Voprosy kiberbezopasnosti最新文献

{"title":"Modeling of APT-Attacks Exploiting the Zerologon Vulnerability","authors":"Sergey A. Budnikov, Ekaterina Butrik, S. Soloviev","doi":"10.21681/2311-3456-2021-6-47-61","DOIUrl":"https://doi.org/10.21681/2311-3456-2021-6-47-61","url":null,"abstract":"Purpose: the need to assess the effectiveness of the security systems for significant objects of critical information infrastructure determines the need to develop simple and adequate mathematical models of computer attacks. The use of mathematical modeling methods in the design of security system of significant object allows without significant cost and impact on the functioning of the object to justify the requirements to the system as a whole or its individual parts. The purpose of the present paper is to develop a model of the process of multistage targeted computer attack that exploits the Zerologon vulnerability, based on the representation of the attack by a Markov random process with discrete states and continuous time. Methods: methods of Markov process theory, probability theory, computational mathematics and graph theory are used in the model to formalize the attack. Novelty: application of methods of computational mathematics for functional analysis of the results of Kolmogorov’s system of equations allows to solve the problem of maximizing the time of stable operation of critical information infrastructure during computer attacks against it, using the known methods of analysis of continuous functions. Result: formulated a general statement of the problem of modeling the process of a multistage targeted computer attack using a system of Kolmogorov equations, describing the probabilities of being in conflict states of the security system with the intruder. By the Adams method implemented in Mathcad environment, numerical solutions depending on time were obtained. We introduce a security system performance index as a ratio of probability of triggering the security system and blocking intruder’s actions during the attack to the probability of successful completion of the attack. We give an example of research of computer attack realization in a typical information infrastructure, including a corporate network with domain architecture and an automated control system of some technological process. 1 For the considered example defined the optimal values of time parameters of security system. When implementing protective measures with reasonable probabilistic-time characteristics proved an increase in time of stable operation of critical information infrastructure from 11 to 189 hours.","PeriodicalId":422818,"journal":{"name":"Voprosy kiberbezopasnosti","volume":"12 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132143669","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Modern GPGPU Alternative Perspective Universal and Specialized Processors-Accelerators","authors":"A. Adamov, P. Pavlukhin, Dmitriy Bikonov, Alexey Eisymont, L. Eisymont","doi":"10.21681/2311-3456-2019-4-13-21","DOIUrl":"https://doi.org/10.21681/2311-3456-2019-4-13-21","url":null,"abstract":"","PeriodicalId":422818,"journal":{"name":"Voprosy kiberbezopasnosti","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115376716","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"PREDICTION OF THE PROFILE FUNCTIONING OF A COMPUTER SYSTEM BASED ON MULTIVALUED PATTERNS","authors":"O. Sheluhin, D. Rakovskiy","doi":"10.21681/2311-3456-2022-6-53-70","DOIUrl":"https://doi.org/10.21681/2311-3456-2022-6-53-70","url":null,"abstract":"Purpose of work is to create a new algorithm for predicting anomalous states of computer systems (CS) using the mathematical apparatus of multivalued dependencies (Multivalued Dependencies Prognosus Algorithm, MDPA), which are categorical concepts. The research method is the analysis of historical data using the mathematical apparatus of multivalued dependencies. Objects of study are theoretical and practical issues of solving and visualizing information security problems. Results of the study. A methodology and algorithm for predicting the state of CS have been developed. The boundaries of the input parameters of the algorithm are derived and justified. The boundaries of the input parameters need to be pre-configured for the correct generation of the prognosis. A software implementation of the proposed prediction algorithm has been developed. The efficiency of the algorithm has been tested on real experimental data. A spatial analysis of the prediction results was carried out. The main disadvantage of the proposed algorithm is the need to fine-tune the input parameters for each set of “historical data”. Scientific significance. The scope of application of multivalued dependencies has been expanded; a new algorithm for predicting anomalous states of CS, which are categorical concepts, has been proposed. The developed prediction algorithm can be generalized to any subject area containing historical data of any type","PeriodicalId":422818,"journal":{"name":"Voprosy