Quarterly journal published in SPbPU
and edited by prof. Dmitry Zegzhda
Peter the Great St. Petersburg Polytechnic University
Institute of computer sciences and technologies
information security of computer systems
Information Security Problems. Computer Systems
Published since 1999.
ISSN 2071-8217
  • 2025 year
  • 2024 year
  • 2023 year
  • 2022 year
  • 2021 year
  • 2020 year
  • 2019 year
  • 2018 year
  • 2017 year
    • №1 2017
      • INFORMATION SECURITY APPLICATION

        Sukhoparov M.E. Lebedev I.S., Korzhuk V.M., Krivtsova I.E.

        DETECTION METHOD FOR PERSONAL NETWORKS ANOMALOUS BEHAVIOUR

        Annotation:

        Considered the low-power wireless network devices. The analysis of the characteristics of systems based on wireless technologies, resulting from passive surveillance and active devices to the survey, which make up the network infrastructure. A number of external signs of unauthorized access to a wireless network by the potential offender information security.

        To quote:

        Sukhoparov M.E. Lebedev I.S., Korzhuk V.M., Krivtsova I.E.

        DETECTION METHOD FOR PERSONAL NETWORKS ANOMALOUS BEHAVIOUR // Information Security Problems. Computer Systems. 2017. №1. Pp. 9-15. DOI:

        Keywords:

        information security, "soft" space wireless networks, personal network, device availablity, information security model.

        Pages:

        9-15

        Akimov D. A., Redkin O. K., Los V. P., Zhukov D. O

        CONVOLUTIONAL NEURAL NETWORKS FOR THE PREVENTION OF INFORMATION LEAKAGE IN OPEN INTERNET RESOURCES

        Annotation:

        This paper considers the architecture of convolutional neural networks: layer types, how they works, the details of their implementation, hyperparameters of layers and features of network training. The possibility of using this type networks for tasks of natural language processing. The possibility of their use for solving allocation problem of web pages constituting single web-resources the most information-packed pages.

        To quote:

        Akimov D. A., Redkin O. K., Los V. P., Zhukov D. O

        CONVOLUTIONAL NEURAL NETWORKS FOR THE PREVENTION OF INFORMATION LEAKAGE IN OPEN INTERNET RESOURCES // Information Security Problems. Computer Systems. 2017. №1. Pp. 16-22. DOI:

        Keywords:

        convolutional neural networks, machine learning, natural language processing, web pages classification.

        Pages:

        16-22
      • NETWORK AND TELECOMMUNICATION SECURITY

        V.V. Platonov, P.O. Semenov

        THE ADAPTIVE MODEL OF DISTRIBUTED INTRUSION DETECTION SYSTEM

        Annotation:

        Proposed the adaptive model of intrusion detection system for distributed compute network. The intrusion detection system is based on different data mining methods that allow analyzing a set of network traffic parameters and determining whether network interaction is normal or anomalous.

        To quote:

        V.V. Platonov, P.O. Semenov

        THE ADAPTIVE MODEL OF DISTRIBUTED INTRUSION DETECTION SYSTEM // Information Security Problems. Computer Systems. 2017. №1. Pp. 23-28. DOI:

        Keywords:

        intrusion detection system, distributed computer network, data mining methods.

        Pages:

        23-28
        M. Kalinin, A. MininSECURITY ASSESSMENT OF WIRELESS AD-HOC NETWORKS WITH DYNAMIC TOPOLOGY
        SECURITY ASSESSMENT OF WIRELESS AD-HOC NETWORKS WITH DYNAMIC TOPOLOGY

        Annotation:

        The paper reviews a security estimation approach for wireless ad-hoc networks with dynamic topology (e.g., mesh-networks, MANET/VANET, smart home) based on principal component analysis (PCA) method.

        To quote:

        M. Kalinin, A. MininSECURITY ASSESSMENT OF WIRELESS AD-HOC NETWORKS WITH DYNAMIC TOPOLOGY SECURITY ASSESSMENT OF WIRELESS AD-HOC NETWORKS WITH DYNAMIC TOPOLOGY // Information Security Problems. Computer Systems. 2017. №1. DOI:

        Keywords:

        (Russian) сеть с динамической топологией, mesh, adhoc, сенсорная сеть, безопасность, оценка безопасности, метод главных компонент.
      • APPLIED CRYPTOGRAPHY

        Yakovlev V.A., Arkhipov V.V., Adadurov S.E.

        THE ANALYSIS OF PRINCIPLES AND TECHNIQUE OF RESISTANCE ASSESSMENT OF GRAPHICAL PASSWORDS, TOLERANT TO SHOULDER-SURFING ATTACKS

        Annotation:

        Recently in scientific literature there were many suggestions for improvement of password system resistance to shoulder-surfing attack. Such passwords are called resistant to the shoulder-surfing attacks (RSS-GP). This paper presents a general methodological approach to the analysis and evaluation RSS-GP, which can be described in terms of the entry table.

        To quote:

        Yakovlev V.A., Arkhipov V.V., Adadurov S.E.

        THE ANALYSIS OF PRINCIPLES AND TECHNIQUE OF RESISTANCE ASSESSMENT OF GRAPHICAL PASSWORDS, TOLERANT TO SHOULDER-SURFING ATTACKS // Information Security Problems. Computer Systems. 2017. №1. Pp. 32 42. DOI:

        Keywords:

        authentication, password protection, graphical password, video-recording attack, shoulder-surfing attack

        Pages:

        32 42

        Marshalko G.B., Mironkin V.O.

        GEOMETRIC ANALYSIS OF A NEURAL SYMMETRIC CIPHER

        Annotation:

        We consider a variant of a neural symmetric cipher, describe its probabilistic model. We show that this cipher is equivalent to the proportional substitution cipher. We propose an algorithm for reconstruction of a plaintext from cipher text, using properties of the space of enciphered characters.

        To quote:

        Marshalko G.B., Mironkin V.O.

        GEOMETRIC ANALYSIS OF A NEURAL SYMMETRIC CIPHER // Information Security Problems. Computer Systems. 2017. №1. Pp. 43 49. DOI:

        Keywords:

        NEURAL NETWORK, PROBABLISTIC MODEL OF A CIPHER, MESSAGE SOURCE, FREQUENCY ANALYSIS, HAMMING DISTANCE

        Pages:

        43 49

        Aleksandrova E.B., Shtirkina A.A., Yarmak A.V.

        constructing elliptic curves for isogeny-based cryptosystems

        Annotation:

        Explorations of supersingular and non-supersingular elliptic curves generation methods for isogeny-based cryptosystems are presented. The influence of class field polynomial is analyzed and comparative characteristics of time of elliptic curve generation with using Weber and Hilbert class polynomials are given. Parameters, which influence cryptographic resistance of isogeny-based cryptosystems, are also reviewed.

