Cybersecurity: Education, Science, Technique最新文献

{"title":"ANALYSIS OF METHODS FOR DATA CONFIDENTIALITY ENSURING DURING TRANSMITTING FROM UAV","authors":"S. Gnatyuk, Vasyl Kinzeryavyy, Yuliia Polishchuk, O. Nechyporuk, Bohdan Horbakha","doi":"10.28925/2663-4023.2022.17.167186","DOIUrl":"https://doi.org/10.28925/2663-4023.2022.17.167186","url":null,"abstract":"The rapid development of unmanned aerial vehicles (UAVs), as well as the expansion of the list of actions performed by modern UAVs, led to increased requirements for the safety and reliability of data transmission. In the context of warfare, when confidential information is collected, the protection of such information is a top priority. The practical level of conducting aerial reconnaissance during current warfare demonstrates the urgent need to create UAV which capable of performing flight tasks and aerial reconnaissance in the mode of installed radio interference, and also emphasizes the importance of ensuring the data confidentiality about target objects transmitted by an optical channel for the implementation of their processing in automated systems. The paper provides a review and comparative analysis of modern cryptoalgorithms that are used to ensure data confidentiality during their transmission by radio channel from UAV to ground objects. There are the system of criteria (multi criteria analysis) was used to compare following cryptographic algorithms (similar to AES, NESSIE, etc competitions): block and key sizes; modes of operation; encryption speed; memory requirements; resistance (security) to cryptanalysis. The conducted analysis showed that each cryptographic algorithm has advantages and disadvantages. Also, there is no universal cryptographic algorithm that capable to resolve all privacy problems in UAV. According to the limited resources in the process of UAV operation, it is necessary to create a universal set (dataset) of cryptographic algorithms that could solve various problems in different conditions including different aspects of UAV exploitation. It is these studies that will be devoted to the further work of the authors within the framework of the ongoing scientific project.","PeriodicalId":198390,"journal":{"name":"Cybersecurity: Education, Science, Technique","volume":"51 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132386890","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"AUTOMATED LOGISTIC FLOW SYSTEM FOR TRADING ENTERPRISE","authors":"Svitlаnа Rzаiеvа, Dmуtrо Rzаiеv, V. Kraskevich, A. Roskladka, V. Gamaliy","doi":"10.28925/2663-4023.2020.7.7284","DOIUrl":"https://doi.org/10.28925/2663-4023.2020.7.7284","url":null,"abstract":"The article addresses one of the most pressing problems for a trading enterprise, namely the problem of routing logistics flows for efficient enterprise management. To optimize itineraries, we use state-of-the-art electronic navigation and mapping systems that can be implemented in modern computer technology, from online services available on any computer to mobile devices. Navigation and mapping systems are distributed software complexes with an array of information stored in database management systems. They involve millions of static objects and huge amounts of dynamic data around the world.\u0000To optimize the logistics flows, an algorithm for an automated routing system is described. This system solves the problems of automatic calculation of the construction and recognition of the optimal route between the specified points of its beginning and the end, tracking of movement on a given route and, in the case of congested roads, redirection of logistics flows.\u0000Based on the researches and experiments on the formation of a cognitive map in the human mind and the perception of the route description, an algorithm for storing and displaying route data is considered. This algorithm takes into account the personal psychology of perception of cartographic information. Developing an algorithm for describing the routing of trading enterprise traffic flows is creating a model of automatically found path between the predetermined points of its beginning and end. This mapping information is personalized, easy to read, fast to remember, and insensitive to user errors.\u0000The proposed algorithm is universal and can be used to solve a wide range of problems of logistic flows optimization.","PeriodicalId":198390,"journal":{"name":"Cybersecurity: Education, Science, Technique","volume":"29 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126467582","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"INFORMATION PROTECTION IN “SMART CITY” TECHNOLOGIES","authors":"M. Moshenchenko, Bohdan Zhurakovskyi","doi":"10.28925/2663-4023.2021.11.100109","DOIUrl":"https://doi.org/10.28925/2663-4023.2021.11.100109","url":null,"abstract":"This article discusses the problems of information security in \"SmartCity\" systems. The comparison of existing solutions and data protocols for wired solutions, such as IPsec, SSL, TLS and wireless systems: ZigBee, Z-Wave, Thread, WeMo. The advantages and disadvantages of each of the existing systems are analyzed. The SmartCity system must be able to recognize a specific situation that arises in the house, city, workplace, when processing large amounts of data, to respond accordingly: one of the systems can control the behavior of other systems using a pre-designed algorithm. The main purpose of the \"SmartCity\" system is to save energy, which is becoming increasingly important due to their rise in price in Ukraine. Therefore, intellectualization is becoming increasingly popular, catching up with global trends in home automation. However, despite the development and gradual formal and informal standardization of smart city technologies, and any home automation, there is