1602.02697. 2016.
        25. Wanman L., Xiaozhang L. ADDA: An Adversarial Direction-Guided Decision-Based Attack via Multiple Surrogate Models // Mathematics. 2019. Vol. 11. № 3613.
        26. Chen J., Jordan M. I., Wainwright M. J. HopSkipJumpAttack: A QueryEfficient Decision-Based Attack // arXiv:1904.02144. 2020.
        27. Brendel W., Rauber J., Bethge M. Decision-Based Adversarial Attacks: Reliable Attacks Against Black-Box Machine Learning Models // arXiv:1712.04248. 2018.
        28. Goodfellow I. J., Shlens J., Szegedy C. Explaining and harnessing adversarial examples // arXiv:1412.6572. 2014.
        29. Brendel G., Looveren A. V. Adversarial Detection and Correction by Matching Prediction Distributions // arXiv:2002.09364. 2020.
        30. Hinton G., Vinyals O., Dean J. Distilling the Knowledge in a Neural Network // arXiv:1503.02531. 2020.
        31. Debicha I., Debatty T., Dricot J., Mees W. Adversarial Training for Deep Learning-based Intrusion Detection Systems // arXiv:2104.09852. 2021.
        32. NSL-KDD-Dataset. URL: https://github.com/jmnwong/NSL-KDD-Dataset?tab=readme-ov-file (дата обращения: 17.01.2025).
      • SOFTWARE SECURITY
        V. A. Bugaev, E. V. Zhukovskii, A. A. Lyrchikov
        Peter the Great St. Petersburg Polytechnic University, St. Petersburg, Russia
        DETECTION OF POTENTIALLY MALICIOUS ACTIVITY IN CI/CD PIPE-LINES BASED ON ANALYSIS OF RUNNER BEHAVIOR

        Annotation:

        The article addresses the problem of detecting potentially malicious activity in CI/CD pipelines during the build process through the analysis of runner behavior. The limitations of existing pipeline security tools related to threat detection during build execution are identified, as well as promising approaches to detecting mali-cious activity. A way for detecting potentially malicious activity in pipelines using the eBPF technology for collecting and analyzing runner behavior has been pro-posed. The accuracy of the detection is evaluated using a dataset that contains im-plementations of malicious scenarios related to build process compromise. The re-sults obtained can be used to implement protection tools for CI systems and con-tribute to research in CI/CD pipelines security.

        To quote:

        V. A. Bugaev, E. V. Zhukovskii, A. A. Lyrchikov DETECTION OF POTENTIALLY MALICIOUS ACTIVITY IN CI/CD PIPE-LINES BASED ON ANALYSIS OF RUNNER BEHAVIOR // Information Security Problems. Computer Systems. 2025. № 1. Pp. 69–82. DOI:10.48612/jisp/at5b-46tf-zet9

        DOI:

        10.48612/jisp/at5b-46tf-zet9

        Keywords:

        CI/CD pipelines, DevSecOps, malicious activity, anomaly detection, eBPF, behavioral analysis, syscalls

        Pages:

        69–82

        Books list ‣‣‣‣:

        (Russian)

        1. Research and Markets. DevOps Global Market Report 2024. URL: https://www.researchandmarkets.com/reports/5767407/devops-global-market-report (дата обращения: 25.12.2024).
        2. State of DevOps Russia 2024. URL: https://devopsrussia.ru/wp-content/themes/devopsrussia/assets/docs/StateOfDevOpsRussia2024.pdf (дата обращения: 25.12.2024).
        3. Checkov. URL: https://github.com/bridgecrewio/checkov (дата обращения: 17.09.2024).
        4. Chain-bench. URL: https://github.com/aquasecurity/chain-bench (дата обращения: 17.09.2024).
        5. In-toto. URL: https://in-toto.io/ (дата обращения: 17.09.2024).
        6. Sigstore Cosign. URL: https://github.com/sigstore/cosign (дата обращения: 17.09.2024).
        7. SolarWinds: State-sponsored global software supply chain attack. URL: https://www.cfcs.dk/globalassets/cfcs/dokumenter/rapporter/en/CFCS-solarwinds-report-EN.pdf (дата обращения: 17.12.2023).
        8. Bash Uploader Security Update. URL: https://about.codecov.io/security-update/ (дата обращения: 17.12.2023).
        9. Positive Technologies и TetraSoft раскрывают подробности целевой атаки на добычу углеводородного сырья. URL: https://www.ptsecurity.com/ru-ru/about/news/positive-technologies-i-tetra-soft-raskryvayut-podrobnosti-czelevoj-ataki-na-dobychu-uglevodorodnogo-syrya/ (дата обращения: 20.12.2024).
        10. Актуальные киберугрозы: I квартал 2024 года. URL: https://www.ptsecurity.com/ru-ru/research/analytics/cybersecurity-threatscape-2024-q1/ (дата обращения: 20.12.2024).
        11. URL: https://github.com/falcosecurity/falco/ (дата обращения: 10.09.2024).
        12. Tetragon. URL: https://github.com/cilium/tetragon (дата обращения: 10.09.2024).
        13. Tracee. URL: https://github.com/aquasecurity/tracee (дата обращения: 10.09.2024).
        14. Teixeira D. Bypassing eBPF-based Security Enforcement Tools // Form3 – 2022. URL: https://www.formtech/blog/engineering/bypassing-ebpf-tools (дата обращения: 17.09.2024).
        15. Lashkin V., Evdokimov D. EDR vs Containers: actual problems // SOC-Forum 2023. URL: https://forumsoc.ru/upload/iblock/3dd/ew9u5itkw7vt36eit9f3sl5q9f
          u4hzxpdf (дата обращения: 17.09.2024).
        16. Gavrilov I. How to hide your actions when every step is being monitored // OFFZONE 2023. URL: https://2023.offzone.moscow/upload/iblock/e3b/g
          6q7ndv0uu3e2lp6ebyneakm9hhw5oyw.pdf (дата обращения: 17.09.2024).
        17. Falco-bypasses. URL: https://github.com/blackberry/Falco-bypasses (дата обращения: 17.09.2024).
        18. Kim G. LSTM-based system-call language modeling and robust ensemble method for designing host-based intrusion detection systems // arXiv preprint arXiv:1611.01726. 2016.
        19. Capizzi A., Distefano S., Mazzara M. et al. Anomaly detection in devops toolchain // Software Engineering Aspects of Continuous Development and New Paradigms of Software Production and Deployment: Second International Workshop, DEVOPS 2019, May 6–8 2019, Château de Villebrumier, France. Springer International Publishing, 2020. Pp. 37–51.
        20. Castanhel G. R., Heinrich T., Ceschin F., Maziero C. Taking a peek: An evaluation of anomaly detection using system calls for containers // 2021 IEEE Symposium on Computers and Communications (ISCC). IEEE, 2021. Pp. 1–6.
        21. Fawzy A. H., Wassif K., Moussa H. Framework for automatic detection of anomalies in DevOps // Journal of King Saud University-Computer and Information Sciences. 2023. Vol. 35. № 3. Pp. 8–19.
        22. Kotenko I. V., Melnik M. V., Abramenko G. T. Anomaly Detection in Container Systems: Using Histograms of Normal Processes and an Autoencoder // 2024 IEEE 25th International Conference of Young Professionals in Electron Devices and Materials (EDM). IEEE, 2024. Pp. 1930–1934.
        23. eBPF Documentation. URL: https://ebpf.io/what-is-ebpf/ (дата обращения: 12.02.2025).
        24. Forrest S., Hofmeyr S., Somayaji A., Longstaff T. A sense of self for unix processes // Proceedings 1996 IEEE symposium on security and privacy. IEEE, 1996. Pp. 120–128.
        25. Bernaschi M., Gabrielli E., Mancini L. V. REMUS: A security-enhanced operating system // ACM Transactions on Information and System Security (TISSEC). 2002. Vol. 5. № 1. Pp. 36–61.
        26. BCC. URL: https://github.com/iovisor/bcc (дата обращения: 07.09.2024).
        A. G. Lomako, N. E. Isaev, A. B. Menisov, T. R. Sabirov
        A. F. Mozhaysky Military Space Academy, St. Petersburg, Russia
        AN APPROACH TO IDENTIFYING SOFTWARE CODE VULNERABILITIES BASED ON ADAPTATION WITH REINFORCEMENT LEARNING OF MACHINE LEARNING MODELS

        Annotation:

        The article is devoted to the development of an approach to identifying vulnerable code using adaptation methods for pre-trained reinforcement machine learning models. A training methodology is presented that includes stages of model adaptation using data from various domains, which ensures high generalization ability of the algorithms. Experimental results have shown the effectiveness of the proposed approach on the popular CWEFix code analysis dataset. The developed approach helps to improve the quality of vulnerability detection and reduce the level of false positives, which makes it a useful tool for ensuring software security.

        To quote:

        A. G. Lomako, N. E. Isaev, A. B. Menisov, T. R. Sabirov AN APPROACH TO IDENTIFYING SOFTWARE CODE VULNERABILITIES BASED ON ADAPTATION WITH REINFORCEMENT LEARNING OF MACHINE LEARNING MODELS // Information Security Problems. Computer Systems. 2025. № 1. Pp. 83–96. DOI:10.48612/jisp/7gnx-9z7f-fbrv

        DOI:

        10.48612/jisp/7gnx-9z7f-fbrv

        Keywords:

        code vulnerabilities, machine learning, reinforcement learning, software analysis, information security

        Pages:

        83–96

        Books list ‣‣‣‣:

        (Russian)

        1. Gursoy D., Cai R. Artificial intelligence: an overview of research trends and future directions // International journal of contemporary hospitality management. 2025. Vol. 37. № 1. Pp. 1–17.
        2. Hartmann C., Speth F., Sabath D., Sellmaier METIS: An AI Assistant Enabling Autonomous Spacecraft Operations for Human Exploration Missions // 2024 IEEE Aerospace Conference. IEEE, 2024. Pp. 1–22.
        3. Folorunso A., Adewumi T. O., Adewa A. et al. Impact of AI on cybersecurity and security compliance // Global Journal of Engineering and Technology Advances. 2024. Vol. 21. № 1. Pp. 167–184.
        4. Rudnitskaya E. A., Poltavtseva M. A. Adversarial machine learning protection using the example of evasion attacks on medical images // Automatic Control and Computer Sciences. 2022. Vol. 56. № 8. Pp. 934–941.
        5. Wadhams Z. D., Izurieta C., Reinhold A. M. Barriers to Using Static Application Security Testing (SAST) Tools: A Literature Review // Proceedings of the 39th IEEE/ACM International Conference on Automated Software Engineering Workshops. 2024. Pp. 161–166.
        6. Shahrivar P., Millar S. Detecting Web Application DAST Attacks in Large-Scale Event Data // Artificial Intelligence for Security: Enhancing Protection in a Changing World. Cham: Springer Nature Switzerland, 2024. Pp. 325–343.
        7. Sanne S. H. Investigations into Security Testing Techniques, Tools, and Methodologies for Identifying and Mitigating Security Vulnerabilities // Journal of Artificial Intelligence, Machine Learning and Data Science. 2024. Vol. 1. № 1. Pp. 626–631.
        8. Kalinin M. O., Krundyshev V. M. Analysis of a huge amount of network traffic based on quantum machine learning // Automatic Control and Computer Sciences. 2021. Vol. 55. № 8. Pp. 1165–1174.
        9. Jerónimo A. H., Moreno P. M., Camacho J. A. V., Vega G. C. Techniques of SAST Tools in the Early Stages of Secure Software Development: A Systematic Literature Review // 2024 IEEE International Conference on Engineering Veracruz (ICEV). IEEE, 2024. Pp. 1–8.
        10. Phatangare S., Matkar A., Jadhav A. et al. CodeCompass: NLP-Driven Navigation to Optimal Repositories // 2024 4th International Conference on Pervasive Computing and Social Networking (ICPCSN). IEEE, 2024. Pp. 393–401.
        11. Zeller M., Waschulzik T., Schmid R., Bahlmann C. Toward a safe MLOps process for the continuous development and safety assurance of ML-based systems in the railway domain // AI and Ethics. 2024. Vol. 4. № 1. Pp. 123–130.
        12. Pujar S., Zheng Y., Buratti L., Lewis B. Analyzing source code vulnerabilities in the D2A dataset with ML ensembles and C-BERT // Empirical Software Engineering. 2024. Vol. 29. № 2. Pp. 48.
        13. Marshev I. I., Zhukovskii E. V., Aleksandrova E. B. Protection against adversarial attacks on malware detectors using machine learning algorithms // Automatic Control and Computer Sciences. 2021. Vol. 55. № 8. Pp. 1025–1028.
        14. Golazad S. Z., Mohammadi A., Rashidi A., Ilbeigi From raw to refined: Data preprocessing for construction machine learning (ML), deep learning (DL), and reinforcement learning (RL) models // Automation in Construction. 2024. Vol. 168. Pp. 105844.
        15. Koslovski G. P., Pereira K., Albuquerque P. R. Dag-based workflows scheduling using actor–critic deep reinforcement learning // Future Generation Computer Systems. 2024. Vol. 150. Pp. 354–363.
        16. Renzhe Zhou, Chen-Xiao Gao, Zongzhang Zhang, Yang Yu. Generalizable Task Representation Learning for Offline Meta-Reinforcement Learning with Data Limitations // Proceedings of the AAAI Conference on Artificial Intelligence. 2024. Vol. 38. № 15. Pp. 17132–17140.
        17. Siddiqui T., Wu W. ML-Powered Index Tuning: An Overview of Recent Progress and Open Challenges //ACM SIGMOD Record. 2024. Vol. 52. № Pp. 19–30.
        18. Bhandari G., Naseer A., Moonen L. CVEfixes: automated collection of vulnerabilities and their fixes from open-source software // Proceedings of the 17th International Conference on Predictive Models and Data Analytics in Software Engineering. 2021. Pp. 30–39.
        19. Karmakar A., Robbes R. What do pre-trained code models know about code? // 2021 36th IEEE/ACM International Conference on Automated Software Engineering (ASE). IEEE, 2021. Pp. 1332–1336.
        20. Li X., Fu H. SecureBERT and LLAMA 2 Empowered Control Area Network Intrusion Detection and Classification // arXiv preprint arXiv:2311.12074. 2023.
        21. Daoguang Zan, Bei Chen, Yongshun Gong et al. Private-library-oriented code generation with large language models // arXiv preprint arXiv:2307.15370. 2023.
        22. Wang Y., Wang W., Sh. Joty, Hoi S. C. H. Codet5: Identifier-aware unified pre-trained encoder-decoder models for code understanding and generation // arXiv preprint arXiv:2109.00859. 2021.
        23. Ardimento P. Predicting bug-fixing time: Distilbert versus google BERT // International Conference on Product-Focused Software Process Improvement. Cham: Springer International Publishing, 2022. Pp. 610–620.
        24. Wang R., Xu S., Tian Yu. et al. SCL-CVD: Supervised contrastive learning for code vulnerability detection via GraphCodeBERT // Computers & Security. 2024. Vol. 145. Pp. 103994.
        25. Zhang Z. Improved adam optimizer for deep neural networks // 2018 IEEE/ACM 26th international symposium on quality of service (IWQoS). 2018. Pp. 1–2.
      • APPLIED CRYPTOGRAPHY
        S. O. Kostin, E. B. Aleksandrova
        Peter the Great St. Petersburg Polytechnic University, St. Petersburg, Russia
        MULTIPLE SIGNATURES ON ELLIPTIC CURVE ISOGENIES WITH MASKING AND PARTICIPANT AUTHENTICATION

        Annotation:

        This work investigates approaches for constructing post-quantum digital signature schemes. Contemporary methods for enhancing the security of protocols based on elliptic curve isogenies are analyzed. Multi-signature scheme based on the problem of finding isogenies between supersingular curves with participant authentication is developed. The efficiency and security of the proposed scheme are proved.

