Annotation:

The main biometric characteristics reflecting changes in the psychoemotional state of the user of the information system are considered. Their ranking was performed using the method of paired comparisons, as a result of which the voice and keyboard handwriting were identified as the most suitable for further research. The criteria for preliminary identification of potential internal information security violators based on changes in the considered biometric characteristics are defined. A convolutional neural network model has been developed and tested to solve this problem.

Keywords:

Biometrics, psycho-emotional state, neural network, information security

Pages 9–20

Annotation:

The research focuses on methods for automating security in DevOps pipelines within the DevSecOps framework, emphasizing the integration of tools, processes, and cultural shifts to enhance the security of software products. The research set the following tasks: analysis of modern DevSec- Ops methodologies and tools; assess the potential of using artificial intelligence and machine learning to automate information security tasks; identify the main problems and barriers to integrating DevSecOps into continuous integration and delivery (CI/CD) processes; identify promising areas for automation development in the field of security. The study uses a comparative analytical review method, including an analysis of scientific literature, industrial practices and documentation of modern DevSecOps tools, the Shift-Left Security and Security as Code approaches. Open sources, CI/CD platform documentation, and data on the use of AI in information security were used. The research identifies key principles for integrating security into DevOps: early vulnerability detection, automation of security processes, implementation of Security as Code, and enhanced threat monitoring. Modern DevSecOps tools are reviewed, including static and dynamic code analysis, security policy management systems, secret management solutions, and AI-powered proactive threat detection mechanisms. The study finds that automation minimizes human error, accelerates vulnerability detection and remediation processes, and ensures compliance with regulatory requirements. However, certain limitations were also identified, including the complexity of tool integration, a shortage of DevSecOps specialists, and resistance to changes within development and operations teams. Future trends indicate further advancements in AI-driven solutions and automated frameworks for security management. This research contributes to the field of information security by uncovering methods for automating DevSec- Ops integration into CI/CD processes and exploring the potential of AI for predictive threat analytics. It highlights key trends in security automation within modern cloud and containerized environments.

Keywords:

Information security, DevSecOps, secure software development, security integration, security process automation, DevOps

Pages 21–34

Annotation:

The article considers the problem of protecting dynamically changing network infrastructures from cyberattacks, where the key challenge is the exponential growth of the number of potential attack vectors as the network scales. To solve this problem, a model of the defense system based on the principles of multi-criteria optimization is proposed.

Keywords:

Network security, honeypot, multicriteria optimization, dynamic network, cyberattack, graph model

Pages 35–40

Annotation:

The article presents a study aimed at developing a model of Portable Executable files containing malicious code. The model is built based on static analysis methods and includes 333 classification features, formed using a training dataset of 34,026 PE files, comprising 17,992 malicious and 16,034 legitimate files. The proposed model introduces an approach for describing features using a differentiated assessment of their importance. Experimental results with binary feature description methods confirmed that incorporating feature importance levels improves classification accuracy. Additionally, it is demonstrated that optimizing the feature space using principal component analysis (PCA) and the isolation forest method allows reducing the number of features to 40 of the most informative ones without significant accuracy loss. The obtained results provide high classification accuracy with lower computational costs. The scientific significance of the work lies in expanding the methodological capabilities of static analysis, ensuring a deeper understanding of threats and enhancing the reliability of mechanisms for counteracting malicious software.

Keywords:

Static analysis, malware detection, machine learning, PE files, feature importance assessment, dimension reduction methods

Pages 41–59

Annotation:

Paper reviews a mining algorithm in smart city’s blockchain systems with the Proof-of-Work consensus mechanism. Related studies in the field of detecting selfish mining attacks are reviewed. A method for protecting blockchain from selfish mining is presented. A plug-in for detecting selfish mining for the miner software is developed which allows analyzing patterns in data coming from the mining pool. The proposed solution outperforms other selfish mining detectors as it allows identifying the attacking pool and has lower error rates.

Keywords:

Blockchain, prevention, security, selfish mining, smart city

Pages 60–70

Annotation:

The rapid evolution of self-driving vehicles (SDVs) has necessitated the development of robust authentication mechanisms to ensure secure and privacy-preserving vehicle communication. Traditional authentication protocols often expose vehicle location information, raising concerns about tracking and unauthorized surveillance. This paper proposes a novel Zero-Knowledge Proof (ZKP)-enhanced Elliptic Curve Decisional Diffie-Hellman (ECDDH) authentication framework that enables SDVs to prove their presence within a geofenced area without revealing their exact location. The proposed protocol leverages 5G-enabled edge computing to optimize computational efficiency and authentication latency while ensuring scalability in high-density vehicular networks. The proposed framework is formally validated using BAN logic, proving its resilience against replay attacks, location spoofing, and unauthorized access. Performance evaluations conducted in MATLAB demonstrate the efficiency of the protocol, with results indicating an authentication latency of approximately 54.7 ms (100 vehicles), a constant communication overhead of 448 bytes per session, and a 100 % authentication success rate. Comparative analysis with ECDH and RSA-based authentication schemes highlights the protocol’s superior security guarantees and optimized communication overhead. The findings confirm that the proposed authentication mechanism is an effective solution for ensuring privacy-preserving authentication in autonomous vehicular networks, making it a viable approach for securing future intelligent transportation systems.

