№ 2 (66)

 Objective: the purpose of the entire work is to help system analysts involved in assessing the quality of information systems (IS) operation during their creation, operation, modernization, development, to form the appearance of a comprehensive probabilistic prediction methodology applicable in the interests of ensuring quality and safety, justifying acceptable risks, identifying significant threats and supporting the adoption of scientifically rational system decisions to proactively counter threats in IS life cycle. The purpose of the 3rd part of the work is to complete the detailing of the general methodological provisions on the probabilistic prediction of the quality of IS operation quality (taking into account the enlarged description of the approach in the 1st part of the article [1] and the presentation of the basics of detailing modeling using «black boxes» in the 2nd part of the article [2]) by proposing:
• the formalization of complex modeled systems consisting of parallel-sequential structures formed from «black boxes»
and combined using logical connections «AND», «OR»;
• the methods of system analysis of the IS operation quality;
• the main components of the appearance of a comprehensive methodology for the probabilistic predicting IS operation
quality, used by system analysts in the interests of ensuring quality and safety, justifying acceptable risks, identifying significant threats and supporting the adoption of scientifically based system decisions to proactively counter threats in the life cycle of specific IS. Research methods include: methods of probability theory, methods of system analysis. The modeled system is formally represented by «black boxes» and complex systems in the form of parallel-sequential structures formed from «black boxes» combined using logical connections «AND», «OR». The obtained results of mathematical modeling are used in the interpretation of the original IS, in the interests of which the corresponding calculations are carried out.
The result of the work as a whole is: based on the research results presented in [1, 2], methodological provisions
have been created that form the main components of the appearance of a complex methodology for probabilistic prediction
of IS operation quality in accordance with GOST R 59341-2021 «System engineering. Protection of information in system
information management process». The use of the proposed methodological provisions is intended to help system analysts
form the appearance of a versatile complex methodology of probabilistic prediction, applicable in the interests of ensuring quality and safety, justifying acceptable risks, identifying significant threats and supporting the adoption of scientifically sound system decisions to proactively counter threats in the life cycle of specific IS.
Scientific novelty of the work: with the widespread introduction of modern information technology tools and systems,
the problems associated with a comprehensive study of the IS operation quality remain acutely relevant. Despite the fact that many system engineering standards have appeared that recommend the use of probabilistic system analysis for various types of systems, in practice, the formation of a set of techniques applicable to predicting quality measures, justifying acceptable risks, identifying significant threats and supporting the adoption of scientifically sound system decisions in IS life cycle causes practical difficulties for system analysts. These difficulties and the use of subjective assessments are related not only to the versatility of the very concept of IS operation quality, but also to the complexity of mathematical formalization, taking into account the specifics of each system. As a result, many important aspects are beyond the analyst's field of consideration, specific quality measures turn out to be incommensurable on a single quantitative scale, and the inverse analytical tasks of proactive threat management in IS life cycle and constituent elements are not solved. I.e., in practice, there is a contradiction between the needs for system analysis of IS and the possibilities for solving urgent problems of system analysis. To overcome this contradiction, the proposed methodological provisions formulate the general purpose of IS operation in various areas applications – to ensure the reliability and timeliness of providing the necessary information,
completeness, validity and safety of the information used for subsequent intended use. The main proposed components
of the complex methodology of probabilistic prediction of IS operation quality have determined the scientific novelty of this work, focused precisely on achieving this general formulated goal of IS operation.
Keywords: probability, model, prediction, risk, system, system analysis, threat.

1.	 Kostogryzov A. I., Nistratov A.A. Metodicheskie polozhenija po verojatnostnomu prognozirovaniju kachestva funkcionirovanija informacionnyh sistem. Chast' 1. Obshhij podhod // Pravovaja informatika, 2024, № 3. S. 13–31. (in Russian).
2. 	 Kostogryzov A. I., Nistratov A.A., Golosov P.E. Metodicheskie polozhenija po verojatnostnomu prognozirovaniju kachestva funkcionirovanija informacionnyh sistem. Chast' 2. Modelirovanije s ispolzovaniem «chernich jashikov». Voprosy kiberbezopasnosti, 2024, № 6, S. 3–25. (in Russian).
3.	 Vasilyev V.I., Vulfin A.M., Chernyakhovskaya L.R. Cybersecurity Risk Analysis of Industrial Automation Systems on the Basis of Cognitive Modeling Technology), Chapter 2 in «Digital Forensic Science» / Eds.: S. Shetty, P. Shetty / IntechOpen Pub., London, UK, 2019. ISBN: 978-1-83880-260-8; eBook (PDF) ISBN: 978-1-83968-742-6. DOI: 10.5772/intechopen.78450.
4. 	 A. Kostogryzov and V. Korolev, Probabilistic Methods for Cognitive Solving of Some Problems in Artificial Intelligence Systems. Probability, combinatorics and control./ IntechOpen, 2020, pp. 3–34. – URL: https://www.intechopen.com/books/probability-combinatorics-andcontrol.
5.	 Kostogryzov A, Nistratov A. Probabilistic methods of risk predictions and their pragmatic applications in life cycle of complex systems. In «Safety and Reliability of Systems and Processes», Gdynia Maritime University, 2020. pp. 153–174.
6.	 Golosov P.E., Gostev I.M. Optimization of the Distribution of Hash Calculation Tasks Flow at a Priori Given Complexity / / Informacionnye Tehnologii. 2021. No 5. P. 242–248.