        To quote:

        Aleksandrova E.B., Shtirkina A.A., Yarmak A.V.

        constructing elliptic curves for isogeny-based cryptosystems // Information Security Problems. Computer Systems. 2017. №1. Pp. 50-58. DOI:

        Keywords:

        elliptic, curves, isogenies, Weber class polynomials

        Pages:

        50-58
      • FUNDAMENTAL THEORY OF INFORMATION CONFRONTATION

        Grigoriev V.R., Bogdanova R.E.

        MODEL IDENTIFYING EXTERNAL DESTRUCTIVE CONTROL ACTIONS ON SOCIAL NETWORKS BASED ON IMMUNE NETWORKS

        Annotation:

        The mechanisms of complex dynamical systems control (for example, social networks) are investigated in the face of external destructive control actions and counteract them by means of internal warfare. srocess and methods of organization of internal warfare based on formalization of the human body immune system.

        To quote:

        Grigoriev V.R., Bogdanova R.E.

        MODEL IDENTIFYING EXTERNAL DESTRUCTIVE CONTROL ACTIONS ON SOCIAL NETWORKS BASED ON IMMUNE NETWORKS // Information Security Problems. Computer Systems. 2017. №1. Pp. 59-69. DOI:

        Keywords:

        COMPLEX DYNAMIC SYSTEMS; WARFARE MODELS; SOCIAL NETWORKS; DESTRUCTIVE CONTROL ACTIONS; IMMUNOLOGY; ACTORS-DESTRUCTORS NETWORK.

        Pages:

        59-69
      • SPECIAL IT

        Самойленко Д.В., Еремеев М.А.

        г. Санкт-Петербург, Военно-космическая академия имени А.Ф. Можайского

        Финько О.А.

        г. Краснодар, Краснодарское высшее военное училище имени С.М. Штеменко

        METHOD FOR PROVIDING INTEGRITY INFORMATION GROUP ROBOTIC SYSTEMS CRYPTOCODING BASED STRUCTURES

        Annotation:

        A system cryptocoding conversion information, based aggregate block use of encryption algorithms and polynomial code system of residual classes. Complexed method restores the integrity of the information stored in the robotic systems group (RS), exposed to the offender (algebraic manipulation) and both the physical loss of a predetermined maximum number of RS does not lead to a partial or complete loss of it.

        To quote:

        Самойленко Д.В., Еремеев М.А.

        г. Санкт-Петербург, Военно-космическая академия имени А.Ф. Можайского

        Финько О.А.

        г. Краснодар, Краснодарское высшее военное училище имени С.М. Штеменко

        METHOD FOR PROVIDING INTEGRITY INFORMATION GROUP ROBOTIC SYSTEMS CRYPTOCODING BASED STRUCTURES // Information Security Problems. Computer Systems. 2017. №1. Pp. 70-78. DOI:

        Keywords:

        Robotic systems, cryptography, modular arithmetic, noiseless coding in residue classes, the integrity.

        Pages:

        70-78

        Sikarev I.A., Volkova T.A.,Kislevich G.V.

        DEPRIVATION FIELDS FOR COMPLEX DISCRETE-MANIPULATED SIGNALS WITH DISCONTINUOUS IN TIME STRUCTURE

        Annotation:

        The problem of calculating deprivation fields for complex discrete-manipulated signals (DMS) with discontinuous in time structure in terms of (measure of) determining the degree of electromagnetic protection is considered.

        To quote:

        Sikarev I.A., Volkova T.A.,Kislevich G.V.

        DEPRIVATION FIELDS FOR COMPLEX DISCRETE-MANIPULATED SIGNALS WITH DISCONTINUOUS IN TIME STRUCTURE // Information Security Problems. Computer Systems. 2017. №1. Pp. 79-82. DOI:

        Keywords:

        DISCRETE-MANIPULATED SIGNALS (DMS), SIGNALS WITH DISCONTINUOUS IN TIME STRUCTURE, NARROW-BAND INTERFERENCE, COEFFICIENT OF MUTUAL DIFFERENCE (CMD), DEPRIVATION FIELDS.

        Pages:

        79-82
      • SOFTWARE SECURITY

        Golchevskiy Yu.V.

        Shakhov A.N.

        PROBLEM OF ANDROID MALICIOUS PROAGRAM CODE RESEARCH IN COMPUTER EXPERTISE PROCESS

        Annotation:

        The problem of malicious Android application code analysis for computer forensics was investigated. The algorithm of effective actions and software improvement were suggested. Approbation of the proposed methodology was performed.

        To quote:

        Golchevskiy Yu.V.

        Shakhov A.N.

        PROBLEM OF ANDROID MALICIOUS PROAGRAM CODE RESEARCH IN COMPUTER EXPERTISE PROCESS // Information Security Problems. Computer Systems. 2017. №1. Pp. 83-91. DOI:

        Keywords:

        forensics, computer expertise, malicious program code, static analysis, dynamic analysis, Android

        Pages:

        83-91
        Pavlenko E. Yu., Yarmak A. V., Moskvin D. A.
        HIERARCHICAL APPROACH FOR ANALYSIS OF SECURITY BREACHES IN INFORMATION SYSTEMS

        Annotation:

        In this paper proposed a hierarchical approach for analysis of information security in modern information systems. It is based on multi-level events collection, analysis, and control. Performed analysis of mechanisms and characteristics of malicious software for every information system level. Identified mechanisms of malicious software action, its hiding and of possible methods for its detection.

        To quote:

        Pavlenko E. Yu., Yarmak A. V., Moskvin D. A. HIERARCHICAL APPROACH FOR ANALYSIS OF SECURITY BREACHES IN INFORMATION SYSTEMS // Information Security Problems. Computer Systems. 2017. №1. Pp. 92-99. DOI:

        Keywords:

        information security, malware, hypervisor, security management, virtualization technology.

        Pages:

        92-99
    • № 2 2017
      • INFORMATION SECURITY APPLICATION
        Akimov D. A., Sachkov V. E., Alyoshkin A. S., Umanskii V. I.
        PROCESSING AND COMPUTER ANALYSIS FOR INFORMATION PUBLISHED ZERO-DAY VULNERABILITIES OF NATURAL LANGUAGE TEXTS

        Annotation:

        Natural language processing (Natural language Processing, NLP), is an important direction of development of application software, and zero-day vulnerabilities.

        Word Processing from natural language used to address a vast number of tasks, such as: search, annotation, classification, speech recognition, query analysis. Also used to expand the functionality of the applications, for example to simplify the user data input and text in more convenient forms, used to search for information about the vulnerabilities on the Internet.

        To quote:

        Akimov D. A., Sachkov V. E., Alyoshkin A. S., Umanskii V. I. PROCESSING AND COMPUTER ANALYSIS FOR INFORMATION PUBLISHED ZERO-DAY VULNERABILITIES OF NATURAL LANGUAGE TEXTS // Information Security Problems. Computer Systems. 2017. № 2. DOI:

        Keywords:

        NLP, NER, POS, SBD, processing, natural language, tokenization, search suggestions borders, zero-day attacks.