still the problem of choosing protocols for the transfer of information between controlled devices, sensors and other elements. This problem is especially serious when it is necessary to ensure the confidentiality and integrity of data circulating in the system. The purpose of this study is to find a secure network protocol that allows you to use it in automatic signaling equipment, so you can not use special software and hardware solutions to affect the confidentiality and integrity of information.In the article is not the last issue of information security such a house of the city government system or production, can cause very great damage to its owner. As remote management and access to information are quite common nowadays, secure schemes, encryption and protection schemes should be used to reduce the percentage of vulnerabilities and prevent intruders from causing harm.","PeriodicalId":198390,"journal":{"name":"Cybersecurity: Education, Science, Technique","volume":"23 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114205926","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"EXPERIMENTAL STUDIES OF THE STAND OF SIMULATION MODELING OF LASER MICROPHONE OPERATION FOR REMOVAL OF ACOUSTIC INFORMATION","authors":"Maksym Martseniuk, P. Skladannyi, V. Astapenya","doi":"10.28925/2663-4023.2021.14.131147","DOIUrl":"https://doi.org/10.28925/2663-4023.2021.14.131147","url":null,"abstract":"He who possesses information owns the world. This statement is becoming more relevant every day. It is information that has become a tool for modern management and development. Therefore, the role of information technology is also constantly growing along with the risk of their malicious use. Attackers use all possible methods and means of technical intelligence to use potentially possible and create new types of information leakage channels to intercept it. object of information activities. Such oscillations caused by a certain speech (acoustic) signal can be intercepted by means of long-range intelligence. Most often, a laser microphone is used as such. The essence of its action is to emit a laser on the surface of the selected OID, which circulates a speech signal that creates sound vibrations on this surface. The movement of the surface leads to the modulation of the wave by phase, which is manifested in the variable nature of the sound signal Doppler shift of the frequency of the received signal. Often, such a surface is the glass of the windows, which reflects the beam to the receiver, to which is connected a detector that can reproduce the sound from the OID. This study aims to study the dependence of the laser microphone on such factors as: the location of the radiation source and the beam receiver from the membrane; membrane surface material; receiver type; materials of fencing constructions OID. The goal is to create a stand to demonstrate the operation of a laser microphone. The research process is carried out on a smaller scale, which is why an improvised room in the form of a cardboard box was chosen as the OID. Available tools were used to reproduce the operation of the laser microphone, so a laser pointer was chosen as the illuminator, and devices such as a solar panel, a light sensor and a signal amplifier microphone were used as the receiver. The study of the influence of selected factors was performed by measuring the voltage and volume of the acoustic signal using a multimeter and a certified program on the tablet, respectively.","PeriodicalId":198390,"journal":{"name":"Cybersecurity: Education, Science, Technique","volume":"10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123859890","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"ISO 27001: ANALYSIS OF CHANGES AND COMPLIANCE FEATURES OF THE NEW VERSION OF THE STANDARD","authors":"Yevhenii Kurii, I. Opirskyy","doi":"10.28925/2663-4023.2023.19.4655","DOIUrl":"https://doi.org/10.28925/2663-4023.2023.19.4655","url":null,"abstract":"Managing information security in the organization may be a daunting task, especially considering that it may encompass many areas from physical and network security to human resources security and management of suppliers. This is where security frameworks come in handy and put formality into the process of the design and implementation of the security strategy. While there are a bunch of different information security frameworks out in the wild, the most commonly-found and preferred by security professionals worldwide is ISO/IEC 27001. It combines both the quite comprehensive set of security controls to cover the most important security areas and wide applicability which allows applying this framework to all kinds of organizations. While cyberspace is constantly changing, companies should also adapt their approaches to the organization of information security processes. In order to respond to new challenges and threats to cyber security, the International Organization for Standardization (ISO) at the end of 2022 has published an updated version of the ISO/IEC 27001:2022 standard, which from now on should be taken into account by all organizations that aim to implement and certify its information security management system (ISMS). The purpose of this article is to provide a brief overview of the new edition of the popular standard, фтв describe the key changes in the structure and description of security controls; as well as develop recommendations for achieving compliance with the requirements of the updated version of the standard.","PeriodicalId":198390,"journal":{"name":"Cybersecurity: Education, Science, Technique","volume":"15 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125121611","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"MODEL OF INDICATORS FOR THE ASSESSMENT OF THE NATIONAL LEVEL OF DIGITALIZATION