7. 	 Cognitive security modeling of biometric system of neural network cryptography / A.M. Vulfin, V.I. Vasilyev, A.D. Kirillova, A.V. Nikonov // Proceedings of the Information Technologies and Intelligent Decision-Making Systems (ITIDMS2021), (January 20, 2021). CEUR. – 2021. – Vol. 2843.
8. 	 Berkholts V.V., Vulfin A.M., Frid A. I. Telemetry data integrity monitoring system // IOP Conf. Series: Materials Science and Engineering, 2nd Scientific Conference on Fundamental Information Security Problems in terms of the Digital Transformation. – 2021. – Vol. 1069. – 012003.
9. 	 Network traffic analysis based on machine learning methods / A.M. Vulfin, V.I. Vasilyev, V.E. Gvozdev, K.V. Mironov, O.E. Churkin // International Scientific and Practical Conference «Information Technologies and Intelligent Decision-Making Systems». – Journal of Physics: Conference Series. – 2021. – Vol. 2001. – 012017.
10. 	Nistratov A.A. Analytical prediction of the integral risk of violation of the acceptable performance of the set of standard processes in a life cycle of highly available systems. Part 1. Mathematical models and methods. Highly Available Systems. 2021. V. 17. № 3. P. 16−31. Part 2. Software-technological solutions. Examples. Highly Available Systems. 2022. V. 18. № 2. P. 42−57. (in Russian).
11. 	Kostogryzov A. I. O modelyah i metodah veroyatnostnogo analiza zashchity informacii v standartizovannyh processah sistemnoj inzhenerii. Voprosy kiberbezopasnosti. 2022. № 6(52). S. 71–82 (in Russian).
12.	 Kostogryzov A., Makhutov N., Nistratov A., Reznikov G. Probabilistic predictive modeling for complex system risk assessments. Time Series Analysis – New Insights. Intech Open, 2023, pp. 73–105. http://mts.intechopen.com/articles/show/title/probabilisticpredictive-modelling-for-complex-system-risk-assessments.
13. 	Gostev I.M., Golosov P.E. Analiz jeffektivnosti oblachnoj vychislitel'noj sistemy, obsluzhivajushhej potok zadanij s direktivnymi srokami vypolnenija pri mnozhestvennyh otkazah serverov // Programmnaja inzhenerija. 2023. Tom 14, № 6. S. 278–284. DOI: 10.17587/ prin.14.278-284. (in Russian).
14.	 Golosov P.E., Gostev I.M. Analiz jeffektivnosti imitacionnyh modelej oblachnyh vychislenij s ispol'zovaniem jelementov iskusstvennogo intellekta / Radiotehnicheskie i telekommunikacionnye sistemy. M. 2023. № 2. S. 29–39. (in Russian).
15. 	Kostogryzov A. I. Podchod k verojatnostnomu prognozirovaniju zaschiscennosti reputacii «feikovich» ugroz b publichnom prostranstve. Voprosy kiberbezopasnosti. 2023. № 3. S. 114–133 (in Russian).
16. 	Kostogryzov A. I. Modelirovanie processa vijavlenija zakladok pri testirovanii programmnogo obespechenija system s iskusstvennim intellektom posle mashinnogo doobuchenija // INSiDE Zashita informacii. 2023, № 5. S. 28–35 (in Russian).
17. 	 Kostogryzov A. I., Nistratov A.A. Methodological approach to probabilistic prediction and comparison of systems operation quality under conditions of uncertainty. Dependability. 2024; 1: 10–24. (in Russian).
18. 	Kostogryzov A. I. Podchod k intervalnoi ozenke systemnich riskov pri nepolnote dannich o kratnosti rezervirovanija v podsystemach. 2-ja Vserossiiskaja nauchno-technicheskaja konferencija «Kibernetika i informacionnaja besopasnost «KIB-2024». 22-23.10. Moskva. NIJAU MIFI, 2024. S. 14–17. (in Russian).
19. 	Andrey Kostogryzov. Probabilistic predicting the risks of system integrity violation in the absence of complete data on subsystems reservation multiplicity. IEEE. Published in: 2024 International Scientific and Technical Conference Modern Computer Network Technologies (MoNeTeC). 29–31 October 2024. DOI: 10.1109/MoNeTec60984.2024.10768172.
20. 	Kostogryzov A. I. Probabilistic modeling the protection system of spiritual and moral values. Part 1. The general approach. Highly Available Systems. 2024. V. 20. № 2. P. 40–55. Part 2. The risks prediction examples. Highly Available Systems. 2024. V. 20. № 3. P. 37–50. (in Russian).

Purpose of the article: this article investigates the impact of embedding algorithm selection on the performance of anomaly detection in behavioral analytics systems for scalar time series. Recommendations for algorithm selection are provided.Method: the research methodology is based on Takens-Mane theorems for reconstructing attractors of dynamical systems from scalar observables and methods of topological data analysis.Result: the study experimentally establishes that the effectiveness of anomaly detection in behavioral analytics systems using machine learning and topological data analysis significantly depends on the quality of the reconstructed space from the scalar observable. Recommendations are developed for selecting embedding parameters - the dimension of the reconstructed space and the time delay - depending on the embedding method used.Scientific novelty: unlike previous studies on the optimal selection of time series embedding parameters in predicting the behavior (functioning) of dynamical systems, this is the first scientific work that directly investigates the application of popular algorithms for selecting time series embedding parameters to improve the accuracy of anomaly detection by behavioral analytics systems using topological descriptors.
