Quarterly journal published in SPbPU
and edited by prof. Dmitry Zegzhda
Peter the Great St. Petersburg Polytechnic University
Institute of computer sciences and technologies
information security of computer systems
Information Security Problems. Computer Systems
Published since 1999.
ISSN 2071-8217
  • year
  • 2022 year
    • 2022
      • INFORMATION SECURITY ASPECTS
        V. G. Anisimov Peter the Great St. Petersburg Polytechnic University E. G. Anisimov, T. N. Saurenko Peoples' Friendship University of Russia V.P. Los MIREA – Russian Technological University
        ASSESSMENT OF THE EFFICIENCY OF PROTECTION SYSTEMS OF COMPUTER NETWORKS FROM VIRAL ATTACKS

        Annotation:

        Computer networks are an important part of modern civilization. They are used literally in all spheres of human activity. Significant losses due to failures of these networks cause high requirements for the stability of their operation. Ensuring the necessary resilience, in particular, relies on the protection of computer networks from virus attacks. In its interests, appropriate protection systems are being created. As an indicator of the effectiveness of such systems, it is proposed to use the number of network computers that a virus manages to infect before it is detected and removed. The empirical basis for assessing the effectiveness of systems for protecting computer networks from virus attacks is the data obtained as a result of field tests and (or) previous operating experience. These data are random in nature, and their volume, as a rule, is significantly limited. An approach to assessing the effectiveness of systems for protecting computer networks from virus attacks, taking into account the indicated features of empirical data, is considered in this article. The approach is based on the presentation of empirical data in the form of a small sample from the general population of values of a random variable of the number of computers on the network that the virus managed to infect before it was detected and removed. The distribution function of this quantity is taken as a test model. The construction of the distribution function is based on the principle of maximum uncertainty. Shannon's entropy is taken as a measure of uncertainty.

        Keywords:

        computer network, virus attack, network protection system, protection efficiency
        Pages 11-17
      • INFORMATION SECURITY APPLICATION
        A.A.Poltavtsev Tver State Technical University (TvSTU)
        DATABASE PROTECTION AGAINST INSIGHT ATTACKS REACTIVE AND PROACTIVE METHODS

        Annotation:

        If the data is not available to the outside world, it is useless. The data must be available so that the necessary processing and planning can be carried out. Regulating and monitoring user access to a database is one of the important tasks of the database security community. Database protection against inference attacks is a part of information security that tries to prevent the disclosure of sensitive information through available information (tables, individual records). It is necessary to have methods capable of maintaining a balance between the use of information and the protection of data. The purpose of this work is to compare different inference control methods in order to evaluate the methods results to minimize both the loss of information and the risk of information disclosure.

        Keywords:

        Information Security, Security Monitoring, Security Control, Data Structuring, Data Engineering
        Pages 18-31
      • SOFTWARE SECURITY
        A.A. Kriulin, M.A. Eremeev, G.Yu. Poterpeev MIREA - Russian Technological University
        ANALYSIS OF HACKER GROUPS SOFTWARE TOOLS USING AT&T’S MITRE KNOWLEDGE BASE

        Annotation:

        The article discusses the possibility of using the Mitre AT&T knowledge base in the development of systems for detecting computer attacks involving malware. Using the Mitre API, a statistical analysis of malware is carried out, as well as techniques and tactics used by hacker groups to compile additional indicators of compromised attacks.

        Keywords:

        computer security, Mitre, APT, malware, executable file, statistical analysis
        Pages 32-40
      • NETWORK AND TELECOMMUNICATION SECURITY
        A. D. Fatin, E. Yu. Pavlenko Peter the Great St. Petersburg Polytechnic University
        IMMUNIZATION OF COMPLEX NETWORKS: TOPOLOGY AND METHODS

        Annotation:

        This paper discusses the main methods of immunization of modern computer networks. The greatest attention is paid to topologies and types of graph structures under consideration. An assessment and comparison of existing immunization strategies and methods for solving the problems of optimal selection of nodes for immunization in the context of the considered topologies is also carried out. The main advantages, disadvantages and areas of application of the selected topologies and methods for solving immunization problems are highlighted.

        Keywords:

        computer networks, immunization, cyber-physical systems, network security, scale-free networks
        Pages 41-50
      • APPLIED CRYPTOGRAPHY
        T. M. Tatarnikova, A. V. Sverlikov St. Petersburg State University of Aerospace Instrumentation I.A. Sikarev Russian State Hydrometeorological University
        METHODOLOGY FOR DETECTING ANOMALIES IN THE TRAFFIC OF THE INTERNET OF THINGS

        Annotation:

        It is shown that data protection technologies used in wired communication networks are not available for low-power devices of the Internet of things. Therefore, the search for an attack on IoT devices can be implemented by means of analyzing the traffic that carries the attack and, as a result, is classified as anomalous. A technique for searching for an anomaly in the network traffic of the Internet of things is proposed. A sequence of steps is considered to isolate a random component from the traffic generated by the IoT sensor devices, remaining after the exclusion of the main characteristics and which may contain an anomaly. The software implementation of the proposed technique can become part of the intrusion detection system for the Internet of things.

        Keywords:

        Internet of things, anomalous traffic, data security, traffic analysis technique, intrusion detection system
        Pages 51-57
        T.V. Starikov, K.Yu. Sopin, S.A. Dichenko, D.V. Samoylenko Krasnodar Higher Military School named after S.M. Shtemenko
        CRYPTOGRAPHIC CONTROL OF DATA INTEGRITY ACCORDING TO THE RULES OF CONSTRUCTION OF THE REED-SOLOMON CODE

        Annotation:

        The actual problem of optimization of information integrity control in data storage systems functioning in conditions of continuous growth of its volumes and destructive influences of an attacker is considered. A method of cryptographic integrity control of multidimensional data arrays based on the rules for constructing Reed-Solomon codes is presented.

