{"title":"Intelligent Mechanisms for Extracting Signs of File Modification in Dynamic Virus Analysis","authors":"S. G. Fomicheva, O. D. Gayduk","doi":"10.3103/S0146411624700810","DOIUrl":"10.3103/S0146411624700810","url":null,"abstract":"<p>This paper proposes machine-learning pipelines that allow automatically generating the relevant feature spaces for virus detectors, detect the presence of viral modifications in JS-files and scripts in real time, and interpret and visualize the automatically obtained machine solution. It is shown that the best quality metrics will be demonstrated by models of an abstract syntactic tree using binary classifiers based on ensembles of decision trees. An explanation of the solution automatically generated by the virus detector is demonstrated.</p>","PeriodicalId":46238,"journal":{"name":"AUTOMATIC CONTROL AND COMPUTER SCIENCES","volume":"58 8","pages":"1180 - 1191"},"PeriodicalIF":0.6,"publicationDate":"2025-03-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143621797","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Graph of Self-Regulation of Various Types of Networks with Adaptive Topology","authors":"E. Yu. Pavlenko, M. A. Pakhomov","doi":"10.3103/S0146411624701244","DOIUrl":"10.3103/S0146411624701244","url":null,"abstract":"<p>Approaches used for the self-regulation of networks with adaptive network topology based on graph theory are presented. These approaches are limited to networks whose nodes do not change their position in space: peer-to-peer and heterogeneous sensor networks, as well as industrial networks, such as Smart Grid. For each type of network, a generalized target function is described, conditions for self-regulation are formulated, and the process of self-regulation is formally described.</p>","PeriodicalId":46238,"journal":{"name":"AUTOMATIC CONTROL AND COMPUTER SCIENCES","volume":"58 8","pages":"1442 - 1449"},"PeriodicalIF":0.6,"publicationDate":"2025-03-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143622011","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Formal Statement of the Problem of Morphing Executive Code in Software Operation","authors":"N. V. Gololobov","doi":"10.3103/S0146411624700895","DOIUrl":"10.3103/S0146411624700895","url":null,"abstract":"<p>A formal formulation of the problem of modifying executable code during execution is presented based on morphing used in computer animation. During the research, the need for developing a morphing method for software (SW) is substantiated, the basic principles used in computer animation are adapted for the field of cybersecurity, and the vectors for further research in this direction are determined. The results obtained during adaptation should be used in the design and implementation of the method of morphing executable code.</p>","PeriodicalId":46238,"journal":{"name":"AUTOMATIC CONTROL AND COMPUTER SCIENCES","volume":"58 8","pages":"1250 - 1254"},"PeriodicalIF":0.6,"publicationDate":"2025-03-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143622167","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Detecting Synthesized Audio Files Using Graph Neural Networks","authors":"O. A. Izotova, D. S. Lavrova","doi":"10.3103/S0146411624700846","DOIUrl":"10.3103/S0146411624700846","url":null,"abstract":"<p>The problem of generalization of multimodal data in the detection of artificially synthesized audio files is studied. As a solution to the problem, a method is proposed that combines a one-time analysis of the characteristics of an audio file and its semantic component, presented in the form of text. The approach is based on graph neural networks and algorithmic approaches based on keyword and text sentiment analysis. The conducted experimental studies confirmed the validity and effectiveness of the proposed approach.</p>","PeriodicalId":46238,"journal":{"name":"AUTOMATIC CONTROL AND COMPUTER SCIENCES","volume":"58 8","pages":"1212 - 1217"},"PeriodicalIF":0.6,"publicationDate":"2025-03-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143622169","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
L. Kh. Safiullina, A. R. Kasimova, A. A. Alekseeva