Keywords: UEBA, TDA, scalar time series, embedding dimension, embedding delay, topological descriptors, machine
learning, classification, HAI Security Dataset, anomaly detection.

1. Görmez Y. et al. A User and Entity Behavior Analysis for SIEM Systems: Preprocessing of The Computer Emergency and Response Team Dataset //Journal of Soft Computing and Artificial Intelligence. – 2023. – V. 4. – № 1. – P. 1–6. DOI: 10.55195/jscai.1213782.
2. Karan A., Kaygun A. Time series classification via topological data analysis //Expert Systems with Applications. – 2021. – V. 183. – P. 115326. DOI: 10.1016/j.eswa.2021.115326.
3. Eroglu A., Eroglu H.U. Topological Data Analysis for Intelligent Systems and Applications //Artificial Intelligence Applications in Intelligent System – 2023. – ISRES Publishing – P. 27–60.
4. Nashivochnikov, N.V., Chatoyan, S.K., Lukashin, A.A., Zaborovskij, V.S., Vvedenie v topologicheskij analiz danny'x: uchebnoe posobie. – 2023. – SPb: POLITEX PRESS – S. 244. DOI: 10.18720/SPBPU/2/id23-431.
5. Nashivochnikov N.V., Pustarnakov V.F. Topologicheskie metody' analiza v sistemax povedencheskoj analitiki //Voprosy'
kiberbezopasnosti. – 2021. – № 2 (42). – S. 26–36. DOI: 10.21681/2311-3456-2021-2-26-36.
6. Chung Y.M., Huang W.K., Wu H. T. Topological data analysis assisted automated sleep stage scoring using airflow signals //Biomedical Signal Processing and Control. – 2024. – V. 89. – P. 105760. DOI: 10.1016/j.bspc.2023.105760.
7. Mezheneva I.O., Lukashin A.A. Topologicheskie deskriptory' dlya analiza danny'x v sistemax povedencheskoj analitiki //Matematicheskie metody' v texnologiyax i texnike. – 2023. – № 10. – S. 104–108. DOI: 10.52348/2712-8873_MMTT_2023_10_104. 
8. Hensel F., Moor M., Rieck B. A survey of topological machine learning methods // Frontiers in Artificial Intelligence. – 2021. – Vol. 26, No. 4. – p. 681108. DOI:10.3389/frai.2021.681108.
9. Datseris G., Parlitz U. Nonlinear dynamics: a concise introduction interlaced with code. – Springer Nature, 2022. DOI: 10.1007/978-3- 030-91032-7.
10. Ravishanker N., Chen R. An introduction to persistent homology for time series //Wiley Interdisciplinary Reviews: Computational Statistics. – 2021. – V. 13. – № 3. – P. e1548. DOI: 10.1002/wics.1548.
11. Tan E. et al. Selecting embedding delays: An overview of embedding techniques and a new method using persistent homology //Chaos: An Interdisciplinary Journal of Nonlinear Science. – 2023. – V. 33. – № 3. DOI: 10.1063/5.0137223.
12. Marwan N., Kraemer K.H. Trends in recurrence analysis of dynamical systems //The European Physical Journal Special Topics. – 2023. – V. 232. – P. 5–27. DOI: 10.1140/epjs/s11734-022-00739-8.
13. Ambika G., Harikrishnan K.P. Methods of nonlinear time series analysis and applications: A review //Dynamics and control of energy systems. – 2020. – P. 9–27. DOI: 10.1007/978-981-15-0536-2_2.
14. Krakovská A. et al. State space reconstruction techniques and the accuracy of prediction //Communications in Nonlinear Science and Numerical Simulation. – 2022. – V. 111. – P. 106422. DOI: 10.1016/j.cnsns.2022.106422.
15. Krämer K.H. et al. A unified and automated approach to attractor reconstruction //New Journal of Physics. – 2021. – V. 23. – P. 033017. DOI: 10.1088/1367-2630/abe336.
16. Vujović Ž. et al. Classification model evaluation metrics //International Journal of Advanced Computer Science and Applications. – 2021. – V. 12. – № 6. – P. 599–606. DOI: 0.14569/IJACSA.2021.0120670.
17. Douglass M.J.J. Book Review: Hands-on Machine Learning with Scikit-Learn, Keras, and Tensorflow, by Aurélien Géron. – 2020 – O’Reilly Media – p. 1135–1136. DOI: 10.1007/s13246-020-00913-z.
18. Krämer K.H. et al. A unified and automated approach to attractor reconstruction //New Journal of Physics. – 2021. – V. 23. – № 3. – P. 033017. DOI: 10.1088/1367-2630/abe336.
19. Axås J., Haller G. Model reduction for nonlinearizable dynamics via delay-embedded spectral submanifolds //Nonlinear Dynamics. – 2023. – V. 111. – № 24. – P. 22079–22099. DOI: 10.1007/s11071-023-08705-2.

The purpose of this article: development of a template protection mechanism to ensure the security of the information infrastructure during the migration of virtual machine images.
Research method: analysis of hardware virtualization principles and the process of virtual machine image migration.