AND CYBER SECURITY OF THE COUNTRIES OF THE WORLD","authors":"N. Barchenko, Volodymyr Lubchak, Tetiana Lavryk","doi":"10.28925/2663-4023.2022.18.7385","DOIUrl":"https://doi.org/10.28925/2663-4023.2022.18.7385","url":null,"abstract":"Digitalization is one of the main trends in the development of modern society and the growth factors of the global economy in the coming years. But the progress of technology and the new opportunities of digitalization lead to a rapid growth of cyber threats and cyber incidents. Achieving an appropriate level of digitization of the success of the economy and society is interdependent on the levels of development of information and communication technologies and their protection against possible cyber attacks. The purpose of this work is to develop, from the standpoint of system analysis, formal mathematical models for describing the determination of the national level of digital development of countries, taking into account the national level of cyber security and cyber protection. In order to realize the purpose of the study, data was collected and systematized according to four groups of indicators: the general level of development, the level of digital development of the country, the level of technical infrastructure, and the level of the ability to counter cyber threats. The conducted information analysis made it possible to determine the nomenclature of indicators of digitalization progress and the level of cyber security and cyber protection. Based on it, a structure of component models was formed that describe the necessary elements of the subject area of the task of determining the indicators of the national level of digitalization with the coordination of the indicators of the level of cyber security and cyber protection. The results of the study allow us to assert that the development of the digital economy is impossible without strengthening cyber security both at the state level and at the level of individual entities. Further research will focus on the development of mathematical models for an integral assessment of the state of the country's digital transformation, taking into account the country's ability to counter modern cyber threats.","PeriodicalId":198390,"journal":{"name":"Cybersecurity: Education, Science, Technique","volume":"140 1-3 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122503333","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"THE METHOD OF DEVELOPING A CLASSIFIER USING THE BAYES THEOREM FOR MAKING A DECISION ON THE DETERMINATION OF TRUE INFORMATION","authors":"N. Lukova-Chuiko, Tetiana Laptieva","doi":"10.28925/2663-4023.2022.18.108123","DOIUrl":"https://doi.org/10.28925/2663-4023.2022.18.108123","url":null,"abstract":"The range of application of cluster analysis is very wide: it is used in archeology, medicine, psychology, biology, public administration, regional economy, marketing, sociology and other disciplines. Each discipline has its own requirements for primary data and rules for forming groups. Obviously, there will be different methodological approaches to market segmentation, the purpose of which is to identify groups of objects that are similar in terms of features and properties and to the formation of clusters that unite to strengthen their competitive advantages. Thus, when processing information in the information space, the methodology is usually aimed at building a mathematical model of cluster analysis of the object or phenomenon under study, and even obtaining an answer to the question: \"Is the information true or not.\" Detecting false information in the digital world is an important task in overcoming the widespread spread of rumors and prejudices.\u0000\u0000The paper analyzes the existing methods of information classification in the information age. Formulate the signs of the information age, in the context of determining the veracity of information. Based on the main features of the information age, a method of creating a classifier has been developed to solve the problems of determining the veracity of information.\u0000\u0000Mathematical modeling was carried out using the developed classifier to confirm the developed method of decision-making about the veracity of information using the Bayes theorem. The obtained results proved the efficiency of the proposed method of developing a classifier for which, when applying the Bayes theorem for decision-making, it is possible to determine the veracity of information.\u0000\u0000But the developed Bayesian classifier is based on the fact that the a priori probabilities of the hypotheses are known. Therefore, the direction of further research is the development or improvement of methods and algorithms for determining the a priori probability of hypotheses.","PeriodicalId":198390,"journal":{"name":"Cybersecurity: Education, Science, Technique","volume":"126 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115168891","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"PROSPECTIVE DIRECTIONS OF TRAFFIC ANALYSIS AND INTRUSION DETECTION BASED ON NEURAL NETWORKS","authors":"A. Ilyenko, Sergii Ilyenko, I. Kravchuk, Marharyta Herasymenko","doi":"10.28925/2663-4023.2022.17.4656","DOIUrl":"https://doi.org/10.28925/2663-4023.2022.17.4656","url":null,"abstract":"The main problems of the network security at the moment are the difficulty of combining existing systems from different vendors and ensuring their stable interaction with each other. Intrusion detection is one of the main tasks of a proper level of network security, because it is they who notify about attacks and can block them when detected. Today, monitoring and analyzing the quality of traffic in the network, detecting and preventing intrusions is helped by IDS systems and IDS systems of the new generation