kiberbezopasnosti","volume":"25 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116910476","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Development of the Faculty of Integrated Safety of Fuel and Energy Complex in the Context of Changes in the Industry and the Country","authors":"S. Grinyaev, O. Mishina, I. Samarin","doi":"10.21681/2311-3456-2019-3-4-10","DOIUrl":"https://doi.org/10.21681/2311-3456-2019-3-4-10","url":null,"abstract":"","PeriodicalId":422818,"journal":{"name":"Voprosy kiberbezopasnosti","volume":"22 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122142881","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Problem Issues of the Application of Security Analytical Means of Cyber-Physical Systems of FEC Enterprises","authors":"N. Nashivochnikov, Gazinformservice Llc, A. Bolshakov, Yuri Nikolashin, A. Lukashin","doi":"10.21681/2311-3456-2019-5-26-33","DOIUrl":"https://doi.org/10.21681/2311-3456-2019-5-26-33","url":null,"abstract":"","PeriodicalId":422818,"journal":{"name":"Voprosy kiberbezopasnosti","volume":"9 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117180820","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Modern Trends of Cyber-Threats and Transformation of the Concept of Cybersecurity in the Conditions of Digitalization of the System of Law","authors":"Alexander Karzhia, G. Makarenko, Mikhail Sergin, Fbu Scli","doi":"10.21681/2311-3456-2019-3-18-23","DOIUrl":"https://doi.org/10.21681/2311-3456-2019-3-18-23","url":null,"abstract":"","PeriodicalId":422818,"journal":{"name":"Voprosy kiberbezopasnosti","volume":"170 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125987400","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A Model for Quantifying the Agent of a Complex Network in Conditions of Incomplete Awareness","authors":"A. Kalashnikov, Konstantin Bugajskij","doi":"10.21681/2311-3456-2021-6-26-35","DOIUrl":"https://doi.org/10.21681/2311-3456-2021-6-26-35","url":null,"abstract":"Purpose of the article: development of a mechanism for quantitative evaluation of elements of complex information systems in conditions of insufficient information about the presence of vulnerabilities. Research method: mathematical modeling of uncertainty estimation based on binary convolution and Kolmogorov complexity. Data banks on vulnerabilities and weaknesses are used as initial data for modeling. The result: it is shown that the operation of an element of a complex network can be represented by data transformation procedures, which consist of a sequence of operations in time, described by weaknesses and related vulnerabilities. Each operation can be evaluated at a qualitative level in terms of the severity of the consequences in the event of the implementation of potential weaknesses. The use of binary convolution and universal coding makes it possible to translate qualitative estimates into a binary sequence – a word in the alphabet {0,1}. The sequence of such words — as the uncertainty function — describes the possible negative consequences of implementing data transformation procedures due to the presence of weaknesses in an element of a complex system. It is proposed to use the Kolmogorov complexity to quantify the uncertainty function. The use of a Turing machine for calculating the uncertainty function provides a universal mechanism for evaluating elements of complex information systems from the point of view of information security, regardless of their software and hardware implementation.","PeriodicalId":422818,"journal":{"name":"Voprosy kiberbezopasnosti","volume":"6 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127132493","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Draft of the Third National Standard of Russia for Fast Automatic Learning of Large Correlation Neural Networks on Small Training Samples of Biometric Data","authors":"A. Ivanov, A. Sulavko","doi":"10.21681/2311-3456-2021-3-84-93","DOIUrl":"https://doi.org/10.21681/2311-3456-2021-3-84-93","url":null,"abstract":"The aim of the study is to show that a biometrics-to-access code converter based on large networks of correlation neurons makes it possible to obtain an even longer key at the output while ensuring the protection of biometric data from compromise. The research method is the use of large «wide» neural networks with automatic learning for the implementation of the biometric authentication procedure, ensuring the protection of biometric personal data from compromise. Results of the study - the first national standard GOST R 52633.5 for the automatic training of neuron networks was focused only on a physically secure, trusted computing environment. The protection of the parameters of the trained neural network converters biometrics-code using cryptographic methods led to the need to use short keys and passwords for biometric-cryptographic authentication. It is proposed to build special correlation neurons in the meta-space of Bayes-Minkowski features of a higher dimension. An experiment was carried out to verify