Synthesis of a denial of service (DoS) attack scenario during the process of virtual machine image migration to an incompatible environment. Using low-level programming methods, a new protection mechanism is proposed by calling, analyzing system functions through high-level system libraries and forming a special layer of system functions to make a final decision on virtual machine image migration. The special layer of system functions is implemented as a service solution in a secure environment using the ssh protocol. The study was carried out by full-scale modeling of the Docker-based information infrastructure in environments with containerization support, its deployment and testing during the implementation of the attack scenario.
Result: the analysis of the threat of technical difficulties during migration of virtual machine images between cloud service providers caused by incompatibility of hardware and software is carried out, and the relevance of the problem of developing universal template security mechanisms, called patterns, is shown. A microservice architecture is built to ensure the security of the information infrastructure during migration of virtual machine images. A denial of service (DoS) attack scenario is considered during migration of a virtual machine image to an incompatible environment. A security pattern of the information infrastructure during migration of virtual machine images is developed based on microservices integrated into a Docker container. Three microservices are developed: software checks; hardware checks; hypervisor checks. A special layer of system functions has been developed to make the final decision on virtual machine image migration, including: a set of functions for checking the VirtualBox version; a function for checking system resources; a set of functions for checking file system compatibility and available disk space; a function for checking hardware and resource compatibility; a function for performing all checks and logging the results. The program code of microservices has been developed, including codes for system functions and special classes: CheckSoftware, CheckHardware, CheckHypervisor, Logs providing a protection mechanism. An algorithm for creating a security pattern in the form of a Docker container has been developed, a Dockerfile has been written, a Docker image and a Docker container have been created. Microservices have been tested, which has shown the successful operation of the protection mechanism. A system for monitoring the process of migrating a virtual machine image to an incompatible environment based on open source software and the created Docker container has been deployed, which can be used in SIEM systems, and migration error metrics can be configured through the corresponding events of special classes, which makes it possible to flexibly configure the pattern itself and apply it to various information infrastructures.
Practical value: the practical value of the proposed solution includes a template protection mechanism in the form of a pattern that can be used to ensure the security of various information infrastructures consisting of a different set of VMs, hypervisors and servers, including transferring the developed solution to any industry: fuel and energy, economic and not only, due to the cross-platform nature of the solution itself.
Keywords: cloud computing, virtualization, template, denial of service attack, incompatible environment, special system function layer, ssh protocol, hypervisor, server, container, event log, monitoring system.

1.	 Matheus Torquato, Paulo Maciel, Marco Vieira, Evaluation of time-based virtual machine migration as moving target defense against host-based attacks, Journal of Systems and Software, Volume 219, 2025, 112222. DOI:10.1016/j.jss.2024.112222.
2.	 Dobrodeev A. Yu. Kiberbezopasnost' v Rossijskoj Federacii. Modny'j termin ili prioritetnoe texnologicheskoe napravlenie obespecheniya nacional'noj i mezhdunarodnoj bezopasnosti XXI veka // Voprosy kiberbezopasnosti. 2021. №4 (44). S. 61–72. DOI: 10.21681/2311- 3456-2021-4-61-72.
3.	 Chunjing Liu, Lixiang Ma, Minfeng Zhang, Haiyan Long, Optimizing cloud resource management with an IoT-enabled optimized virtual machine migration scheme for improved efficiency, Journal of Network and Computer Applications, Volume 237, 2025, 104137. DOI: 10.1016/j.jnca.2025.104137.
4.	 Hanif Deylami, Jairo Gutierrez, Roopak Sinha, Kororā: A secure live virtual machine job migration framework for cloud systems integrity, Array, Volume 19, 2023, 100312. DOI: 10.1016/j.array.2023.100312.
5.	 Rahmat Zolfaghari, Energy-performance aware virtual machines migration in cloud network by using prediction and fuzzy approaches, Engineering Applications of Artificial Intelligence, Volume 131, 2024, 107825. DOI: 10.1016/j.engappai.2023.107825.
6.	 Tahir Alyas, Taher M. Ghazal, Badria Sulaiman Alfurhood, Munir Ahmad, Ossma Ali Thawabeh, Khalid Alissa, Qaiser Abbas, Performance Framework for Virtual Machine Migration in Cloud Computing, Computers, Materials and Continua, Volume 74, Issue 3, 2022, 6289–6305. DOI: 10.32604/cmc.2023.035161.
7.	 Sheloukhin O.I., Rakovsky D.I. Razrabotka programmno-apparatnogo kompleksa modelirovaniya mnogoznachny'x komp'yuterny'x atak // Voprosy kiberbezopasnosti. 2024. №4 (62). S. 116–130. DOI: 10.21681/2311-3456-2024-4-116-130.
8.	 Markin D.O., Makeev S.M. Sistema zashhity' terminal'ny'x programm ot analiza na osnove virtualizacii ispolnyaemogo koda // Voprosy kiberbezopasnosti. 2020. №1 (35). S. 29–41. DOI:10.21681/2311-3456-2020-01-29-41.
9.	 Korneev N.V., Kotrini E.S. Pattern dlya obespecheniya bezopasnosti prilozheniya pri ugroze modifikacii modeli mashinnogo obucheniya // Voprosy kiberbezopasnosti. 2025. №1 (65). S. 117–127. DOI: 10.21681/2311-3456-2025-1-117-127.