        To quote:

        S. O. Kostin, E. B. Aleksandrova MULTIPLE SIGNATURES ON ELLIPTIC CURVE ISOGENIES WITH MASKING AND PARTICIPANT AUTHENTICATION // Information Security Problems. Computer Systems. 2025. № 1. Pp. 97–105. DOI:10.48612/jisp/xvpd-hah6-9a56

        DOI:

        10.48612/jisp/xvpd-hah6-9a56

        Keywords:

        group signature, supersingular elliptic curves, postquantum cryptography, masking

        Pages:

        97–105

        Books list ‣‣‣‣:

        (Russian)

        1. Basso A., Maino L., Pope G. FESTA: fast encryption from supersingular torsion attacks // International Conference on the Theory and Application of Cryptology and Information Security. Singapore: Springer Nature Singapore, 2023. Pp. 98–126.
        2. Nakagawa K., Onuki H. QFESTA: Efficient algorithms and parameters for FESTA using quaternion algebras // Annual International Cryptology Conference. Cham: Springer Nature Switzerland, 2024. Pp. 75–106.
        3. Moriya T. IS-CUBE: An isogeny-based compact KEM using a boxed SIDH diagram // Cryptology ePrint Archive. 2023.
        4. De Feo L., Galbraith S. D. SeaSign: compact isogeny signatures from class group actions // Advances in Cryptology – EUROCRYPT 2019: 38th Annual International Conference on the Theory and Applications of Cryptographic Techniques, 19–23 May 2019, Darmstadt, Germany. Springer International Publishing, 2019. Pp. 759–789.
        5. Castryck W., Lange T., Martindale et al. CSIDH: an efficient post-quantum commutative group action // Advances in Cryptology – ASIACRYPT 2018: 24th International Conference on the Theory and Application of Cryptology and Information Security, 2–6 December, 2018, Brisbane, QLD, Australia. Springer International Publishing, 2018. Pp. 395–427.
        6. Beullens W., Kleinjung T., Vercauteren F. CSI-FiSh: efficient isogeny based signatures through class group computations // International conference on the theory and application of cryptology and information security. Cham: Springer International Publishing, 2019. Pp. 227–247.
        7. Castryck W., Decru T. An efficient key recovery attack on SIDH (preliminary version) // IACR Cryptol. ePrint Arch. 2022. Vol. 2022. Pp. 975.
        8. Feo L. D., Fouotsa B., Kutas P. et al. SCALLOP: scaling the CSI-FiSh // IACR international conference on public-key cryptography. Cham: Springer Nature Switzerland, 2023. Pp. 345–375.
        9. Chen M., Leroux A., Panny L. SCALLOP-HD: group action from 2-dimensional isogenies // IACR International Conference on Public-Key Cryptography. Cham: Springer Nature Switzerland, 2024. Pp. 190–216.
        10. Jao D., De Feo L. Towards quantum-resistant cryptosystems from supersingular elliptic curve isogenies // Post-Quantum Cryptography: 4th International Workshop, PQCrypto 2011, 29 November – 2 December 2011, Taipei, Taiwan. Springer Berlin Heidelberg, 2011. Pp. 19–
        11. Costello C. B-SIDH: supersingular isogeny Diffie-Hellman using twisted torsion // Advances in Cryptology – ASIACRYPT 2020: 26th International Conference on the Theory and Application of Cryptology and Information Security, 7–11 December 2020, Daejeon, South Korea. Springer International Publishing, 2020. Pp. 440–463.
        12. Azarderakhsh R., Jao D., Leonardi C. Post-quantum static-static key agreement using multiple protocol instances // Selected Areas in Cryptography–SAC 2017: 24th International Conference, 16–18 August 2017, Ottawa, ON, Canada. Springer International Publishing, 2018. Pp. 45–63.
        13. Fouotsa T. B., Petit C. SHealS and HealS: isogeny-based PKEs from a key validation method for SIDH // Advances in Cryptology – ASIACRYPT 2021: 27th International Conference on the Theory and Application of Cryptology and Information Security, 6–10 December 2021, Singapore. Springer International Publishing, 2021. Pp. 279–307.
        14. De Feo L., Guilhem C. D. de S., Fouotsa B. et al. Séta: supersingular encryption from torsion attacks // Advances in Cryptology – ASIACRYPT 2021: 27th International Conference on the Theory and Application of Cryptology and Information Security, 6–10 December 2021, Singapore. Springer International Publishing, 2021. Pp. 249–278.
        15. Fouotsa T. B., Moriya T., Petit C. M-SIDH and MD-SIDH: countering SIDH attacks by masking information // Annual International Conference on the Theory and Applications of Cryptographic Techniques. Cham: Springer Nature Switzerland, 2023. Pp. 282–309.
        16. Basso A. POKE: A Framework for Efficient PKEs, Split KEMs, and OPRFs from Higher-dimensional Isogenies // Cryptology ePrint Archive. 2024.
        17. Dartois P., Leroux A., Robert D., Wesolowski B. SQISignHD: new dimensions in cryptography // Annual International Conference on the Theory and Applications of Cryptographic Techniques. Cham: Springer Nature Switzerland, 2024. Pp. 3–32.
        18. Nakagawa K., Onuki H. SQIsign2D-East: a new signature scheme using 2-dimensional isogenies // Cryptology ePrint Archive. 2024.
        19. Poltavtseva M., Shenets N. Applying homomorphic cryptography methods to the development of secure Big Data management systems // Nonlinear Phenomena in Complex Systems. 2019. Vol. 22. № 3. Pp. 251–259.
        20. Maino L., Martindale C. An attack on SIDH with arbitrary starting curve // Cryptology ePrint Archive. 2022.
        21. Robert D. Breaking SIDH in polynomial time // Annual International Conference on the Theory and Applications of Cryptographic Techniques. Cham: Springer Nature Switzerland, 2023. Pp. 472–503.
        22. Malyshev E. V., Moskvin D. A., Zegzhda D. P. Application of an artificial neural network for detection of attacks in Vanets // Automatic Control and Computer Sciences. 2019. Vol. 53. № 8. Pp. 889–
        23. Koshiba T., Takashima K. Pairing cryptography meets isogeny: A new framework of isogenous pairing groups // Cryptology ePrint Archive. 2016.
        24. Busygin A. G., Konoplev A. S., Kalinin M. O. Approaches to protection of applications based on the TLS protocol against attacks using revoked certificates // Automatic Control and Computer Sciences. 2016. Vol. 50. № 8. Pp. 743–748.
        25. Menezes A., Vanstone S., Okamoto T. Reducing elliptic curve logarithms to logarithms in a finite field // Proceedings of the twenty-third annual ACM symposium on Theory of computing. 1991. Pp. 80–89.
        N. N. Shenets, E. B. Aleksandrova, A. S. Konoplev, N. V. Gololobov
        Peter the Great St. Petersburg Polytechnic University, St. Petersburg, Russia
        GENERAL SOLUTION TO THE SPECIAL PROBLEM OF DISTRIB-UTING SHARES USING SHAMIR’S SECRET SHARING SCHEME

        Annotation:

        In this paper, we solve the following problem. For a group of n participants, we need to distribute two shares to each of them in such a way that each pair of par-ticipants forms a (3, 4)-threshold access structure. In other words, each pair of participants can find some secret using any 3 out of the 4 shares they have. Ob-viously, this problem has a trivial solution: to share the same secret between eve-ryone using a (3, 2n)-threshold secret sharing scheme. However, of theoretical and practical interest is the case when each pair of participants recovers a secret different from the others. In particular, the solution to this problem is necessary for the key agreement protocol proposed in [1]. In this paper, we find a complete solution to considered problem for Shamir's secret sharing scheme. In addition, non-interactive methods for randomizing the key agreement protocol from [1] are studied. Unfortunately, it turns out that they do not enhance the security of this protocol.

        To quote:

        N. N. Shenets, E. B. Aleksandrova, A. S. Konoplev, N. V. Gololobov GENERAL SOLUTION TO THE SPECIAL PROBLEM OF DISTRIB-UTING SHARES USING SHAMIR’S SECRET SHARING SCHEME // Information Security Problems. Computer Systems. 2025. № 1. Pp. 106–120. DOI:10.48612/jisp/gh7t-814n-e9uz

        DOI:

        10.48612/jisp/gh7t-814n-e9uz

        Keywords:

        key pre-distribution, Shamir’s secret sharing scheme, key agreement protocol, perfectness, threshold cryptography

        Pages:

        106–120

        Books list ‣‣‣‣:

        (Russian)

        1. Shenets N. N. A General Approach to Authenticated Key Establishment based on Homomorphic Secret Sharing // Nonlinear Phenomena in Complex Systems. 2024. Vol. 27. № 3. Pp. 301–310. DOI: 10.5281/zenodo.13960663
        2. Agrawal R., Faujdar N., Romero C. A. T. et al. Classification and comparison of ad hoc networks: A review // Egyptian Informatics Journal. 2023. Vol. 24. Iss. 1. Pp. 1–25. DOI: 10.1016/j.eij.2022.10.004
        3. Safari F., Savic I., Kunze H. et al. The Diverse Technology of MANETs: A Survey of Applications and Challenges // International Journal of Future Computer and Communication. Vol. 12. № 2. Pp. 37–48. DOI: 10.18178/ijfcc.2023.12.2.601.
        4. Dong S., Su H., Xia Y. et al. A Comprehensive Survey on Authentication and Attack Detection Schemes that Threaten It in Vehicular Ad-Hoc Networks // IEEE Transactions on Intelligent Transportation Systems. 2023. Vol. 24. № 12. Pp. 13573–13602. DOI: 10.1109/TITS.2023.3297527.
        5. Gupta A., Barthwal A., Vardhan H.et al. Evolutionary study of distributed authentication protocols and its integration to UAV-assisted FANET //  Tools. Appl. 2023. Vol. 82. Pp. 42311–42330. DOI: 10.1007/s11042-023-15197-0.
        6. Ovasapyan T., Moskvin D. Security provision in WSN on the basis of the adaptive behavior of nodes // Fourth World Conf. on Smart Trends in Systems, Security and Sustainability. 2020. Pp. 81–85. DOI: 10.1109/WorldS450073.2020.9210421
        7. Belenko V., Krundyshev V., Kalinin M. Intrusion detection for Internet of Things applying metagenomefast analysis // Third World Conf. on Smart Trends in Systems Security and Sustainability (WorldS4). 2019. Pp. 129–135. DOI: 10.1109/WorldS4.2019.8904022.
        8. Shamir A. How to share a secret // Communications of the ACM. 1979. Vol. 22. № 11. Pp. 612–613.
        9. Шенец Н. Н., Александрова Е. Б., Коноплев А. С., Гололобов Н. В. Способ предварительного распределения ключей с использованием схемы разделения секрета Шамира // Проблемы информационной безопасности. Компьютерные системы. 2024. № 4. С. 74–84.
        10. Blakley G. R. Safeguarding cryptographic keys // International Workshop on Managing Requirements Knowledge (MARK). 1979. Pp. 313–318.
        11. Ito M., Saito A., Nishizeki T. Secret sharing scheme realizing general access structure // IEEE Global Telecommunications Conf., Globecom’87, Tokyo, Japan, 1987. 1987. Pp. 99–102.
        12. Csirmaz L. The size of a share must be large // Journal of cryptology. 1997. 10(4). Pp. 223–232.
        13. Asmuth C., Bloom J. A modular approach to key safeguarding // IEEE transactions on information theory. 1983. Vol. 29. № 2. Pp. 208–210.
        14. Супрун А. Ф., Веселко А. А., Кастырин М. А. Обеспечение безопасности в системах интернета вещей методом малой криптографии // Журнал технических исследований. 2021. Т. 7. № 4. С. 41–48.
        15. Mignotte M. How to share a secret // Advances in cryptology, Eurocrypt’82. 1982. Pp. 371–375.
        16. Shenets N. N. On modular (CRT-based) secret sharing //  Comput. Virol. Hack. Tech.2024. Vol. 20. Pp. 765–782. DOI: 10.1007/s11416-024-00530-4
        17. Zegzhda D. P., Kalinin M. O., Levykin M. V. Actual vulnerabilities of industrial automation protocols of an open platform communications series // Automatic Control and Computer Sciences. 2019. Vol. 53. № 8. Pp. 972–979.
      • TECHNOLOGICAL SYSTEMS, ALGORITHMIZATION OF TASKS AND CONTROL OBJECTS MODELING
        I. A. Sikarev1, V. M. Abramov2, K. S. Prostakevich1, A. L. Abramova1, A. I. Chestnov3
        1Russian State Hydrometeorological University, St. Petersburg, Russia
        2Admiral Makarov State University of Maritime and Inland Shipping, St. Petersburg, Russia
        3Profinfotech LLC, St. Petersburg, Russia
        AUTOMATION OF ARCHIVING FOR ATMOSPHERIC PRECIPITATION MEASUREMENT INFORMATION

        Annotation:

        Considered issues of automation for measuring information archiving received from the OTT PARSIVEL laser disdrometer in form of messages with .dat format. It is shown that .dat format is not convenient for archiving in databases. As a result of performed research, methodology and toolkit was developed for automating the conversion of source messages for subsequent archiving in databases, taking into account the specifics of the SQL query language.

        To quote:

        I. A. Sikarev, V. M. Abramov, K. S. Prostakevich, A. L. Abramova, A. I. Chestnov AUTOMATION OF ARCHIVING FOR ATMOSPHERIC PRECIPITATION MEASUREMENT INFORMATION // Information Security Problems. Computer Systems. 2025. № 1. Pp. 155–163. DOI:10.48612/jisp/r28m-trm5-pfu3

        DOI:

        10.48612/jisp/r28m-trm5-pfu3

        Keywords:

        automation, archiving, databases, disdrometer, autonomous surface vessels

        Pages:

        155–163

        Books list ‣‣‣‣:

        (Russian)

        1. Сикарев И. А., Абрамов В. М., Простакевич К. С. и др. Инфокоммуникационный инструментарий для управления природными рисками при мореплавании автономных судов в Арктике при изменении климата // Проблемы информационной безопасности. Компьютерные системы. 2024. № 1(58). С. 110–120. DOI: 10.48612/jisp/v28t-z3kr-nrn2. EDN: RUESZV.
        2. Нырков А. П., Сикарев И. А. О проблемах безопасности телекоммуникационных систем на внутренних водных путях // Региональная информатика-2008 (РИ-2008): XI Санкт-Петербургская международная конференция, Санкт-Петербург, 22–24 октября 2008 г., Санкт-Петербург, Россия. СПб.: Санкт-Петербургское общество информатики, вычислительной техники, систем связи и управления, 2009. С. 230–233. EDN: WHFAYB.
        3. Kathiravelu G., Lucke T., Nichols P. Rain Drop Measurement Techniques: A Review // Water. № 8 (29). Pp. 1–20. DOI: 10.3390/w8010029
        4. Нырков А. П., Сикарев И. А. Безопасность информационных каналов автоматизированных систем на водном транспорте // Журнал университета водных коммуникаций. 2009. № 2. С. 165–169. EDN: MSZXKV.
        5. Tatarnikova T. M., Sikarev I. A., Bogdanov P. Yu., Timochkina T. V. Botnet Attack Detection Approach in Out Networks // Automatic Control and Computer Sciences. 2022. Vol. 56. № 8. Pp. 838– DOI: 10.3103/s0146411622080259. EDN: VILOAN.
        6. Абрамов В. М., Сикарев И. А., Честнов А. И., Буцанец А. А. Автоматизированная обработка архивов метеорологических данных с помощью программы на языке «Python» // Речной транспорт (XXI век). 2022. № 4(104). С. 53– EDN: JHWPCQ.
        7. Sikarev A., Abramov V. M., Burlov V. G. et al. Northern Sea Route Development Under Climate Change and Covid-19 // Proceedings of the 37th International Business Information Management Association Conference Innovation Management and information Technology impact on Global Economy in the Era of Pandemic, 30–31 May 2021, Cordoba. Cordoba: IBIMA Publishing, 2021. Pp. 5147–5153. EDN: MWVXNB.
        8. Vekshina T. V., Abramov V. M., Bolshakov V. A. et al. Geoinformation technologies for assessing arctic and subarctic riverbeds throughput while climate change // 19th international multidisciplinary scientific geoconference SGEM 2019: Conference proceedings, 30 June – 6 July 2019, Albena. Albena: 2019. Vol. 19. Pp. 903–910. DOI: 10.5593/sgem2019/2.1/S08.117. EDN: SATCDX
        9. Sokolov A. G., Abramov V. M., Istomin E. et al. Digital transformation of risk management for natural-industrial systems while climate change // IOP Conference Series: Materials Science and Engineering, 21–22 November 2019, St. Petersburg, Russia. 2020. P. 012003. DOI: 10.1088/1757-899X/940/1/012003. EDN: DTHAKI
        10. Карлин Л. Н., Абрамов В. М., Гогоберидзе Г. Г., Леднова Ю. А. Анализ социально-экономической ситуации в арктических приморских субъектах Российской Федерации на основе индикаторной оценки морского потенциала // Ученые записки Российского государственного гидрометеорологического университета. 2013. № 30. С. 181–188. EDN: REQQUB.
        11. Sikarev A. A., Sikarev I. A., Garanin A. V. Noise Immunity of Noncoherent Reception under Complex Interference Effect on Communication and Monitoring Channels of Automated Information Systems of River Transport on Inland Waterways of the Russian Federation // Automatic Control and Computer Sciences. 2018. № 52 (8). Pp. 1084–1089. DOI: 10.3103/S01464116180802424.
        12. Sikarev I. A., Chistyakov G. B., Garanin A. V., Moskvin D. A. Algorithms for Enhancing Information Security in the Processing of Navigation Data of Unmanned Vessels of the Technical Fleet of the Inland Waterways of the Russian Federation // Automatic Control and Computer Sciences. 2020. Vol. 54. № Pp. 964–967. DOI: 10.3103/S0146411620080325. EDN: AKAYKV.
        13. Sikarev I. A., Lukyanov S. I., Popov N. et al. Digital learning technologies within geo-information management // E3S Web of Conferences, Chelyabinsk, 17–19 February 2021, Chelyabinsk, Russia. 2021. P. 01004. DOI: 10.1051/e3sconf/202125801004. EDN: GWVYAN.
        14. Kolbina O. N., Abramov V. M., Mikheev V. L. et al. Business Information Technologies Development for Decision Support within Geo-Information Management // Education Excellence and Innovation Management: A 2025 Vision to Sustain Economic Development during Global Challenges: Proceedings of the 35th International Business Information Management Association Conference (IBIMA), 1–2 April 2020, Seville, Spain. Seville, Spain: International Business Information Management Association (IBIMA), 2020. Pp. 11255–11263. EDN: LPYKRV.
        15. Abramov V. M., Popov N. N., Korinets E. M. et al. Digital learning technologies development for university education in environmental economics // Vision 2025: Education Excellence and Management of Innovations through Sustainable Economic Competitive Advantage: Proceedings of the 34rd International Business Information Management Association Conference, IBIMA 2019, 13–14 November 2019, Madrid, Spain. Madrid, Spain: International Business Information Management Association, 2019. Pp. 9409–9417. EDN: YGOFIF.
      • NETWORK AND TELECOMMUNICATION SECURITY
        P. A. Novikov, S. A. Dichenko, R. V. Lukyanov, S. V. Polikarenkov, M. L. Martynov
        Krasnodar Higher Military School named after S. M. Shtemenko, Krasnodar, Russia
        A MATHEMATICAL MODEL AND METHODOLOGY FOR EVALUATING THE EFFECTIVENESS OF NETWORK MONITORING OF DATA TRANSMISSION NETWORK SECURITY

        Annotation:

        The article considers a network monitoring system for the security of a data transmission network operating under computer influences. One of the most urgent tasks in these conditions is the development of mechanisms for evaluating the effectiveness of network monitoring of data transmission network security from computer influences. A mathematical model and methodology are proposed, where the fundamental difference from the existing ones is a new approach to monitoring the security status of data transmission network elements from computer influences.