        Keywords:

        information protection, data integrity control, cryptographic methods, Reed-Solomon code
        Pages 58-67
        D.E. Vilkhovsky Dostoevsky Omsk State University
        METHOD OF DETECTING LSB INSERTS IN LOW STEGO-PAYLOAD COLOR PHOTOGRAPHIC IMAGES

        Annotation:

        The paper presents a compact method of detecting LSB inserts in color photographic images that proves high efficiency when dealing with low stego-payload images. The method is based on an analysis of signatures of pairwise similarity the zero and first layers, an algorithm for largest empty rectangles, white (black) pixel dominance pattern and image moments analysis.

        Keywords:

        Steganalysis, steganographic analysis, stegocontainer analysis, LSB-insert detection
        Pages 68-76
        A.S. Sokolov, A.Y. Chernov, A.S. Konoplev Peter the Great St. Petersburg Polytechnic University
        SPECULATIVE EXECUTION ATTACK-RESISTANT CRYPTOSERVICES

        Annotation:

        The appearance of Meltdown/Spectre attacks exploiting the vulnerabilities in Intel processors via misuse of speculative executions has destroyed confidence in the security of user’s confidential data which includes cryptoservices secret parameters. The developed Meltdown/Spectre countermeasures demonstrated ineffectiveness in neutralizing the newly designed speculative execution attacks. Paper highlights a fundamental solution of specified issue via Intel ME technology usage. The dedicated Intel ME processor is immune to Meltdown/Spectre attacks, which makes it effective to be used as a cryptoprocessor. Implementation of the proposed approach can be achieved through the usage of Intel Dynamic Application Loader (Intel DAL) technology.

        Keywords:

        side-channel attacks, speculative execution, Meltdown, Spectre, Intel ME, Intel DAL, cryptoservice
        Pages 77-84
        K.Yu. Sopin, S.A. Dichenko, D.V. Samoylenko Krasnodar Higher Military School named after S.M. Shtemenko
        CRYPTOGRAPHIC DATA INTEGRITY CONTROL BASED ON GEOMETRIC FRACTALS

        Annotation:

        New complex tasks related to information security when scaling data storage systems are considered. A method of cryptographic integrity control of large data arrays based on geometric fractals is presented.

        Keywords:

        data storage system, information protection, data integrity control, hash function, Sierpinski triangle
        Pages 85-95
      • CYBER-PHYSIC SYSTEMS SECURITY
        V. D. Danilov, T. D. Ovasapyan, D. V. Ivanov, A. S. Konoplev Peter the Great St. Petersburg Polytechnic University
        SYNTHETIC DATA GENERATION FOR HONEYPOT SYSTEMS USING DEEP LEARNING METHODS

        Annotation:

        This article presents research aimed at analyzing methods for generating synthetic data to populate honeypot systems. To select the generated data types, the relevant target objects in the context of honeypot-systems are identified. Existing generation methods are investigated. Methods for evaluating the quality of generated data in the context of honeypot systems are also analyzed. As a result, a layout of an automated system for generating synthetic data for honeypot-systems is developed and its performance is evaluated.

        Keywords:

        honeypot system, deep learning methods, synthetic data generation, machine learning, inference attacks
        Pages 96-109
      • TECHNOLOGICAL SYSTEMS, ALGORITHMIZATION OF TASKS AND CONTROL OBJECTS MODELING
        A.M. Sukhov, A.V. Krupenin, V.I. Yakunin Krasnodar Higher Military School named after S.M. Shtemenko
        METHODS OF CONSTRUCTING MATHEMATICAL MODELS OF QUALITY INDICATORS OF THE RESULTS OF THE PROCESS OF FUNCTIONING OF THE INFORMATION SECURITY SYSTEM

        Annotation:

        A new approach is considered related to the construction of mathematical models of quality indicators for further evaluation of the process of functioning of the information security system, taking into account the requirements for the results of the operation. The vector of quality indicators of the results of the process of functioning of the system. Under consideration is substantiated, models of the virtual indicator and the required quality of the results of the process of functioning of the information security system are presented.

        Keywords:

        mathematical model, quality indicator, destructive impact scenario, unified information space, information security system
        Pages 110-120
        A.Yu. Garkushev St. Petersburg State Marine Technical University A.F. Suprun Peter the Great St. Petersburg Polytechnic University S. Yu. Sysuev Mikhailovskaya Military Artillery Academy
        PROCEDURE FOR INTEGRATION OF INFORMATION PROTECTION MODULES INTO DOMESTIC AUTOMATED DESIGN SYSTEMS IN SHIPBUILDING

        Annotation:

        The article is devoted to the development of a model and algorithm for solving the problem of ensuring information security in promising domestic computer-aided design systems based on a modified method of branches and boundaries using the duality of solutions to linear programming problems. As a result, an algorithm was obtained that allows the developer to ensure the information security of shipbuilding projects at a sufficient level.

        Keywords:

        information security, ship design, mathematical model
        Pages 121-132
    • №2 2022
      • INFORMATION SECURITY APPLICATION
        A.S. Sokolov, A.Y. Chernov, A.S. Konoplev Peter the Great St. Petersburg Polytechnic University
        MITIGATION OF SPECULATIVE EXECUTION ATTACKS BY INTEL DAL TECHNOLOGY APPLICATION

        Annotation:

        The complexity of neutralization and the lack of a universal mitigation approach of speculative execution attacks allows potential malware to have an unauthorized access to data being processed by CPU. To provide the confidentiality of such data it`s processing should be transferred from CPU to a microprocessor operating in a trusted execution environment. Paper describes the approach of using Intel DAL technology, which allows to implement application in Intel ME subsystem, thus completely mitigate side channel speculative execution attacks.

