and edited by prof. Peter Zegzhda
Institute of computer sciences and technologies
information security of computer systems
ISSN 2071-8217
№4
2018 year
№3
2018 year
Lyskatov I.V., Pilkevich S.V.
Saint-Petersburg, Mozhaisky Military Space Academy
Annotation:
The creation of media source protection model based on new methods of active search, unified investigation and cyber threat response. The process of detecting cyber threats based on methods of search forecasting, interlinked which the cyclic nature of the behavioral activity network resources users.
Keywords:
cyber threats, anomaly, forecast, user behavior, intelligence system.Lebedev I.V., Karpov I.A., Baranov B.E., Los V.P., Samoletova K.S.
Annotation:
This study describes a previously unknown model for describing the interests of the user has been presented on the sentiment analysis of texts, written by the user in the social network, and it has been applied to the research problem of forecasting the popularity of text messageson the basis of text message analysis, the author's profile of the message and the analysed community.
Keywords:
sentiment analysis, social networks, machine learning, popularity forecastingS.V. Lapshin
Saint-Petersburg State University
Sukhoparov M.E., I.S. Lebedev, A.I. Spivak
St. Petersburg Institute of Informatics and Automation of the Russian Academy of Sciences (SPIIRAS)
Annotation:
In modern conditions, competitive intelligence in the field of high technology involves the use of automatic means of filtering scientific information. The success of these activities and their labor costs directly depend on the quality of automated text analysis tools. The article proposes a method of classification of texts of scientific publications, characterized by the use of logical characteristics of texts, taking into account the hierarchy of concepts in the subject area. It allows more accurate classification for any arbitrarily narrow subject areas, which is important to clarify the results of filtering and reduce labor costs for competitive intelligence.
Keywords:
competitive intelligence, technical means of competitive intelligence, classification of texts.Doynikova E.V., Fedorchenko A.V., Kotenko I.V.
Saint-Petersburg, laboratory of computer security problems, SPIIRAS
Annotation:
The paper considers the task of automation of system weaknesses determination based on the analysis of its vulnerabilities. The authors tested various classification methods for vulnerabilities to map them to the specific class of weaknesses considering values of their properties. The method that resulted in the highest accuracy was selected. The vulnerability metrics that characterize their main properties were selected as classification features. The paper describes source data used for the classification, their preprocessing, and classification results. An interpretation and analysis of the results are provided. The considered task is a stage of the proposed by the authors approach to the automated generation of the required security measures and tools for the specific information system. The determined weaknesses of the analyzed system will be used for the automated specification of the security threats. The required set of response tools and means depends on the determined set of threats. The possibility of practical implementation of the approach follows from the connectivity between open databases of vulnerabilities, weaknesses, and attacks.
Keywords:
Vulnerability analysis, weaknesses analysis, data classification, countermeasure selection, information security.K. Vasilieva, A. Konoplev
Peter the Great St.Petersburg Polytechnic University
Annotation:
The paper reviews the problem of automatic embedded software UEFI BIOS analysis for undeclared capabilities revealing. It discusses the main features of UEFI BIOS architecture, compares common methods of static and dynamic analysis for software without source code, considers their possibility and limitation of addressing the described problem. There is proposed a method for enhanced automatic revealing undeclared capabilities in embedded software.
Keywords:
static analysis, embedded software, UEFI architecture, undeclared capabilities, control flow analysis, value-set analysisPavlenko E. Yu., Ignat’ev G. Yu.
Annotation:
In this paper authors propose a new deep learning-based approach for detection of malicious Android applications. Novelty of this approach is based on a representation of Android application for a convolutional neural network. In this representation authors construct an RGB image, using a sequence of API calls pairs and protection levels for RGB pixels representation. Proposed approach, as shown by experimental results, is effective and detects malicious Android applications with high accuracy.
Keywords:
malicious applications, malware detection, Android operating system, application security analysis, convolutional neural network, Android securityI. Pankov, A. Konoplev, A. Chernov
Peter the Great St.Petersburg Polytechnic University
Annotation:
The paper provides an overview of the actual attacks on the integrated BIOS and Intel ME software of modern Intel-based computers. The results of analysis of its protection for mainboards of the common manufacturers are presented. Classes of attacks that allow intruder to create program backdoors, the detection of which by traditional methods of searching for undeclared features becomes impossible or extremely difficult are highlighted.
Keywords:
trusted executable environment, embedded software, UEFI BIOS, Intel ME, undeclared capabilities, security analysis, vulnerabilities.Wang Liangpeng, O. G. Petrosyan, Du Jianming,
Annotation:
In this article we proposed a new method for facial recognition in a natural background, based on the coefficients tree of three-scale wavelet transformation and the hidden Markov model (HMM).
Keywords:
features of images, coefficient tree, hidden Markov model, accuracy of recognition№2
2018 year
FadeevaYu.A., Ponachugin A.V.
