Cybersecurity: Education, Science, Technique最新文献

{"title":"COMPLEX METHOD OF AUTOMATIC FONOSEMANTIC ANALYSIS OF TEXT INFORMATION ON THE BASIS OF EVALUATION OF HIGH SEMANTIC UNITS IN THE CONDITIONS OF INFORMATIVE CONTINUATION","authors":"V. Barannik, T. Belikova, Maksim Kapko, Irina Gurzhiy, Віті імені Героїв Крут","doi":"10.28925/2663-4023.2019.3.5362","DOIUrl":"https://doi.org/10.28925/2663-4023.2019.3.5362","url":null,"abstract":"The article proposes a method of analysis of text messages for revealing their semantic orientation and suggestive influence on the subconscious of a person, in the conditions of information confrontation. The method is based on the evaluation of the phonetic component of the word, using phonosemantic analysis. And also structural, probabilistic assessment and evaluation according to place in the sentence, using probabilistic semantic analysis. The method of automatic phonosemantic analysis is described, the algorithm scheme and the concept of the method of automatic semantic analysis are proposed on the basis of the analysis of the structure of the word, with the scheme of the algorithm. A complex method of phonosemantic analysis is proposed based on the estimation of meaningful semantic units, which seeks to combine the two methods described above and demonstrates an example of an estimation of the random, predicted semantically negative sentence. To demonstrate the estimates, a comparison of the results of the proposed method with the results of the general phonosemantic evaluation of the sentence was made. Based on the results, conclusions are formed.","PeriodicalId":198390,"journal":{"name":"Cybersecurity: Education, Science, Technique","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2019-03-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133082698","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"PRACTICAL APPROACHES TO DETECTING VULNERABILITIES IN INFORMATION AND TELECOMMUNICATION NETWORKS","authors":"A. Ilyenko, Sergii Ilyenko, Kvasha Diana, Yana Mazur","doi":"10.28925/2663-4023.2023.19.96108","DOIUrl":"https://doi.org/10.28925/2663-4023.2023.19.96108","url":null,"abstract":"Looking at information and telecommunication networks, we see that the transmission of confidential data via the Internet is becoming more frequent every day, and therefore, it is necessary that our data be reliably protected from various threats, vulnerabilities that every day try to gain access to the network and intercept data, neutralize, gain access to network resources. That is why, in our time, protecting data, software and hardware from viruses and various vulnerabilities is more necessary than ever, and not just a problem. Based on these considerations, it is necessary both to create new methods for protecting information and telecommunication networks, and to improve existing ones for better network security, because one of the important elements of information protection is network protection itself. Taking into account the constantly growing statistics of cyber attacks on information and telecommunication networks, after in-depth analysis and processing of the mentioned issues, the authors of the article highlighted the current state of ensuring the security of information and telecommunication networks and solutions regarding security in information and telecommunication networks. The authors comprehensively covered and investigated the problems of ensuring security in information and telecommunication networks, conducted an analysis of threats and vulnerabilities that harm the information network, and conducted research on methods of countering modern threats to information and telecommunication networks. Attention is also paid to the development of security solutions in the information and telecommunications network. The authors plan a number of scientific and technical solutions for the development and implementation of effective methods for detecting vulnerabilities and means for ensuring the requirements, principles and approaches for ensuring the security of information and telecommunication networks.","PeriodicalId":198390,"journal":{"name":"Cybersecurity: Education, Science, Technique","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114992972","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"INVESTIGATION OF LINEAR TRANSFORMATIONS OF THE PROPOSED HUSHING FUNCTION OF THE ADVANCED MODULE OF CRYPTOGRAPHIC PROTECTION IN INFORMATION AND CIRCUMSTANCES","authors":"T. Smirnova, Nataliia Yakymenko, Oleksandr S. Ulichev, O. K. Konoplitska-Slobodeniuk, Serhii Smirnov","doi":"10.28925/2663-4023.2022.15.8592","DOIUrl":"https://doi.org/10.28925/2663-4023.2022.15.8592","url":null,"abstract":"This paper investigates the linear transformations of the hash function, which is part of the developed advanced module of cryptographic protection of information, which by capturing information about the user ID, session ID, sending time, message length and sequence number, as well as using a new session key generation procedure for encryption, allows you to ensure the confidentiality and integrity of data in information and communication systems process control. The object of research is the process of ensuring the confidentiality of data in information and communication systems management systems based on cloud technologies. The subject is the study of linear transformations of the proposed hashing function of the advanced module of cryptographic protection in information and communication systems. The purpose of this work is to study the linear transformations of the proposed hashing function of the advanced module of cryptographic protection in information and communication systems for process control based on cloud technologies. To use this module effectively, it is important to choose crypto-resistant encryption and hashing methods, as well as secret key synchronization. Cryptoalgorithms resistant to linear, differential, algebraic, quantum and other known types of cryptanalysis can be used as functions of