        To quote:

        P. A. Novikov, S. A. Dichenko, R. V. Lukyanov, S. V. Polikarenkov, M. L. Martynov A MATHEMATICAL MODEL AND METHODOLOGY FOR EVALUATING THE EFFECTIVENESS OF NETWORK MONITORING OF DATA TRANSMISSION NETWORK SECURITY // Information Security Problems. Computer Systems. 2025. № 1. Pp. 121–131. DOI:10.48612/jisp/pg74-3nxe-fa33

        DOI:

        10.48612/jisp/pg74-3nxe-fa33

        Keywords:

        data transmission network, network security monitoring, computer impacts, efficiency assessment

        Pages:

        121–131

        Books list ‣‣‣‣:

        (Russian)

        1. Лепешкин О. М., Артамонов В. А. Обнаружение аномалий трафика канала связи по коротким временным рядам // Известия ЮФУ. Технические науки. 2006. № 7 (62). С. 163–166.
        2. Невядомский А. Е., Новиков П. А., Худайназаров Ю. К. Обеспечение оперативности контроля выполнения политики безопасности информации на телекоммуникационном оборудовании // Инновационная деятельность в Вооруженных Силах Российской Федерации. Тр. всеармейской науч.-практ. конф. 2019. С. 124–127.
        3. Худайназаров Ю. К., Новиков П. А., Шуравин А. С., Лепешкин Е. О. Совершенствование системы обеспечения безопасности информации на основе интеллектуализации задачи мониторинга // Нейрокомпьютеры и их применение. XVII Всерос. науч. конф. 2019. С. 179–180.
        4. Шуравин А. С., Новиков П. А. Современные угрозы безопасности информации, передаваемой с использованием узлов связи автоматизированной цифровой системы связи // Актуальные проблемы защиты и безопасности. Тр. XXII Всерос. науч.-практ. конф. 2019. С. 181–183.
        5. Стариков Т. В., Сопин К. Ю., Диченко С. А., Самойленко Д. В. Криптографический контроль целостности данных по правилам построения кода Рида-Соломона // Проблемы информационной безопасности. Компьютерные системы. 2022. № 1. С. 58–67.
        6. Samoylenko D. V., Eremeev M. A., Finko O. A., Dichenko S. A. Parallel linear generator of multivalued pseudorandom sequences with // SPIIRAS Proceedings. 2018. № 4 (59). Pp. 31–61.
        7. Диченко С. А., Жарких А. А., Акилов А. А., Кись С. А. Разработка алгоритма контроля и обеспечения целостности данных при их хранении в центрах обработки данных // Информационный бюллетень Омского научно-образовательного центра ОмГТУ и ИМ СО РАН в области математики и информатики. Материалы VIII Междунар. молодеж. науч.-практ. конф. с элементами науч. школы. 2018. С. 110–113.
        8. Finko O., Samoylenko D., Dichenko S., Eliseev N. Parallel generator of q-valued pseudorandom sequences based on arithmetic polynomials // Przeglad Elektrotechniczny. 2015. Vol. 91. № 3. Pp. 24–27.
        9. Сопин К. Ю., Диченко С. А., Самойленко Д. В. Криптографический контроль целостности данных на основе геометрических фракталов // Проблемы информационной безопасности. Компьютерные системы. 2022. № 1. С. 85–95.
        10. Dichenko S. A. An integrity control model for multidimensional data arrays // Automatic Control and Computer Sciences. 2021. Vol. 55. № 8. Pp. 1188–1193.
        11. Egorov V. I., Ponomarenko R. E. Applicances of different kind of storage systems for network traffic analysis results // Proceedings of the Institute for System Programming of the RAS. 2024. Vol. 36. № 2. Pp. 7–20.
        12. Islam R., Patamsetti V. V., Gadhi A. et al. Design and analysis of a network traffic analysis tool: netflow analyzer // International Journal of Communications, Network and System Sciences. 2023. Vol. 16. № 2. Pp. 21–29.
        13. Починок В. В., Шерстобитов Р. С., Теленьга А. П. и др. Модель процесса мониторинга корректности фрагментации пакетов в ведомственной сети передачи данных // Инженерный вестник Дона. 2020. № 5 (65). С. 25–32.
        14. Бородин В. В., Клецков Д. А., Тимошенко А. В., Щевцов В. А. Многоагентная динамическая модель многокритериального информационного взаимодействия структурных элементов самоорганизующейся сети передачи данных наземно-воздушной системы мониторинга // Известия Российской академии наук. Теория и системы управления. 2023. № 1. С. 123–136.
        15. Патент РФ RUS 2595991. Устройство имитозащиты группы контролируемых объектов / В. В. Анисимов, О. М. Лепешкин, М. В. Митрофанов, М. М. Морозов, А. Г. Чукариков. 18.09.2015.
        16. Миронов А. А., Салюк Д. В. Основные проблемы обеспечения информационной безопасности в ведомственных информационно-вычислительных сетях в условиях цифровизации предоставления услуг пользователям сетей // Техника средств связи. 2020. № 3 (151). С. 50–58.
        17. Шостак Р. К., Лепешкин О. М. Актуальность развития сетевого контроля защищенности информационных систем // Региональная информатика и информационная безопасность. 2017. С. 190–192.
        18. Шостак Р. К., Новиков П. А., Шуравин А. С., Лепешкин М. О. Критерии и показатели оценки сетевого мониторинга защищенности узлов связи сети передачи данных от деструктивных программно-аппаратных воздействий // Нейрокомпьютеры и их применение. XVII Всерос. науч. конф. 2019. С. 95–96.
        M. A. Pahomov
        Peter the Great St. Petersburg Polytechnic University, St. Petersburg, Russia
        MODEL OF NODE INTERACTION IN A MOBILE AD-HOC NETWORK CONSIDERING PROTECTION AGAINST ACTIVE NETWORK ATTACKS

        Annotation:

        The features of the functioning of mobile self-organizing networks are considered. Models of node interaction in these networks are analyzed, taking into account protection against network attacks, and their advantages and disadvantages are highlighted. A model of node interaction in a mobile self-organizing network is proposed, considering protection against active network attacks based on early attack detection. Early detection of network attacks is achieved by predicting network parameters and further analyzing them using machine learning methods. A trust model is also used to exclude malicious nodes from the network.

        To quote:

        M. A. Pahomov MODEL OF NODE INTERACTION IN A MOBILE AD-HOC NETWORK CONSIDERING PROTECTION AGAINST ACTIVE NETWORK ATTACKS // Information Security Problems. Computer Systems. 2025. № 1. Pp. 132–144. DOI:10.48612/jisp/a3z4-17n4-4xvf

        DOI:

        10.48612/jisp/a3z4-17n4-4xvf

        Keywords:

        information security, ad-hoc networks, model of node interaction, intrusion detection systems

        Pages:

        132–144

        Books list ‣‣‣‣:

        (Russian)

        1. Ramphull D., Mungur A. E. U., Armoogum S., Pudaruth S. A review of mobile ad hoc NETwork (MANET) Protocols and their Applications // 2021 5th international conference on intelligent computing and control systems (ICICCS). IEEE, 2021. Pp. 204–211.
        2. Пахомов М. А., Павленко Е. Ю., Соболев Н. В. Анализ методов обеспечения информационной безопасности беспроводных самоорганизующихся сетей // Проблемы информационной безопасности. Компьютерные системы. 2023. № S2 (55). С. 13–24.
        3. Легашев Л. В., Гришина Л. С., Парфенов Д. И., Жигалов А. Ю. Разработка модели обнаружения сетевых аномалий трафика в беспроводных распределенных самоорганизующихся сетях // Научно-технический вестник информационных технологий, механики и оптики. 2022. Т. 22. № 4. С. 699–707.
        4. Fan N., Wu C. Q. On trust models for communication security in vehicular ad-hoc networks // Ad Hoc Networks. 2019. Vol. 90. P. 101740.
        5. Olanrewaju R. F., Khan B. U. I., Anwar F. et al. Bayesian signaling game based efficient security model for MANETs // Advances in Information and Communication: Proceedings of the 2019 Future of Information and Communication Conference (FICC), Vol. 2. Springer International Publishing, 2020. Pp. 1106–1122.
        6. Chintalapalli R. M., Ananthula V. R. M‐LionWhale: multi‐objective optimisation model for secure routing in mobile ad‐ hoc network // IET Communications. 2018. Vol. 12. № 12. Pp. 1406–1415.
        7. Сомов С. К. Использование репликации данных в мобильных сетях произвольной структуры MANET // Управление развитием крупномасштабных систем (MLSD’2021). 2021. С. 1478–1484.
        8. Калинин М. О., Лаврова Д. С., Ярмак А. В. Обнаружение угроз в киберфизических системах на основе методов глубокого обучения с использованием многомерных временных рядов // Проблемы информационной безопасности. Компьютерные системы. 2018. № 2. С. 111–117.
        9. Lavrova D., Zaitceva E., Zegzhda P. Bio-inspired approach to self-regulation for industrial dynamic network infrastructure // CEUR Workshop Proc. 2019. Vol. 2603. Pp. 34–39.
        10. Siami-Namini S., Tavakoli N., Namin A. S. A comparison of ARIMA and LSTM in forecasting time series // 2018 17th IEEE international conference on machine learning and applications (ICMLA). IEEE, 2018. Pp. 1394–1401.
        11. Chandra R., Goyal S., Gupta R. Evaluation of deep learning models for multi-step ahead time series prediction // IEEE Access. 2021. Vol. 9. Pp. 83105–83123.
        12. Siami-Namini S., Tavakoli N., Namin A. S. The performance of LSTM and BiLSTM in forecasting time series // 2019 IEEE International conference on big data (Big Data). IEEE, 2019. Pp. 3285–3292.
        13. Uyan O. G., Akbas A., Gungor V. C. Machine learning approaches for underwater sensor network parameter prediction // Ad Hoc Networks. 2023. Vol. 144. Pp. 103139.
        14. Wan Xianbin, Hui Liu, Hao Xu, Xinchang Zhang. Network traffic prediction based on LSTM and transfer learning // IEEE Access. 2022. Vol. 10. Pp. 86181–86190.
        15. Wetschoreck RIP correlation. Introducing the predictive power score. URL: https://medium.com/towards-data-science/rip-correlation-introducing-the-predictive-power-score-3d90808b9598 (дата обращения: 16.01.2025).
        16. Singh P. K., Gupta R. R., Nandi S. K., Nandi S. Machine learning based approach to detect wormhole attack in VANETs // Web, Artificial Intelligence and Network Applications: Proceedings of the Workshops of the 33rd International Conference on Advanced Information Networking and Applications (WAINA-2019). Springer International Publishing, 2019. Pp. 651–661.
        17. Adhikary K., Bhushan S., Kumar S., Dutta K. Hybrid algorithm to detect DDoS attacks in VANETs // Wireless Personal Communications. 2020. Vol. 114. Pp. 3613–
        18. Teli T. A., Yousuf R., Khan D. A. MANET Routing Protocols Attacks and Mitigation Techniques: A Review // International Journal of Mechanical Engineering. 2022. Vol. 7. № 2. Pp. 1468–1478.
        19. Vuyyuru V. A., Alotaibi Y., Veeraiah N. et al. EsECC_SDN: Attack Detection and Classification Model for MANET // Computers, Materials & Continua. 2023. Vol. 74. № 3.
        A. K. Skrypnikov, V. M. Krundyshev, M. O. Kalinin
        Peter the Great St. Petersburg Polytechnic University, St. Petersburg, Russia
        ANONYMIZATION OF NETWORK TRAFFIC IN BLOCKCHAIN SYSTEMS BY USING GARLIC ROUTING

        Annotation:

        The task of protecting nodes of a blockchain system from security threats of user deanonymization, access restriction, and imposition of false data about the blockchain state is considered. A method of anonymizing the network traffic between nodes of a blockchain system based on garlic routing, supporting integration with consensus mechanism, has been proposed. As a result of experimental study, it is demonstrated that the presented method allows increasing the safety of blockchain systems applied in large-scale network infrastructures.

        To quote:

        A. K. Skrypnikov, V. M. Krundyshev, M. O. Kalinin ANONYMIZATION OF NETWORK TRAFFIC IN BLOCKCHAIN SYSTEMS BY USING GARLIC ROUTING // Information Security Problems. Computer Systems. 2025. № 1. Pp. 145–154. DOI:10.48612/jisp/nhfh-bxm9-hnh2

        DOI:

        10.48612/jisp/nhfh-bxm9-hnh2

        Keywords:

        deanonymization, blockchain, distributed ledger, network traffic, smart city, garlic routing

        Pages:

        145–154

        Books list ‣‣‣‣:

        (Russian)

        1. Полтавцева М. А., Зегжда Д. П. Моделирование информационных процессов систем управления большими данными для решения задач кибербезопасности // Программные продукты и системы. 2024. Т. 37. № 1. С. 54–61.
        2. Ерастов В. О., Зубков Е. А., Зегжда Д. П. Исследование проблем аудита информационной безопасности географически распределенных устройств Интернета вещей // Проблемы информационной безопасности. Компьютерные системы. 2024. № 4 (62). С. 42–52.
        3. Бушмелев А. С., Бусыгин А. Г. Систематизация и анализ актуальных алгоритмов распределенного консенсуса для обеспечения безопасности распределенных реестров «умного города» // Неделя науки ИКНК: Материалы докладов научно-практической конференции, 15–17 апреля 2024 г., Санкт-Петербург, Россия. СПб.: Санкт-Петербургский политехнический университет Петра Великого, 2024. С. 53–54.
        4. Parizi R. M., Homayoun S., Yazdinejad A. et al. Integrating privacy enhancing techniques into blockchains using sidechains // Proc. IEEE Can. Conf. Elect. Comput. Eng. 2019. Pp. 1–4.
        5. Zegzhda D. P., Moskvin D. A., Myasnikov A. V. Assurance of cyber resistance of the distributed data storage systems using the blockchain technology // Automatic Control and Computer Sciences. 2018. Vol. 52. № 8. Pp. 1111–1116.
        6. Ovasapyan T., Moskvin D. Security provision in WSN on the basis of the adaptive behavior of nodes // Proceedings of the World Conference on Smart Trends in Systems, Security and Sustainability, WS4 2020, 27–28 July 2020, Virtual, London. 2020. Pp. 81–85.
        7. Ижунинов М. А. Технология VPN: характеристика // Молодой ученый. № 50 (288). С. 10–12.
        8. Семенов Д. А., Савилов П. И. VPN и его протокол PPTP // Современные информационные технологии и ИТ-образование. 2018. № 14. С. 627–630.
        9. Старун И. Г., Югансон А. Н., Гатчин Ю. А. Построение математической модели расчета комплексной оценки VPN // Вестник Тамбовского университета. Серия: Естественные и технические науки. 2019. Т. 24. № 4. С. 535–546.
        10. Maxwell G. CoinJoin: Bitcoin Privacy for the Real World. URL: https://bitcointalk.org/index.php?topic=279249 (дата обращения: 01.02.2025).
        11. Ruffing T., Moreno-Sanchez P., Kate A. CoinShuffle: Practical Decentralized Coin Mixing for Bitcoin // European Symposium on Research in Computer Security. 2014. Pp. 1–15.
        12. Bissias G., Ozisik A. P., Levine B. N., Liberatore M. Sybil-Resistant Mixing for Bitcoin // Proceedings on Privacy Enhancing Technologies. 2018. Pp. 1–10.
        13. Erlingsson U., Pihur V., Korolova A. RAPPOR: Randomized Aggregatable Privacy-Preserving Ordinal Response // ACM SIGSAC Conference on Computer and Communications Security. 2014. Pp. 1–14.
        14. Bonneau J., Narayanan A., Miller A. et al. MixCoin: Anonymity for Bitcoin with Accountable Mixes // Financial Cryptography and Data Security. 2014. Pp. 1–25.
        15. Ziegeldorf J. H., Grossmann F., Henze M. et al. CoinParty: Secure Multi-Party Mixing of Bitcoins // ACM Conference on Computer and Communications Security. 2015. Pp. 1–12.
        16. Busygin A., Konoplev A. Blockchain for cybersecurity of government e-services: decentralized architecture benefits and challenges // Studies on Entrepreneurship, Structural Change and Industrial Dynamics. 2021. Pp. 187–198.
        17. Jadav N. K., Gupta R., Tanwar S., Bhattacharya P. Intelligent Garlic Routing for Securing Data Exchange // V2X Communication, 2022 IEEE Globecom Workshops (GC Wkshps), Rio de Janeiro, Brazil. 2022. Pp. 286–291.
        18. Dakhnovich A. D., Zegzhda D. P., Moskvin D. A. Applying garlic routing to guarantee secure collaboration of segments in a digital manufacturing network // Automatic Control and Computer Sciences. 2018. Vol. 52. № 8. Pp. 1127–1133
        19. Applying Garlic Routing to Guarantee Secure Collaboration of Segments in a Digital Manufacturing Network. URL: https://link.springer.com/article/10.3103/S0146411618080060 (дата обращения: 01.02.2025).
        20. Mininet. URL: https://mininet.org/walkthrough/ (дата обращения: 01.02.2025).
    • № 2 2025
      • INFORMATION SECURITY APPLICATION
        S. E. Adadurov1, A. A. Kornienko2, S. V. Kornienko2, E. D. Osipenko3
        1JSC “VNIIZHT”, Moscow, Russia
        2Emperor Alexander I St. Petersburg State Transport University, St. Petersburg, Russia
        3City polyclinic No. 52, St. Petersburg, Russia
        ANALYSIS OF THE POSSIBILITIES OF USING BIOMETRIC CHARACTERISTICS TO IDENTIFY A POTENTIAL INTERNAL VIOLATOR BASED ON HIS PSYCHO-EMOTIONAL STATE

        Annotation:

        The main biometric characteristics reflecting changes in the psychoemotional state of the user of the information system are considered. Their ranking was performed using the method of paired comparisons, as a result of which the voice and keyboard handwriting were identified as the most suitable for further research. The criteria for preliminary identification of potential internal information security violators based on changes in the considered biometric characteristics are defined. A convolutional neural network model has been developed and tested to solve this problem.