        A. Baranov, P. Baranov

        Models of CRC and checksum values forming in multiple distortions conditions

        Annotation:

        The paper considers certain probability-theoretic models of packet mode-transferred information distortions. Attention is drawn mainly to distortions, including possible interferences influencing multiple transfer cycles. Distortions are modeled by a consequential impacts that are defined by dependent random variables. K-dimensioned values of CRC, respectively allow representation as a sum of k-dimensioned independent random variables.

        In some cases it is possible to bring them to a sum of independent terms in a k-dimensioned vector space over a two-element field and, afterwards, apply to them existing limit theorems dealing with convergence to uniform distributions.

        The paper discusses prospects for impacts stretching to m cycles of acquiring convergence conditions for CRC distribution as a sum of m-dependent terms or ones not interconnected to a non-homogeneous Markov chain.

        To quote:

        A. Baranov, P. Baranov

        Models of CRC and checksum values forming in multiple distortions conditions // Information Security Problems. Computer Systems. 2017. № 2. DOI:

        Keywords:

        information security, CRC, error probability, multiple distortions, telecommunication protocols.

        A.A. Grusho, N.A. Grusho, E.E. Timonina

        (Russian) СИНТЕЗ АРХИТЕКТУРЫ ИНФОРМАЦИОННОЙ БЕЗОПАСНОСТИ В РАСПРЕДЕЛЕННЫХ ИНФОРМАЦИОННО-ВЫЧИСЛИТЕЛЬНЫХ СИСТЕМАХ1

        Annotation:

        In the paper the problem of synthesis of information security architecture in the distributed information systems is considered. This synthesis is based on usage of elementary constructions which are described in the form of diagrams of problems decision of protection of actions during calculating process in computer system and in case of network exchange.

        To quote:

        A.A. Grusho, N.A. Grusho, E.E. Timonina

        (Russian) СИНТЕЗ АРХИТЕКТУРЫ ИНФОРМАЦИОННОЙ БЕЗОПАСНОСТИ В РАСПРЕДЕЛЕННЫХ ИНФОРМАЦИОННО-ВЫЧИСЛИТЕЛЬНЫХ СИСТЕМАХ1 // Information Security Problems. Computer Systems. 2017. № 2. Pp. 23-30. DOI:

        Keywords:

        information security, synthesis of secure architecture, the distributed information systems

        Pages:

        23-30
      • NETWORK AND TELECOMMUNICATION SECURITY

        A.M. Sukhov, I.E. Gorbachev, V.I. Yakunin

        A METHOD FOR SIMULATING THE OPERATION OF THE INTRUSION DETECTION SYSTEM IN COMPUTER NETWORK THE OBJECTIVES OF THE STUDY THE EFFECTIVENESS OF

        Annotation:

        The article discusses an integrated approach to the study of quality of functioning of systems of detection of intrusions in computer network intruders in the protected objects. The feature of the proposed method of modeling is a complex disci-those are all factors affecting the efficiency of the process under study.

        To quote:

        A.M. Sukhov, I.E. Gorbachev, V.I. Yakunin

        A METHOD FOR SIMULATING THE OPERATION OF THE INTRUSION DETECTION SYSTEM IN COMPUTER NETWORK THE OBJECTIVES OF THE STUDY THE EFFECTIVENESS OF // Information Security Problems. Computer Systems. 2017. № 2. Pp. 23-30. DOI:

        Keywords:

        intrusion detection system, the effectiveness of the targeted application, the theory of efficiency.

        Pages:

        23-30

        Pavlenko E.Y., Yarmak A.V., Moskvin D.A.

        Security managing of information system based on the analysis of the event graph

        Annotation:

        In this paper proposed the model based on event graph, which can provide the behavior analyse of a program. The graph is built by events generated during program execution. The architecture of the system is presented, and a list of events tracked at each level is listed. The metrics that allow comparing a structure of obtained graph with structure of legitimate program’s graphs are also presented. The experiment’s results experimental results illustrate the effectiveness of the proposed approach.

        To quote:

        Pavlenko E.Y., Yarmak A.V., Moskvin D.A.

        Security managing of information system based on the analysis of the event graph // Information Security Problems. Computer Systems. 2017. № 2. Pp. 31-38. DOI:

        Keywords:

        information security, malware, hypervisor, security management, virtualization technology

        Pages:

        31-38
      • APPLIED CRYPTOGRAPHY
        A. Baranov, P. Baranov
        Models of CRC and checksum values forming in multiple distortions conditions

        Annotation:

        The paper considers certain probability-theoretic models of packet mode-transferred information distortions. Attention is drawn mainly to distortions, including possible interferences influencing multiple transfer cycles. Distortions are modeled by a consequential impacts that are defined by dependent random variables. K-dimensioned values of CRC, respectively allow representation as a sum of k-dimensioned independent random variables. In some cases it is possible to bring them to a sum of independent terms in a k-dimensioned vector space over a two-element field and, afterwards, apply to them existing limit theorems dealing with convergence to uniform distributions. The paper discusses prospects for impacts stretching to m cycles of acquiring convergence conditions for CRC distribution as a sum of m-dependent terms or ones not interconnected to a non-homogeneous Markov chain.

        To quote:

        A. Baranov, P. Baranov Models of CRC and checksum values forming in multiple distortions conditions // Information Security Problems. Computer Systems. 2017. № 2. Pp. 39-45. DOI:

        Keywords:

        information security, CRC, error probability, multiple distortions, telecommunication protocols.

        Pages:

        39-45
        Dali F.A., Mironkin V.O.
        A SURVEY OF SEVERAL TREE-HASHING MODES

        Annotation:

        Some tree-hashing modes are considered. The main requirements to tree-hashing modes are formulated.

        To quote:

        Dali F.A., Mironkin V.O. A SURVEY OF SEVERAL TREE-HASHING MODES // Information Security Problems. Computer Systems. 2017. № 2. Pp. 46-55. DOI:

        Keywords:

        A HASH FUNCTION, A TREE MODE, A HASH TREE, AN ALGORITHM.

        Pages:

        46-55
        N. N. Shenets
        AUTHENTICATION IN DYNAMIC AD-HOC NETWORKS BASED ON HOMOMORPHIC SECRET SHARING

        Annotation:

        In this work a new authentication and key establishment method in ad-hoc networks without secure channels, which is used only verifiable homomorphic secret sharing, is presented. The security of the method in standard assumptions to active adversary model which includes pre-threshold number of the network nodes is proven. In the passive adversary model this method provides perfect security.

