Quarterly journal published in SPbPU
and edited by prof. Dmitry Zegzhda
Peter the Great St. Petersburg Polytechnic University
Institute of computer sciences and technologies
information security of computer systems
Information Security Problems. Computer Systems
Published since 1999.
ISSN 2071-8217

№ 3

2024 year

INFORMATION SECURITY ASPECTS
D. S. Bogdanov, A. S. Logachev, V. O. Mironkin National Research University Higher School of Economics TVP Laboratory MIREA – Russian Technological University
THE PROBABILITIC-THEORETIC MODELS OF PHYSICAL RANDOM NUMBER GENERATORS

Annotation:

This paper presents the main probability-theoretic models describing a wide class of physical random number generators and allowing us to propose general approaches to their synthesis and analysis

Keywords:

physical random number generator, stochastic process, scheme of instantaneous value, scheme of intervals, scheme of excursion, optimal interpolation problem
A. Yu. Garkushev, A. V. Vyvolokina, S. I. Fokina, A. F. Suprun St. Petersburg State Marine Technical University St. Petersburg State Polytechnic University of Peter the Great
APPLICATION OF INDICATOR FUNCTIONS IN MODELS OF DETECTION AND NEUTRALIZATION OF MALICIOUS INFORMATION OBJECTS

Annotation:

The article proposes a new approach to the application of the well-known method of indicator functions, which used to simulate the detection and neutralization of suspicious information objects in the information environment of an industrial enterprise, as well as to simulate a security system during operation. Formula dependencies are given for calculation of stochastic indicators, allowing some objective estimates of values of time parameters and their impact on safe functioning of information systems

Keywords:

indicator function, information security, information system, neutralization, identification of the object
O. V. Rybkina Far Eastern State Transport University
CONSTRUCTION OF DETERMINISTIC AND STOCHASTIC MATHEMATICAL MODELS OF INFORMATION SYSTEM PROTECTION

Annotation:

Mathematical models of information system defense against information security threats are proposed based on the classical model of the struggle between two adversaries – the Lanchester model. Using the method of constructing systems of differential equations with a given set of invariants – first integrals, a deterministic model with invariant control and a stochastic model with Viner perturbations and a model with software control with probability 1 have been constructed. The behavior of the systems has been evaluated by means of mathematical modeling in MathCad. Behavior of the constructed models depending on initial conditions is considered. The existence of the stochastic model of information system protection against information security threats protected with probability 1 is established

Keywords:

mathematical model, Lanchester model, information security, deterministic model of information protection, stochastic model of information protection, invariant control, program control with probability 1
INFORMATION SECURITY APPLICATION
V. V. Zaitzeva, M. A. Poltavtseva Peter the Great St. Petersburg Polytechnic University
SECURITY ASSESSMENT OF BIG DATA SYSTEMS

Annotation:

The article deals with the task of the security assessing of big data systems. The authors define the main features of big data systems as an object of security assessment and analyze the known methods of assessment, including methodologies for assessing the security of information systems. Based on the results obtained, a new method of assessment is proposed, taking into account such factors as the state of the access control system in the considered heterogeneous systems and the number of privileged users. A mathematical formalization of the assessment is proposed, the main stages of its implementation are described, and a test case is presented

Keywords:

information security, Big Data, heterogeneous data processing systems, security assessment
T. M. Tatarnikova, I. A. Sikarev, D. A. Rychikhin St. Petersburg State University of Aerospace Instrumentation Russian State Hydrometeorological University
СПОСОБЫ ПОЛУЧЕНИЯ ДОКАЗАТЕЛЬНОЙ ИНФОРМАЦИИ С КОМПЬЮТЕРА СРЕДСТВАМИ OPEN SOURСE

Annotation:

The current task of obtaining evidentiary information as a direction for the development of digital forensics is considered. The procedure for collecting evidentiary information from computer storage devices is given, including the basic requirements for collecting evidence, its safety and ensuring integrity. An overview of methods for obtaining evidentiary information from a computer is given, among which an accessible and effective method is highlighted using Open Source software to form a snapshot of RAM. The results of an experiment to study the possibility of obtaining and analyzing a snapshot of a computer’s RAM using Open Source tools are presented and approximate information is determined that can be obtained when using them in the interests of computer technical expertise

Keywords:

digital forensics, evidentiary information obtained from a computer, the procedure for collecting evidentiary information, methods for obtaining evidentiary information, an experiment on obtaining evidentiary information from a computer
CRITICAL INFORMATION INFRASTRUCTURE SECURITY
A. G. Busygin, M. O. Kalinin Peter the Great St. Petersburg Polytechnic University
APPLICATION OF DISTRIBUTED LEDGER TECHNOLOGY TO PROTECT SMART CITY INFORMATION SYSTEMS

Annotation:

The article discusses the application of the distributed ledger technology to secure information systems of the smart city. The authors identified the limitations of existing solutions in this area and considered the main directions for the development of distributed ledger technology, ensuring successful integration into the smart city ecosystem

Keywords:

smart city, internet of things, distributed ledger technology, information security
D. P. Zegzhda, A. F. Suprun, E. G. Anisimov, V. G. Anisimov Peter the Great St. Petersburg Polytechnic University Peoples’ Friendship University of Russia named after Patrice Lumumba
ASSESSMENT OF THE POSSIBILITY OF UPGRADING INFORMATION SECURITY SYSTEMS IN THE PLANNED TIME FRAME