        To quote:

        S. E. Adadurov, A. A. Kornienko, S. V. Kornienko, E. D. Osipenko ANALYSIS OF THE POSSIBILITIES OF USING BIOMETRIC CHARACTERISTICS TO IDENTIFY A POTENTIAL INTERNAL VIOLATOR BASED ON HIS PSYCHO-EMOTIONAL STATE // Information Security Problems. Computer Systems. 2025. № 2. Pp. 9–20. DOI:10.48612/jisp/tmbk-z2k3-5a16

        DOI:

        10.48612/jisp/tmbk-z2k3-5a16

        Keywords:

        Biometrics, psycho-emotional state, neural network, information security

        Pages:

        9–20

        Books list ‣‣‣‣:

        1. Полякова А. Сравнительный обзор современных UEBA-систем // Блог компании «Биткоп». URL: https://bitcop.ru/blog/obzor-sovremennyh-ueba-sistem (дата обращения: 01.04.2025).
        2. Лемешевская З. П., Михальчик С. В., Водоевич В. П. Диагностика психического состояния человека по мимике лица // Журнал ГрГМУ. 2010. № 1 (29). С. 62–67.
        3. Барабанщиков В. А. Экспрессии лица и их восприятие. М.: Изд-во «Институт психологии РАН», 2012. 341 с.
        4. Зиндлер Л. Р. Общая фонетика. М.: Высшая школа, 1979. 312 с.
        5. Ильин Е. П. Эмоции и чувства. СПб: Питер, 2001. 752 с.
        6. Баланов А. Н. Биометрия. Разработка и внедрение систем идентификации: учебное пособие для вузов. СПб.: Лань, 2024. 228 с.
        7. Корниенко С. В., Пантюхина А. В. Методика выявления потенциальных внутренних нарушителей информационной безопасности // Интеллектуальные технологии на транспорте. 2023. № 2 (34). С. 50–57.
        8. Mermelstein P. Distance measures for speech recognition, psychological and instrumental // Pattern recognition and artificial intelligence. 1976. Vol. 116. P. 374–388.
        9. Davis S., Mermelstein P. Experiments in syllable-based recognition of continuous speech // IEEE Transcactions on Acoustics, Speech and Signal Processing. 1980. Vol. 28. P. 357–366.
        10. Аверин А. И., Сидоров Д. П. Аутентификация пользователей по клавиатурному почерку // Огарев-Online. 2015. № 20 (61). С. 1–5.
        11. Li Zewen, Liu Fan, Yang Wenjie et al. A Survey of Convolutional Neural Networks: Analysis, Applications, and Prospects // IEEE Transactions on Neural Networks and Learning Systems. 2021. P. 1–21. DOI: 10.1109/TNNLS.2021.3084827.
        12. Рашид Т. Создаем нейронную сеть. СПб.: ООО «Альфа-книга», 2017. 272 с.

        A. V. Blinov1, S. V. Bezzateev1,2
        1ITMO University, St. Petersburg, Russia
        2Saint Petersburg State University of Aerospace Instrumentation, St. Petersburg, Russia
        PROTECTION OF DEVOPS PIPELINES: AUTOMATION OF SECURITY WITHIN DEVSECOPS

        Annotation:

        The research focuses on methods for automating security in DevOps pipelines within the DevSecOps framework, emphasizing the integration of tools, processes, and cultural shifts to enhance the security of software products. The research set the following tasks: analysis of modern DevSec- Ops methodologies and tools; assess the potential of using artificial intelligence and machine learning to automate information security tasks; identify the main problems and barriers to integrating DevSecOps into continuous integration and delivery (CI/CD) processes; identify promising areas for automation development in the field of security. The study uses a comparative analytical review method, including an analysis of scientific literature, industrial practices and documentation of modern DevSecOps tools, the Shift-Left Security and Security as Code approaches. Open sources, CI/CD platform documentation, and data on the use of AI in information security were used. The research identifies key principles for integrating security into DevOps: early vulnerability detection, automation of security processes, implementation of Security as Code, and enhanced threat monitoring. Modern DevSecOps tools are reviewed, including static and dynamic code analysis, security policy management systems, secret management solutions, and AI-powered proactive threat detection mechanisms. The study finds that automation minimizes human error, accelerates vulnerability detection and remediation processes, and ensures compliance with regulatory requirements. However, certain limitations were also identified, including the complexity of tool integration, a shortage of DevSecOps specialists, and resistance to changes within development and operations teams. Future trends indicate further advancements in AI-driven solutions and automated frameworks for security management. This research contributes to the field of information security by uncovering methods for automating DevSec- Ops integration into CI/CD processes and exploring the potential of AI for predictive threat analytics. It highlights key trends in security automation within modern cloud and containerized environments.

        To quote:

        A. V. Blinov, S. V. Bezzateev, PROTECTION OF DEVOPS PIPELINES: AUTOMATION OF SECURITY WITHIN DEVSECOPS // Information Security Problems. Computer Systems. 2025. № 2. Pp. 21–34. DOI:10.48612/jisp/nr14-x1nu-r6t9

        DOI:

        10.48612/jisp/nr14-x1nu-r6t9

        Keywords:

        Information security, DevSecOps, secure software development, security integration, security process automation, DevOps

        Pages:

        21–34

        Books list ‣‣‣‣:

        1. Тулеубаева А. А., Норкина А. Н. Современные проблемы информационной безопасности в разработке программного обеспечения // Угрозы и риски финансовой безопасности в контексте цифровой трансформации: Материалы VII Международной научно-практической конференции Международного сетевого института в сфере ПОД/ФТ, 24 ноября 2021 г., Москва, Россия. М.: Национальный исследовательский ядерный университет «МИФИ», 2021. С. 670–676.
        2. Селиверстов С. Д., Мироненко Ю. В. Обзор методологии DevSecOps и ее ключевых инструментов для внедрения и обеспечения безопасной разработки ПО // Cтудент года 2024 – сборник статей Международного научно-исследовательского конкурса. Пенза, 2024. C. 107–111.
        3. Ганжур М. А., Дьяченко Н. В., Отакулов А. С. Анализ методологий DevOps и DevSecOps // Молодой Исследователь Дона. 2021. № 5 (32). С. 8–10.
        4. Kim G., Humble J., Debois P., Willis J. The DevOps Handbook: How to Create World-Class Agility, Reliability, & Security in Technology Organizations. Portland: IT Revolution Press, 2016. 644 p.
        5. Reddy Chittibala D. DevSecOps: Integrating Security into the DevOps Pipeline // International Journal of Science and Research. 2023. № 12(12). P. 2074–2078. DOI: 10.21275/sr24304171058.
        6. Зиновьев Л. Д., Каледа Р. А. Применение методов DevSecOps для интеграции безопасности в каждый этап жизненного цикла программного обеспечения // Информационные технологии в науке и образовании. Проблемы и перспективы: Сборник статей по материалам XI Всероссийской научно-практической конференции, 13 марта 2024 г., Пенза, Россия. Пенза: Пензенский государственный университет, 2024. С. 271–273.
        7. Pitchford M. The ‘Shift Left’ Principle // New Electronics. 2021. № 14(54). P. 18–21. DOI: 10.12968/s0047-9624(22)60234-7.
        8. What is Security as Code (SaC)? URL: https://www.checkpoint.com/cyber-hub/cloud-security/what-is-security-as-code-sac/ (дата обращения: 28.01.2025).
        9. Кузьмина С. П. Роль пайплайнов в современной кибербезопасности: автоматизация, защита и реагирование на угрозы // Интернаука. 2024. № 33–1(350). С. 9–10.
        10. Тюменцев Д. В. Безопасность в devops: стратегии и инструменты для защиты инфраструктуры от кибератак // Наукосфера. 2024. № 7–1. С. 51–56. DOI: 10.5281/zenodo.12697570.
        11. Container Security Best Practices. URL: https://www.aquasec.com/cloud-native-academy/container-security/ (дата обращения: 28.01.2025).
        12. Фатхи В. А., Дьяченко Н. В. Тестирование безопасности приложений // Инженерный вестник Дона. 2021. № 5(77). С. 108–120.
        13. Pakalapati N. Unlocking the Power of AI/ML in DevSecOps: Strategies and Best Practices // Journal of Knowledge Learning and Science Technology. 2023. № 2(2). P. 176–188. DOI: 10.60087/jklst.vol2.n2.p188.
        14. Enterprise Immune System: AI-Powered Cyber Defense. URL: https://www.darktrace.com/en/products/enterprise-immune-system/ (дата обращения: 28.01.2025).
        15. A TensorFlow-Based Production-Scale Machine Learning Platform. URL: https://dl.acm.org/doi/10.1145/3097983.3098021 (дата обращения: 28.01.2025).
        16. Almuairfi S. Security controls in infrastructure as code // Computer Fraud & Security. 2020. № 10(2020). P. 13–19. DOI: 10.1016/S1361-3723(20)30109-3.
        17. Policy-Based Control for Cloud-Native Environments. URL: https://www.openpolicyagent.org/docs/latest/ (дата обращения: 28.01.2025).
        18. Immutable-инфраструктура и ее преимущества. URL: https://habr.com/ru/companies/vk/articles/756152/ (дата обращения: 28.01.2025).
        19. Малышев Е. А. Обеспечение информационной безопасности технологического конвейера разработки программного обеспечения // Интерэкспо Гео-Сибирь. 2023. № 2(7). С. 56–62.
        20. Vault by HashiCorp. URL: https://www.vaultproject.io/ (дата обращения: 28.01.2025).
        21. Deckhouse Stronghold. URL: https://deckhouse.ru/products/stronghold/ (дата обращения: 28.01.2025)
        22. Mulpuri G. Security and Secrets Management: Integration of Security Tools Like Vault and Secrets Management into DevOps Workflow // International Journal of Science and Research. 2021. № 9(10). P. 1771–1774. DOI: 10.21275/sr24402110508.
        23. Бондарь Д. Е. Автоматизация процессов devsecops в условиях перехода на отечественное ПО: проблемы и решения // Современная наука: актуальные проблемы теории и практики. Серия: Естественные и технические науки. 2024. № 10. С. 59–63. DOI: 10.37882/2223-2966.2024.10.07.

        E. V. Zavadskii
        Peter the Great St. Petersburg Polytechnic University, St. Petersburg, Russia
        THE GRAPH MODEL OF A DEFENSE SYSTEM FOR DETECTING MALICIOUS ACTIVITY IN A FUNCTIONAL NETWORK INFRASTRUCTURE

        Annotation:

        The article considers the problem of protecting dynamically changing network infrastructures from cyberattacks, where the key challenge is the exponential growth of the number of potential attack vectors as the network scales. To solve this problem, a model of the defense system based on the principles of multi-criteria optimization is proposed.

        To quote:

        E. V. Zavadskii THE GRAPH MODEL OF A DEFENSE SYSTEM FOR DETECTING MALICIOUS ACTIVITY IN A FUNCTIONAL NETWORK INFRASTRUCTURE // Information Security Problems. Computer Systems. 2025. № 2. Pp. 35–40. DOI:10.48612/jisp/p834-8g6a-un1n

        DOI:

        10.48612/jisp/p834-8g6a-un1n

        Keywords:

        Network security, honeypot, multicriteria optimization, dynamic network, cyberattack, graph model

        Pages:

        35–40

        Books list ‣‣‣‣:

        1. Зегжда Д. П., Александрова Е. Б., Калинин М. О. и др. Кибербезопасность цифровой индустрии. Теория и практика функциональной устойчивости к кибератакам /под ред. Д. П. Зегжды. М.: Горячая линия Телеком, 2020. 560 с.
        2. Калинин М. О. Технология контроля функциональной устойчивости управляющих информационных систем машиностроения // Перспективное развитие науки, техники и технологий: сб. науч. статей, мат-лы 4-й междун. науч.-практ. конф. Курск: Юго-Зап. гос. ун-т, 2014. С. 149–151.
        3. Analyst report «Managed Detection and Response» 2024. URL: https://content.kaspersky-labs.com/fm/site-editor/9d/9d31b116d9c61340d333fa073facf869/source/mdr-report.pdf (дата обращения: 04.04.2025).
        4. Hung-Jen Liaoa, Chun-Hung Richard Lin, Ying-Chih Lina, Kuang-Yuan Tung. Intrusion detection system: A comprehensive review // Journal of network and computer applications. 2013. Vol. 36. № 1. P. 16–24.
        5. Martín G. A., Fernández-Isabel A., de Diego I. M., Beltrán M. A survey for user behavior analysis based on machine learning techniques: current models and applications // Applied Intelligence. 2021. Vol. 51. № 8. P. 6029–6055.
        6. Marshev I. I., Zhukovskii E. V., Aleksandrova E. B. Protection against adversarial attacks on malware detectors using machine learning algorithms // Automatic Control and Computer Sciences. 2021. Vol. 55. № 8. P. 1025–1028
        7. Ranjan R., Kumar S. S. User behaviour analysis using data analytics and machine learning to predict malicious user versus legitimate user // High-confidence computing. 2022. Vol. 2. № 1. P. 100034.
        8. Kalinin M., Krundyshev V. Security intrusion detection using quantum machine learning techniques // Journal of Computer Virology and Hacking Techniques. 2022.
        9. Статистика CVSS для зарегистрированных уязвимостей. URL: https://www.cvedetails.com/cvss-score-charts.php?fromform=1&vendor_id=&product_id=&startdate=2022-01-01&enddate=2025-04-26&groupbyyear=1 (дата обращения: 04.04.2025).
        10. Provos N. A Virtual Honeypot Framework // USENIX Security Symposium. 2004. Vol. 173. № 2004. P. 1–14.
        11. Cohen F. The use of deception techniques: Honeypots and decoys // Handbook of Information Security. 2006. Vol. 3. № 1. P. 646–655.
        12. Nawrocki M., Wahlisch M., Schmidt T. C. et al. A survey on honeypot software and data analysis // arXiv preprint arXiv:1608.06249. 2016.
        13. Anwar A. H., Kamhoua C., Leslie N. Honeypot allocation over attack graphs in cyber deception games // 2020 International Conference on Computing, Networking and Communications (ICNC). IEEE, 2020. P. 502–506.
        14. Sayed M. A., Anwar A., Kiekintveld C., Kamhoua C. Honeypot allocation for cyber deception in dynamic tactical networks: A game theoretic approach // International Conference on Decision and Game Theory for Security. Cham: Springer Nature Switzerland, 2023. P. 195–214.
        15. Osman M., Nadeem T., Hemida A., Kamhoua C. Optimizing honeypot placement strategies with graph neural networks for enhanced resilience via cyber deception // Proceedings of the 2nd on Graph Neural Networking Workshop 2023. 2023. P. 37–43.
        16. Zhang Y., Di C., Han Z. et al. An adaptive honeypot deployment algorithm based on learning automata // 2017 IEEE Second International Conference on Data Science in Cyberspace (DSC). IEEE, 2017. P. 521–527.
        17. Ovasapyan T. D., Nikulkin V. A., Moskvin D. A. Applying honeypot technology with adaptive behavior to Internet-of-Things networks // Automatic Control and Computer Sciences. 2021. Vol. 55. № 8. P. 1104–1110.
        18. Fraunholz D., Schotten H. D. Strategic defense and attack in deception based network security // 2018 International Conference on Information Networking (ICOIN). IEEE, 2018. P. 156–161.
        19. Москвин Д. А., Овасапян Т. Д., Никулкин В. А. Адаптивное управление honeypot-системами для обеспечения кибербезопасности устройств Интернета вещей // Защита информации. Инсайд. 2022. № 2 (104). С. 16–21.
        20. Zaman M. M. U., Tao L., Maldonado M. et al. Optimally Blending Honeypots into Production Networks: Hardness and Algorithms // International Conference on Science of Cyber Security. Cham: Springer Nature Switzerland, 2023. P. 285–304.