        To quote:

        N. N. Shenets AUTHENTICATION IN DYNAMIC AD-HOC NETWORKS BASED ON HOMOMORPHIC SECRET SHARING // Information Security Problems. Computer Systems. 2017. № 2. Pp. 56-67. DOI:

        Keywords:

        authentication and key establishment protocol, ad-hoc networks, verifiable secret sharing, perfectness, homomorphic property

        Pages:

        56-67
        E.B. Aleksandrova
        Methods of group authentication for low-resource vehicle and flying self-organized networks

        Annotation:

        Group authentication in self-organized networks with group signature is suggested. Besides of technical features of unmanned aerial vehicles, elliptic curve EDR-BBS scheme is chosen for FANET. Elliptic curves over extended fields of pseudo-mersenne characteristic are used.

        To quote:

        E.B. Aleksandrova Methods of group authentication for low-resource vehicle and flying self-organized networks // Information Security Problems. Computer Systems. 2017. № 2. Pp. 68-83. DOI:

        Keywords:

        VANET, FANET, group authentication

        Pages:

        68-83
      • SPECIAL IT

        Sikarev I.A., Shahnov S.F.

        PROTECTION OF INFORMATION IN THE RADIO CHANNELS OF LOCAL DIFFERENTIAL SUBSYSTEMS SATELLITE NAVIGATION

        Annotation:

        The article deals with the issues of the information protection in radio channels of control and correction stations (CCS) of river local differential GPS/GLONASS subsystem on the inland waterways of Russia under the influence of mutual and industrial interference. Criteria of assessment of interference resistance and functional sustainable of radio channels are introduced on the basis of a study of coefficients of relative sensitivity to variations in parameters and structure of signals and interference and the required probability of the error of piece-by-piece method of digital communication. Method of calculating interference resistance and functional stability of radio channels is presented. Variation-parametric sensitivity of the size of CCS coverage area to variations in parameters of mutual and industrial interference is investigated, as well as its variation-functional sensitivity to variations in frequency-time signal structure and mutual interference. It has been established that the size of CCS coverage area is most sensitive to the variations in the parameters of industrial interference.

        To quote:

        Sikarev I.A., Shahnov S.F.

        PROTECTION OF INFORMATION IN THE RADIO CHANNELS OF LOCAL DIFFERENTIAL SUBSYSTEMS SATELLITE NAVIGATION // Information Security Problems. Computer Systems. 2017. № 2. Pp. 84-91. DOI:

        Keywords:

        interference immunity, functional stability, mutual and industrial interference, coefficient of mutual difference, the probability of the error of piece-by-piece method.

        Pages:

        84-91
      • SOFTWARE SECURITY

        Sukhoparov M.E., Lebedev I.S.

        ANALYSIS OF INFORMATION SECURITY STATUS BASED ON ADVERSE RADIATION OF ELECTRONIC COMPONENTS

        Annotation:

        The proposed solution is to use methods that ensure the implementation of preventive measures aimed at increasing the complexity of implementing threats to information security on a compact device based on the PC-104 + form factor. The estimation of counteraction to information attacks is given and the states of the device are modeled in different modes and when additional protection elements are introduced.

        To quote:

        Sukhoparov M.E., Lebedev I.S.

        ANALYSIS OF INFORMATION SECURITY STATUS BASED ON ADVERSE RADIATION OF ELECTRONIC COMPONENTS // Information Security Problems. Computer Systems. 2017. № 2. Pp. 92-98. DOI:

        Keywords:

        words: wireless communication channels, information security system, information protection, counteraction to information attacks

        Pages:

        92-98

        Pavlenko E.Y., Dremov A.S.

        INVESTIGATION OF FEATURES OF ANDROID MALWARE

        Annotation:

        This paper explores the task of detecting the features of malicious applications for Android, which allow to detect malicious functions in the application code. The key features of modern Android-applications are considered, which must be taken into account when analyzing them from the point of view of security. In the work, the signs characteristic of malicious applications are defined. For the characteristics obtained, statistics on the use of malicious and legitimate applications are given.

        To quote:

        Pavlenko E.Y., Dremov A.S.

        INVESTIGATION OF FEATURES OF ANDROID MALWARE // Information Security Problems. Computer Systems. 2017. № 2. Pp. 99-108. DOI:

        Keywords:

        information security, Google Android, mobile security, malware, application analysis.

        Pages:

        99-108

        Pavlenko E.Y., Dremov A.S.

        Detection of malware code in Android application based on the analysis of control flows and data flows

        Annotation:

        This paper explores the problem of identifying malicious code sections in applications for the Android. A method for analyzing Android applications is proposed, based on the use of static analysis using graphs of control flows and data flows. The paper formally describes the dependency relationships that are used to construct graphs, and also describes an algorithm that allows you to identify malicious sections of code using the received graphs. The results of an experimental evaluation of the effectiveness of the proposed method are presented, demonstrating a high probability of detecting malicious portions of the code of Android applications.

        To quote:

        Pavlenko E.Y., Dremov A.S.

        Detection of malware code in Android application based on the analysis of control flows and data flows // Information Security Problems. Computer Systems. 2017. № 2. Pp. 109-126. DOI:

        Keywords:

        information security, Google Android, mobile security, malware, application analysis.

        Pages:

        109-126
      • INFORMATION SECURITY CYBER-PHYSIC SYSTEMS
        Zegzhda P. D., Poltavtseva M. A., Lavrova D. S.
        CYBER-PHYSIC SYSTEMS SYSTEMATIZATION AND SECURITY EVALUATION

        Annotation:

        In this paper, the cyber-physic systems features are considered, and the difficulties in ensuring their security are identified. CPS are classified according to the main distinctive features. The authors analyzed the security evaluation approaches and identified the requirements for the CPS information security indicators. The article suggests a specific CPS information security evaluation indicators system based on the sustainability criterion and homeostasis.

        To quote:

        Zegzhda P. D., Poltavtseva M. A., Lavrova D. S. CYBER-PHYSIC SYSTEMS SYSTEMATIZATION AND SECURITY EVALUATION // Information Security Problems. Computer Systems. 2017. № 2. Pp. 127-138. DOI:

        Keywords:

        CYBER-PHYSIC SYSTEMS, CYBERSECURITY, CYBER-PHYSIC SYSTEMS MODELING, security evluation.

        Pages:

        127-138
    • №3 2017
      • INFORMATION SECURITY ASPECTS

        Zegzhda D. P., Pavlenko E. Y.

        HOMEOSTATIC SECURITY OF CYBERPHYSICAL SYSTEMS

        Annotation:

        The distinctive features of ensuring the security of cyber-physical systems (CPS) are distinguished, existing approaches to security management of CPS are systematized, and their use in CPS is limited. A strategy of homeostatic security management based on the retention of CPS in the field of functional stability was proposed. The structure of the homeostat for controlling CPS is described, a model of the homeostat using logical predicates is developed. The criteria for assessing the functional stability of the CPS are proposed, the results of experimental studies showing the possibility of applying the proposed criteria.