the patterns of kkeystroke dynamics using a biometrics-to-code converter based on the data set of the AIConstructor project. In the meta-space of features, the probability of a verification error turned out to be less (EER = 0.0823) than in the original space of features (EER = 0.0864), while in the protected execution mode of the biometrics-to-code converter, the key length can be increased by more than 19 times. Experiments have shown that the transition to the mat space of BayesMinkowski features does not lead to the manifestation of the “curse of dimension” problem if some of the original features have a noticeable or strong mutual correlation. The problem of ensuring the confidentiality of the parameters of trained neural network containers, from which the neural network converter biometrics-code is formed, is relevant not only for biometric authentication tasks. It seems possible to develop a standard for protecting artificial intelligence based on automatically trained networks of Bayesian-Minkowski correlation neurons.","PeriodicalId":422818,"journal":{"name":"Voprosy kiberbezopasnosti","volume":"38 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132435929","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Assessment of Cyber Resilience Indices of Information Collection and Processing Systems in Electric Power Systems Based on Semi-Markov Models","authors":"I. Kolosok, L. Gurina","doi":"10.21681/2311-3456-2021-6-2-11","DOIUrl":"https://doi.org/10.21681/2311-3456-2021-6-2-11","url":null,"abstract":"Purpose of the study: The study aims to design an algorithm for determining the cyber resilience indices of information collection, transmission, and processing systems (SCADA, WAMS) to control electric power systems. This algorithm makes it possible to factor in possible states and measures to restore such systems when cyber resilience is lost. Research methods include the probability theory, methods of power system reliability analysis, and Markov methods. Result of the research: The analysis of the reliability of WAMS, which is necessary for assessing the cyber resilience of the EPS, has been carried out. A cyber resilience model is proposed, on the basis of which an algorithm for determining the cyber resilience index of SCADA, WAMS systems with a low quality of measurement information used in EPS control has been developed. To take into account possible states of SCADA, WAMS systems and measures for their restoration (detection, mitigation and response) in case of violation of cyber resilience, the algorithm uses the tools of probability theory and Markov methods. The effectiveness of the application of the developed algorithm is confirmed by the example of calculating the WAMS cyber resilience index with a low quality of PMU data. The results obtained can be useful in making decisions on the formation of control actions on the EPS to ensure its cybersecurity in the context of cyber-attacks on information collection, transmission, and processing systems.","PeriodicalId":422818,"journal":{"name":"Voprosy kiberbezopasnosti","volume":"67 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131981431","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"ASSESSMENT AND PREDICTION OF THE COMPLEX OBJECTS STATE: APPLICATIOIN FOR INFORMATION SECURITY","authors":"K. Izrailov, M. Buinevich, Igor Kotenko, V. Desnitsky","doi":"10.21681/2311-3456-2022-6-2-21","DOIUrl":"https://doi.org/10.21681/2311-3456-2022-6-2-21","url":null,"abstract":"The goal of the study is to create a method for estimating and predicting the state of objects with a non-trivial internal structure, multifunctional elements and complex relationships between them. An important feature of the goal is the independence of its solution from the area of operation of complex objects. The task of applying this approach in the field of information security is set. Research methods: system analysis, analytical modeling methods, statistical methods and machine learning methods, development of program code for the implementation of assessment and forecasting algorithms. Result: an ontological model of a generalized subject area is introduced that describes the main elements and their relationships. An analysis of the domestic scientific literature over the past few years and an analysis of the solutions existing in them are carried out, as well as their criteria-based comparison. The principles of constructing invariant methods of estimation and forecasting are developed. A scheme of a new method of estimation and forecasting is proposed. A description is given of generalized algorithms for the functioning of the assessment and prediction components, as well as their applicability for solving problems in the field of information security in the interests of countering network attacks.","PeriodicalId":422818,"journal":{"name":"Voprosy kiberbezopasnosti","volume":"227 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114076355","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}