        Keywords:

        side-channel attacks, speculative execution, Meltdown, Spectre, Intel TEE, Intel ME, Intel DAL, cryptoservices
        Pages 9-19
        K.Yu. Sopin, I.O. Povchun, S.A. Dichenko, D.V. Samoylenko Krasnodar Higher Military School named after S.M. Shtemenko
        ENSURING DATA INTEGRITY BASED ON NUMBER-THEORETICAL GAUSS TRANSFORMATIONS

        Annotation:

        The problem of information security in modern conditions of application and functioning of information systems, complicated by the continuous growth of the volume and value of processed information, is considered in the article. A method for ensuring data integrity based on numerical-theoretic Gauss transformations is presented.

        Keywords:

        information system, information protection, control and restoration of data integrity, complex numbers
        Pages 20-29
      • APPLIED CRYPTOGRAPHY
        S.V. Belim, S.N. Munko Omsk State Technical University
        ALGORITHM FOR EMBEDDING DIGITAL WATERMARK IN DYNAMIC MEMORY OF EXECUTABLE CODE

        Annotation:

        The article proposes an algorithm for embedding a digital watermark into the executable code of the program. Dynamic memory of the program is used as a stegocontainer. The digital watermark is formed in the memory of the executable program under certain conditions. The embedding parameters are determined by the executable code and the run time of the program. The digital watermark is checked by a separate application using key information.

        Keywords:

        digital watermark, steganography, dynamic memory, authentication
        Pages 30-34
        O. I. Berezovskaya ITMO University S. S. Chuprov ITMO University Saint Petersburg Electrotechnical University 'LETI' E. A. Neverov, E. R. Sadreev Saint Petersburg Electrotechnical University 'LETI'
        REVIEW AND COMPARISON OF AES LIGHTWEIGHT MODIFICATIONS FOR A LOW-POWER DEVICES NETWORK

        Annotation:

        Nowadays, the development of smart city concepts and cyber-physical systems is impossible without considering information security issues. In the conditions of limited computational resources, it is necessary to find a trade-off between the cryptographic strength of the encryption algorithm and its requirements. As part of the study, lightweight modifications of the AES symmetric block cipher are compared to identify the most balanced solution for ensuring the confidentiality of low-power devices communication. The comparison is made both in terms of theoretical indicators that determine cryptographic strength, and in terms of encryption and decryption time, depending on the size of the input data. The obtained results demonstrate that the Modified AES is the most balanced solution in relation to the specified requirements. It outperforms not only other modifications, but also the standard algorithm, improving the diffusion and confusion values by 5% and 30% respectively, and also reducing the average encryption/decryption time by one and a half times.

        Keywords:

        AES, lightweight modifications, resource-constrained environment, cryptographic protection, smart city
        Pages 35-50
      • CRITICAL INFORMATION INFRASTRUCTURE SECURITY
        V. M. Krundyshev, M. O. Kalinin Peter the Great St. Petersburg Polytechnic University
        ADAPTIVE CONTROL SYSTEM FOR DETECTING COMPUTER ATTACKS ON OBJECTS OF CRITICAL INFORMATION INFRASTRUCTURE

        Annotation:

        This paper presents an adaptive control system for detecting computer attacks in critical information infrastructure based on a neuro-fuzzy analysis of variant cyber-threat spaces and parameters of the protected object using the automatically reconfigurable ANFIS neuro-fuzzy inference system and Takagi-Sugeno-Kanga fuzzy basis. The results of experimental studies have shown that the developed system provides high accuracy and speed of detecting computer attacks in changing decision-making conditions.

        Keywords:

        Adaptive Control, Critical Information Infrastructure, Neuro-Fuzzy System, Computer Attack Detection
        Pages 51-64
        E. Yu. Pavlenko, A. D. Fatin Peter the Great St. Petersburg Polytechnic University (SPbPU)
        IMMUNIZATION OF COMPLEX NETWORKS: A SYSTEM OF DIFFERENTIAL EQUATIONS AND DYNAMIC VARIATION

        Annotation:

        This paper discusses new approaches to building models of immunization of modern computer networks. The greatest attention is paid to the consideration of the P2P static model, segment model, as well as models of dynamic representation of cyclic and growing graphs. The main advantages and areas of application of the considered models, the nuances of their use and the novelty of the considered methods are highlighted.

        Keywords:

        Computer Networks, Immunization, Scale-Free Networks, P2P, Segment Model, Cyberphysical Systems
        Pages 65-72
        V. M. Krundyshev Peter the Great St. Petersburg Polytechnic University
        MATHEMATICAL MODEL OF SPREAD OF COMPUTER ATTACKS ON CRITICAL INFORMATION INFRASTRUCTURE

        Annotation:

        This paper presents a mathematical model for the spread of computer attacks on critical information infrastructure based on the extension of the basic Lotka-Volterra model. Within the framework of the proposed model, the problem to be solved is formulated, the point of stability of the system is determined, and a criterion is proposed for the adequacy of the applied methods for detecting attacks to changing parameters of the critical information infrastructure and existing cyber threats.