Keywords:

Self-driving vehicles, authentication protocol, zero-knowledge proof, 5G-enabled edge computing, privacy-preserving authentication, autonomous vehicular network

Pages 71–85

Annotation:

The principles of construction and functioning of honeypot systems are investigated. The existing detection methods are analyzed, their advantages and disadvantages are highlighted. A detection method based on the analysis of command execution delays is proposed. A universal detection method based on combining the results of the methods is proposed. A software prototype of the detection system is developed and tested.

Keywords:

Honeypot, latency analysis, detection, network stack

Pages 86–95

Annotation:

In several publications, a theoretical basis for a universal data model has been proposed, but its practical implementation has been considered only at the level of a general preliminary sketch. Many questions remain open, which complicates the creation of real systems implementing this model. In particular, the issue of processing queries to data presented in various traditional data models and stored in a system based on a universal data model has not been studied. The purpose of the study is to develop a method for implementing a system for processing queries to data presented in various traditional models and jointly stored in a universal data model, as well as to develop the architecture of such a query processing system. The article presents the results of an analysis of existing query handlers to assess the possibility of their use, and proposes a method for integrating query handlers in MDX, SQL, and Cypher into a single data management system based on an archigraph DBMS. An architecture is presented that allows unifying access and query processing to heterogeneous data, such as relational tables, multidimensional cubes, vertices, and edges of property graphs. The results obtained were used in developing the first prototype of the system. This opens prospects for further development and implementation of the universal data model and its varieties in various information systems, improving their flexibility and efficiency.

Keywords:

Archigraph, archigraph DBMS, Data Lake, Data Lake Management System, query handler, SQL, MDX, Cypher

Pages 96–111

Annotation:

The widespread use of various neural networks for detecting cyberattacks is hindered by the difficulty of determining their hyperparameters. Typically, hyperparameter values are established experimentally. This paper presents an approach to selecting perceptron hyperparameters for network attack detection using a genetic algorithm. Experimental results confirm the validity of this approach.

Keywords:

Network attack detection, perceptron, hyperparameters, genetic algorithm

Pages 112–120

Annotation:

The problem of neural network optimization for large language models, such as ChatGPT, is discussed. One of the developing directions of large language model optimization is knowledge distillation – knowledge transfer from a large teacher model to a smaller student model without significant loss of result accuracy. Currently known methods of knowledge distillation have certain disadvantages: inaccurate knowledge transfer, long learning process, error accumulation in long sequences. A combination of methods that contribute to improving the quality of knowledge distillation is considered: selective teacher intervention in the student learning process and low-rank adaptation. The proposed combination of knowledge distillation methods can find application in problems with limited computing resources.

Keywords:

Large language models, optimization, knowledge distillation, teacher model, student model, teacher intervention in the student learning process, low-rank adaptation

Pages 121–130

Annotation:

The article discusses the security issues of the three-tier IoT architecture, consisting of the physical, network, and application layers. The emphasis is placed on the importance of protecting IoT systems from cyber attacks, which can have serious financial consequences and also affect human security. The existing possibilities of using current machine learning algorithms in order to detect and prevent cyber threats are considered. The study focuses on the two lower levels of the IoT architecture, as the application layer requires separate analysis due to a variety of attacks, including social engineering. The work is aimed at in-depth understanding of IoT vulnerabilities and at offering effective methods of overcoming them, using modern technologies.

Keywords:

Machine learning, internet of things, water transportation, information security, neural networks, decision trees, IoT systems architecture

Pages 131–142

Annotation:

Presented results of research on digitalization and automation of geoinformation support for air quality management over natural-industrial territories under climate change. The methodology of natural risk management, as well as technologies for managing geographic information databases, were used while research. A model has been developed that allows combining investment goals for the development of natural-industrial territories with the costs of geoinformation support for air quality management over natural-industrial territories under climate change, including the problem of black carbon. A modular web-based tool has been developed to implement the proposed model. Examples of using the developed approach for St. Petersburg and the Leningrad region are given.