10.	 Hui Zhao, Nanzhi Feng, Jianhua Li, Guobin Zhang, Jing Wang, Quan Wang, Bo Wan, VM performance-aware virtual machine migration method based on ant colony optimization in cloud environment, Journal of Parallel and Distributed Computing, Volume 176, 2023, 17–27. DOI: 10.1016/j.jpdc.2023.02.003.
11.	 Chawki EL BALMANY, Zakariae TBATOU, Ahmed ASIMI, Mohamed BAMAROUF, Secure Virtual Machine Image Storage Process into a Trusted Zone-based Cloud Storage, Computers & Security, Volume 120, 2022, 102815. DOI: 10.1016/j.cose.2022.102815.
12.	 Fargana J. Abdullayeva, Distributed denial of service attack detection in E-government cloud via data clustering, Array, Volume 15, 2022, 100229. DOI:10.1016/j.array.2022.100229.
13.	 Korneev N.V., Lazorin D.S. Pattern dlya obespecheniya bezopasnosti veb-prilozheniya pri ugroze XSS atak v oblachnoj infrastrukture // Voprosy kiberbezopasnosti. 2024. №6 (64). S. 76–84. DOI: 10.21681/2311-3456-2024-6-76-84.
14.	 Enrico Cambiaso, Luca Caviglione, Marco Zuppelli, DockerChannel: A framework for evaluating information leakages of Docker containers, SoftwareX, Volume 24, 2023, 101576. DOI: 10.1016/j.softx.2023.101576.
15.	 Khawaja Tahir Mehmood, Shahid Atiq, Intisar Ali Sajjad, Muhammad Majid Hussain, Malik M. Abdul Basit, Examining the Quality Metrics of a Communication Network with Distributed Software-Defined Networking Architecture, CMES - Computer Modeling in Engineering and Sciences, Volume 141, Issue 2, 2024, 1673–1708. DOI: 10.32604/cmes.2024.053903.
16.	 Derek Groen, Hamid Arabnejad, Diana Suleimenova, Wouter Edeling, Erwan Raffin, Yani Xue, Kevin Bronik, Nicolas Monnier, Peter V. Coveney, FabSim3: An automation toolkitfor verified simulations using high performance computing,Computer PhysicsCommunications, Volume 283, 2023, 108596. DOI: 10.1016/j.cpc.2022.108596.
17.	 Sebastian Troia, Marco Savi, Giulia Nava, Ligia Maria Moreira Zorello, Thomas Schneider, Guido Maier, Performance characterization and profiling of chained CPU-bound Virtual Network Functions, Computer Networks, Volume 231, 2023, 109815. DOI:10.1016/j.comnet.2023.109815.
18.	 Hubin Yang, Ruochen Shao, Yanbo Cheng, Yucong Chen, Rui Zhou, Gang Liu, Guoqi Xie, Qingguo Zhou, REDB: Real-time enhancement of Docker containers via memory bank partitioning in multicore systems, Journal of Systems Architecture, Volume 151, 2024, 103135. DOI:10.1016/j.sysarc.2024.103135.
19.	 Vladimir Ciric, Marija Milosevic, Danijel Sokolovic, Ivan Milentijevic, Modular deep learning-based network intrusion detection architecture for real-world cyber-attack simulation, Simulation Modelling Practice and Theory, Volume 133, 2024, 102916. DOI: 10.1016/j.simpat.2024.102916.
20.	 Miguel Correia, Wellington Oliveira, José Cecílio, Monintainer: An orchestration-independent extensible container-based monitoring solution for large clusters, Journal of Systems Architecture, Volume 145, 2023, 103035. DOI:10.1016/j.sysarc.2023.103035.

The purpose of the study: the digitalization of healthcare has stimulated the development of medical information systems. Studies have become more accessible due to the widespread implementation of digital image exchange in radiology services, as well as the increase in the number and improvement in the quality of radiological equipment. The growing load on the existing infrastructure of medical institutions requires constant administration and prompt resolution of failures. The aim of this work is to develop approaches for the effective maintenance of medical information systems.Method: the architecture of a distributed PACS/RIS system was examined. The main components of the PACS/RIS system involved in its operation were presented.Results: a developed tool for monitoring and managing medical information systems is presented. Its functional capabilities include: managing the configuration of various DICOM objects; obtaining information about message exchange; managing application software; generating reports on their workflow stages. Reviews were conducted aimed at improving medical information systems from the perspective of information security: methods of embedding digital watermarks for radiological images; documents regulating modern requirements for technical measures and equipment to address data security threats in medical information systems.Scientific novelty: this work provides recommendations for creating digital tools that monitor and manage medical information systems, taking scalability into account.
Keywords: PACS/RIS, information security, watermarks.

1.	 Tjurin I.E. Luchevaja diagnostika v Rossijskoj Federacii. // Onkologicheskij zhurnal: luchevaja diagnostika, luchevaja terapija. 2018. T. 1. № 4. S. 43–51. DOI: 10.37174/2587-7593-2018-1-4-43-51.
2.	 Kobrinskij B.A., Dolotova D.D., Donitova V.V., Gavrilov A.V. Radiologicheskie izobrazhenija v sozdanii gibridnyh intellektual'nyh sistem. // Vrach i informacionnye tehnologii. 2020. № 4. S. 43–50. DOI: 10.37690/1811–0193-2020-4-43-50.