        Keywords:

        Critical Information Infrastructure, Adequacy Criterion, Mathematical Model, Lotka-Volterra Model, Computer Attack Spread Rate, Stability Point, CII
        Pages 73-81
      • RESEARCH, MONITORING AND OPTIMIZATION OF AUTOMATED PROCESS CONTROL SYSTEMS
        I.A. Sikarev Russian State Hydrometeorological University V.Yu. Ivanyuk, V.V. Sakharov Admiral Makarov State University of Maritime and Inland Shipping
        DIGITALIZATION AND IDENTIFICATION OF ECG SIGNALS USING WAVELET TECHNOLOGIES

        Annotation:

        A method for identifying signals based on the results of electrocardiogram (ECG) processing performed based on wavelet technologies is considered. The use of digital technologies for processing and diagnostics of ECG signals using wavelet analysis can significantly improve the efficiency and quality of evaluation of pacemaker settings during implantation, as well as in the process of correction of functional modes, diagnostics, in order to eliminate postoperative complications, etc. Digital processing of complex cardiac signals at a qualitatively new level is an indispensable condition for radically improving the processing of the current values of the diagnosed parameters, the widespread use of digital tools for making informed and effective decisions in the field of medical care, as well as for information support of identification processes. A method of approximation is considered and an algorithm for analyzing ECG diagrams obtained during implantation and in the process of choosing the modes of functioning of pacemakers based on the wavelet, transform is given. The presence of high–frequency components and short-term pulses in the spectrum of ECG signals, the evaluation of which is practically impossible by the traditionally used methods of spectral analysis, determined the choice of a method for digitalizing the decomposition of signals into basic frequency rhythms for parametric evaluation of QRS complexes. The approximation method is based on the use of wavelet analysis, which allows deep investigation of such modes. Examples of the use of wavelet analysis for the approximation of ECG diagrams using cubic splines whose interpolation nodes are located on an uneven grid are given. Digital technologies are implemented using the tools of the MATLAB computing environment.

        Keywords:

        electrocardiogram, parametric estimation, identification, wavelet technologies, Dobshy wavelets, cubic spline, signal reconstruction levels, wavelet decomposition coefficients
        Pages 82-97
        I. I. Zabirov, I. V. Mashkina Ufa State Aviation Technical University (USATU)
        APPLYING OF IDENTIFICATION AND ACCESS CONTROL MANAGEMENT SYSTEM IN INDUSTRIAL CONTROL SYSTEM

        Annotation:

        The possibility of using of Identity and access Management system (IdM/IAM) is considered in the paper to automate users account and access rights management in Industrial Control System (ICS). The main feature of IdM/IAM system is that they require an individual approach and ongoing support when implemented in ICS. The results of the role-based access model development are presented for its implementation in IdM/IAM. An analysis of ICS safety has been carried out and the article provides a list of the information assets and information subjects representing the function, or roles, of industrial network users. A hierarchy of users roles and an access matrix (with possible rights) have been developed.

        Keywords:

        Industrial control system, information assets, information subjects, access control, user account and rights management, hierarchy of users roles
        Pages 98-105
        A.M. Sukhov, A.V. Krupenin, V.I. Yakunin Krasnodar Higher Military School named after S.M. Shtemenko
        THE METHOD OF MODELING THE PROCESS OF FUNCTIONING OF AN AUTOMATED SYSTEM OF SPECIAL PURPOSE IN CONDITIONS OF DESTRUCTIVE INFLUENCES

        Annotation:

        The article describes a method associated with the construction of mathematical models of quality indicators for further evaluation of the process of functioning of an automated system for special purposes, taking into account destructive influences. Methods for calculating the performance indicators of complex systems are presented. The features of the construction of analytical and simulation models are disclosed. Algorithms for modeling of the designed automated systems of special purpose are constructed.

        Keywords:

        Mathematical Model, Quality Indicator, Method, Algorithm, Destructive Impact, Automated System of Special Purpose
        Pages 106-124
      • MACHINE LEARNING AND KNOWLEDGE CONTROL SYSTEMS
        I. S. Lebedev St. Petersburg Federal Research Center of the Russian Academy of Sciences (SPC RAS) M. E. Sukhoparov Russian State Hydrometeorological University
        INFLUENCING FACTORS INFORMATION USAGE FOR SPLITTING DATA SAMPLES IN MACHINE LEARNING METHODS TO ASSESS IS STATE

        Annotation:

        Improving the qualitative indicators of identifying the state of information security of individual cyber-physical systems segments is associated with the processing of large information arrays. A method of splitting data samples is proposed to improve the quality of algorithms for classifying information security states. Classification models are configured on training sets of examples in which outliers, noisy data, and an imbalance of observed objects may be present, which affects the qualitative indicators of the results. At certain points in time, under the influence of the external environment, the frequency of occurrence of observed events, the ranges of recorded values may change, which significantly affects the quality indicators. It is shown that a number of events in the samples occur as a result of the actions of internal and external factors.

        Keywords:

        information security, machine learning, dataset, influencing factors, the formation of data samples
        Pages 125-134
        N. V. Gololobov, E.Y. Pavlenko Peter the Great St. Petersburg Polytechnic University (SPbPU)
        COMPARISON OF THE EFFECTIVENESS OF ANOMALY DETECTION BY MACHINE LEARNING ALGORITHMS WITHOUT A TEACHER

        Annotation:

        The paper proposes the use of recurrent neural networks with the LSTM architecture for solving problems related to the detection of anomalous instances in data sets and compares the effectiveness of the proposed method with the traditional technique – the support vector machine for one class. During the study, an experiment was conducted and criteria for the effectiveness of implementations were formulated. The results obtained in this way made it possible to draw appropriate conclusions about the applicability of recurrent neural networks in the tasks of detecting anomalous instances and put forward proposals for the further development of this direction.