        A. V. Kozachok, S. S. Matovykh
        The Academy of Federal Security Guard Service of the Russian Federation, Orel, Russia
        THE STRUCTURAL MODEL OF PORTABLE EXECUTABLE FILES CONTAINING MALICIOUS CODE

        Annotation:

        The article presents a study aimed at developing a model of Portable Executable files containing malicious code. The model is built based on static analysis methods and includes 333 classification features, formed using a training dataset of 34,026 PE files, comprising 17,992 malicious and 16,034 legitimate files. The proposed model introduces an approach for describing features using a differentiated assessment of their importance. Experimental results with binary feature description methods confirmed that incorporating feature importance levels improves classification accuracy. Additionally, it is demonstrated that optimizing the feature space using principal component analysis (PCA) and the isolation forest method allows reducing the number of features to 40 of the most informative ones without significant accuracy loss. The obtained results provide high classification accuracy with lower computational costs. The scientific significance of the work lies in expanding the methodological capabilities of static analysis, ensuring a deeper understanding of threats and enhancing the reliability of mechanisms for counteracting malicious software.

        To quote:

        A. V. Kozachok, S. S. Matovykh THE STRUCTURAL MODEL OF PORTABLE EXECUTABLE FILES CONTAINING MALICIOUS CODE // Information Security Problems. Computer Systems. 2025. № 2. Pp. 41–59. DOI:10.48612/jisp/pdu2-fvxz-g5d3

        DOI:

        10.48612/jisp/pdu2-fvxz-g5d3

        Keywords:

        Static analysis, malware detection, machine learning, PE files, feature importance assessment, dimension reduction methods

        Pages:

        41–59

        Books list ‣‣‣‣:

        1. Матовых С. С. Классификация вредоносного программного обеспечения, распространяемого через исполняемые файлы формата PE // III национальная научно-практическая конференция «Фундаментальные, поисковые, прикладные исследования и инновационные проекты», 27–28 мая 2024 г., Калининград, Россия. 2024. C. 154–158.
        2. Yuk C. K., Seo C. J. Static Analysis and Machine Learning-based Malware Detection System using PE Header Feature Values // International Journal of Innovative Research and Scientific Studies. 2022. № 5(4). P. 281–288. DOI: 10.53894/ijirss.v5i4.690
        3. Jiaxuan G., Junfeng W., Zhiyang F. et al. A survey of strategy-driven evasion methods for PE malware: Transformation, concealment, and attack // Computer and Security. 2024. Vol. 137. № 103595. DOI: 10.1016/j.cose.2023.103595
        4. García D. E., DeCastro-García N. Optimal feature configuration for dynamic malware detection // Computer and Security. 2021. Vol. 105. № 102250. DOI: 10.1016/j.cose.2021.102250
        5. Yousuf M. I., Anwer I., Riasat A. et al. Windows malware detection based on static analysis with multiple features // J Computer Science. 2023. Vol.  9. № e1319. DOI: 10.7717/peerj-cs.1319.
        6. Chen Z., Zhang X., Kim S. A Learning-based Static Malware Detection System with Integrated Feature // Intelligent Automation and Soft Computing. 2021. Vol.  27. P.  891–908. DOI: 10.32604/iasc.2021.016933.
        7. Baker del Aguila R., Contreras-Pérez C. D., Silva-Trujillo A. G. et al. Static Malware Analysis Using Low-Parameter Machine Learning Models // Computers. 2024. Vol. 13. № 3. № 59. DOI: 10.3390/computers13030059.
        8. Saleh M. A. Malware Detection Approaches Based on Operation Codes (OpCodes) of Executable Programs: A Review // Indonesian Journal of Electrical Engineering and Informatics. 2023. Vol. 11. № 2. P. 570–585. DOI: 10.52549/ijeei.v11i2.4454.
        9. Samantray O. P., Tripathy S. N. An opcode-based malware detection model using supervised learning algorithms // International Journal of Information Security and Privacy. 2021. Vol. 15. № 4. P. 18–30. DOI: 10.4018/IJISP.2021100102.
        10. Yeboah P. N., Amuquandoh S. K., Musah H. B. B. Malware Detection Using Ensemble N-gram Opcode Sequences // International Journal of Interactive Mobile Technologies. 2021. Vol. 15. № 24. P. 19–31. DOI: 10.3991/ijim.v15i24.25401.
        11. Abusitta A., Li M. Q., Fung B. C. M. Malware classification and composition analysis: A survey of recent developments // Journal of Information Security and Applications. 2021. Vol. 59. № 102828. DOI: 10.1016/j.jisa.2021.102828.
        12. Wu X., Song Y., Hou X. et al. Deep Learning Model with Sequential Features for Malware Classification // Applied Sciences. 2022. Vol. 12. № 19. № 9994. DOI: 10.3390/app12199994.
        13. Zhu X., Huang J., Wang B., Qi C. Malware homology determination using visualized images and feature fusion // PeerJ Computer Science. 2021. Vol. 7. № e494. DOI: 10.7717/peerj-cs.494.
        14. Kim S., Yeom S., Oh H. et al. Automatic malicious code classification system through static analysis using machine learning // Symmetry. 2021. Vol. 13. № 1. P. 35. DOI: 10.3390/sym13010035.
        15. Damaševičius R., Venčkauskas A., Toldinas J., Grigaliūnas Š. Ensemble-based classification using neural networks and machine learning models for Windows PE malware detection // Electronics. 2021. Vol. 10. № 4. № 485. DOI: 10.3390/electronics10040485.
        16. Le D. Ch., Pham M. H., Dinh Ch. Z., Do Kh. F. Применение алгоритмов машинного обучения для обнаружения вредоносных программ в операционной системе Windows с помощью PE-заголовка // Информационно-управляющие системы. 2022. № 4. С. 44–57. DOI: 10.31799/1684-8853-2022-4-44-57.
        17. Егоров Е. В. Статический анализ методов инфицирования файлов PE-формата операционных систем Windows // Известия Тульского гос. ун-та. Технические науки. 2024. № 1. С. 83–92.
        18. Alkhateeb E., Ghorbani A., Habibi Lashkari A. Identifying Malware Packers through Multilayer Feature Engineering in Static Analysis // Information. 2024. Vol. 15. № 2. № 102. DOI: 10.3390/info15020102.
        19. Aslan O., Samet R. A comprehensive review on malware detection approaches // IEEE Access. 2020. Vol. 8. P. 6249–6271. DOI: 10.1109/ACCESS.2019.2963724.
        20. Kozachok A. V., Kozachok V. I. Construction and evaluation of the new heuristic malware detection mechanism based on executable files static analysis // J Comput Virol Hack Tech. 2018. № 14. P. 225–231. DOI: 10.1007/s11416-017-0309-3.

      • NETWORK AND TELECOMMUNICATION SECURITY
        A. S. Konoplev, M. O. Kalinin
        Peter the Great St. Petersburg Polytechnic University, St. Petersburg, Russia
        PROTECTION OF BLOCKCHAIN SYSTEMS OF SMART CITIES AGAINST A SELFISH MINING ATTACK

        Annotation:

        Paper reviews a mining algorithm in smart city’s blockchain systems with the Proof-of-Work consensus mechanism. Related studies in the field of detecting selfish mining attacks are reviewed. A method for protecting blockchain from selfish mining is presented. A plug-in for detecting selfish mining for the miner software is developed which allows analyzing patterns in data coming from the mining pool. The proposed solution outperforms other selfish mining detectors as it allows identifying the attacking pool and has lower error rates.

        To quote:

        A. S. Konoplev, M. O. Kalinin PROTECTION OF BLOCKCHAIN SYSTEMS OF SMART CITIES AGAINST A SELFISH MINING ATTACK // Information Security Problems. Computer Systems. 2025. № 2. Pp. 60–70. DOI:10.48612/jisp/xr4n-7z4e-pump

        DOI:

        10.48612/jisp/xr4n-7z4e-pump

        Keywords:

        Blockchain, prevention, security, selfish mining, smart city

        Pages:

        60–70

        Books list ‣‣‣‣:

        1. Печенкин А. И., Полтавцева М. А., Лаврова Д. С. An approach to data normalization in the Internet of Things for security analysis // Программные продукты и системы. 2016. № 2. С. 83–88.
        2. Москвин Д. А., Овасапян Т. Д., Никулкин В. А. Адаптивное управление honeypot-системами для обеспечения кибербезопасности устройств Интернета вещей // Защита информации. Инсайд. 2022. № 2 (104). С. 16–21.
        3. Waseem Anwar R., Ali S. Smart cities security threat landscape: A review // Computing and Informatics. 2022. Vol. 41. P. 405–423.
        4. Biswas S., Yao Z., Yan L. et al. Interoperability benefits and challenges in smart city services: Blockchain as a solution // Electronics (Switzerland). 2023. Vol. 12. № 12041036.
        5. Hakak S., Khan W. Z., Gilkar G. A. et al. Securing smart cities through blockchain technology: Architecture, requirements, and challenges // IEEE Network. 2020. Vol. 34. P. 8–14.
        6. Khalil U., Uddin M., Malik O. A., Hussain S. A blockchain footprint for authentication of IoT-enabled smart devices in smart cities: State-of-the-art advancements, challenges and future research directions // IEEE Access. 2022. Vol. 10. P. 76805–76823.
        7. Zegzhda D. P., Moskvin D. A., Myasnikov A. V. Assurance of cyber resistance of the distributed data storage systems using the blockchain technology // Automatic Control and Computer Sciences. 2018. Vol. 52. № 8. P. 1111–1116.
        8. Aggarwal V. Gagandeep. Review of security aspects of 51 percent attack on blockchain // Lecture Notes in Networks and Systems. 2022. Vol. 256. P. 236–243.
        9. Eyal I., Sirer E. G. Majority is not enough: bitcoin mining is vulnerable // Communications of the ACM. 2018. Vol. 61. № 7. P. 95–102.
        10. Peterson M., Andel T., Benton R. Towards detection of selfish mining using machine learning // International Conference on Cyber Warfare and Security. 2022. Vol. 17. P. 237–243.
        11. Kang H., Chang X., Yang R. et al. Understanding selfish mining in imperfect Bitcoin and Ethereum networks with extended forks // IEEE Transactions on Network and Service Management. 2021. Vol. 18. № 3. P. 3079–3091.
        12. Saad M., Njilla L., Kamhoua C., Mohaisen A. Countering selfish mining in blockchains // International Conference on Computing, Networking and Communications, ICNC 2019. 2019. P. 360–364.
        13. Wang Z., Lv Q., Lu Z. et al. ForkDec: Accurate Detection for Selfish Mining Attacks // Security and Communication Networks. 2021. Vol. 2021.
        14. Chicarino V., Albuquerque C., Jesus E., Rocha A. On the detection of selfish mining and stalker attacks in blockchain networks // Annales des Telecommunications/Annals of Telecommunications. 2020. Vol. 75. № 3–4. P. 143–152.
        15. Khan M. I. Deep reinforcement learning for selfish nodes detection in a blockchain // French Regional Conference on Complex Systems. 2023.
        16. Ritz F., Zugenmaier A. The Impact of Uncle Rewards on Selfish Mining in Ethereum // IEEE European Symposium on Security and Privacy Workshops, EURO S and PW 2018. 2018. P. 50–57.
        17. Tosh D. K., Shetty S., Liang X. et al. Security implications of blockchain cloud with analysis of block withholding attack // IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing, CCGRID 2017. 2017. P. 458–467.
        18. Zhang R., Preneel B. Publish or perish: A backward-compatible defense against selfish mining in bitcoin // Lecture notes in computer science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). 2017. Vol. 10159. P. 277–292.
        19. Jahromi N., Saghiri A. M., Meybodi M. R. Vdhla: Variable depth hybrid learning automaton. Its application to defense against the selfish mining attack in bitcoin // arXiv preprint arXiv:2302.12096. 2023.
        20. Kędziora M., Kozłowski P., Szczepanik M., Jóźwiak P. Analysis of blockchain selfish mining attacks // Advances in intelligent systems and computing. 2020. Vol. 1050. P. 231–240.
        21. Past and future of bitcoin mining protocols: Stratum V2 overview // Braiins Systems s.r.o., Prague, Czech Republic. URL: https://braiins.com/blog/past-and-future-of-bitcoin-mining-protocols-stratum-v2-overview (дата обращения: 27.03.2025).
        22. Lee S., Kim S. Rethinking selfish mining under pooled mining // ICT Express. 2023. Vol. 9. № 3. P. 356–361.
        23. Александрова Е. Б., Ярмак А. В. Иерархическая групповая аутентификация для защищенного взаимодействия узлов в промышленном Интернете вещей // Защита информации. Инсайд. 2021. № 2 (98). С. 23–27.

        M. S. Saeed
        ITMO University, St. Petersburg, Russia
        LOCATION PRIVACY AND SECURITY IN SELF-DRIVING VEHICLES: A ZKP-ENHANCED ECDDH BASED AUTHENTICATION FRAMEWORK

        Annotation:

        The rapid evolution of self-driving vehicles (SDVs) has necessitated the development of robust authentication mechanisms to ensure secure and privacy-preserving vehicle communication. Traditional authentication protocols often expose vehicle location information, raising concerns about tracking and unauthorized surveillance. This paper proposes a novel Zero-Knowledge Proof (ZKP)-enhanced Elliptic Curve Decisional Diffie-Hellman (ECDDH) authentication framework that enables SDVs to prove their presence within a geofenced area without revealing their exact location. The proposed protocol leverages 5G-enabled edge computing to optimize computational efficiency and authentication latency while ensuring scalability in high-density vehicular networks. The proposed framework is formally validated using BAN logic, proving its resilience against replay attacks, location spoofing, and unauthorized access. Performance evaluations conducted in MATLAB demonstrate the efficiency of the protocol, with results indicating an authentication latency of approximately 54.7 ms (100 vehicles), a constant communication overhead of 448 bytes per session, and a 100 % authentication success rate. Comparative analysis with ECDH and RSA-based authentication schemes highlights the protocol’s superior security guarantees and optimized communication overhead. The findings confirm that the proposed authentication mechanism is an effective solution for ensuring privacy-preserving authentication in autonomous vehicular networks, making it a viable approach for securing future intelligent transportation systems.

        To quote:

        M. S. Saeed LOCATION PRIVACY AND SECURITY IN SELF-DRIVING VEHICLES: A ZKP-ENHANCED ECDDH BASED AUTHENTICATION FRAMEWORK // Information Security Problems. Computer Systems. 2025. № 2. Pp. 71–85. DOI:10.48612/jisp/a48u-v6vu-1x81

        DOI:

        10.48612/jisp/a48u-v6vu-1x81

        Keywords:

        Self-driving vehicles, authentication protocol, zero-knowledge proof, 5G-enabled edge computing, privacy-preserving authentication, autonomous vehicular network

        Pages:

        71–85

        Books list ‣‣‣‣:

        1. El-Rewini Z., Sadatsharan K., Selvaraj D. F. et al. Cybersecurity challenges in vehicular communications // Vehicular Communications. 2020. № 23. № 100214. DOI: 10.1016/j.vehcom.2019.100214.
        2. Chowdhury A., Karmakar G., Kamruzzaman J. et al. Attacks on Self-Driving Cars and Their Countermeasures: A Survey // IEEE Access. 2020. Vol. 8. P. 207308–207342. DOI: 10.1109/ACCESS.2020.3037705.
        3. Suo D., Moore J., Boesch M. et al. Location-Based Schemes for Mitigating Cyber Threats on Connected and Automated Vehicles: A Survey and Design Framework // IEEE Transactions on Intelligent Transportation Systems. 2022. Vol. 23. № 4. P. 2919–2937. DOI: 10.1109/TITS.2020.3038755.
        4. Li F., McMillin B. A Survey on Zero-Knowledge Proofs // Advances in Computers. 2013. № 94. P. 25–69. DOI: 10.1016/B978-0-12-800161-5.00002-5.
        5. Sierra J. M., Hernández J. C., Alcaide A., Torres J. Validating the Use of BAN LOGIC // Computational Science and Its Applications – ICCSA 2004 (ICCSA 2004). Springer, Berlin, Heidelberg, 2004. Vol. 3043. DOI: 10.1007/978-3-540-24707-4_98.
        6. Mejri M. N., Ben-Othman J., Hamdi M. Survey on VANET security challenges and possible cryptographic solutions // Vehicular Communications. 2014. № 1(2). P. 53–66. DOI: 10.1016/j.vehcom.2014.05.001.
        7. Aljumaili A., Trabelsi H., Jerbi W. A Review on Secure Authentication Protocols in IOV: Algorithms, Protocols, and Comparisons // 2023 7th International Symposium on Multidisciplinary Studies and Innovative Technologies (ISMSIT), Ankara, Turkiye. 2023. Pp. 1–11. DOI: 10.1109/ISMSIT58785.2023.10304917.
        8. Manson E., Mood R. Elliptic Curve Cryptography in Vehicle Security // TechRxiv. 2025. DOI: 10.36227/techrxiv.173611692.29943420/v1
        9. Grnac A., Valocky F., Orgon M. Implementation of Elliptic Curve Cryptography Between Autonomous Vehicles and Control Center // Software Engineering and Algorithms: Proceedings of 10th Computer Science On-line Conference. 2021. Vol. 1. P. 718–729.
        10. Wang J., Li J., Wang H. et al. Dynamic Scalable Elliptic Curve Cryptographic Scheme and Its Application to In-Vehicle Security // IEEE Internet of Things Journal. 2019. Vol. 6. № 4. P. 5892–5901. DOI: 10.1109/JIOT.2018.2869872.
        11. Zhang J., Cui J., Zhong H. et al. PA-CRT: Chinese Remainder Theorem Based Conditional Privacy-Preserving Authentication Scheme in Vehicular Ad-Hoc Networks // IEEE Transactions on Dependable and Secure Computing. 2021. Vol. 18. № 2. P. 722–735. DOI: 10.1109/TDSC.2019.2904274.
        12. Zhong Hong, Han Shunshun, Cui Jie et al. Privacy-Preserving Authentication Scheme with Full Aggregation in VANET // Information Sciences. 2018. № 476. DOI: 10.1016/j.ins.2018.10.021.
        13. Chatzigiannakis I., Pyrgelis A., Spirakis P. G., Stamatiou Y. C. Elliptic Curve Based Zero Knowledge Proofs and their Applicability on Resource Constrained Devices // 2011 IEEE Eighth International Conference on Mobile Ad-Hoc and Sensor Systems, Valencia, Spain. 2011. P. 715–720. DOI: 10.1109/MASS.2011.77.
        14. Xie Chulin, Cao Zhong, Long Yunhui et al. Privacy of Autonomous Vehicles: Risks, Protection Methods, and Future Directions. 2022. DOI: 10.48550/arXiv.2209.04022.
        15. Qi C. A Zero-Knowledge Proof of Digital Signature Scheme Based on the Elliptic Curve Cryptosystem // 2009 Third International Symposium on Intelligent Information Technology Application, Nanchang, China. 2009. P. 612–615. DOI: 10.1109/IITA.2009.505.
        16. Sah C. P. Robustness Analysis of Zero-Knowledge Proofs using RSA for IoT Devices // 2023 10th International Conference on Computing for Sustainable Global Development (INDIACom), New Delhi, India. 2023. P. 287–292.
        17. Jadhav S. P., Balabanov G., Poulkov V., Shaikh J. R. Enhancing the Security and Efficiency of Resource Constraint Devices // 2020 International Conference on Industry 4.0 Technology (I4Tech), Pune, India. 2020. P. 163–166. DOI: 10.1109/I4Tech48345.2020.9102639.
        18. Xi N., Li W., Jing L., Ma J. ZAMA: A ZKP-Based Anonymous Mutual Authentication Scheme for the IoV // IEEE Internet of Things Journal. 2022. Vol. 9. № 22. P. 22903–22913. DOI: 10.1109/JIOT.2022.3186921.
        19. Hataba M., Sherif A., Mahmoud M. et al. Security and Privacy Issues in Autonomous Vehicles: A Layer-Based Survey // IEEE Open Journal of the Communications Society. 2022. Vol. 3. P. 811–829. DOI: 10.1109/OJCOMS.2022.3169500.
        20. Ni J., Lin X., Shen X. Toward Privacy-Preserving Valet Parking in Autonomous Driving Era // IEEE Transactions on Vehicular Technology. 2019. Vol. 68. № 3. P. 2893–2905. DOI: 10.1109/TVT.2019.2894720.
        21. Zhang J., Zhen W., Xu M. An Efficient Privacy-Preserving Authentication Protocol in VANETs // 2013 IEEE 9th International Conference on Mobile Ad-hoc and Sensor Networks, Dalian, China. 2013. P. 272–277. DOI: 10.1109/MSN.2013.31.
        22. Zhang Jing, Zhong Hong, Cui Jie et al. Edge Computing-Based Privacy-Preserving Authentication Framework and Protocol for 5G-Enabled Vehicular Networks // IEEE Transactions on Vehicular Technology. 2020. P. 1–1. DOI: 10.1109/TVT.2020.2994144.
        23. Roeschlin M., Vaas C., Rasmussen K. B., Martinovic I. Bionyms: Driver-centric Message Authentication using Biometric Measurements // 2018 IEEE Vehicular Networking Conference (VNC), Taipei, Taiwan. 2018. P. 1–8. DOI: 10.1109/VNC.2018.8628359.

        D. A. Ponomarev, T. D. Ovasapyan, D. V. Ivanov
        Peter the Great St. Petersburg Polytechnic University, St. Petersburg, Russia
        IDENTIFICATION OF HONEYPOT-SYSTEMS ON THE BASIS OF COMPLEX ANALYSIS OF NODE PERFORMANCE INDICATORS

        Annotation:

        The principles of construction and functioning of honeypot systems are investigated. The existing detection methods are analyzed, their advantages and disadvantages are highlighted. A detection method based on the analysis of command execution delays is proposed. A universal detection method based on combining the results of the methods is proposed. A software prototype of the detection system is developed and tested.

        To quote:

        D. A. Ponomarev, T. D. Ovasapyan, D. V. Ivanov IDENTIFICATION OF HONEYPOT-SYSTEMS ON THE BASIS OF COMPLEX ANALYSIS OF NODE PERFORMANCE INDICATORS // Information Security Problems. Computer Systems. 2025. № 2. Pp. 86–95. DOI:10.48612/jisp/pt1x-pv69-nzft

        DOI:

        10.48612/jisp/pt1x-pv69-nzft

        Keywords:

        Honeypot, latency analysis, detection, network stack

        Pages:

        86–95

        Books list ‣‣‣‣:

        1. Spherical Insights. Advanced Persistent Threat Protection Market Size, Share, and COVID-19 Impact Analysis. URL: https://www.sphericalinsights.com/ru/reports/advanced-persistent-threat-protection-market (дата обращения: 10.04.2025).
        2. Mukkamala S., Yendrapalli K., Basnet R. et al. Detection of virtual environments and low interaction honeypots // 2007 IEEE SMC Information Assurance and Security Workshop. IEEE, 2007. P. 92–98.
        3. Fu X., Yu W., Cheng D. et al. On recognizing virtual honeypots and countermeasures // 2006 2nd IEEE International Symposium on Dependable, Autonomic and Secure Computing. IEEE, 2006. P. 211–218.
        4. Dornseif M., Holz T., Klein C. N. Nosebreak-attacking honeynets // Proceedings from the Fifth Annual IEEE SMC Information Assurance Workshop, 2004. IEEE, 2004. P. 123–129.
        5. Defibaugh-Chavez P., Veeraghattam R., Kannappa M. et al. Network based detection of virtual environments and low interaction honeypots // 2006 IEEE Information Assurance Workshop. 2006.
        6. Zamiri-Gourabi M. R., Qalaei A. R., Azad B. A. Gas what? i can see your gaspots. studying the fingerprintability of ics honeypots in the wild // Proceedings of the fifth annual industrial control system security (icss) workshop. 2019. P. 30–37.
        7. Krawetz N. Anti-honeypot technology // IEEE Security & Privacy. 2004. Vol. 2. № 1. P. 76–79.
        8. Zavadskii E. V., Ivanov D. V. Implementation of honeypot systems based on the potential attack graph // Automatic Control and Computer Sciences. 2021. Vol. 55. № 8. P. 1194–1200.
        9. Uitto J., Rauti S., Lauren S., Leppanen V. A survey on anti-honeypot and anti-introspection methods // Recent Advances in Information Systems and Technologies: Vol. 2 – 5. Springer International Publishing, 2017. P. 125–134.
        10. Javadpour A., Ja’fari F., Taleb T. et al. A comprehensive survey on cyber deception techniques to improve honeypot performance // Computers & Security. 2024. P. 103792.
        11. Lackner P. How to Mock a Bear: Honeypot, Honeynet, Honeywall & Honeytoken: A Survey // ICEIS (2). 2021. С. 181–188.
        12. Danilov V. D., Ovasapyan T., Ivanov D. V. et al. Generation of Synthetic Data for Honeypot Systems Using Deep Learning Methods // Automatic Control and Computer Sciences. 2022. Vol. 56. № 8. P. 916–926.
        13. Franco J., Arış A., Canberk B., Uluagac S. A survey of honeypots and honeynets for internet of things, industrial internet of things, and cyber-physical systems // IEEE Communications Surveys & Tutorials. 2021. Vol. 23. № 4. P. 2351–2383.
        14. Naeem A. A. N. Honeypots: Concepts, Approaches and Challenges. 2021.
        15. Nyamugudza T., Rajasekar V., Sen P. et al. Network traffic intelligence using a low interaction honeypot // IOP Conference Series: Materials Science and Engineering. IOP Publishing, 2017. Vol. 263. № 4. P. 042096.
        16. Karthikeyan R., Geetha D. T., Vijayalakshmi S., Sumitha R. Honeypots for network security // International journal for Research & Development in Technology. 2017. Vol. 7. № 2. P. 62–66.
        17. Ovasapyan T. D., Nikulkin V. A., Moskvin D. A. Applying honeypot technology with adaptive behavior to internet-of-things networks // Automatic Control and Computer Sciences. 2021. Vol. 55. № 8. P. 1104–1110.
        18. OneClassSVM. URL: https://scikit-learn.org/stable/modules/generated/sklearn.svm.OneClassSVM.html (дата обращения: 08.04.2025).
        19. IsolationForest. URL: https://scikit-learn.org/stable/modules/generated/sklearn.ensemble.IsolationForest.html (дата обращения: 08.04.2025).

      • MACHINE LEARNING AND KNOWLEDGE CONTROL SYSTEMS
        А. A. Vetoshkin1, A. R. Mironova1, А. S. Zenger2, A. А. Sukhobokov3, B. S. Goryachkin1
        1Bauman Moscow State Technical University, Moscow, Russia
        2OZON Marketplace Kazakhstan LLP, Almaty, Republic of Kazakhstan
        3SAP America, Inc., USA
        QUERY PROCESSING IN DATA LAKE MANAGEMENT SYSTEM BASED ON A UNIVERSAL DATA MODEL

        Annotation:

        In several publications, a theoretical basis for a universal data model has been proposed, but its practical implementation has been considered only at the level of a general preliminary sketch. Many questions remain open, which complicates the creation of real systems implementing this model. In particular, the issue of processing queries to data presented in various traditional data models and stored in a system based on a universal data model has not been studied. The purpose of the study is to develop a method for implementing a system for processing queries to data presented in various traditional models and jointly stored in a universal data model, as well as to develop the architecture of such a query processing system. The article presents the results of an analysis of existing query handlers to assess the possibility of their use, and proposes a method for integrating query handlers in MDX, SQL, and Cypher into a single data management system based on an archigraph DBMS. An architecture is presented that allows unifying access and query processing to heterogeneous data, such as relational tables, multidimensional cubes, vertices, and edges of property graphs. The results obtained were used in developing the first prototype of the system. This opens prospects for further development and implementation of the universal data model and its varieties in various information systems, improving their flexibility and efficiency.

        To quote:

        А. A. Vetoshkin, A. R. Mironova, А. S. Zenger, A. А. Sukhobokov, B. S. Goryachkin QUERY PROCESSING IN DATA LAKE MANAGEMENT SYSTEM BASED ON A UNIVERSAL DATA MODEL // Information Security Problems. Computer Systems. 2025. № 2. Pp. 96–111. DOI:10.48612/jisp/2h69-rvkz-97dd

        DOI:

        10.48612/jisp/2h69-rvkz-97dd

        Keywords:

        Archigraph, archigraph DBMS, Data Lake, Data Lake Management System, query handler, SQL, MDX, Cypher

        Pages:

        96–111

        Books list ‣‣‣‣:

        1. Pasupuleti P., Purra B. S. Data Lake development with big data. Birmingham, UK: Packt Publishing Ltd, 2015. 137 p.
        2. Miloslavskaya N., Tolstoy A. Big data, fast data and data lake concepts // Procedia Computer Science. 2016. Vol. 88. P. 300–305. DOI: 10.1016/j.procs.2016.07.439.
        3. Sawadogo P. N., Darmont J. On data lake architectures and metadata management // Journal of Intelligent Information Systems. 2021. Vol. 56. № 1. DOI: 10.1007/s10844-020-00608-7.
        4. Serra J. Deciphering Data Architectures. Sebastopol, CA, USA: O’Reilly Media, Inc., 2024. 147 p.
        5. Sukhobokov A. A., Gapanyuk Y. E., Zenger A. S., Tsvetkova A. K. The concept of an intelligent data lake management system: machine consciousness and a universal data model // Procedia Computer Science. 2022 Vol. 213. P. 407–414. DOI: 10.1016/j.procs.2022.11.085.
        6. Sukhobokov A. A., Gapanyuk Y. E., Vetoshkin A. A. et al. Universal data model as a way to build multi-paradigm data lakes. // 2024 the 9th International Conference on Big Data Analytics (ICBDA). 2024. P. 203–211. DOI: 10.1109/ICBDA61153.2024.10607189.
        7. Сухобоков А. А., Афанасьев Р. А., Балабас А. Г. и др. Первая стадия эксперимента по оценке производительности мультипарадигмальных озер данных // Естественные и технические науки. 2023. № 7(182). С. 124–133. DOI: 10.25633/ETN.2023.07.08.
        8. Кручинин С. В. О некоторых обобщениях графов: мультиграфы, гиперграфы, метаграфы, потоковые и портовые графы, протографы, архиграфы // Вопросы науки. 2017. № 3. С. 48–67. URL: https://elibrary.ru/download/elibrary_32627955_58725411.pdf (дата обращения: 24.01.2025).
        9. Кручинин С. В. Протографы и архиграфы как обобщение графов // Научно-исследовательские публикации. 2017. № 3(41). С. 23–33. URL: https://www.elibrary.ru/download/elibrary_30637766_39362008.pdf (дата обращения: 24.01.2025).
        10. Tarassov V. B., Gapanyuk Y. E. Complex graphs in the modeling of multi-agent systems: From goal-resource networks to fuzzy metagraphs // Artificial Intelligence. RCAI 2020. Lecture Notes in Computer Science. 2020. Vol. 12412. P. 177–198. DOI: 10.1007/978-3-030-59535-7_13.
        11. Gapanyuk Y. E. The development of the metagraph data and knowledge model // The 10th International Conference on Integrated Models and Soft Computing in Artificial Intelligence IMSC-2021. CEUR Workshop Proceedings. 2021. Vol. 2965. P. 1–7. URL: https://ceur-ws.org/Vol-2965/paper01.pdf. (дата обращения: 24.01.2025).
        12. Guo Q., Zhang C., Zhang S., Lu J. Multi-model query languages: taming the variety of big data // Distributed and Parallel Databases. 2024. Vol. 42. № 1. P. 31–71. DOI: 10.1007/s10619-023-07433-1.
        13. Guo Q., Lu J., Zhang C. et al. Multi-model data query languages and processing paradigms // Proceedings of the 29th ACM International Conference on Information & Knowledge Management. CIKM’20. 2020. P. 3505–3506. DOI: 10.1145/3340531.3412174.
        14. Uotila V., Lu J., Gawlick D. et al. MultiCategory: Multi-model Query Processing Meets Category Theory and Functional Programming // arXiv preprint arXiv:2109.00929. 2021. DOI: 10.48550/arXiv.2109.00929.
        15. Uotila V., Lu J., Gawlick D. et al. Multi-model Query Processing Meets Category Theory and Functional Programming // Proceedings of the 2nd Workshop on Search, Exploration, and Analysis in Heterogeneous Datastores (SEA-Data 2021) co-located with 47th International Conference on Very Large Data Bases (VLDB 2021). CEUR Workshop Proceedings. 2021. Vol. 2929. P. 48–49. URL: https://ceur-ws.org/Vol-2929/poster6.pdf (дата обращения: 24.01.2025).
        16. Bondiombouy C., Valduriez P. Query processing in multistore systems: an overview // International Journal of Cloud Computing. 2016. Vol. 5. №. 4. P. 309–346. DOI: 10.1504/IJCC.2016.080903.
        17. Ерохин И. А., Грунин Н. С., Молчанов А. В. и др. Способ хранения метаграфовой модели данных в СУБД Postgresql // Искусственный интеллект в автоматизированных системах управления и обработки данных: Сборник статей Всероссийской научной конференции. В 2-х томах, 27–28 апреля 2022 г., Москва, Россия. М.: Московский государственный технический университет имени Н. Э. Баумана (национальный исследовательский университет), 2022. Т. 1. С. 177–198.
        18. Chernenkiy V. M., Gapanyuk Y. E., Kaganov Y. T. et al. Storing metagraph model in relational, document-oriented, and graph databases // Data Analytics and Management in Data Intensive Domains. DAMDID/RCDL 2018. CEUR Workshop Proceedings. 2018. Vol. 2277. P. 82–89. URL: https://ceur-ws.org/Vol-2277/paper17.pdf (дата обращения: 24.01.2025).
        19. Сухобоков А. А., Труфанов В. А., Столяров Ю. А. и др. Распределенная метаграфовая СУБД на основе технологии Блокчейн // Естественные и технические науки. 2021. № 7(158). С. 201–209. DOI: 10.25633/ETN.2021.07.15.
        20. Massri M., Raipin P., Meye P. GDBAlive: A Temporal Graph Database Built on Top of a Columnar Data Store // Journal of Advances in Information Technology. 2021. Vol. 12. № 3. P. 169–178. DOI: 10.12720/jait.12.3.169-178.
        21. Higdon R., Haynes W., Stanberry L. et al. Unraveling the Complexities of Life Sciences Data // Big Data. 2013. Vol. 1. № 1. P. 42–50. DOI: 10.1089/big.2012.1505.
        22. Silva B., Moreira J., Costa R. L. Logical big data integration and near real-time data analytics // Data & Knowledge Engineering. 2023. Vol. 146. № 102185. DOI: 10.1016/j.datak.2023.102185.
        23. BigDAWG Polystore. URL: https://bigdawg.mit.edu/ (дата обращения: 24.01.2025).
        24. Ramadhan H., Indikawati F. I., Kwon J., Koo B. MusQ: a Multi-store query system for iot data using a datalog-like language // IEEE Access 8. 2020. P. 58032–58056. DOI: 10.1109/ACCESS.2020.2982472.
        25. Kolev B., Valduriez P., Bondiombouy C. et al. CloudMdsQL: querying heterogeneous cloud data stores with a common language // Distributed and parallel database. 2016. Vol. 34. № 4. P. 463–503. DOI: 10.1007/s10619-015-7185-y.
        26. Citus Documentation. URL: https://docs.citusdata.com/en/v12.1/index.html (дата обращения: 24.01.2025).
        27. Overview. Apache Phoenix. URL: https://phoenix.apache.org/index.html (дата обращения: 24.01.2025).
        28. Apache Hive. URL: https://hive.apache.org/ (дата обращения: 24.01.2025).
        29. Apache Impala Guide. URL: https://impala.apache.org/docs/build/plain-html/index.html (дата обращения: 24.01.2025).
        30. Apache Spark. URL: https://spark.apache.org/ (дата обращения: 24.01.2025).
        31. What is HAWQ? Apache HAWQ (Incubating) Docs. URL: https://hawq.apache.org/docs/userguide/2.3.0.0-incubating/overview/HAWQOverview.html (дата обращения: 24.01.2025).
        32. Documentation Apache Drill. URL: https://drill.apache.org/docs/ (дата обращения: 24.01.2025).
        33. Trino documentation. Trino 435 Documentatio. URL: https://trino.io/docs/current/index.html (дата обращения: 24.01.2025).
        34. Cardas C., Aldana-Martín J. F., Burgueño-Romero A. M. et al. On the performance of SQL scalable systems on Kubernetes: a comparative study // Cluster Comput 26. 2023. P. 1935–1947. DOI: 10.1007/s10586-022-03718-9.
        35. SQL Server Analysis Services overview. Microsoft Learn. URL: https://learn.microsoft.com/en-us/analysis-services/ssas-overview?view=asallproducts-allversions (дата обращения: 24.01.2025).
        36. Welcome to Kylin 5. URL: https://kylin.apache.org/5.0/ (дата обращения: 24.01.2025).
        37. Pentaho Mondrian Documentation. URL: https://mondrian.pentaho.com/documentation/architecture.php (дата обращения: 24.01.2025).
        38. Azevedo R., Silva J. P., Lopes N. et al. Designing an IoT-enabled data warehouse for indoor radon time series analytics. // 2022 The 17th Iberian Conference on Information Systems and Technologies (CISTI). 2022. P. 1–6. DOI: 10.23919/CISTI54924.2022.9820540.
        39. Todosiev N., Yankovskiy V., Andreev A., Gapanyuk Y. The Conceptual Modeling System Based on Metagraph Approach // Proceedings of the Institute for Systems Analysis Russian Academy of Sciences. 2023. Vol. 73. № 1. P. 176–184. DOI: 10.14357/20790279230120.
        40. Neo4j Graph Database & Analytics. Graph Database Management System. URL: https://neo4j.com/ (дата обращения: 24.01.2025).
        41. kristianmandrup/cypher-query. URL: https://github.com/kristianmandrup/cypher-query (дата обращения: 24.01.2025).
        42. Roth N. P., Trigonakis V., Hong S. et al. PGX.D/Async: A Scalable Distributed Graph Pattern Matching Engine // The Fifth International Workshop on Graph Data-management Experiences & Systems (GRADES’17). 2017. P. 1–6. DOI: 10.1145/3078447.3078454.
        43. Trigonakis V., Lozi J., Faltín T. et al. aDFS: An Almost Depth-First-Search Distributed Graph-Querying System // USENIX Annual Technical Conference. 2021. URL: https://www.usenix.org/conference/atc21/presentation/trigonakis (дата обращения: 24.01.2025).
        44. Faltín T. Distributed Graph Query Engine Improvements for Big Data Graphs. URL: https://dspace.cuni.cz/bitstream/handle/20.500.11956/188242/140115882.pdf (дата обращения: 24.01.2025).
        45. Fan W., He T., Lai L. et al. GraphScope: a unified engine for big graph processing // Proceedings of the VLDB Endowment. 2021. Vol. 14. № 12. P. 2879–2892. DOI: 10.14778/3476311.3476369.
        46. Shao B., Wang H., Li Y. Trinity: a distributed graph engine on a memory cloud // Proceedings of the 2013 ACM SIGMOD International Conference on Management of Data (SIGMOD ’13). 2013. P. 505–516. DOI: 10.1145/2463676.2467799.
        47. Giraph – Welcome to Apache Giraph. URL: https://giraph.apache.org/ (дата обращения: 24.01.2025).
        48. Malewicz G., Austern M. H., Bik A. J. C. et al. Pregel: a system for large-scale graph processing – «ABSTRACT» // Proceedings of the 28th ACM symposium on Principles of distributed computing (PODC ’09). 2009. P. 6. DOI: 10.1145/1582716.1582723.
        49. hughmiao/graphlab: A framework for large-scale machine learning and graph computation. URL: https://github.com/hughmiao/graphlab (дата обращения: 24.01.2025).