         

        To quote:

        Zegzhda D. P., Pavlenko E. Y.

        HOMEOSTATIC SECURITY OF CYBERPHYSICAL SYSTEMS // Information Security Problems. Computer Systems. 2017. №3. Pp. 9-22. DOI:

        Keywords:

        information security, security management, homeostat, security of cyber-physical.

        Pages:

        9-22

        Styugin M.A.

        INDISTINGUISHABILITY OF ACTIONS IN MANIPULATED INFORMATION SYSTEMS

        Annotation:

        The present paper reviews the problem of investigating incidents in systems with dependent states. Actions of an agent in such systems may lead to a modification in the system, which could be made by an agent not directly but indirectly through other agents. A method for modelling such systems is presented. The method allows defining a “manipulated system” in which other agents can be used to obtain the changes. A method for analysis of such systems by reducing them to the nonmanipulated type is presented.

        To quote:

        Styugin M.A.

        INDISTINGUISHABILITY OF ACTIONS IN MANIPULATED INFORMATION SYSTEMS // Information Security Problems. Computer Systems. 2017. №3. Pp. 23-29. DOI:

        Keywords:

        nformational noninfluence, mathematical models, security models, manipulation.

        Pages:

        23-29

        Zegzhda D.P., Vasilev Y.S., Poltavtseva M.A.

        APPROACHES TO CYBER-PHYSIC SYSTEMS SECURITY MODELING

        Annotation:

        In the article cyber-physic systems, as complexes combining physical and information components, features are considered. Authors reviewed approaches to cyber-physic systems modeling, based on graphs and stochastic dynamics. General features and further directions in the CPS modeling are singled out, including based on homeostasis cyber-physic systems modeling approach.

        To quote:

        Zegzhda D.P., Vasilev Y.S., Poltavtseva M.A.

        APPROACHES TO CYBER-PHYSIC SYSTEMS SECURITY MODELING // Information Security Problems. Computer Systems. 2017. №3. Pp. 30-43. DOI:

        Keywords:

        CYBER-PHYSIC SYSTEMS, CYBERSECURITY, CYBER-PHYSIC SYSTEMS MODELING.

        Pages:

        30-43
      • NETWORK AND TELECOMMUNICATION SECURITY
        D.V.Andrushkevich, V.M. Morgunov
        СИСТЕМА СИТУАЦИОННОГО УПРАВЛЕНИЯ ИНДИКАЦИЕЙ СОСТОЯНИЯ ИНФОРМАЦИОННОЙ БЕЗОПАСНОСТИ

        Annotation:

        The article shows the relevance of the event management systems information security (SIEM systems) in monitoring the actual state of automated systems in the conditions of mass information and technical influences. An approach for managing the display state of information security based on evaluating the status of information security and calculate the contribution of the incidents in this condition, which allows us to efficiently and promptly respond to the registered security incidents during the processing of security event information.

        To quote:

        D.V.Andrushkevich, V.M. Morgunov СИСТЕМА СИТУАЦИОННОГО УПРАВЛЕНИЯ ИНДИКАЦИЕЙ СОСТОЯНИЯ ИНФОРМАЦИОННОЙ БЕЗОПАСНОСТИ // Information Security Problems. Computer Systems. 2017. №3. Pp. 44-52. DOI:

        Keywords:

        control system security event information, the indicator of potential danger, the incident safety information.

        Pages:

        44-52

        M. Kalinin, V. Krundyshev, P Sem'yanov

        ARCHITECTURES OF SECURE TRANSPORT NETWORKS BASED ON SDN TECHNOLOGY

        Annotation:

        The paper suggests the approach to the construction of secure transport networks (VANET, FANET, MARINET, etc.) using the technology of software-defined networks (SDN). The results of experimental evaluation of the efficiency of the proposed approach obtained with the help of supercomputer modeling are presented.  

        To quote:

        M. Kalinin, V. Krundyshev, P Sem'yanov

        ARCHITECTURES OF SECURE TRANSPORT NETWORKS BASED ON SDN TECHNOLOGY // Information Security Problems. Computer Systems. 2017. №3. Pp. 53-61. DOI:

        Keywords:

        architecture, security, software-defined network, network with dynamic topology, efficiency, ad-hoc, SDN, VANET

        Pages:

        53-61

        Poltavtseva M.A. Pechenkin A.I.

        DATA MINING METHODS IN PENETRATON TESTS DECISION SUPPORT SYSTEM

        Annotation:

        Data mining is widely used in various technological fields, including information security. When testing for penetration, the development of decision support systems is complicated by the semistructured source data incompleteness, ambiguity and extensibility. The article proposes an approach to the domain information formalization, characteristics rating, and similarity of objects ratings.

        To quote:

        Poltavtseva M.A. Pechenkin A.I.

        DATA MINING METHODS IN PENETRATON TESTS DECISION SUPPORT SYSTEM // Information Security Problems. Computer Systems. 2017. №3. Pp. 62-69. DOI:

        Keywords:

        CYBERSECURITY, DATA MINING, DECISION SUPPORT SYSTEM, PENETRATION TESTS

        Pages:

        62-69
      • APPLIED CRYPTOGRAPHY

        S. Tikhonov

        UNIVERSAL METHOD OF BLOCK CIPHER PROTECTION AGAINST POWER ANALYSIS ATTACK

        Annotation:

        A new approach to protection of hardware implemented block ciphers against side channel attacks on power circuits is considered. Two additional transforms (preprocessing and postprocessing) protected against differential power analysis are proposed. These transforms are simple enough and they can be easily implemented on typical microcontrollers. The proposed method can be realized jointly with any block ciphers under minimal hardware resources.

        To quote:

        S. Tikhonov

        UNIVERSAL METHOD OF BLOCK CIPHER PROTECTION AGAINST POWER ANALYSIS ATTACK // Information Security Problems. Computer Systems. 2017. №3. DOI:

        Keywords:

        differential power analysis (DPA), hardware cipher implementation, hardware block ciphers, side-channel attacks

        Belim S.V., Belim S.Yu.

        THE MODIFICATION OF BLOM’S KEY PREDISTRIBUTION SCHEME, TAKING INTO ACCOUNT SIMPLEX CHANNELS

        Annotation:

        In the article modification of Bloms key predistribution schemes, taking into account the direction of information stream. For this modification, you must use a function of threevariables. Function of forming key materials will not be symmetrical. In the article the exponential form of this function is used. This form of functions does not increase the key materials size.

        To quote:

        Belim S.V., Belim S.Yu.

        THE MODIFICATION OF BLOM’S KEY PREDISTRIBUTION SCHEME, TAKING INTO ACCOUNT SIMPLEX CHANNELS // Information Security Problems. Computer Systems. 2017. №3. Pp. 82-86. DOI:

        Keywords:

        key predistribution, Blom’s scheme, simplex channels

        Pages:

        82-86

        Dali F.A., Marshalko G.B., Mironkin V.O.