        Keywords:

        anomaly detection, machine learning, support vector method, recurrent neural networks, LSTM, learning without a teacher, recurrent neural networks
        Pages 135-147
        E. A. Rudnitskaya, M. A. Poltavtseva Peter the Great St.Petersburg Polytechnic University
        PROTECTION AGAINST ATTACKS ON MACHINE LEARNING SYSTEMS ON THE EXAMPLE OF EVADIATION ATTACKS IN MEDICAL IMAGE ANALYSIS

        Annotation:

        This paper is about the adversarial attacks on machine learning systems that analyze medical images. The authors review the existing attacks, conducts their systematization and practical feasibility. The article contains an analysis of existing methods of protection against adversarial attacks on machine learning systems. It describes the peculiarities of medical images. The authors solve the problem of protection against adversarial attacks for these images based on several defensive methods. The authors have determined the most relevant protection methods, their implementation and testing on practical examples – the analysis of COVID-19 patient’s images.

        Keywords:

        attacks on machine learning systems, machine learning system protection, adversarial attacks, medical images, machine learning
        Pages 148-159
    • №3 2022
      • INFORMATION SECURITY APPLICATION
        V.N. Ruchkin, B.V. Kostrov, V.A. Fulin Ryazan State University named for S.A.Yesenin Ryazan State Radio Engineering University
        INTELLECTUAL STRETEGY OF SECURITY ON BASE CHOSING OF ARCHITECTURE COMPUTING AND NEUROPROCESSING NETS

        Annotation:

        The research addresses four strategies of information security: the strategy game of chicken, balance of business incentives and desire to “balance on the brink” (brinkmanship), formation of sufficient security with minimal effort for customers and consumers, worsening, and in some cases improving security of its infrastructure and the Security Maturity Model (IoT SMM) is demonstrated. The benefits of the latter strategy are assessed through choosing an architecture with the core of the IoT security maturity model as a hierarchy of security practices. Algorithms for ensuring cyber security and protection against threats are analysed. We propose a method for analysis and selection of the best architecture for multicore hierarchical clustering of computing systems and implement an expert system based on chip MCNPAoC SBIS 1879ВМ8Y chip module MC 127.05, complete with a user interface.

        Keywords:

        defense strategies, the game of chicken, balance of business incentives, infrastructure security, Security Maturity Model, architecture, multicore, hierarchical clustering, expert system, user interface
        M.V. Sokolov, I.V. Chechin, P.A. Novikov, D.V. Samoylenko Krasnodar Higher Military School named after S.M. Shtemenko
        MATHEMATICAL MODEL AND ALGORITHM FOR DATA INTEGRITY CONTROL BASED ON THE RULES OF CODE CONSTRUCTION WITH UNEQUAL CHARACTER PROTECTION

        Annotation:

        Information and analytical systems are considered, the functioning of which is based on the processing of multidimensional arrays of information in the conditions of destructive effects of an attacker and environmental disturbances. A subsystem of data integrity control is proposed, based on the use of redundant coding, in which the data to be protected is presented in the form of blocks, pre-grouped according to the criterion of "information value" to ensure the correctness of the user's decision-making of an information and analytical system.

        Keywords:

        information protection, data integrity control, codes with unequal character protection
        E. Yu. Pavlenko, I. S. Eremenko, A. D. Fatin Peter the Great St. Petersburg Polytechnic University (SPbPU)
        METHODS OF COMPUTER NETWORK CLUSTERING IN CYBERSECURITY TASKS

        Annotation:

        A comparative analysis of computer network clustering methods is presented. The purpose of this study is to systematize, summarize, analyze and supplement the existing experience in describing and solving the problems of information security of cyber-physical systems; to make a general information basis for testing the considered methods on their own datasets and the subsequent implementation of their own approach to computer network clustering in cybersecurity tasks.

        Keywords:

        clustering, information security models, cyber-physical systems
      • APPLIED CRYPTOGRAPHY
        I. S. Nitkin, S. V. Taranov ITMO University
        AN ASSESSMENT OF CIPHER KUZNYECHIK CRYPTOGRAPHIC STABILITY IN CASE OF IMPOSSIBLE DIFFERENTIALS METHOD ATTACKS

        Annotation:

        The article contains the description of research undertaken to assess the block symmetric cipher Kuznyechic cryptographic stability in case of impossible differentials method attacks. The way to assess the simplified versions of Kuznyechic cryptographic stability in case of impossible differentials method attacks was used to get the results. The results obtained were generalized for the full version of the cipher Kuznyechic.

        Keywords:

        cipher Kuznyechik, cryptographic stability, impossible differentials, crypto-analysis, GOST R 34.12-2018
      • CRITICAL INFORMATION INFRASTRUCTURE SECURITY
        E.Y. Pavlenko Peter the Great St. Petersburg Polytechnic University (SPbPU)
        SYSTEMATIZATION OF CYBER THREATS TO LARGE-SCALE SYSTEMS WITH ADAPTIVE NETWORK TOPOLOGY

        Annotation:

        This paper focuses on the investigation and systematization of cyber threats to large-scale cyber-physical systems with dynamic network infrastructures. The proposed taxonomy provides a unified view of the specifics of such systems in terms of security, attacker targets, and TCP/IP network stack levels. Taken together, the systematization developed provides the basis for a new technology to protect complex dynamic systems by providing knowledge of which networking parameters need to be controlled to counteract certain classes of cyberthreats.