cryptographic methods of encryption and hashing. The conducted experimental study of linear transformations of the proposed hashing function of the advanced module of cryptographic protection in information and communication systems confirmed the cryptoresistance of the advanced algorithm to linear cryptanalysis.","PeriodicalId":198390,"journal":{"name":"Cybersecurity: Education, Science, Technique","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115702941","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"THE ADVANCED METHOD OF PROTECTION OF PERSONAL DATA FROM ATTACKS USING SOCIAL ENGINEERING ALGORITHMS","authors":"Serhii Laptiev","doi":"10.28925/2663-4023.2022.16.4562","DOIUrl":"https://doi.org/10.28925/2663-4023.2022.16.4562","url":null,"abstract":"Social interaction of subjects in the modern world, in addition to positive forms, also has negative ones. In modern society it is impossible to do without social networks and in the modern world the Internet - technologies prevail. Currently, everyone connected to a computer is registered in at least one social network. Social networks attract people, because in today's world all people communicate, exchange information, and get acquainted, some people come up with a virtual world in which they can be fearless, and popular and thus abandon reality. The problem related to the security of personal data in social networks is the most relevant and interesting in modern society.\u0000\u0000Analysis of methods of protection of personal data from attacks using social engineering algorithms showed that it is impossible to prefer any one method of protection of personal information. All methods of personal data protection purposefully affect the protection of information, but protection in full can not be provided by only one method.\u0000\u0000 Based on the analysis of methods of personal data protection, we have proposed an improved method of protecting personal data from attacks using social engineering algorithms. Improvement is a combination of two existing methods aimed at improving the effectiveness of user training. Using the features of the proposed method formulated by us, it is the increase of user training that will provide better protection of personal data.\u0000\u0000The main advantage of the proposed method is that it uses the synergy of existing methods, which are aimed at educating users and learning to protect their personal information.\u0000\u0000The direction of further research: analysis and improvement of methods of attacks not only with the help of phishing social engineering but also with the help of other methods of social engineering of other types. Creating a mathematical model to protect personal information from attacks using social engineering methods.","PeriodicalId":198390,"journal":{"name":"Cybersecurity: Education, Science, Technique","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116905686","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"CYBERTHREATS IN HIGHER EDUCATION","authors":"O. Trofymenko, Nataliia Loginova, Manakov Serhii, Yaroslav Dubovoil","doi":"10.28925/2663-4023.2022.16.7684","DOIUrl":"https://doi.org/10.28925/2663-4023.2022.16.7684","url":null,"abstract":"As a result of the transition to distance and hybrid learning, first due to the COVID-19 pandemic and then due to the Russian attack and large-scale war, the education sector has faced a wide range of cyber threats. Awareness of these threats can help universities and their staff protect themselves and their students from these vulnerabilities. Large amounts of personal data and financial information about students, faculty and staff, as well as information about research circulate in higher education institutions. It makes them an attractive target for cybercriminals. The article analyzes cyber threats in the higher education sector. The classification of the most common cyber threats in the higher education sector is offered. The basis of most successfully implemented cyber attacks is the human factor, ie the mistakes of staff or students due to ignorance or disregard for the basic rules of cyber hygiene. A study of the signs of cyber threats in the field of education made it possible to divide them according to nine criteria: threats to IoT devices, threats due to human factors, identity theft, ransomware or malicious software, financial gain, espionage, phishing, DDoS attacks, threats to CMS. The implemented classification of cybersecurity threats in the field of higher education will contribute to their clear understanding and specifics on one or another basis. Knowledge of the main threats to educational networks and systems, understanding of common ways of hacking and leaking confidential data of students, teachers and other staff will allow educational institutions to choose and apply the most effective tools and strategies at all levels of cybersecurity. Cybersecurity is a shared responsibility for everyone, and its success depends on being aware of the motives and methods of attackers, maintaining good cyber hygiene by everyone, and monitoring compliance.","PeriodicalId":198390,"journal":{"name":"Cybersecurity: Education, Science, Technique","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117279752","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"MODERN APPROACHES TO PROVIDING CYBER SECURITY IN RADIO RELAY COMMUNICATION LINES","authors":"Vitalii Oleksenko, Roman Shtonda, Yuliya Chernish, Irina Maltseva","doi":"10.28925/2663-4023.2022.17.5764","DOIUrl":"https://doi.org/10.28925/2663-4023.2022.17.5764","url":null,"abstract":"This article examines the impact of the AcidRain malware, which was used against Ukraine during the Russian invasion. Therefore, after the disruption of the Viasat satellite Internet service, a large share of data transmission fell on other types of communication, one of which is radio relay communication. Today, radio relay communication remains one of the priority types of communication. The main conditions that determine the development