        ROTATIONAL ANALYSIS OF 2-GOST

        Annotation:

        In this paper we study rotational probabilities for 2-GOST block cipher, which is a modification of GOST 28147-89. We show that despite the fact that this algorithm does not belong to the family of ARX-transformations in some cases it is possible to evaluate its rotational properties and evaluate the applicability of rotational analysis.

        To quote:

        Dali F.A., Marshalko G.B., Mironkin V.O.

        ROTATIONAL ANALYSIS OF 2-GOST // Information Security Problems. Computer Systems. 2017. №3. Pp. 87-90. DOI:

        Keywords:

        BLOCK CIPHER, ARX-SCHEME, FEISTEL NETWORK, ROTATION ANALYSIS, 2-GOST.

        Pages:

        87-90
        A. Konoplev, A. Busygin, D. Zegzhda
        BLOCKCHAIN BASED DECENTRALIZED PUBLIC KEY INFRASTRUCTURE MODEL

        Annotation:

        The paper reviews the most commonly used public key infrastructures, provides their disadvantages. There is suggested a decentralized public key infrastructure model which excludes these disadvantages. Blockchain technology applying for public key infrastructure is proposed. The set of existing blockchain based public key infrastructure have been overviewed and analyzed in the context of the defined model.

        To quote:

        A. Konoplev, A. Busygin, D. Zegzhda BLOCKCHAIN BASED DECENTRALIZED PUBLIC KEY INFRASTRUCTURE MODEL // Information Security Problems. Computer Systems. 2017. №3. Pp. 91-97. DOI:

        Keywords:

        blockchain, public key infrastructure, key management, decentralized model

        Pages:

        91-97
      • FUNDAMENTAL THEORY OF INFORMATION CONFRONTATION

        Grigoriev V.R. Bogdanova R.E.

        IMMUNNOLOGY MODEL OF THE COMPLEX DYNAMIC NETWORKS CONTROL IN TERMS OF EXTERNAL DESTRUCTIVE IMPACTS AND INTERNAL WARFARE AVAILABILITY (ON THE EXAMPLE OF SOCIAL NETWORKS)

        Annotation:

        The analysis and defined patterns in the behavior of complex dynamic networks S in terms of external destructive control actions and counteract them by means of internal warfare, with different input parameters of the network has been done. The process and methods of organization of internal warfare based on the human body immune system formalization.

        To quote:

        Grigoriev V.R. Bogdanova R.E.

        IMMUNNOLOGY MODEL OF THE COMPLEX DYNAMIC NETWORKS CONTROL IN TERMS OF EXTERNAL DESTRUCTIVE IMPACTS AND INTERNAL WARFARE AVAILABILITY (ON THE EXAMPLE OF SOCIAL NETWORKS) // Information Security Problems. Computer Systems. 2017. №3. Pp. 98-112. DOI:

        Keywords:

        COMPLEX DYNAMIC SYSTEMS; WARFARE MODELS; SOCIAL NETWORKS; DESTRUCTIVE CONTROL ACTIONS; IMMUNOLOGY; ACTORS-DESTRUCTORS NETWORK.

        Pages:

        98-112
      • SPECIAL IT

        Ivanov I.G., Byankin A.A., Belokopytov M.L., Kharitonov A.S.

        FORMAL MODEL OF THE PROCESSING AND RECOVERY OF PROTECTED TELEMETRY INFORMATION

        Annotation:

        The article is devoted to ensure the integrity and privacy of the telemetry data circulating in electronic means during the operation of rocket technology. It discusses current problems in the processing of a group telemetric signal in ground-based automated systems. The mathematical dependences between the source of the message, the hardware cryptographic transformation, the communication channel signals that carry messages, hazards and tools for automated processing of telemetry data.

        To quote:

        Ivanov I.G., Byankin A.A., Belokopytov M.L., Kharitonov A.S.

        FORMAL MODEL OF THE PROCESSING AND RECOVERY OF PROTECTED TELEMETRY INFORMATION // Information Security Problems. Computer Systems. 2017. №3. Pp. 113-120. DOI:

        Keywords:

        telemetry information, apparatus for cryptographic conversion, processing and recovery.

        Pages:

        113-120
      • INFORMATION SECURITY CYBER-PHYSIC SYSTEMS

        Demidov R.A, PechenkinA.I., Zegzhda P.D.

        INTEGER OVERFLOW VULNERABILITIES DETECTION IN SOFTWARE BINARY CODE

        Annotation:

        In this paper we propose a new approach to detect integer overflow vulnerabilities in executable x86-architecture code. The approach is based on symbolic execution of the code and the dual representation of memory. We build truncated control flow graph, based on the machine code. Layers in that graph are checked for the feasibility of vulnerability conditions. The proposed methods were implemented and experimentally tested on executable code.

        To quote:

        Demidov R.A, PechenkinA.I., Zegzhda P.D.

        INTEGER OVERFLOW VULNERABILITIES DETECTION IN SOFTWARE BINARY CODE // Information Security Problems. Computer Systems. 2017. №3. Pp. 121-128. DOI:

        Keywords:

        vulnerability finding, symbolic execution, symbolic memory, vulnerability classification, control flow graph, integer overflow.

        Pages:

        121-128
    • №4 2017
      • INFORMATION SECURITY APPLICATION

        Falcone I.I., Gatsenko O.Yu.

        MODELING OF DISTRIBUTION OF INFORMATION THREATS IN SOCIAL NETWORKS

        Annotation:

        He purpose of this article is to increase the efficiency of predicting the spread of information in social networks. In order to achieve the goal of the research, it is necessary to solve the following scientific problem: by the given structure of the social network, typical social interaction algorithms, coverage statistics of certain profile groups of users of the social network, it is required to find a probability distribution of the destructive spread of information in social networks that will provide an oppor- tunity to predict the coverage of this information by various social groups.

        To quote:

        Falcone I.I., Gatsenko O.Yu.

        MODELING OF DISTRIBUTION OF INFORMATION THREATS IN SOCIAL NETWORKS // Information Security Problems. Computer Systems. 2017. №4. Pp. 9-16. DOI:

        Keywords:

        SOCIAL NETWORKING, INFORMATION SECURITY, THREATS

        Pages:

        9-16

        Akimov D.A., Sachkov V.E., Lesko S.A., Rastorguev S.P.

        DEVELOPMENT BIOMETRIC DATABASE ENTITIES TO CONTROL ACCESS TO PERSONAL DATA.

        Annotation:

        This article discusses the problem of creating a database of biometric recognition systems for storing personal data. Analyzed parameters of biometric data base of persons on the basis of already existing databases.

        To quote:

        Akimov D.A., Sachkov V.E., Lesko S.A., Rastorguev S.P.