        Keywords:

        ad hoc networks, MANET, wireless sensor networks, cyber threat, TCP/IP stack
        E.Y. Pavlenko Peter the Great St. Petersburg Polytechnic University (SPbPU)
        A FUNCTIONING MODEL OF ADAPTIVE NETWORK TOPOLOGY OF LARGE-SCALE SYSTEMS BASED ON DYNAMIC GRAPH THEORY

        Annotation:

        The paper is devoted to developing a model capable of describing the process of functioning of large-scale systems with dynamic, adaptive network topology. The mathematical apparatus on which the model is based is dynamic graph theory, due to which the functioning of an ad hoc network is represented as a set of static graphs, each of which corresponds to a certain timestamp. Dynamic graphs allow changes in the network to be tracked and marked as legitimate or illegitimate. The key parameters of the developed model were chosen based on the practical experience of researchers involved in the detection of various attacks in ad hoc networks, which makes the proposed model a priori oriented for subsequent security analysis.

        Keywords:

        ad hoc networks, wireless sensor networks, dynamic graph theory, centrality metrics, critical nodes
      • CYBER-PHYSIC SYSTEMS SECURITY
        E.B. Aleksandrova, A.A. Shtyrkina Peter the Great St. Petersburg Polytechnic University (SPbPU)
        THE SECURITY OF SMART GRID SYSTEMS BASED ON THE GRAPH STRUCTURAL PROPERTIES

        Annotation:

        The paper proposes an approach to estimating the security of cyber-physical systems based on the modeling graph structural characteristics. As structural characteristics of the graph, indicators based on the spectrum of the graph were studied. To test the hypothesis about the negative impact of attacking influences on the structure of the graph, experiments were carried out, consisting in the sequential removal of vertices and edges from the graph with "small world" property. This type of graph was chosen because researches show that the “small world” property is inherent in high voltage smart grids. The conducted experiments showed that the attacking influences on the system, displayed on the graph, negatively affect the structure of the network, and therefore lead to inefficient information exchange and, consequently, the functioning of the system.

        Keywords:

        cyberphysical systems, smart grid, graph theory, graph entropy, spectral graph theory, «small-world» graph
      • RESEARCH, MONITORING AND OPTIMIZATION OF AUTOMATED PROCESS CONTROL SYSTEMS
        Zhuravlev D.A., Gribunin V.G., Neustroev A.V., Poleshenkov D.D.
        CPU MICROARCHITECTURAL VULNERABILITIES IN THE CONTEXT OF JOINT APPLICATION OF HARDWARE FOR INFORMATION PROTECTION AND VIRTUALIZATION TECHNOLOGIES IN AUTOMATED SYSTEMS

        Annotation:

        This article discusses the limitations of the combined use of information protection hardware and virtualization technologies due to the presence of microarchitectural vulnerabilities in processors. A conclusion is made about the possibility and boundary conditions for the safe use of untrusted software in automated systems, where information is protected from unauthorized access through the joint use of hardware information security modules and a trusted hypervisor.

        Keywords:

        automated systems, virtualization technologies, processor microarchitectural vulnerabilities
        S.V. Bezzateev, I.R. Fedorov, M.Y. Fedosenko ITMO University Saint-Petersburg State University of Aerospace Instrumentation (SUAI)
        THE PERSPECTIVE FOR INTRODUCTION OF BLOCKCHAIN TECHNOLOGY INTO THE PRODUCTION PROCESSES OF RUSSIAN COMPANIES

        Annotation:

        This article considers cases of implementation blockchain technology in Russian Federation. Description of Russian software products in the field of distributed registries and their usage by Russian business representatives is given. Also, this paper described features of Ethereum and Hyperledger blockchain separately and within development of platforms Masterchain and Waves Enterprise. The technologies given in the article are related (in particular) to private blockchains. A review of the integration of these technologies in the following companies was carried out: Gazprom, Nornickel, Rosseti, Sberbank, Alfa⁠-⁠Bank, S7 Airlines and OR Group. Their examples describe the stages of introducing blockchain technology into production processes, approaches used for implementation and future development prospects. In the end were drawn conclusions about the relevance of the technology, areas of its usage and the necessity to comply with the requirements of fault tolerance and information security.

        Keywords:

        Blockchain, Cryptography, Hash Function, Private Blockchain, Masterchain, Waves Enterprise, Hyperledger
        A.S. Kurakin LLC «STC»
        A MODEL OF DIFFERENTIATION OF ACCESS RIGHTS FOR A VIRTUAL SQUAD OF UNMANNED AERIAL VEHICLES

        Annotation:

        The article is devoted to the concept of a virtual squad of unmanned aerial vehicles. This concept allows us to solve the problem of differentiation of access rights to information system resources.

        Keywords:

        unmanned aerial vehicles, virtual squad, differentiation of access rights, model of neural network interaction
        S. O. Baryshnikov, V.V. Sakharov, I.A. Sikarev Admiral Makarov State University of Maritime and Inland Shipping Russian State Hydrometeorological University
        SYNTHESIS OF AN OBSERVER FOR THE SHIP’S COURSE CONTROL SYSTEM

        Annotation:

        Digitalization of technological processes on ships using the tools of modern computing systems allows solving important technical problems at a qualitatively new level, improving information support and monitoring of the technical condition of ships and ship technical systems based on dynamic observers and evaluators. A method for synthesizing observers for a ship's course control system based on the theory of modal regulators is considered. The models for assessing the operational performance of ship control systems are based on the application of a generalized mathematical model, which can take various forms depending on the influence of numerous factors on its structure and parameters.

        Keywords:

        vessel, control, modal controller, observer, exit and state vectors, algorithm, generalized matrix, model
      • MACHINE LEARNING AND KNOWLEDGE CONTROL SYSTEMS
        A.N. Shniperov, Y.V. Potylitsina Siberian Federal University
        VOICE IDENTIFICATION METHOD BASED ON MACHINE LEARNING

        Annotation:

        This paper presents a voice identification method based on machine learning. The general algorithm of voice identification is considered. The results of the analysis of common solutions in the area of voice identification are presented. The use of cepstral transformations and deep learning methods for convolutional neural networks is proposed. A software prototype has been developed and the results of its testing have been presented. The results of evaluating the effectiveness of the developed method are presented.