Keywords:

Digitalization, automation, geoinformatics, natural risks, air quality, climate change

Pages 143–153

Annotation:

The article considers modern approaches to modification of digital signature schemes on lattices. Learning with errors (LWE) problem and its modifications using hints and rounding mechanisms to reduce computational costs and decrease the signature size without compromising security are estimated. An adapted scheme using the hint mechanism and optimized rounding based on the GLYPH signature protocol is proposed. A prototype is implemented and tested, Problems of information security. Computer systems. Special issue, 2025 11 RECEIVED 16.07.2025 ACCEPTED 25.07.2025 PUBLICATION 00.00.2025 the results of which demonstrate a decrease in the average time of signature generation and verification by ~1.4 times, and a decrease in the signature size by 14 % compared to the baseline scheme.

Keywords:

Post-quantum cryptography, Learning with Errors (LWE), hint, rounding, rejection sampling

Pages 10–22

Annotation:

A hybrid lattice-based commitment scheme for anonymous proof of linear relations between hidden values is proposed. The proposed approach is based on a modification of the BDLOP zero-knowledge scheme, where Learning with Errors problem was replaced with Learning with Rounding problem, which reduced the parameter sizes and complexity of parameter sampling process. The proposed scheme retains its mathematical properties, including additive homomorphism, enabling it use for proving linear relations. The results obtained can be applied to the design of protocol of electronic voting and anonymous transactions.

Keywords:

Post-quantum cryptography, lattices, commitment scheme, zeroknowledge proof, learning with rounding, learning with error

Pages 23–33

Annotation:

This paper is about an ensuring the security of smart voice assistants against the most significant threats by reducing the number of false triggers. The paper analyses the threats to smart voice assistants and presents a list of their features. The goal is to reduce the number of unnecessary activations of smart voice assistant. An architecture and method for a custom security module that reduces false alarms are described. This security module was developed and tested with positive results.

Keywords:

Smart voice assistant, voice biometrics, dolphin attack, information security threat model, impersonalization, white noise, speech synthesis

Pages 34–47

Annotation:

Existing methods of detecting attacks on data integrity on file systems are investigated. A method of detecting such attacks based on the use of several entropy metrics is proposed. The efficiency of the proposed method is evaluated on the example of detection of existing ransomware.

Keywords:

Data integrity, entropy, dynamic analysis, ransomware, encryptor, driver filter

Pages 48–57

Annotation:

This article presents a study on the use of large language models (LLMs) for event prediction through the application of LLM agents – autonomous systems that utilize LLMs for reasoning, decision-making, and interaction with the environment. Various architectures of LLM agents are analyzed, including cooperative systems (ChatDev, MetaGPT), multi-agent debates (MAD, ChatEval), agents for web-based tasks (WebAgent, WebVoyager), and simulation-based agents (Generative Agents, EconAgent). Special attention is given to the features of predictive modeling powered by LLMs, where traditional approaches (regression, time series) are replaced by agent-based modeling and prompt engineering. The article presents experimental results on forecasting the outcome of a selected conflict using LLM agents (Mistral, DeepSeek) and the Retrieval-Augmented Generation (RAG) approach, based on data from analytical agencies, opinion leaders, and news sources. The study identifies a convergence of predictive assessments across polarized sources and outlines key requirements for forecasting systems: weighting sources by expert relevance, filtering out neutral data, and balancing the dataset. Additionally, the article formulates criteria for selecting data to be evaluated by simulation-based LLM agents.

Keywords:

Artificial intelligence, generative models, large language models, agentbased modeling, social simulations, LLM-agents, natural language processing, RAG, prompt-engeneering, conflict forecasting

Pages 58–68

Annotation:

The paper is devoted to the detection of intrusions and violations regarding the confidentiality of data stored in a database based on behavioral analysis. A particular difficulty in this area is taking into account not only the query syntax, but also the semantic relationships of the data, since syntactic and contextual approaches do not allow detecting all types of attacks. Based on the analysis of well-known studies, a method is proposed for detecting anomalies in user behavior based on author’s metrics for evaluating behavior and the coverage of requested data. The proposed method develops the well-known research, but at the same time significantly surpasses it in the task of detecting certain types of behavioral abnormalities. An important part of the work is to identify the application features of this type of analysis and its limitations.

Keywords:

Data management systems, data security, data mining, behavior analysis, data privacy, data processing, anomaly detection, insider detection

Pages 69–81

Annotation:

The article addresses the problem of detecting unreliable news content and proposes a solution based on machine learning methods. Modern approaches to assessing the credibility of textual and multimedia content have been analyzed, promising techniques have been identified and adapted for the Russian-language media environment. A combined method for detecting fake news is proposed, based on the joint analysis of textual and multimedia data, as well as content distribution patterns. Testing of the proposed method has confirmed its effectiveness and applicability for automated detection of unreliable news content in realworld information systems.