3.	 Shelehov P.V., Omel'janovskij V.V. Analiz parka rentgenologicheskogo oborudovanija v Rossijskoj Federacii // Medicinskie tehnologii. Ocenka i vybor. 2023. № 3(45). C. 26–32. DOI: 10.17116/medtech20234503126.
4.	 Stolbov A.P. Obezlichivanie personal'nyh dannyh v zdravoohranenii. // Vrach i informacionnye tehnologii. 2017. № 3. S. 76–91.
5.	 Stolbov A.P. O kiberbezopasnosti medicinskoj dejatel'nosti. Vestnik Roszdravnadzora. 2020. № 3. S. 44–52. – DOI 10.35576/2070-7940-2020-3-44-52.
6.	 Gusev S.D. Informacionnaja bezopasnost' medicinskoj organizacii / S. D. Gusev. Moskva: Obshhestvo s ogranichennoj otvetstvennost'ju «Rusajns». 2024. 154 s.
7.	 Gavrilov A.V., Kulikov I.V., Krajushkin D.V. Programma graficheskogo pol'zovatel'skogo interfejsa dlja soprovozhdenija informacionnoj sistemy PACS/RIS. Svidetel'stvo o gosudarstvennoj registracii programmy dlja JeVM. Rossijskaja Federacija, № 2025613353, zajavl. 21.02.2025, opubl. 6.03.2025.
8.	 Gavrilov A.V., Dolotova D.D., Parusnikov A.V., Blagosklonova E.R., Solominova T.A., Akimova E.A., Krajushkin D.V. Programma kompleksnogo analiza DICOM-izobrazhenij komp'juternoj tomografii golovnogo mozga pri ostryh narushenijah mozgovogo
krovoobrashhenija «Multivox AI Stroke». Svidetel'stvo o gosudarstvennoj registracii programmy dlja JeVM. Rossijskaja Federacija, № 2024689469, zajavl. 30.11.2024, opubl. 16.12.2024.
9.	 Kuraparthi S., Kollati M., Kora P. An optimized blind dual medical image watermarking framework for tamper localization and content authentication in secured telemedicine // Biomed. Signal Process. Control. 2020. V. 55. p. 101665. DOI: 10.1016/j.bspc.2019.101665.
10.	 Fan T., Chao H., Chieu B. Lossless medical image watermarking method based on significant difference of cellular automata transform coefficient. // Signal Process. Image Commun. 2019. V. 70, P. 174–183. DOI: 10.1016/j.image.2018.09.015.
11.	 Parah S.A., Sheikh J.A., Ahad F., Loan N.A., Bhat G.M. Information hiding in medical images: a robust medical image watermarking system for E-healthcare. // Multimed. Tools Appl. 2017. V. 76. № 8. P. 10599–10633. DOI: 10.1007/s11042-015-3127-y.
12.	 Anand A., Singh A.K. Watermarking techniques for medical data authentication: a survey. // Multimedia Tools and Applications. 2021. Vol. 80. p. 30165–30197. DOI: 80. 10.1007/s11042-020-08801-0.
13.	 Qasim A., Meziane F., Aspin R. Digital watermarking: Applicability for developing trust in medical imaging workflows state of the art review. // Computer Science Review. 2018, V. 27. PP. 45-60. DOI: 10.1016/j.cosrev.2017.11.003.
14.	 Badshah G., Liew S.-C, Zain J.M., Ali M. Watermark Compression in Medical Image Watermarking Using Lempel-Ziv-Welch (LZW) Lossless Compression Technique. // Journal of Digital Imaging. 2015. V. 29. № 2. p. 2016–225. DOI: 0.1007/s10278-015-9822-4.

Purpose of work is to develop and substantiate a method for constructing post-quantum EDS algorithms based on finite noncommutative associative algebras, which provides enhanced signature randomization due to double groups and chaotic mappings, compact key sizes and high performance, as well as automated evolutionary design of the multiplication table structure. Research methods: algebraic modeling of noncommutative structures and computer verification of the associativity of multiplication tables, mathematical modeling of the signature process and probabilistic assessment of cryptographic strength during mass signature collection, evolutionary search methods (evolutionary algorithms, crossover and mutation) for adaptive optimization of the structure of Λ, numerical experiments with the generation of one-time exponentials b, n through logistic mapping and testing of the received cryptoprimitive based on Python and the NumPy library. Research results: a basic cryptographic asset has been formed that supports double randomization of the signature. It is shown that the chaotic generation of exponents (b,n) significantly complicates statistical cryptanalysis, even with mass collection of signatures. An adaptive evolutionary algorithm has been developed that allows for the orderly selection of the best tables without losing associativity. An experimental analysis was carried out, as a result of which the exponential complexity of attacks was confirmed with the correct choice of parameters, and the results of implementing the scheme on average hardware resources were demonstrated. The scientific novelty: a combination of noncommutative algebras with a double group and a chaotic generator is proposed, which increases the level of signature randomization. For the first time, the evolutionary search for table parameters was systematically applied to the task of constructing post-quantum EDS algorithms, which ensures associativity, speed, and theoretical cryptographic stability of the generated tables. The fundamental stability of such a scheme to quantum attacks is shown due to the lack of known polynomial algorithms for solving nonlinear systems in a noncommutative structure. The results were obtained with the financial support of the project «Technologies for countering previously unknown quantum cyber threats», implemented within the framework of the state program of the «Sirius» Federal Territory «Scientific and technological development of the «Sirius» Federal Territory (Agreement No. 23-03 dated September 27, 2024).Keywords: post-quantum cryptography, noncommutative associative algebras, double randomization of signatures, chaotic maps, evolutionary algorithms, hidden commutative groups, quantum stability, digital signature, algebraic structure, key generation.