Annotation:

In the interests of sound planning for the modernization of information security systems, approaches to constructing methods for assessing the possibility of developing and introducing within the planned time frame innovations necessary for the timely detection, prevention and elimination of the consequences of information security threats are considered. As an indicator for assessing this possibility, it is proposed to use the probability of modernizing the information security system over a certain specified period of time. To quantify this indicator, approaches based on a generalization of Chebyshev’s inequality and the principle of stochastic dominance are proposed

Keywords:

information security system, modernization planning, assessing the likelihood of meeting the deadlines for introducing innovations
CYBER-PHYSIC SYSTEMS SECURITY
A. S. Kurakin LLС “STC”
AN INTEGRAL INDICATOR OF THE EFFECTIVENESS OF THE USE OF A GROUP OF UNMANNED AERIAL VEHICLES IN SOLVING AERIAL PHOTOGRAPHY TASKS

Annotation:

The paper evaluates the effectiveness of a group of unmanned aerial vehicles in performing aerial photography tasks in solving heterogeneous tasks and various payload variants. The modeling of options for equipping the elements of the group when performing various tasks is carried out. The integral indicator is defined as a combination of particular performance indicators, efficiency and resource intensity. The relationship between task options and payload options has been established. Numerical modeling of combinations of group equipment options and task options is carried out

Keywords:

efficiency, resource intensity, integral indicator, group of unmanned aerial vehicles, flight task, efficiency, comparative assessment, aerial photography
E. Yu. Pavlenko Peter the Great St. Petersburg Polytechnic University
ANALYSIS AND PREDICTION OF STATES OF INDUSTRIAL NETWORKS WITH ADAPTIVE TOPOLOGY BASED ON NETWORK MOTIFS

Annotation:

An approach to investigating the states of complex industrial networks with adaptive topology using network motifs – statistically significant subgraphs of a larger graph – is proposed. The analysis presented addresses the ability of network motifs to characterize system performance and the possibility of their application to short-, medium-, and long-term prediction of system states. Using the Smart Grid network structure as an example, a directed graph is modeled, in which the most common motifs are searched, several attack scenarios on network nodes are simulated and a network state prediction is built. The results of experimental studies confirmed the correctness and validity of the application of this mathematical apparatus for the set tasks

Keywords:

dynamic graph, network motive, target function, network with adaptive topology, forecasting
SOFTWARE SECURITY
S. V. Bezzateev, G. A. Zhemelev, S. G. Fomicheva Saint Petersburg State University of Aerospace Instrumentation Peter the Great St. Petersburg Polytechnic University
RESEARCH ON THE PERFORMANCE OF AUTOML PLATFORMS IN CONFIDENTIAL COMPUTING

Annotation:

The paper examines the performance indicators of automatic machine learning platforms when they function in standard and confidential modes using the example of a nonlinear multidimensional regression. A general protocol of distributed machine learning trusted in the sense of security is proposed. It is shown that within the framework of confidential virtualization, when optimizing the architecture of machine learning pipelines and hyperparameters, the best quality indicators of generated pipelines for multidimensional regressors and speed characteristics are demonstrated by solutions based on Auto Sklearn compared with Azure AutoML, which is explained by different learning strategies. The results of the experiments are presented

Keywords:

automatic machine learning, confidential computing, confidential virtual machines, optimization of the architecture of the machine-learning model, hyperparameters
N. V. Gololobov Peter the Great St. Petersburg Polytechnic University
ANALYSIS AND FORECASTING THE STATES OF INDUSTRIAL NETWORKS WITH ADAPTIVE TOPOLOGY BASED ON NETWORK MOTIVES

Annotation:

The most vulnerable nodes of any information system are those that depend on the human factor. Such nodes, for example, include user electronic computers (PCs), which are susceptible to attacks using malicious software (malware). Modern malware detection tools can effectively identify known instances, but their effectiveness for zero-day threats is at a suboptimal level. One of the potential ways to identify malware is a method based on behavioral analysis and analysis of their activity on a personal computer, but its creation requires systematization of known information about the activity of various types of malwares. This scientific work systematizes malicious software to determine the types of activity they exhibit to use the resulting system to create a method for identifying malware based on behavioral analysis

Keywords:

information security, malicious software, systematization, malware activity
V. M. Bogina, K. А. Velichko, A. А. Makeeva, A. D. Dahnovich, D. P. Zegzhda Peter the Great St. Petersburg Polytechnic University
APPROACH TO CREATING PERSONALISED LLM AGENTS BASED ON MBTI PERSONALITY TRAITS

Annotation:

This article describes an approach to creating target characters based on LLM agents. Agents use personal memory to access biographical and personal data assigned to them. In order to increase the integrity of the characters being created, a short life biography is generated based on the initial target data, corresponding to the original set and enriching the reactions of the agents. The personal traits inherited by agents are formulated on the basis of descriptive information of MBTI types, and the paper presents a study of the correspondence of characters to their target personality type

Keywords:

LLM, social simulation, personalization, social modeling, cyberpsychology

Articles are being accepted in № 3 (60) 2024.

Detailed information on the rules of registration and the process of submitting an article.