{"title":"Analysis of the Reliability of Template Storage When Implementing Modern Biometric Technologies in Information Security Systems","authors":"L. Kh. Safiullina, A. R. Kasimova, A. A. Alekseeva","doi":"10.3103/S0146411624700834","DOIUrl":"10.3103/S0146411624700834","url":null,"abstract":"<p>It can be argued that in certain areas of information technology, classical systems of authentication of the user of a computer system based on passwords and tokens are being completely replaced by biometric technologies. However, biometric systems are vulnerable to various types of security threats. For example, unlike the same passwords and tokens, biometric-based templates cannot be replaced in the event of a compromise. To solve this problem, new protection schemes have been developed. They can be conditionally divided into two groups: biometric cryptography and cancelable biometrics. Biometric cryptography methods show average values of errors of the first and second kind and experimental work in this area is widely known. Cancellable biometrics can be highly reliable, but there are limited experimental data on them. A comparative analysis of the reliability of existing methods is presented. It has been shown that among static biometric parameters, the iris is of greatest interest, and among dynamic ones, keyboard handwriting is of greatest interest. However, the use of these methods, like others, has its own difficulties and risks.</p>","PeriodicalId":46238,"journal":{"name":"AUTOMATIC CONTROL AND COMPUTER SCIENCES","volume":"58 8","pages":"1204 - 1211"},"PeriodicalIF":0.6,"publicationDate":"2025-03-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143622171","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Using Machine Learning Algorithms and Honeypot Systems to Detect Adversarial Attacks on Intrusion Detection Systems","authors":"P. E. Yugai, D. A. Moskvin","doi":"10.3103/S014641162470086X","DOIUrl":"10.3103/S014641162470086X","url":null,"abstract":"<p>This paper presents adversarial attacks on machine learning (ML) algorithms in intrusion detection systems (IDSs). Some examples of existing IDSs are examined. The existing approaches for detecting these attacks are considered. Requirements are developed to increase the stability of ML algorithms. Two approaches to detect adversarial attacks on ML algorithms are proposed, the first of which is based on a multiclass classifier and a Honeypot system, and the second approach uses a combination of a multiclass and binary classifier. The proposed approaches can be used in further research aimed at detecting adversarial attacks on ML algorithms.</p>","PeriodicalId":46238,"journal":{"name":"AUTOMATIC CONTROL AND COMPUTER SCIENCES","volume":"58 8","pages":"1226 - 1233"},"PeriodicalIF":0.6,"publicationDate":"2025-03-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143622173","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Analysis of the Problems of Using Steganographic Methods in Implementing Illegal Actions and Their Role in Digital Forensics","authors":"S. V. Bezzateev, M. Yu. Fedosenko","doi":"10.3103/S0146411624701207","DOIUrl":"10.3103/S0146411624701207","url":null,"abstract":"<p>This paper is a study of the problem of the use of steganographic algorithms by attackers to hide and exchange illegal data. The paper formulates the relevance of the problem by analyzing cases of using steganography in attacks on computer systems and based on the trend of developing a controlled Internet, supported by a regulatory framework. This article presents an analysis of methods for hiding data and their subsequent exchange on public internet resources through a review of the works of researchers in this area; and the main tools used by attackers are identified and described. As an analysis of counteraction methods, a comparative characteristic of the use of various artificial intelligence technologies in the field of steganalysis is presented; the most promising ones applicable for the tasks of the automatic analysis of content posted on public internet resources are highlighted. As a final provision of the work, the process of exchanging hidden data by intruders using EPC notation is modeled; the directions and tasks of steganalysis, whose solution will allow developing a unified system to protect public internet resources in the future, are highlighted; and the prospects for using new steganographic algorithms, such as hiding in the blockchain and the source code of resources, as well as posting content with the presence of physical information attachments, are presented.