        DEVELOPMENT BIOMETRIC DATABASE ENTITIES TO CONTROL ACCESS TO PERSONAL DATA. // Information Security Problems. Computer Systems. 2017. №4. Pp. 17-26. DOI:

        Keywords:

        Facial recognition, computer vision , biometric database , LFW, FERET.

        Pages:

        17-26

        Anisimov V. G., Anisimov E. G., Zegzhda P.D., Suprun A.F.

        THE PROBLEM OF INNOVATIVE DEVELOPMENT OF SYSTEMS OF INFORMATION SECURITY IN THE SPHERE OF TRANSPORT

        Annotation:

        Describes the structure of the process and the model of formation of strategy and programs of innovative development of system of information security in the transport sector.

        To quote:

        Anisimov V. G., Anisimov E. G., Zegzhda P.D., Suprun A.F.

        THE PROBLEM OF INNOVATIVE DEVELOPMENT OF SYSTEMS OF INFORMATION SECURITY IN THE SPHERE OF TRANSPORT // Information Security Problems. Computer Systems. 2017. №4. Pp. 27-32. DOI:

        Keywords:

        transport system, information security, innovative development, model.

        Pages:

        27-32

        Zegzhda D.P., Usov E.S., Nikolsky A.V., Pavlenko E.Y.

        Peter the Great St. Petersburg Polytechnic University

        Security operations I/O data for SGX ENCLAVE

        Annotation:

        In the paper the problem of secure data input/output operations in Intel SGX technology is investigated. The problem is extremely urgent and its solution will protect confidential data of users from attacks from various malicious software, for data outside the enclave. The paper presents various methods for solving the problem posed, which were developed by the authors of the article. The complexity of the application of these methods in practice, their main disadvantages and advantages are analyzed. Also, the most preferred method was chosen, which ensures the safe storage and processing of data outside the enclave.

        To quote:

        Zegzhda D.P., Usov E.S., Nikolsky A.V., Pavlenko E.Y.

        Peter the Great St. Petersburg Polytechnic University

        Security operations I/O data for SGX ENCLAVE // Information Security Problems. Computer Systems. 2017. №4. Pp. 33-40. DOI:

        Keywords:

        Intel SGX, enclave, data confidentiality, encryption, secure file system, I/O operations.

        Pages:

        33-40
      • INFORMATION SECURITY CYBER-PHYSIC SYSTEMS

        Dakhnovich A.D., Moskvin D.A., Zegzhda D.P.

        Saint Petersburg, Peter the Great St.Petersburg Polytechnic University

        INFORMATION SECURITY THREATS ANALYSIS IN DIGITAL MANUFACTURING NETWORKS

        Annotation:

        In the paper, main information security threats that occur in digital manufacturing networks are considered. The tasks and new approach of implementation of cybersecurity management systems are mentioned.

        To quote:

        Dakhnovich A.D., Moskvin D.A., Zegzhda D.P.

        Saint Petersburg, Peter the Great St.Petersburg Polytechnic University

        INFORMATION SECURITY THREATS ANALYSIS IN DIGITAL MANUFACTURING NETWORKS // Information Security Problems. Computer Systems. 2017. №4. Pp. 41-46. DOI:

        Keywords:

        digital manufacturing, industrial control systems, information security, cybersecurity, cyber-physical systems, industrial internet of things.

        Pages:

        41-46

        Vasilev U.C., Zegzhda D.P., Poltavtseva M.A.

        PROBLEMS OF DIGITAL INDUSTRY SECURITY AND SUSTAINABILITY TO CYBER THREATS

        Annotation:

        The article is concerned with digital manufacturing as a new type of industrialization. The number of threats to such systems and the damage from incidents is increasing every year. At the same time, digital transformation of control systems takes place. For safe functioning of cyberphysical systems (CFS), within the framework of digital manufacturing, the paper describes the provision of a trusted environment and trusted communications by the example of the SPbPU specialists information security school works. The paper novelty is in the mechanism of self-similarity as a criterion for the stability of systems, and a homeostatic approach to the CFS management to provide destructive influences resistance. The authors submit some experimental results of this approach practice. Software defined networks are proposed as a tool for implementing homeostatic management.

         

        To quote:

        Vasilev U.C., Zegzhda D.P., Poltavtseva M.A.

        PROBLEMS OF DIGITAL INDUSTRY SECURITY AND SUSTAINABILITY TO CYBER THREATS // Information Security Problems. Computer Systems. 2017. №4. Pp. 47-63. DOI:

        Keywords:

        security, digital manufacturing, cyberphysical systems, cyber threats, digital transformation

        Pages:

        47-63
      • NETWORK AND TELECOMMUNICATION SECURITY

        Ovasapyan T.D., Ivanov D.V.

        St. Petersburg, Peter the Great St.Petersburg Polytechnic University

        TRUST MODEL BASED APPROACH TO WSN-NETWORKS INFORMATION SECURITY

        Annotation:

        The article deals with ensuring the cybersecurity of a wireless sensor network using a trust model. The authors analyzed the principles of the functioning of wireless sensor networks, and classified routing methods. Typical threats were analyzed and actual attacks on wireless sensor networks were found out. Existing safety methods were reviewed and their disadvantages were defined. Safety method of malicious nodes protection with usage of trust model was worked out. Experimental estimation of effectiveness of the worked out method was performed on the basis of modeling its operation in the simulated wireless sensor network.

        To quote:

        Ovasapyan T.D., Ivanov D.V.

        St. Petersburg, Peter the Great St.Petersburg Polytechnic University

        TRUST MODEL BASED APPROACH TO WSN-NETWORKS INFORMATION SECURITY // Information Security Problems. Computer Systems. 2017. №4. Pp. 64-72. DOI:

        Keywords:

        wireless sensor networks; WSN; routing protocols; threat model; trust model.

        Pages:

        64-72
      • SOFTWARE SECURITY

        Pavlenko E.Y., Ignatiev G.Y., Zegzhda P.D.

        Peter the Great St. Petersburg Polytechnic University

        Static Security Analysis of Android Applications

        Annotation:

        This article explores the problem of developing a high-performance Android applications analyzer, which capable of processing a large number of applications in a very short period of time. A method for analyzing security of Android applications is proposed, based on the use of machine learning algorithms in static analysis. The paper describes dataset, application features and machine learning algorithms used to build a classifier. The results of an experimental evaluation of effectiveness of the proposed method are presented, demonstrating it high performance and high accuracy of detecting malicious Android applications.

        To quote:

        Pavlenko E.Y., Ignatiev G.Y., Zegzhda P.D.

        Peter the Great St. Petersburg Polytechnic University

        Static Security Analysis of Android Applications // Information Security Problems. Computer Systems. 2017. №4. Pp. 73-86. DOI:

        Keywords:

        information security; Google Android; malware; static analysis, machine learning.

        Pages:

        73-86

        AdadurovS.E., KrasnovidovA.V., KhomonenkoA.D., KoroteevI.V.