of radio relay communication and the preservation of its rather high specific weight in the market for the provision of telecommunication services can be conventionally divided into organizational, technical and technological ones. In order to ensure the development of radio relay communication and to preserve its rather high specific weight in the market for the provision of telecommunication services, it is necessary to pay attention to cyber security during the construction of radio relay communication lines. To do this, each official at the appropriate level must pay attention to these points of control to ensure reliable cyber protection in radio relay communication lines, namely, have the appropriate theoretical knowledge of administrators and users in information and communication systems, communication networks, as well as properly act in practice under time to ensure cyber security when deploying radio relay communication lines. Russia's cyberattacks before the invasion of Ukraine proved that cyberattacks today play an important and strategic role in the modern world and are being waged, regardless of whether the electorate knows about it. This threat to us was and is constant and it does not stand still, but only develops. Cyberattacks cause devastating problems to our information and communication systems, communication networks and infrastructure with paradoxical, sometimes deplorable consequences. The reliable operation of radio relay communication lines depends on ensuring cyber security. You should focus on this, and at the same time make maximum efforts. Every day, technological progress will only grow more and more, paradoxically, war is the \"engine of progress\", and behind the growth of technical progress will be the growth of dependence in cyberspace.","PeriodicalId":198390,"journal":{"name":"Cybersecurity: Education, Science, Technique","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125412905","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"CYBERWAR AS A VARIETY OF INFORMATION WARS. UKRAINIAN CYBER SPACE PROTECTION","authors":"Y. Dmytruk, Tetiana Hryshanovych, Liudmyla Hlynchuk, Oksana Zhyharevych","doi":"10.28925/2663-4023.2022.16.2836","DOIUrl":"https://doi.org/10.28925/2663-4023.2022.16.2836","url":null,"abstract":"The paper describes the role played by information technologies, including cybersecurity, specialists, during the war in Ukraine. The concept and framework of the information front are outlined, the contribution of technologists to both the economy and the field of information warfare is highlighted. The article describes the course and circumstances of the information war on the territory of our state from 2014 until the full-scale invasion of Russian troops on the territory of Ukraine. The contribution of both domestic and foreign information protection specialists to the course of this war is described. The main problems in the information space that we have to face in the current conditions are outlined, as well as examples of assistance in the realities of today's war. The study found out in which directions domestic IT specialists are moving, what is their role in the current situation, how are foreign structures and volunteers involved. The separate role is given to foreign journalists who are also fighting on the information front, but they are not specialists in information technology or cybersecurity. Thus, it is clear that Ukraine will win in the information war primarily due to the coverage of true information and its dissemination, as well as due to the active opposition to fakes. It can also be concluded that the information front is no less important than the real one, as it not only weakens the enemy, but also breaks the system from within - destroys logistics, flaunts not the best side of the enemy and informs society about the real state of events. Currently, Ukrainian and foreign cyber troops are doing their best: actively opposing disinformation and fakes, investing in the economy and destroying sites that are still operational. The perspective of our study is to further monitor the cyberfront. It is important to find out how events will run, what other applications (software, technical) will be developed to counter the aggressor, whether certain conclusions will be drawn from Ukraine. From our point of view, there is a strong improvement in the protection of all systems from the possibility of hacking, training of cyber troops at the state level and the development of new solutions to protect existing software.","PeriodicalId":198390,"journal":{"name":"Cybersecurity: Education, Science, Technique","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129018352","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"CLOUD TECHNOLOGIES IN LEARNING: ONTOLOGICAL APPROACH","authors":"O. Tkachenko, K. Tkachenko, O. Tkachenko","doi":"10.28925/2663-4023.2022.17.112127","DOIUrl":"https://doi.org/10.28925/2663-4023.2022.17.112127","url":null,"abstract":"The article considers an ontological approach to the creation and use of learning information systems and learning process management systems that operate in a cloud environment. The proposed ontological approach provides an opportunity to implement learning processes, supporting the sharing of both users (students, teachers, methodologists, etc.) and different training courses of common learning content stored in the cloud. The result of using cloud technologies and ontologies is the ability to make the necessary adjustments to the set of goals and objectives of the learning process, the learning process, the course, the requirements for the level of knowledge and competence of students. An ontological approach to building learning systems operating in a cloud environment is proposed. It is advisable to use the developed ontological model when implementing learning system in managing learning processes in higher educational institutions. The constructed ontological model provides an opportunity to implement continuous improvement