1.	 Moldovjan N.A., Petrenko A.S. Algebraicheskij algoritm JeCP s dvumja skrytymi gruppami // Voprosy kiberbezopasnosti. 2024. № 6. S. 98–107. DOI: 10.21681/2311-3456-2024-6-98-107.
2.	 Moldovyan N.A., Moldovyan A.A. P:ost-quantum signature algorithms with a hidden group and doubled verification equation // Information and Control Systems. 2023. No. 3. P. 59–69. DOI: 10.31799/1684-8853-2023-3-59-69.
3.	 Moldovyan N.A. Finite algebras in the design of multivariate cryptography algorithms // Bulletin of Academy of Sciences of Moldova.
Mathematics. 2023. No. 3 (103). P. 80–89. DOI: 10.56415/basm.y2023.i3.p80.
4.	 Moldovyan A.A., Moldovyan N.A. Vector finite fields of characteristic two as algebraic support of multivariate cryptography // Computer Science Journal of Moldova, 2024. V. 32. No. 1(94). P. 46–60. DOI: 10.56415/csjm.v32.04.
5.	 Moldovjan N.A., Moldovjan A.A. Algoritmy JeCP na konechnyh nekommutativnyh algebrah nad poljami harakteristiki dva // Voprosy kiberbezopasnosti. 2022. № 3(49). S. 58–68. DOI: 10.21681/2311-3456-2022-3-58-68.
6.	 Moldovyan D.N., Moldovyan N.A. Structure of a 4-dimensional algebra and generating parameters of the hidden logarithm problem // Vestnik of Saint Petersburg University. Applied Mathematics. Computer Science. Control Processes. 2022. T. 18. Vyp. 2. S. 209–217. DOI: 10.21638/11701/spbu10.2022.202.
7.	 Moldovjan D.N., Moldovjan A.A., Kostina A.A. Algebraicheskie algoritmy JeCP s polnoj randomizaciej podpisi // Voprosy kiberbezopasnosti. 2024. № 2(60). S. 93–100. DOI: 10.21681/2311-3456-2024-2-93-100.
8.	 Ding J., Petzoldt A., Schmidt D.S. Oil and Vinegar. In: Multivariate Public Key Cryptosystems // Advances in Information Security. Springer, New York, NY. 2020. V. 80. P. 89–151. DOI: 10.1007/978-1-0716-0987-3_5.
9.	 Cartor R., Cartor M., Lewis M., Smith-Tone D. Recent advances in Rainbow Signature Schemes. In: Cheon J.H., Johansson T. (eds) PostQuantum Cryptography // Lecture Notes in Computer Science. 2022. P. 170–184. DOI: 10.1007/978-3-031-17234-2_9.
10.	 Petrenko A.S., Petrenko S.S., Makoveichuk K.A., Olifirov A.V. Security Threat Model Based on Analysis of Foreign National Quantum Programs // CEUR Workshop Proceedings. DLT 2021. 2021. P. 11–25.
11.	 Petrenko A.S., Petrenko S.A. Basic Algorithms Quantum Cryptanalysis // Voprosy kiberbezopasnosti. 2023. No. 1 (53). P. 100–115. DOI: 10.21681/2311-3456-2023-1-100-115.
12.	 AlexeyPetrenko.AppliedQuantumCryptanalysis(scientificmonograph).RiverPublishers,2023.222 pp.DOI:10.1201/9781003392873. 13.	 Petrenko A.S. Kvantovo-ustojchivyj blokchejn: kak obespechit' bezopasnost' blokchejn-jekosistem i platform v uslovijah atak s ispol'zovaniem kvantovogo komp'jutera: – Sankt-Peterburg: Piter, 2023. – 318 s.; ISBN 978-5-4461-2357-5
14.	 Moldovyan D.N. A practical digital signature scheme based on the hidden logarithm problem // Computer Science Journal of Moldova. 2021. Vol. 29. No. 2(86). P. 206–226.
15.	 Moldovyan A.A., Moldovyan D.N. A new type of digital signature algorithms with a hidden group // Computer Science Journal of Moldova. 2023. Vol. 31. No. 1(91). P. 111–124. DOI: 10.56415/csjm.v31.06.
16.	 Ding J., Petzoldt A., Schmidt D.S. Solving Polynomial Systems // In: Multivariate Public Key Cryptosystems. Advances in Information Security. Springer, New York. 2020. V. 80. P. 185–248. DOI: 10.1007/978-1-0716-0987-3_8.
17.	 Ikematsu Y., Nakamura S., Takagi T. Recent progress in the security evaluation of multivariate public-key cryptography // IET Information Security. 2023. No. 17(2). Rr.210-226. DOI: 10.1049/ise2.12092.
18.	 Moldovjan D.N., Kostina A.A. Sposob usilenija randomizacii podpisi v algoritmah JeCP na nekommutativnyh algebrah // Voprosy kiberbezopasnosti. 2024. № 4(62). S. 71–81. DOI: 10.21681/2311-3456-2024-4-71-81.