Keywords:

Fake news detection, misinformation spreading, machine learning, text analysis, news content filtering, news classification, natural language processing

Pages 82–98

Annotation:

In the paper a method for assessing the correctness of distributed algorithms using chaos engineering techniques to enhance their testing efficiency is presented. An analysis of current research in the field of testing distributed systems – such as federated learning systems for Large Language Models (LLMs) — and chaos engineering is provided. Existing chaos engineering-based testing methods and tools are analyzed, and their shortcomings are identified. As a result, a method for assessing the correctness of distributed systems through chaos engineering testing has been developed; vulnerability testing in open-source projects was conducted, including a comparison with existing approaches. The obtained results confirm the effectiveness of the proposed method.

Keywords:

Distributed algorithms, distributed systems, testing, chaos engineering, fuzzing

Pages 99–111

Annotation:

This paper presents methods of automated security analysis of Android applications, which can be used to search for cryptographic vulnerabilities, vulnerabilities of third-party software components, authentication, authorization, as well as to detect the storage and transmission of sensitive information in plaintext. The accuracy of search for the given types of vulnerabilities by means of automated vulnerability search and software prototype is analyzed.

Keywords:

Android, vulnerability scanning, dynamic instrumentation, security standard

Pages 112–123

Annotation:

Software solutions for active network attack detection and prevention on wireless ad-hoc networks have been analyzed. The requirements for the architecture of a software system designed to protect wireless adhoc networks from active network attacks have been formulated. The architecture meeting the requirements is proposed. A software prototype has been developed that implements the proposed solution, and its evaluation has been performed.

Keywords:

Information security, ad-hoc networks, network attack prevention, intrusion detection systems

Pages 124–133

Annotation:

The paper proposes the approach to increase the secrecy of steganography methods in images using convolutional neural networks (CNN). CNNs are integrated into the data embedding process and allow you to minimize the traces of concealment that can be detected by stegoanalyzers. Two implementation options are considered: based on the least significant bit (LSB) and discrete cosine transform (DCT) methods, and also their modifications using CNN. The task of ensuring the secrecy and reliability of embedding was solved in stages: the visual quality of the images, the reliability of message extraction and the resistance to detection by classical methods of stegoanalysis were analyzed. The results of quality and secrecy assessment experiments have confirmed the effectiveness of the proposed approach.

Keywords:

Steganography, LSB, DCT, machine learning, convolution neural networks, stegoanalysis

Pages 134–144

Annotation:

The paper proposes a coverless steganographic approach for hiding data in audio files. It is based on an architecture that includes the generative neural network model RealNVP for processing streaming data and auxiliary encoding and decoding modules. Piano-jazz was chosen as a musical genre for generating audio files. The results of experimental studies have confirmed the effectiveness of using streaming neural networks for the tasks of coverless steganography in audio files.

Keywords:

Steganography, coverless steganography, generative model, RealNVP model, audio file generation

Pages 145–155

Annotation:

The article presents an information model for ensuring the security of personal data in information systems, based on the Secure Remote Password protocol and Russian cryptographic algorithms GOST R34.12-2015 (“Kuznechik”) and GOST 34.11-2018 (“Stribog”). An analysis of threats and vulnerabilities of the information systems, the regulatory framework and modern methods of protecting personal data is carried out. A modular software implementation has been developed that is resistant to the main types of attacks, including traffic interception, man-in-the-middle attacks and database leaks.

Keywords:

Personal data, information security, SRP protocol, cryptographic algorithms, MITM-attacks, data protection

Pages 156–167

Annotation:

The paper studies the problem of protecting artificial intelligence systems with online learning from poisoning attacks. To improve the stability, an approach is proposed based on assessing the similarity of the operation of two computational models: the reference (initial) and the operational (test). The following indicators of stability violation were identified: a decrease in the total accuracy (TA), total prediction value (TPV), and a decrease in the cosine similarity of model weights (cos_similarity). As a result of experimental study, it was found that the proposed solution allows for timely detection of poisoned data, maintaining high classification accuracy during targeted attacks on the computational model, which is further trained on test data.

Keywords:

Poisoning attack, artificial intelligence security, online learning, model similarity assessment

Pages 168–178

Annotation:

The structure and composition of container images, as well as the related security issues, are analyzed. The existing scanning methods for detecting vulnerabilities in container images are analyzed, their advantages and disadvantages are highlighted. An approach addressing the identified shortcomings is proposed. A software prototype of an automated security scanning system for container images with support for dynamic monitoring is developed and tested.

Keywords:

Containers, container images, container image vulnerability scanners, Docker

Pages 179–188