of learning processes, supporting the sharing by both users (students, teachers, methodologists, etc.) and different training courses of common training content stored in the cloud. The result of using cloud technologies and ontologies is the possibility of making the necessary adjustments to the set of goals and objectives of the learning process, to the learning process, the training course, to the requirements for the level and competencies of trainees on the part of employers and / or the state. The developed ontological model of learning processes allows, using cloud technologies, to form a space of learning content. Sharing learning content across learning systems has not only enabled the use of ready-made, high-quality learning materials developed by the best teachers, but also reduced the time and resources spent on transferring content from one system to another. The proposed approach uses the integration of technologies such as: ontological modeling, intellectualization and informatization, as well as cloud technologies. The use of these technologies makes it possible to predict the occurrence of emergency situations in the learning process.","PeriodicalId":198390,"journal":{"name":"Cybersecurity: Education, Science, Technique","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130543162","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"ARCHITECTURE SECURITY PRINCIPLES OF THE ANDROID APPLICATIONS-BASED INFORMATION SYSTEM","authors":"R. Drahuntsov, D. Rabchun, Z. Brzhevska","doi":"10.28925/2663-4023.2020.8.4960","DOIUrl":"https://doi.org/10.28925/2663-4023.2020.8.4960","url":null,"abstract":"In this article common attack vectors on the information systems, which are based on the Android client applications, are observed, analyzed and compared. The purpose of this analysis consists in creating the theoretical base for development the practical principles of securing the architecture level of such systems. To accomplish the aims set, there was conducted the categorization of attacks and vulnerabilities specific to the Android information infrastructure and environment. There were also conducted analysis of Android application functional components and typical underlying infrastructure which have possible impact on a system security. Available data about the widespread vulnerabilities of the described elements was analyzed in context of possible exploitation. Based on the Android application usage model there were figured out several adversary models and attack vectors related to the researched information system type. Developed adversary models were formed with a focus on technical possibilities and threat abstraction. Mentioned vectors can be used by an attacker to violate the confidentiality and integrity of critical information in the system. The carried out research was used to form the characteristic comparison of the mentioned vectors and adversary models to evaluate the attack surface on the different parts of information system represented as attack vectors. As a result, we have developed the theoretical principles for securing the architecture of Android applications-driven information systems. Achieved results can be used to form the threat and adversary model, create practical recommendations for the information risk reducing practices in Android-applications driven information systems and to develop the technical requirements for security testing and development.","PeriodicalId":198390,"journal":{"name":"Cybersecurity: Education, Science, Technique","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114527934","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"INFORMATION TECHNOLOGY: APPROACHES TO DEFINITION, PRINCIPLES OF CONSTRUCTION","authors":"Valentyna Makoiedova","doi":"10.28925/2663-4023.2022.18.138149","DOIUrl":"https://doi.org/10.28925/2663-4023.2022.18.138149","url":null,"abstract":"The research is dedicated to the concept of \"information technology\". The purpose of the article is to analyze the scientific and methodological literature, clarify the essence and structure of information technologies, generalize the classification of information technologies based on the works of foreign and Ukrainian scientists. The subject of research is the concept of \"information technology\". As part of the analysis of the concept of \"information technology\", the legislative definition of this term was considered, it was clarified how this category is disclosed in the state standards of Ukraine (in particular, DSTU 5034:2008, DSTU 2226-93, DSTU 2481-94, DSTU 7448:2013) , the wording of the definition in terminological dictionaries was analyzed, the definition of \"information technology\" defined by the international organization UNESCO was considered. The formulation of the concept of \"information technology\" in the scientific works of foreign researchers was studied. On the basis of the conducted analysis, the lack of existing definitions was identified and an aggregated definition of the concept of \"information technology\" was synthesized. The principles that became the basis for the formation of information technologies were analyzed. These principles remain relevant to this day. The publication contains an overview of the main structural components of information technology. Contradictions regarding the definition of the list of structural components of information technology in the works of various scientists have been studied. In addition, the publication provides an infographic of generalized approaches to the classification of information technologies. The work proposes the classification of information technologies according to their intended use, establishes typical components of information technology, and specifies twelve criteria for the classification of information technologies.","PeriodicalId":198390,"journal":{"name":"Cybersecurity: Education, Science, Technique","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134231453","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}