Annotation:
This article identifies the main problems associated with the loss of confidential company data. As a solution to the problem, it was suggested to conduct a comparative analysis of the current certified means of information protection from the state register of FSTEC of Russia. For this purpose, it is proposed to use the optimization method for determining the most effective system, to select the basic requirements imposed by consumers for Data Leak Prevention systems, to identify a system corresponding to the maximum set of possible requirements.
Keywords:
informations security means, information security, information system, confidential information, Data Leak Prevention system, NSD, optimization task, comparative analysisA.A. Grusho, N.A. Grusho, M.I. Zabezhailo, E.E. Timonina
Annotation:
The paper is devoted to discussion of a possibility of recovery of valuable information in conditions when the malefactor knows results of information transform and transformation itself within some information technology. The model of processed information in the form of the wood is constructed. Ways of protection of valuable information are investigated.
Keywords:
information security, valuable information, security of information as a result of transformationsDemidov R.A., Zegzhda P.D., Kalinin M.O.
Annotation:
The paper deals with the problem of cybersecurity threats analysis of control mechanisms in dynamic communication networks (VANET, FANET, MARINET, MANET, WSN). The authors formulate the initial task in the form of neural network-made approximation of the system function of cyberthreat. The neural network model parameters are optimized according to the criterion of likelihood maximization on the training dataset. A hybrid neural network based on recurrent and graph convolutional networks is proposed as an appropriate computational architecture.Keywords:
cybersecurity analysis, deep learning, distributed representations, hybrid neural network, routing threats, dynamic network, VANET, MANET, MARINET, MANET, WSNUsov E.S., Nikolsky A.V., Pavlenko E.Y., Zegzhda D.P.
Annotation:
The architecture of cloud storage with Intel SGX technology is proposed. This article presents an approach that allows to protect user data both on the cloud server from attacks from the provider, and on the client PC from various types of malicious software. The developed architecture supports group access to data for several users
Keywords:
Intel SGX, enclave, encryption, cloud computing, file hosting serviceZegzhda P.D., Ivanov D.V., Moskvin D.A., Kubrin G.S.
Annotation:
In the paper, the threats of cybersecurity for Vehicular Ad-hoc Networks (VANET) are studied. The developed classification of those threats is present.
Keywords:
Wireless self-organised networks; Vehicular ad hoc networks, VANET, self-similar graph; cybersecurity threats.Zegzhda P.D., Lavrova D.S., Shtyrkina A.A.
Annotation:
Authors propose to use multifractal analysis for anomaly detection in traffic of backbone networks. As security metrics, multifractal spectrum characteristics are used. The effectiveness of proposed approach is confirmed by experimental results on detecting denial-of-service attacksKeywords:
backbone networks, multifractal analysis, attack detection, multifractal spectrum, DoS attackShterenberg S. I., Poltavtseva M. A.
Annotation:
Modern distributed information networks protection from external and internal intruders continues to be relevant in connection with the development of data communication and processing technologies. The article describes the model of data processing in a distributed intrusion detection system (DIDS) and the method of using hidden agents to protect against an internal attacker. The distribution of data processing functions between the local DIDS agent and the general data processing node is given. The authors describe the method of hiding the presence of the agent from the user while maintaining its control by the operator.
Keywords:
distributed intrusion detection system, protection from internal intruder, hidden monitoring, big dataMironkin V.O, Chukhno A.B.
Annotation:
In this paper a generalization of the classical birthday problem for the case of several independent samples of arbitrary power is considered. Exact and asymptotic expressions describing the probability of the intersection of these samples are obtained.Keywords:
THE BIRTHDAY PROBLEM, ORDERED SAMPLE, COLLISIONZegzhda D.P, Moskvin D.A., Myasnikov A.V.
Annotation:
This article examines the architecture of modern systems of decentralized data storage and processing, the applicability of blockchain technology in these systems, the existing security threats in comparison with centralized systems and security methods that could eliminate these threats.
Keywords:
distributed systems, secure data storage, secure data processing, blockchainAleksandrova E.B., Shtyrkina A.A.
Annotation:
Elliptic curve isogeny-based directed signature is proposed. Only recipient whose public key was used to generate signature can verify this signature. Both signer and verifier control delegating the right of signature verification.Keywords:
isogeny-based cryptography, elliptic curves, directed signature, id-based cryptography, bilinear mapA.A.Sikarev, I.A. Sikarev, A.V.Garanin
Annotation:
Parallel complex signals synthesized from segments of harmonics of multiple frequencies that initial phase takes from binary set G0,π and that have same amplitudes are considered. New quasioptimal phase codes for peak-factor minimization obtained. Code type of frequency and time characteristics dependency two-dimensional auto- and cross-correlation functions of such signals was investigated.
Keywords:
phase codes, AIS, complex signalsI.E. Gorbachev, A.M. Suhov , M.A. Eremeev, S.I Smirnov
Annotation:
The article considers the system (complex) approach to the justification of design decisions on the creation of a proactive system of information security of critical information infrastructure. It is proposed that the appearance of the information security system at the stage of its system-aggregative (external) design methodology of the modern theory of the effectiveness of targeted processes.
Keywords:
information security system, proactivity, quality score, design solutions.