        Keywords:

        biometric identification, classification, machine learning, neural network, algorithm, MFCC, CNN
        S.V. Bezzateev, T.N. Yelina, N.S. Krasnikov Saint-Petersburg State University of Aerospace Instrumentation (SUAI)
        STUDY OF MACHINE LEARNING METHODS TO ENSURE INFORMATION SECURITY IN RETAIL TRADING OPERATIONS

        Annotation:

        The problem of distortion and substitution of information when performing transactions in retail trade using self-service checkouts leads to a decrease in the profits of enterprises. The introduction of weight recognition tools using machine-learning methods will increase the level of protection for retail transactions. The paper analyzes various training methods and builds a network model that allows, with a small amount of labeled data, to obtain good recognition results in the field of retail.

        Keywords:

        convolutional neural networks, machine learning, retail information security
    • №4 2022
      • INFORMATION SECURITY ASPECTS
        D. P. Zegzhda, T. N. Saurenko, V. G. Anisimov, E. G. Anisimov Peter the Great St. Petersburg Polytechnic University (SPbPU), Peoples’ Friendship University of Russia
        EVALUATION OF THE EFFECTIVENESS OF THE INFORMATION SECURITY SYSTEM

        Annotation:

        The article discusses a methodological approach to building models for evaluating the effectiveness of programs (projects) for creating or upgrading an information security system in order to ensure the stability and competitiveness of a company in the face of increasing threats to violate the integrity, confidentiality, availability and reliability of information that is essential for its activities. At the same time, the effectiveness of programs (projects) is understood as the degree of use of the opportunities allocated for their implementation of material, intangible and temporary resources to achieve the goals. In the mathematical formalization of the generalized performance indicator, it is taken into account that the implementation of technical, technological, organizational and other elements (activities) included in this program (project) is accompanied by the impact of many random factors affecting the achievement of their particular goals. The proposed generalized indicator provides a dominant assessment of the effectiveness of programs (projects), taking into account the risks in their implementation.

        Keywords:

        information security system of the company, modernization, program (project), performance indicator.
        Pages 9-19
        M. V. Shakurskiy, O. A. Karaulova, E. S. Kartashevskaya Samara State Technical University, Povolzhskiy State University of Telecommunications and Informatics
        SECURITY OF A TWO-COMPONENT STEGANOGRAPHIC SYSTEM TO UNAUTHORIZED INFORMATION EXTRACTION

        Annotation:

        In the classical sense, steganography does not aim to protect information from extraction, however, the use of a two-component steganographic system provides not only information masking, but also cryptographic strength. The article con-siders the stability of the steganographic system for embedding a two-component container to information extraction.

        Keywords:

        two-component steganographic system, masking of information, information ex-traction security.
        Pages 20-27
      • INFORMATION SECURITY APPLICATION
        P. A. Glybovsky, P. V. Timashov, I. A. Kotenok Mozhaisky Military Aerospace Academy
        METHODOLOGY OF EARLY DETECTION OF DDOS ATTACKS TO PROTECT INFORMATION INFRASTRUCTURE OBJECTS

        Annotation:

        The approach of detecting the beginning of a DDoS attack by statistical methods, taking into account seasonality, is considered. The standard setting of limits on the number of requests associated with the occurrence of random triggers and various load of the web resource, depending on the time of day and days of the week, has a number of disadvantages. To optimize the process, it is proposed to use a floating estimate characterizing the current network activity based on the standard deviation (RMS), as well as taking into account seasonal fluctuations. A k-means clustering method for distributing client requests is proposed. The algorithm selects two clusters from mixed traffic. The first is a set of legitimate requests, the second is a set of malicious requests. The introduction of the proposed technique into the protection system, which takes into account the seasonality of DDoS attacks for various types of infrastructure objects, can increase the efficiency of detecting such attacks without increasing resource intensity.

        Keywords:

        DDoS attack, standard deviation, seasonal fluctuations, k-means.
        Pages 28-34
        I. S. Eremenko, A. D. Fatin, E. Y. Pavlenko Peter the Great St. Petersburg Polytechnic University
        CLUSTERING OF COMPUTER NETWORKS BASED ON THE BEE COLONY ALGORITHM

        Annotation:

        The paper proposes a modification of the bee colony based network clustering method. This modification is aimed at reducing the number of community partitions and reducing the running time of the algorithm. Experimental studies on synthetic and real networks confirmed the validity of the proposed modification of the algorithm.

        Keywords:

        community detection, network clustering, bee colony, modular form.
        Pages 35-42
        A. G. Krasnov Saint Petersburg State University of Railway Transport of the Emperor Alexander I
        IMITATIONAL SOFTWARE PACKAGE FOR RESEARCHING HIGHLY UNDETECTABLE STEGOSYSTEMS – HUGO SYSTEMS

        Annotation:

        This article describes a simulation software designed to conduct research on highly undetectable stegosystems (so-called HUGO systems), the purpose of which is to increase the efficiency of the stegosystem with respect to the undetectability of hidden messages, provided they are transmitted in communication channels with a high noise level. To achieve this goal, this paper solves the problem of developing a software package that performs on the sender's side discrete chaotic transformation of a secret message, then embedding it into a covering object using the ±1HUGO method and encoding, and on the recipient's side decoding using a multi–threshold decoder, extracting a secret message and reverse discrete chaotic transformation. In addition, the software package must calculate performance indicators: the peak signal-to-noise ratio and the Pearson correlation coefficient of the covering object and the stego.