        V. V. Platonov, Ya. E. Yanbarisova
        Peter the Great St. Petersburg Polytechnic University, St. Petersburg, Russia
        APPLICATION OF GENETIC ALGORITHM FOR SELECTION OF NEYRAL NETWORK HYPERPARAMETERS

        Annotation:

        The widespread use of various neural networks for detecting cyberattacks is hindered by the difficulty of determining their hyperparameters. Typically, hyperparameter values are established experimentally. This paper presents an approach to selecting perceptron hyperparameters for network attack detection using a genetic algorithm. Experimental results confirm the validity of this approach.

        To quote:

        V. V. Platonov, Ya. E. Yanbarisova APPLICATION OF GENETIC ALGORITHM FOR SELECTION OF NEYRAL NETWORK HYPERPARAMETERS // Information Security Problems. Computer Systems. 2025. № 2. Pp. 112–120. DOI:10.48612/jisp/4un8-rm4g-urpn

        DOI:

        10.48612/jisp/4un8-rm4g-urpn

        Keywords:

        Network attack detection, perceptron, hyperparameters, genetic algorithm

        Pages:

        112–120

        Books list ‣‣‣‣:

        1. Drewek-Ossowicka A., Pietrołaj M., Rumiński J. A survey of neural networks usage for intrusion detection systems // Journal of Ambient Intelligence and Humanized Computing. 2021. Vol. 12. № 1. P. 497–514.
        2. Malyshev E. V., Moskvin D. A., Zegzhda D. P. Application of an artificial neural network for detection of attacks in vanets // Automatic Control and Computer Sciences. 2019. Vol. 53. № 8. P. 889–894.
        3. Lavrova D. S. Maintaining cyber sustainability in industrial systems based on the concept of molecular-genetic control systems // Automatic Control and Computer Sciences. 2019. Vol. 53. № 8. P. 1026–1028.
        4. Ali Z., Tiberti W., Marotta A., Cassioli D. Empowering network securi-ty: Bert transformer learning approach and MLP for intrusion detection in imbal-anced network traffic // IEEE Access. 2024. Vol. 12. P. 137618–137633.
        5. Callegari C., Giordano S., Pagano M. A real time deep learning based approach for detecting network attacks // Big data research. 2024. Vol. 36. P. 100446.
        6. Sanmorino A., Marnisah L., Di Kesuma H. Detection of DDoS Attacks using Fine-Tuned Multi-Layer Perceptron Models // Engineering, Technology & Applied Science Research. 2024. Vol. 14. № 5. P. 16444–16449.
        7. Liashchynskyi P., Liashchynskyi P. Grid search, random search, genetic algorithm: a big comparison for NAS // arXiv preprint arXiv:1912.06059. 2019.
        8. Adhicary S., Anwar Md M., Chowdhury M. J. M., Sarker I. H. Genetic Algorithm-based Optimal Deep Neural Network for Detecting Network Instructions // Machine Intelligence and Data Science Applications. Lecture Notes on Data Engineering and Communications Technologies. Springer, Singapore. 2022. Vol. 132. P. 145–156.
        9. CICIoT2023: A real-time dataset and benchmark for large-scale attacks in IoT environment // Sensors. 2023. Vol. 23. № 13. № 5941.
        10. Kalinin M., Krundyshev V., Zubkov E. Estimation of applicability of modern neural network methods for preventing cyberthreats to self-organizing network infrastructures of digital economy platforms // SHS Web of Conferences. 2018. Vol. 44. P. 00044.

        T. M. Tatarnikova1, I. A. Sikarev2, V. M. Abramov1
        1St. Petersburg State University of Aerospace Instrumentation, St. Petersburg, Russia

        2Russian State Hydrometeorological University, St. Petersburg, Russia

        3Admiral Makarov State University of Maritime and Inland Shipping, St. Petersburg, Russia

        COMBINATION OF METHODS OF SELECTIVE TEACHER INTERVENTION IN THE STUDENT’S LEARNING PROCESS AND LOW-RANK ADAPTATION IN THE KNOWLEDGE DISTILLATION MODEL

        Annotation:

        The problem of neural network optimization for large language models, such as ChatGPT, is discussed. One of the developing directions of large language model optimization is knowledge distillation – knowledge transfer from a large teacher model to a smaller student model without significant loss of result accuracy. Currently known methods of knowledge distillation have certain disadvantages: inaccurate knowledge transfer, long learning process, error accumulation in long sequences. A combination of methods that contribute to improving the quality of knowledge distillation is considered: selective teacher intervention in the student learning process and low-rank adaptation. The proposed combination of knowledge distillation methods can find application in problems with limited computing resources.

        To quote:

        T. M. Tatarnikova, I. A. Sikarev, V. M. Abramov COMBINATION OF METHODS OF SELECTIVE TEACHER INTERVENTION IN THE STUDENT’S LEARNING PROCESS AND LOW-RANK ADAPTATION IN THE KNOWLEDGE DISTILLATION MODEL // Information Security Problems. Computer Systems. 2025. № 2. Pp. 121–130. DOI:10.48612/jisp/339u-d6ba-5kzm

        DOI:

        10.48612/jisp/339u-d6ba-5kzm

        Keywords:

        Large language models, optimization, knowledge distillation, teacher model, student model, teacher intervention in the student learning process, low-rank adaptation

        Pages:

        121–130

        Books list ‣‣‣‣:

        1. Дудихин В. В., Кондрашов П. Е. Методология использования больших языковых моделей для решения задач государственного и муниципального управления по интеллектуальному реферированию и автоматическому формированию текстового контента // Государственное управление. Электронный вестник. 2024. № 105. С. 169–179. DOI: 10.55959/MSU2070-1381-105-2024-169-179.
        2. Кузнецов А. В. Цифровая история и искусственный интеллект: перспективы и риски применения больших языковых моделей // Новые информационные технологии в образовании и науке. 2022. № 5. С. 53–57. DOI: 10.17853/2587-6910-2022-05-53-57
        3. Мокрецов Н. С., Татарникова Т. М. Алгоритм оптимизации моделей нейронных сетей для обработки текста на естественном языке // Прикладной искусственный интеллект: перспективы и риски: Сборник докладов Международной научной конференции, Санкт-Петербург, Россия. 2024. С. 280–282.
        4. Houlsby N., Giurgiu A., Jastrzebski S. et al. Parameter-efficient transfer learning for NLP // Proceedings of the 36th International Conference on Machine Learning. 2019. Vol. 97. P. 2790–2799.
        5. Мокрецов Н. С., Татарникова Т. М. Оптимизация процесса обучения при ограниченном объеме вычислительных ресурсов // Международная конференция по мягким вычислениям и измерениям. 2024. Т. 1. С. 205–208.
        6. Ouyang L., Wu J., Jiang X. et al. Training language models to follow instructions with human feedback // Advances in neural information processing systems. 2022. Vol. 35. P. 27730–27744.
        7. Liao B., Meng Y., Monz C. Parameter-efficient fine-tuning without introducing new latency // Proceedings of the 61st Annual Meeting of the Association for Computational Linguistics. 2023. Vol. 1. P. 4242–4260. DOI: 10.18653/v1/2023.acl-long.233.
        8. Kai Lv, Yuqing Yang, Tengxiao Liu et al. Full parameter fine-tuning for large language models with limited resources // Proceedings of the 62nd Annual Meeting of the Association for Computational Linguistics. 2024. Vol. 1. P. 8187–8198.
        9. Khurana A., Subramonyam H., Chilana P. K. Why and When LLM-Based Assistants Can Go Wrong: Investigating the Effectiveness of Prompt-Based Interactions for Software Help-Seeking? // Proceedings of the 29th International Conference on Intelligent User Interfaces. 2024. P. 288–303. DOI: 10.1145/3640543.3645200
        10. Белякова А. Ю., Беляков Ю. Д. Обзор задачи автоматической суммаризации текста // Инженерный вестник Дона. 2020. № 10(70). С. 142–159.
        11. Швыров В. В., Капустин Д. А., Кущенко А. В., Сентяй Р. Н. Дообучение больших языковых моделей с использованием техники LoRA для решения задач статического анализа программного кода // Вестник луганского государственного университета имени Владимира Даля. 2023. №12 (78). С. 210–215.
        12. Liu Zhuang, Lin Wayne, Shi Ya, Zhao Jun. A robustly optimized BERT pre-training approach with post-training // Proceedings of the 20th Chinese National Conference on Computational Linguistics. 2021. P. 1218–1227
        13. Нырков А. П., Сикарев И. А. О проблемах безопасности телекоммуникационных систем на внутренних водных путях // Региональная информатика – 2008 (РИ – 2008): XI Санкт-Петербургская международная конференция, 22–24 октября 2008 г., Санкт-Петербург, Россия. СПб.: Санкт-Петербургское общество информатики, вычислительной техники, систем связи и управления, 2009. С. 230–233. EDN: WHFAYB.
        14. Нырков А. П., Сикарев И. А. Безопасность информационных каналов автоматизированных систем на водном транспорте // Журнал университета водных коммуникаций. 2009. № 2. С. 165–169. EDN: MSZXKV.
        15. Tatarnikova T. M., Sikarev I. A., Bogdanov P. Yu., Timochkina T. V. Botnet Attack Detection Approach in Out Networks // Automatic Control and Computer Sciences. 2022. Vol. 56. № 8. P. 838–846. DOI: 10.3103/s0146411622080259. EDN: VILOAN.
        16. Sikarev A. A., Sikarev I. A., Garanin A. V. Noise Immunity of Noncoherent Reception under Complex Interference Effect on Communication and Monitoring Channels of Automated Information Systems of River Transport on Inland Waterways of the Russian Federation // Automatic Control and Computer Sciences. 2018. № 52 (8). P. 1084–1089. DOI: 10.3103/S01464116180802424.
        17. Sikarev I. A., Chistyakov G. B., Garanin A. V., Moskvin D. A. Algorithms for Enhancing Information Security in the Processing of Navigation Data of Unmanned Vessels of the Technical Fleet of the Inland Waterways of the Russian Federation // Automatic Control and Computer Sciences. 2020. Vol. 54. № 8. P. 964–967. DOI: 10.3103/S0146411620080325. EDN: AKAYKV.
        18. Абрамов В. М., Карлин Л. Н., Скобликова А. Л. Гармонизация российских и европейских магистерских программ в области экологического туризма в рамках Болонского процесса // Ученые записки Российского государственного гидрометеорологического университета. 2006. № 3. С. 172–183. EDN: NDSGWR.
        19. Sikarev I. A., Lukyanov S. I., Popov N. et al. Digital learning technologies within geo-information management // E3S Web of Conferences, 17–19 February 2021, Chelyabinsk, Russia. Chelyabinsk, 2021. P. 01004. DOI: 10.1051/e3sconf/202125801004. EDN: GWVYAN.

      • RESEARCH, MONITORING AND OPTIMIZATION OF AUTOMATED TECHNOLOGICAL PROCESSES AND PRODUCTIONS CONTROL SYSTEMS
        A. M. Arbuzov1, A. P. Nyrkov1, A. N. Terekhov2, I. V. Li3, D. A. Demenev1
        1Admiral Makarov State University of Maritime and Inland Shipping, St. Petersburg, Russia

        2St. Petersburg University, St. Petersburg, Russia

        3Saint-Petersburg State Marine Technical University, St. Petersburg, Russia

        THE APPLICATION OF MACHINE LEARNING ALGORITHMS IN SECURING IOT-SYSTEMS NETWORK INFRASTRUCTURE IN WATER TRANSPORT SYSTEMS

        Annotation:

        The article discusses the security issues of the three-tier IoT architecture, consisting of the physical, network, and application layers. The emphasis is placed on the importance of protecting IoT systems from cyber attacks, which can have serious financial consequences and also affect human security. The existing possibilities of using current machine learning algorithms in order to detect and prevent cyber threats are considered. The study focuses on the two lower levels of the IoT architecture, as the application layer requires separate analysis due to a variety of attacks, including social engineering. The work is aimed at in-depth understanding of IoT vulnerabilities and at offering effective methods of overcoming them, using modern technologies.