</p>","PeriodicalId":46238,"journal":{"name":"AUTOMATIC CONTROL AND COMPUTER SCIENCES","volume":"58 8","pages":"1406 - 1421"},"PeriodicalIF":0.6,"publicationDate":"2025-03-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143622008","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Development of Software and Hardware to Protect Technological Processes from Cyber Threats","authors":"F. G. Pashaev, D. I. Zeinalov, G. T. Nadzhafov","doi":"10.3103/S0146411624701074","DOIUrl":"10.3103/S0146411624701074","url":null,"abstract":"<p>The rapid development of technological computer networks (TCNs) and SCADA systems has inevitably accelerated the integration process between these networks and the global Internet. As a result, the solution of many problems of technological and production processes has been simplified, and opportunities have been created for remote management of enterprise personnel and operational personnel. However, this situation has created new, previously nonexistent threats to monitoring, diagnostics, and control systems. Various specialized groups, hackers, and sometimes government agencies carry out targeted attacks on specific industrial enterprises via the Internet. Organizers of cyberattacks on process control systems improve their methods and tools over time and increase their professional level. They carefully study the objects of their future attacks and identify vulnerabilities in the software of object control systems. The developed set of technical means is based on the use of STM32F4XX controllers and LPT ports of computers. Connection diagrams and installation methods for technical means are provided, which, as the created exchange protocols, can serve as a bridge between the global Internet and technological corporate computer networks. Simple algorithms and operating software fragments of the created protocols are presented. The program fragments are given in the C programming language and in the DELPHI programming system. The developed software acts as a filtering bridge between the global Internet and the technological corporate computer network. Information between the two networks is exchanged by using a nonstandard protocol using the STM32F4XX controller and LPT port.</p>","PeriodicalId":46238,"journal":{"name":"AUTOMATIC CONTROL AND COMPUTER SCIENCES","volume":"58 8","pages":"1396 - 1405"},"PeriodicalIF":0.6,"publicationDate":"2025-03-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143622009","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
A. F. Suprun, D. P. Zegzhda, V. G. Anisimov, E. D. Anisimov
{"title":"Justification of the Rational Composition of the Information Security System","authors":"A. F. Suprun, D. P. Zegzhda, V. G. Anisimov, E. D. Anisimov","doi":"10.3103/S0146411624700706","DOIUrl":"10.3103/S0146411624700706","url":null,"abstract":"<p>This paper examines a methodological approach to the construction of models and algorithms for supporting decision-making in substantiating rational composition of the information security system of a corporate computer network. In this case, the problem under consideration is presented in the form of a discrete model of mathematical programming. A special feature of the model is the ability to take into account a wide variety of destructive impacts on a computer network and methods of protecting it. The generality of the model is also ensured by taking into account the possible nonlinear nature of the function reflecting the specific goals of creating an information security system. To solve the problem, a generalized algorithm is developed that takes into account the features of the model. The general nature of the requirements for the parameters of the model and algorithm allows, on their basis, to form a fairly wide range of methods for supporting decision-making in the substantiation of the rational composition of the information security system for specific variants of corporate computer networks and the conditions of their operation.</p>","PeriodicalId":46238,"journal":{"name":"AUTOMATIC CONTROL AND COMPUTER SCIENCES","volume":"58 8","pages":"1093 - 1099"},"PeriodicalIF":0.6,"publicationDate":"2025-03-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143622078","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Detecting Malware Using Deep Neural Networks","authors":"T. D. Ovasapyan, M. A. Volkovskii, A. S. Makarov","doi":"10.3103/S0146411624700779","DOIUrl":"10.3103/S0146411624700779","url":null,"abstract":"<p>This article proposes a method for detecting malicious executable files by analyzing disassembled code. This method is based on a static analysis of assembler instructions of executable files using a special neural network model, whose architecture is also presented in this article. In addition, the effectiveness of the method is demonstrated using several different metrics, showing a significant reduction in Type-II errors compared to other state-of-the-art methods. The obtained results can be used as a basis for designing systems for thestatic analysis of malware.</p>","PeriodicalId":46238,"journal":{"name":"AUTOMATIC CONTROL AND COMPUTER SCIENCES","volume":"58 8","pages":"1147 - 1155"},"PeriodicalIF":0.6,"publicationDate":"2025-03-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143622079","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}