        METHODS OF INTEGRATION OF INSTRUMENTAL SYSTEMS IN DEVELOPMENT PROCESS OF SAFE APPLICATIONS

        Annotation:

        The main methods, merits and demerits of integration of mathematical packets and programming systems are characterized. Mathematical packets possess the developed and graphic interface easy in use, are the instrument of application creation, the computing tasks used for the decision, data analysis and visualization of results of operation. It is especially important in development process of safe applications. In languages of the high level it is expedient to use programs together with mathematical packets for data collection, control of technological processes and support of information security. The advantage of conversion of the Matlab program to the program in language C++ is creation of independent application. Advantages of use of a common language runtime environment of Common Language Runtime are shown.

        To quote:

        AdadurovS.E., KrasnovidovA.V., KhomonenkoA.D., KoroteevI.V.

        METHODS OF INTEGRATION OF INSTRUMENTAL SYSTEMS IN DEVELOPMENT PROCESS OF SAFE APPLICATIONS // Information Security Problems. Computer Systems. 2017. №4. Pp. 80-86. DOI:

        Keywords:

        Matlab, integration, programming systems, safe application, mathematical packets.

        Pages:

        80-86

        Pechenkin A.I., Demidov R.A.

        APPROACH TO SOFTWARE SECURITY ANALYSIS BASED ON VECTOR REPRESENTATION OF A MACHINE CODE

        Annotation:

        In this article the authors propose an approach to code security analysis using vector representations of machine instructions, as well as argue the usefulness of vector representations in information security tasks. Building semantically expressive vector representations of machine instructions is considered as one of the subtasks on the way to building a neural network classifier code for vulnerabilities. The authors experimentally show the applicability of the transfer learning for the machine code with the example of a simple command set.

        To quote:

        Pechenkin A.I., Demidov R.A.

        APPROACH TO SOFTWARE SECURITY ANALYSIS BASED ON VECTOR REPRESENTATION OF A MACHINE CODE // Information Security Problems. Computer Systems. 2017. №4. Pp. 87-94. DOI:

        Keywords:

        vector representations, vulnerability finding, deep learning.

        Pages:

        87-94
      • APPLIED CRYPTOGRAPHY

        Akimova G.P., Danilenko A.Yu., Pashkin M.A., Pashkina E.V., Podrabinovich A.A.

         

        FEATURES OF USING ELECTRONIC SIGNATURE IN PROTECTED INFORMATION SYSTEMS

        Annotation:

        The variants of application of the technology of electronic signatures (EP) in information systems in protected execution are considered. An assessment is made of the conformity of the practice of using EPs to the current legislation. Situations in which the use of simple EP are preferred are considered.

        To quote:

        Akimova G.P., Danilenko A.Yu., Pashkin M.A., Pashkina E.V., Podrabinovich A.A.

         

        FEATURES OF USING ELECTRONIC SIGNATURE IN PROTECTED INFORMATION SYSTEMS // Information Security Problems. Computer Systems. 2017. №4. Pp. 95-101. DOI:

        Keywords:

        Information Security; Electronic signatures; Automated information systems; Means of information protection.

        Pages:

        95-101

        N. N. Shenets

        AUTHENTICATION PROTOCOL BASED ON HOMOMORPHIC SECRET SHARING: NEW VERSION

        Annotation:

        In this work the authentication and key establishment protocol [1], which is used only verifiable homomorphic secret sharing, is considered. It is shown that this protocol has vulnerabilities. A new secure version of this protocol is presented.

        To quote:

        N. N. Shenets

        AUTHENTICATION PROTOCOL BASED ON HOMOMORPHIC SECRET SHARING: NEW VERSION // Information Security Problems. Computer Systems. 2017. №4. Pp. 102-112. DOI:

        Keywords:

        authentication and key establishment protocol, verifiable secret sharing, perfectness, homomorphic property.

        Pages:

        102-112

        A. Baranov, P. Baranov

        CRC ERROR PROBABILITY IN CASE OF RANDOM PACKET INTERFERENCE

        Annotation:

        The article analyzes possibilities of errors in telecommunication protocols using packet data transmission. Probabilistic model of a prolonged-action additive interference is represented as a sequence of executions of independent interference blocks with definite length. The paper shows that in certain conditions concerning a polynomial of degree k, used for creation of CRC code, with block size s, probability of error occurrence is close to and doesn’t depend on s if distortion probability is significant.

        To quote:

        A. Baranov, P. Baranov

        CRC ERROR PROBABILITY IN CASE OF RANDOM PACKET INTERFERENCE // Information Security Problems. Computer Systems. 2017. №4. Pp. 113-121. DOI:

        Keywords:

        information security, data consistency, CRC, error probability, packet interference, electromagnetic interference, telecommunication protocols.

        Pages:

        113-121
      • SPECIAL IT

        Kustov V.N., Yakovlev V.V., Stankevich T.L.

        COMPANY INFORMATION SYSTEM EFFECTIVE FUNCTIONING AT THE OPTIMUM LEVEL OF ITS PROTECTION

        Annotation:

        The necessary and sufficient level company's information and computing resources security while providing the required production capacity, allowing to meet specified work volumes in established time periods with the optimal use of available material resources, is an urgent task for modern effective business. And what methods and approaches should be used to solve it? One of the possible options is described in this article.

        To quote:

        Kustov V.N., Yakovlev V.V., Stankevich T.L.

        COMPANY INFORMATION SYSTEM EFFECTIVE FUNCTIONING AT THE OPTIMUM LEVEL OF ITS PROTECTION // Information Security Problems. Computer Systems. 2017. №4. Pp. 122-127. DOI:

        Keywords:

        information security system, the synthesis, graph theory, scheduling theory, section, stage, work, trusted third party, DTS.

        Pages:

        122-127
      • EDUCATION PROBLEMS

        Reshetov D.V., Semjanov P.V.

        AUTOMATION OF TEACHER JOBS WHEN TEACHING INFORMATION SECURITY SPECIALISTS

        Annotation:

        The purpose of creation an automated student labs checking and testing system is discussed in this article. Requirements to an automated system are described. An automated testing student labs system that created in SPbSTU is described.

        To quote:

        Reshetov D.V., Semjanov P.V.

        AUTOMATION OF TEACHER JOBS WHEN TEACHING INFORMATION SECURITY SPECIALISTS // Information Security Problems. Computer Systems. 2017. №4. Pp. 128-134. DOI:

        Keywords:

        automation, checking, testing, student, lab, teacher, system, information, security, automated, plagiarism, borrowings

        Pages:

        128-134
  • 2016 year
  • 2015 year
  • 2014 year
  • 2013 year
  • 2012 year
  • 2011 year
  • 2010 year
  • 2009 year
  • 2008 year
  • 2007 year
  • 2006 year
  • 2005 year
  • 2004 year
  • 2003 year
  • 2002 year
  • 2001 year
  • 2000 year
  • 1999 year