        Keywords:

        ±1HUGO, stegosystem, self-orthogonal noise-tolerant code, multi-threshold decoder, discrete chaotic transformation, Arnold Cat Map transform, chaotic baker mapping.
        Pages 53-63
        P. A. Glibovsky, P. N. Serebryakov, P. V. Timashov Mozhaisky Military Aerospace Academy
        IDENTIFYING AND COUNTERING MALICIOUS INFORMATION IN SOCIAL NETWORKS

        Annotation:

        The algorithm of ranking sources by potential used to identify malicious information in social networks and the algorithm of ranking countermeasures used to counteract it is considered. They allow you to achieve the required level of protection of users in social networks. Resource consumption, efficiency and objectivity were selected as indicators of the criteria for the effectiveness of the methodology processes. The resource consumption of processes is proposed to evaluate by indicators: "The use of the central processor device", "The use of RAM" and "Operator operation time". When comparing the processes with each other, we take the time of the measurements of the algorithm for ranking sources by potential and sorting the objects of influence.

        Keywords:

        ranking, potential, countermeasure, performance criteria.
        Pages 43-52
      • APPLIED CRYPTOGRAPHY
        I. K. Noskov, S. V. Bezzateev St. Petersburg National Research University of Information Technologies, Mechanics and Optics (ITMO), St. Petersburg State University of Aerospace Instrumentstion (SUAI)
        FINDING ENUMERATORS FOR A GENERALIZED (L, G)-CODE

        Annotation:

        This article presents an algorithm for finding enumerators of the second degree and higher for a generalized (L, G)-code. This algorithm allows you to increase the speed of calculating enumerators, in contrast to the exhaustive search algorithm. This algorithm can be used to build a modern version of the McEliece cryptosystem. The above solution is based on using the method of representing an element of the Galois field through a function containing coefficients from a field of smaller size. This article also presents the results of a comparison of the modern McEliece cryptosystem built on Goppa codes and generalized (L, G)-codes.

        Keywords:

        McAleese cryptosystem, generalised (L, G)-codes, second-degree numerators.
        Pages 64-70
        S. V. Bezzateev, S. G. Fomicheva, A. F. Suprun St. Petersburg State University of Aerospace Instrumentstion (SUAI), Peter the Great St. Petersburg Polytechnic University
        IMPROVING THE EFFICIENCY OF MULTI-AGENT INFORMATION SECURITY SYSTEMS USING POST-QUANTUM CRYPTOGRAPHY

        Annotation:

        The paper analyzes the problems of ensuring information security in open multi-agent systems that use access control schemes based on RSA algorithms. It is shown that when using such schemes, a significant part of the agents ' lifetime is spent on authentication processes. To increase the efficiency of multi-agent systems by reducing the number of agent authentication processes, a method of access differentiation based on Goppa codes is justified and proposed. For the proposed methodology, an assessment of the level of security of agent information is given.

        Keywords:

        Cyber-Physical systems, Mobile agents, Access control mechanisms, Efficiency of multi-agent systems, Goppa codes.
        Pages 71-88
      • CYBER-PHYSIC SYSTEMS SECURITY
        E. B. Aleksandrova, A. A. Shtyrkina Peter the Great St. Petersburg Polytechnic University
        ADAPTIVE NEUTRALIZATION OF CYBERPHYSICAL SYSTEMS STRUCTURAL BREACH BASE ON GRAPH ARTOFOCAL NEURAL NETWORKS

        Annotation:

        The paper proposed a threat model of cyber-physical systems (CPS), with examples of attacks and consequences for systems for various purposes. It is concluded that the most critical consequences of attacks are related to the disruption of information exchange within the system. Thus, the task of ensuring the security of the CPS is reduced to restoring the efficiency of information exchange. To neutralize the negative consequences for information exchange, it is proposed to use graph artificial neural networks (ANNs). A review of modern architectures of graph ANNs has been carried out. To generate a synthetic training dataset, an algorithm was developed and implemented that simulates the intensity of the network flow and the workload of devices in the system based on graph centrality metrics. A graph ANN was trained for the task of reconfiguring the graph of the CFS network.

        Keywords:

        cyberphysical systems, graph theory, spectral graph theory, graph artificial neural network.
        Pages 89-100
      • TECHNOLOGICAL SYSTEMS, ALGORITHMIZATION OF TASKS AND CONTROL OBJECTS MODELING
        I. A. Sikarev, A. I. Chestnov, V. M. Abramov Russian State Hydrometeorological University
        ASPECTS OF THE DEVELOPMENT AND FUTURE PROSPECTS OF THE PROGRAM FOR AUTOMATIC PROCESSING OF SATELLITE ARCHIVES OF HYDROCHEMICAL DATA IN THE PYTHON PROGRAMMING LANGUAGE

        Annotation:

        This article describes in detail the process of creating a program written in the interpreted Python programming language. The function of this program is to automate the processing of satellite data archives on the content of chlorophyll, nitrates and phosphates to save time and prevent manual processing errors due to the human factor. The article describes in detail the program code, its segments and algorithms.

        Keywords:

        automation, program, Python, hydrochemistry, data processing.
        Pages 101-109
  • 2021 year
  • 2020 year
  • 2019 year
  • 2018 year
  • 2017 year
  • 2016 year
  • 2015 year
  • 2014 year
  • 2013 year
  • 2012 year
  • 2011 year
  • 2010 year
  • 2009 year
  • 2008 year
  • 2007 year
  • 2006 year
  • 2005 year
  • 2004 year
  • 2003 year
  • 2002 year
  • 2001 year
  • 2000 year
  • 1999 year