        To quote:

        A. M. Arbuzov, A. P. Nyrkov, A. N. Terekhov, I. V. Li, D. A. Demenev THE APPLICATION OF MACHINE LEARNING ALGORITHMS IN SECURING IOT-SYSTEMS NETWORK INFRASTRUCTURE IN WATER TRANSPORT SYSTEMS // Information Security Problems. Computer Systems. 2025. № 2. Pp. 131–142. DOI:10.48612/jisp/3zat-fd5f-vemt

        DOI:

        10.48612/jisp/3zat-fd5f-vemt

        Keywords:

        Machine learning, internet of things, water transportation, information security, neural networks, decision trees, IoT systems architecture

        Pages:

        131–142

        Books list ‣‣‣‣:

        1. Dakhnovich A. D., Moskvin D. A., Zegzhda D. P. An approach to building cyber-resistant interactions in the industrial internet of things // Automatic Control and Computer Sciences. 2019. Vol. 53. № 8. P. 948–953.
        2. Шипунов И. С., Нырков А. П. IOT устройства как важный аспект современного морского транспорта // Региональная информатика (РИ-2020): сб. материалов ХVII С.-П. междун. конф. Часть 1. СПб.: СПОИСУ, 2020. С. 362–364.
        3. Смоленцев С. В., Буцанец А. А., Шахнов С. Ф. и др. Алгоритм анализа данных автоматической идентификационной системы для выделения типовых сценариев расхождения судов и тестирования систем автономного судовождения // T-Comm. 2024. Т. 18. № 3. С. 50–59. DOI: 10.36724/2072-8735-2024-18-3-50-59
        4. Shipunov I. S., Nyrkov A. P., Evtushenko D. A. et al. Developing a Reliable Information Storage Scheme Within a Partially Unmanned Maritime Convoy // Proceedings of the 2022 Conference of Russian Young Researchers in Electrical and Electronic Engineering, EIConRus 2022. 2022. P. 439–442. DOI: 10.1109/ElConRus54750.2022.9755534
        5. Шипунов И. С., Нырков А. П. Умные системы – важная составляющая в вопросах автоматизации морских перевозок // Региональная информатика (РИ-2020): сб. материалов ХVII С.-П. междун. конф. Часть 1. СПб.: СПОИСУ, 2020. С. 364–366. EDN: OKWGPV.
        6. Зегжда Д. П., Супрун А. Ф., Анисимов Е. Г., Анисимов В. Г. Оценка возможности модернизации систем информационной безопасности в планируемые сроки // Проблемы информационной безопасности. Компьютерные системы. 2024. № 3. С. 80–87.
        7. Ерастов В. О., Зубков Е. А., Зегжда Д. П. Исследование проблем аудита информационной безопасности географически распределенных устройств интернета вещей // Проблемы информационной безопасности. Компьютерные системы. 2024. № 4. С. 42–52.
        8. Sokolov S., Nyrkov A., Chernyi S., Nazarov N. Use of Social Engineering Methods in Transport: Methods, Protection, Facts, Consequences // Lecture Notes in Civil Engineering. Springer, Singapore, 2021. Vol. 130. P. 57–66. DOI: 10.1007/978-981-33-6208-6_7
        9. Dakhnovich A., Moskvin D., Zegzhda D. A necessary condition for industrial internet of things sustainability // Communications in Computer and Information Science. 2022. Vol. 1544. P. 79–89.
        10. Domínguez-Bolaño T., Campos O., Barral V. et al. An overview of IoT architectures, technologies, and existing open-source projects // Internet of Things. 2022. Vol. 20. № 100626. DOI: 10.1016/j.iot.2022.100626
        11. Mansour M., Gamal A., Ahmed A. I. et al. Internet of Things: A Comprehensive Overview on Protocols, Architectures, Technologies, Simulation Tools, and Future Directions // Energies. 2023. № 16. № 3465. DOI: 10.3390/en16083465
        12. Ahmed N., De D., Barbhuiya F. A., Hussain Md. I. MAC Protocols for IEEE 802.11ah-Based Internet of Things: A Survey // IEEE Internet of Things Journal. 2022. Vol. 9. № 2. P. 916–938. DOI: 10.1109/JIOT.2021.3104388
        13. Anand P., Singh Ya., Selwal A. et al. IoT Vulnerability Assessment for Sustainable Computing: Threats, Current Solutions, and Open Challenges // IEEE Access. 2020. Vol. 8. P. 168825–168853. DOI: 10.1109/ACCESS.2020.3022842
        14. Xuanxia Yao, Fadi Farha, Rongyang Li et al. Security and privacy issues of physical objects in the IoT: challenges and opportunities // Digital Communications and Networks. 2021. Vol. 7. Iss. 3. P. 373–384. DOI: 10.1016/j.dcan.2020.09.001
        15. Ajiji Y. M. Internet of Thing (IOT): Data and Information (Gadget Protection). Journal of Applied Science // Engineering, Technology, and Education. 2020. Vol. 2. № 2. P. 194–203. DOI: 10.35877/454RI.asci2253
        16. Staniec K., Kowal M. On Vulnerability of Selected IoT Systems to Radio Jamming – A Proposal of Deployment Practices // Sensors. 2020. № 20(21). № 6152. DOI: 10.3390/s20216152
        17. Roy P. P., Teju V., Kandula S. R. et al. Secure Healthcare Model Using Multi-Step Deep Q Learning Network in Internet of Things // Electronics. 2024. № 13. № 669. DOI: 10.3390/electronics13030669
        18. Karimzadeh M., Esposito A., Zhao Z. et al. RL-CNN: Reinforcement Learning-designed Convolutional Neural Network for Urban Traffic Flow Estimation // 2021 International Wireless Communications and Mobile Computing (IWCMC), Harbin City, China. 2021. P. 29–34. DOI: 10.1109/IWCMC51323.2021.9498948
        19. Fatin A., Pavlenko E., Zegzhda D. Neuroevolutionary Approach to Ensuring the Security of Cyber-Physical Systems // Lecture Notes in Networks and Systems. Springer, Cham, 2023. Vol. 460. DOI: 10.1007/978-3-031-20875-1_40
        20. Doyu H., Morabito R., Brachmann M. A TinyMLaaS Ecosystem for Machine Learning in IoT: Overview and Research Challenges // 2021 International Symposium on VLSI Design, Automation and Test (VLSI-DAT). 2021. P. 1–5. DOI: 10.1109/VLSI-DAT52063.2021.9427352
        21. Atlam H. F., Walters R. J., Wills G. B. Fog Computing and the Internet of Things: A Review // Big Data Cognnitive Computing. 2021. Vol. 2. № 10. DOI: 10.3390/bdcc2020010
        22. Savic M., Lukic M., Danilovic D. et al. Deep Learning Anomaly Detection for Cellular IoT with Applications in Smart Logistics // IEEE Access. 2021. P. 59406–59419. DOI: 10.1109/ACCESS.2021.3072916
        23. Krishna R. R., Priyadarshini A., Jha A. V. et al. State-of-the-Art Review on IoT Threats and Attacks: Taxonomy, Challenges and Solutions // Sustainability. 2021. Vol. 13. № 9463. DOI: 10.3390/su13169463
        24. Lucido S., Hummel P. Edge to Core and the Internet of Things. SAP Edge Services. DELL technologies. URL: https://infohub.delltechnologies.com/sv-se/l/edge-to-core-and-the-internet-of-things-2/sap-edge-services/ (дата обращения: 03.04.2025).
        25. Lee S.-H., Shiue Y.-L., Cheng C.-H. et al. Detection and Prevention of DDoS Attacks on the IoT // Applied Sciences. 2022. Vol. 12. № 12407. DOI: 10.3390/app122312407
        26. Bukhowah R., Aljughaiman A., Rahman M. M. H. Detection of DoS Attacks for IoT in Information-Centric Networks Using Machine Learning: Opportunities, Challenges, and Future Research Directions // Electronics. 2024. Vol. 13. № 1031. DOI: 10.3390/electronics13061031
        27. Pheeha M., Ajayi O., Maluleke H. et al. Modelling DDoS Attacks in IoT Networks using Machine Learning // International Conference on Emerging Technologies for Developing Countries. 2021. DOI: 10.48550/arXiv.2112.05477
        28. Mehta A., Sandhu J. K., Sapra L. Machine Learning in Wireless Sensor Networks: A Retrospective // 2020 Sixth International Conference on Parallel, Distributed and Grid Computing (PDGC), Waknaghat, India. 2020. P. 328–331. DOI: 10.1109/PDGC50313.2020.9315767
        29. Joseph R., Swann M., Bendiab G. et al. Intrusion Detection using Network Traffic Profiling and Machine Learning for IoT // 2021 IEEE 7th International Conference on Network Softwarization (NetSoft), Tokyo, Japan. 2021. P. 409–415. DOI: 10.1109/NetSoft51509.2021.9492685
        30. Марков Г. А., Крундышев В. М., Калинин М. О. и др. Обнаружение компьютерных атак в сетях промышленного интернета вещей на основе вычислительной модели иерархической временной памяти // Проблемы информационной безопасности. Компьютерные системы. 2023. № 2. С. 163–172.
        31. Sharma A., Rani S., Driss M. Hybrid evolutionary machine learning model for advanced intrusion detection architecture for cyber threat identification // PLoS One. 2024. № 19(9). № e0308206. DOI: 10.1371/journal.pone.0308206
        32. Kikissagbe B. R., Adda M. Machine Learning-Based Intrusion Detection Methods in IoT Systems: A Comprehensive Review // Electronics. 2024. Vol. 13. № 3601. DOI: 10.3390/electronics13183601
        33. Wang M., Yang N., Weng N. Securing a Smart Home with a Transformer-Based IoT Intrusion Detection System // Electronics. 2023. Vol. 12. № 2100. DOI: 10.3390/electronics12092100

        K. S. Prostakevich1, A. L. Abramova1, D. A. Rychikhin1, I. A. Sikarev1, V. M. Abramov2
        1Russian State Hydrometeorological University, St. Petersburg, Russia
        2Admiral Makarov State University of Maritime and Inland Shipping, St. Petersburg, Russia
        DIGITALIZATION AND AUTOMATION OF GEOINFORMATION SUPPORT FOR AIR QUALITY MANAGEMENT OVER NATURAL-INDUSTRIAL TERRITORIES UNDER CLIMATE CHANGE

        Annotation:

        Presented results of research on digitalization and automation of geoinformation support for air quality management over natural-industrial territories under climate change. The methodology of natural risk management, as well as technologies for managing geographic information databases, were used while research. A model has been developed that allows combining investment goals for the development of natural-industrial territories with the costs of geoinformation support for air quality management over natural-industrial territories under climate change, including the problem of black carbon. A modular web-based tool has been developed to implement the proposed model. Examples of using the developed approach for St. Petersburg and the Leningrad region are given.

        To quote:

        K. S. Prostakevich, A. L. Abramova, D. A. Rychikhin, I. A. Sikarev, V. M. Abramov DIGITALIZATION AND AUTOMATION OF GEOINFORMATION SUPPORT FOR AIR QUALITY MANAGEMENT OVER NATURAL-INDUSTRIAL TERRITORIES UNDER CLIMATE CHANGE // Information Security Problems. Computer Systems. 2025. № 2. Pp. 143–153. DOI:10.48612/jisp/6vxh-19n6-2ph4

        DOI:

        10.48612/jisp/6vxh-19n6-2ph4

        Keywords:

        Digitalization, automation, geoinformatics, natural risks, air quality, climate change

        Pages:

        143–153

        Books list ‣‣‣‣:

        (Russian)

        1. Сикарев И. А., Абрамов В. М., Простакевич К. С. и др. Инфокоммуникационный инструментарий для управления природными рисками при мореплавании автономных судов в Арктике при изменении климата // Проблемы информационной безопасности. Компьютерные системы. 2024. № 1(58). С. 110–120. DOI: 10.48612/jisp/v28t-z3kr-nrn2. EDN: RUESZV.
        2. Sokolov A. G., Abramov V. M., Istomin E. P. et al. Digital transformation of risk management for natural-industrial systems while climate change // IOP Conference Series: Materials Science and Engineering, 21–22 November 2019, St. Petersburg, Russia. St. Petersburg, 2020. P. 012003. DOI: 10.1088/1757-899X/940/1/012003. EDN: DTHAKI.
        3. Sikarev I. A., Abramov V. M., Burlov V. G. et al. Northern Sea Route Development Under Climate Change and Covid-19 // Proceedings of the 37th International Business Information Management Association Conference Innovation Management and information Technology impact on Global Economy in the Era of Pandemic, 30–31 May 2021, Cordoba. Cordoba: IBIMA Publishing, 2021. P. 5147–5153. EDN: MWVXNB.
        4. Vekshina T. V., Abramov V. M., Bolshakov V. A. et al. Geoinformation technologies for assessing arctic and subarctic riverbeds throughput while climate change // 19th international multidisciplinary scientific geoconference SGEM 2019: Conference proceedings, 30 June – 6 July 2019, Albena, Bulgaria. 2019. Vol. 19. P. 903–910. DOI: 10.5593/sgem2019/2.1/S08.117. EDN: SATCDX.
        5. Карлин Л. Н., Абрамов В. М., Гогоберидзе Г. Г., Леднова Ю. А. Анализ социально-экономической ситуации в арктических приморских субъектах Российской Федерации на основе индикаторной оценки морского потенциала // Ученые записки Российского государственного гидрометеорологического университета. 2013. № 30. С. 181–188. EDN: REQQUB.
        6. Абрамов В. М., Сикарев И. А., Честнов А. И., Буцанец А. А. Автоматизированная обработка архивов метеорологических данных с помощью программы на языке «Python» // Речной транспорт (XXI век). 2022. № 4(104). С. 53–55. EDN: JHWPCQ.
        7. Istomin E. P., Sokolov A. G., Abramov V. M. et al. Clusters within geospatial information management for development of the territory // 16th International Multidisciplinary Scientific GeoConference SGEM 2016: Conference Proceedings, 30 June 2016, Albena, Bulgaria. 2016. Vol. 1. P. 601–608. DOI: 10.5593/SGEM2016/B21/S08.075. EDN: ESYLIK.
        8. Istomin E. P., Abramov V. M., Sokolov A. G. et al. Information Technologies Development for Natural Risks Management within Environmental Economics // Vision 2025: Education Excellence and Management of Innovations through Sustainable Economic Competitive Advantage: Proceedings of the 34rd International Business Information Management Association Conference, IBIMA 2019, 13–14 November 2019, Madrid. Madrid: International Business Information Management Association, 2019. P. 9878–9885. EDN: LJYNAW.
        9. Карлин Л. Н., Абрамов В. М. Управление энвиронментальными и экологическими рисками. СПб.: РГГМУ, 2013. 332 с. EDN: RBBBNB.
        10. Нырков А. П., Сикарев И. А. О проблемах безопасности телекоммуникационных систем на внутренних водных путях // Региональная информатика-2008 (РИ-2008): XI Санкт-Петербургская международная конференция, 22–24 октября 2008 г., Санкт-Петербург, Россия. СПб.: Санкт-Петербургское Общество информатики, вычислительной техники, систем связи и управления, 2009. С. 230–233. EDN: WHFAYB.
        11. Нырков А. П., Сикарев И. А. Безопасность информационных каналов автоматизированных систем на водном транспорте // Журнал университета водных коммуникаций. 2009. № 2. С. 165–169. EDN: MSZXKV.
        12. Tatarnikova T. M., Sikarev I. A., Bogdanov P. Yu., Timochkina T. V. Botnet Attack Detection Approach in Out Networks // Automatic Control and Computer Sciences. 2022. Vol. 56. № 8. P. 838–846. DOI: 10.3103/s0146411622080259. EDN: VILOAN.
        13. Sikarev A. A., Sikarev I. A., Garanin A. V. Noise Immunity of Noncoherent Reception under Complex Interference Effect on Communication and Monitoring Channels of Automated Information Systems of River Transport on Inland Waterways of the Russian Federation // Automatic Control and Computer Sciences. 2018. № 52 (8). P. 1084–1089. DOI: 10.3103/S01464116180802424.
        14. Sikarev I. A., Chistyakov G. B., Garanin A. V., Moskvin D. A. Algorithms for Enhancing Information Security in the Processing of Navigation Data of Unmanned Vessels of the Technical Fleet of the Inland Waterways of the Russian Federation // Automatic Control and Computer Sciences. 2020. Vol. 54. № 8. P. 964–967. DOI: 10.3103/S0146411620080325. EDN: AKAYKV.
        15. Sikarev I. A., Lukyanov S. I., Popov N. et al. Digital learning technologies within geo-information management // E3S Web of Conferences, 17–19 February 2021, Chelyabinsk, Russia. Chelyabinsk, 2021. P. 01004. DOI: 10.1051/e3sconf/202125801004. EDN: GWVYAN.
        16. Абрамов В. М., Карлин Л. Н., Скобликова А. Л. Гармонизация российских и европейских магистерских программ в области экологического туризма в рамках Болонского процесса // Ученые записки Российского государственного гидрометеорологического университета. 2006. № 3. С. 172–183. EDN: NDSGWR.

  • 2024 year
  • 2023 year
  • 2022 year
  • 2021 year
  • 2020 year
  • 2019 year
  • 2018 year
  • 2017 year
  • 2016 year
  • 2015 year
  • 2014 year
  • 2013 year
  • 2012 year
  • 2011 year
  • 2010 year
  • 2009 year
  • 2008 year
  • 2007 year
  • 2006 year
  • 2005 year
  • 2004 year
  • 2003 year
  • 2002 year
  • 2001 year
  • 2000 year
  • 1999 year