IPS. However, they have been found to have certain drawbacks, such as the limitations of signature-based systems, as static attack signatures limit the flexibility of systems and pose the threat of missing detection of other attacks not entered into the database. This gives rise to the creation of more and more new hybrid systems, but the challenge is to ensure their efficiency and flexibility, which is helped by the use of artificial neural networks (ANNs). This paper considers ways to improve the use of the convolutional neural network model itself by means of modified processing, data analysis, the use of Softmax and FocalLoss functions to avoid the problem of uneven distribution of sample data by the ratio of positive and negative samples, based on training using the KDD99 dataset. The article provides practical examples of possible integration of IDS and ANN systems. Combinations of backpropagation neural networks and radiant-basis neural networks, which showed some of the best results and proved that the combination of networks helps to increase the efficiency of these systems and create a flexible network adjusted to the needs and requirements of the systems. Although the use of artificial neural networks is a popular tool, it has identified a number of disadvantages: critical dependence on the quality of the dataset, which pours both the quality of networking and the amount of data (the more data, the better and more accurate the network training). But if the data is excessive, there is a chance of missing such implicit, but also dangerous attacks as R2L and U2R.","PeriodicalId":198390,"journal":{"name":"Cybersecurity: Education, Science, Technique","volume":"48 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122576083","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"METHOD OF INFORMATION SECURITY MANAGEMENT SYSTEMS FUNCTIONAL ANALYSIS","authors":"Vasyl Tsurkan","doi":"10.28925/2663-4023.2020.8.192201","DOIUrl":"https://doi.org/10.28925/2663-4023.2020.8.192201","url":null,"abstract":"The process of functional analysis of information security management systems was considered. The relevance of their presentation with many interrelated functions with internal and external interfaces is shown. Taking this into account, the methods of functional analysis of information security management systems are analyzed. Among them, graphic notation IDEF0 is highlighted. This choice is based on the ability to display both interfaces of functions and the conditions and resources of their execution. The orientation of the graphic notation IDEF0 use is established mainly for the presentation of the international standards ISO/IEC 27k series, the display of the main stages of the information security management systems life cycle, the development of individual elements of information security management systems, in particular, risk management. These limitations have been overcome by the method of information security management systems in functional analysis. This was preceded by the definition of the theoretical foundations of this method. Its use allows to allocate their functions at both levels of the system, and levels of its structural elements (subsystems, complexes, components). To do this, define the purpose, viewpoint and establishes information security management as the main activity. It is represented by a set of hierarchically related functions that are represented by a family tree. Each function of this tree defines incoming, outgoing data, management, and mechanisms. This makes it possible to establish their consistency with the organizational structure at the “activity-system”, “process-subsystem”, “operation-module (complex)” and “action-block (component)” levels. In future studies, it is planned to define a hierarchy of functions and develop a logical structure of information security management systems based on the proposed method of functional analysis.","PeriodicalId":198390,"journal":{"name":"Cybersecurity: Education, Science, Technique","volume":"55 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125187451","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"VULNERABILITIES OF SHORT MESSAGE ENCRYPTION IN MOBILE INFORMATION AND COMMUNICATION SYSTEMS OF CRITICAL INFRASTRUCTURE OBJECTS","authors":"Hennadii Hulak, Yuliia Zhdanovа, P. Skladannyi, Yevhen Hulak, Viktor Korniiets","doi":"10.28925/2663-4023.2022.17.145158","DOIUrl":"https://doi.org/10.28925/2663-4023.2022.17.145158","url":null,"abstract":"The article considers the possibility of implementing attacks on information exchange in mobile information and communication systems (ICS), which are protected for additional practical cryptographic transformations. Information exchange in the IСS of critical infrastructure objects is often implemented by means of transmission, receiving and paying fees of apparently short notices. Such improvements can be used to formalize control commands and data on the flow mill of objects, alert signals, alerts about suspected activity in computer networks or data for the formation of multiple secrets (keys) in cyber defense systems. Short message services (Short Message Service - SMS) or add-ons on mobile platforms - messengers are analyzed for the exchange of apparently short notifications. Informed about the possibility of an attack on cryptographic systems with a method of designating a streaming station, the object of critical infrastructure and methods of its implementation. Formulated practical recommendations about how to prevent significant attacks, as well as direct further charges.","PeriodicalId":198390,"journal":{"name":"Cybersecurity: Education, Science, Technique","volume":"43 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130493939","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}