19.	 Moldovyan D.N., Moldovyan N.A., Moldovyan A.A. Structure of a finite non-commutative algebra set by a sparse multiplication table // Quasigroups and Related Systems. 2022. Vol. 30. No. 1. P. 133–140. DOI: 10.56415/qrs.v30.11.
20.	 Cartor R., Cartor M., Lewis M., Smith-Tone D. IPRainbow. In: Cheon J.H., Johansson T. (eds) Post-Quantum Cryptography // Lecture Notes in Computer Science. 2022. V. 13512. P. 170–184. Springer, Cham. DOI: 10.1007/978-3-031-17234-2_9.

The purpose of this article is to describe a statistical attack on an asymmetric cryptosystem based on artificial neural networks and noise-resistant information coding, as well as to assess the practical applicability of this system in modern conditions, taking into account the possibility of carrying out this type of attack. The text of the work provides a step-by-step implementation of the attack and calculates the system's resistance to this type of cryptanalysis. The methodology of the study consists of mathematical modeling of a bit source with given probability parameters, as well as an analysis of the statistical characteristics of the values generated by it. Based on the analysis of the output values of the simulated source, the authors of the study derive a formula for calculating the resistance of the considered asymmetric cryptosystem to the described attack. They also come to the conclusion that the considered cryptosystem in the form in which it currently exists is extremely ineffective in modern conditions, has no practical application and is of purely academic interest. However, in conclusion, the authors note that if it is possible to limit the intruder's ability to obtain an unlimited number of " plaintext" / " ciphertext" pairs, the frequency cryptanalysis capability considered in this paper will be inapplicable. This will make it possible to consider the cryptosystem again as applicable in practice, at least from the point of view of the frequency cryptanalysis described in this paper.
Keywords:  frequency cryptanalysis, cryptographic strength, asymmetric cryptography, statistical characteristics, binomial distribution, normal distribution.

1.	 Singh, P., & Chaturvedi, A. (2024). Post-Quantum Cryptography. ArXiv, abs/2402.10576. https://doi.org/10.48550/arXiv.2402.10576.
2.	 Richter, M., Bertram, M., Seidensticker, J., & Tschache, A. (2022). A Mathematical Per-spective on Post-Quantum Cryptography. Mathematics. https://doi.org/10.3390/math10152579.
3.	 Bagirovs, E., Provodin, G., Sipola, T., & Hautamäki, J. (2024). Applications of Post-quantum Cryptography. ArXiv, abs/2406.13258. https://doi.org/10.34190/eccws.23.1.2247.
4.	 Liu, Y., & Moody, D. (2024). Post-quantum cryptography and the quantum future of cyber-security.. Physical review applied, 21 4. https://doi.org/10.1103/physrevapplied.21.040501.
5.	 Kudakova, V.Yu. Issledovanie voprosov kriptostojkosti i metodov kriptoanaliza nejrosetevogo algoritma simmetrichnogo shifrovaniya / V.Yu. Kudakova // Mezhdunarodnaya nauchno-prakticheskaya konferenciya po komp'yuternoj i informacionnoj bezopasnosti (INFSEC 2023): sbornik statej, Ekaterinburg, 30 iyunya 2023 goda / OOO «Institut cifrovoj ekonomiki i prava». – Ekaterinburg: Obshchestvo s ogranichennoj otvetstvennost'yu «Institut Cifrovoj Ekonomiki i Prava», 2023. – S. 143–146. – EDN TVCWQM.
6.	 Liang, Y. (2023). A research on applications of neural network-based cryptography. Applied and Computational Engineering. https:// doi.org/10.54254/2755-2721/14/20230798.
7.	 Meraouche, I., Dutta, S., Tan, H., & Sakurai, K. (2021). Neural Networks-Based Cryptography: A Survey. IEEE Access, 9, 124727–124740. https://doi.org/10.1109/ACCESS.2021.3109635.
8.	 Pal, S., Datta, B., & Karmakar, A. (2022). An Artificial Neural Network Technique of Modern Cryptography. Journal of Scientific Research. https://doi.org/10.3329/jsr.v14i2.55669.
9.	 Tarasenko S.S. Primenenie iskusstvennoj nejronnoj seti v kachestve odnostoronnej funkcii s sekretom / S.S. Tarasenko. – Tekst: neposredstvennyj. // Sovremennaya nauka: aktual'nye problemy teorii i praktiki. Seriya «Estestvennye i tekhnicheskie nauki», – g. Moskva, 2022 g. – vypusk № 9. – S. 158–166.
10.	 Tarasenko S.S. Issledovanie kriptostojkosti asimmetrichnoj kriptograficheskoj sistemy, os-novannoj na iskusstvennyh nejronnyh setyah s primeneniem pomekho-ustojchivogo kodirovaniya / S.S. Tarasenko // Telekommunikacii – Moskva, 2023 g. – vypusk № 03-2023. – S. 17–31.
11.	 Wang, R., Wang, Y., & Xie, H. (2021). New McEliece Cryptosystem Based on Polar-LDPC Concatenated Codes as a Post-quantum Cryptography. 2021 IEEE 21st International Conference on Communication Technology (ICCT), 111–116. https://doi.org/10.1109/ICCT52962.2021.9657958.
12.	 Pratama, P., & Adhitya, G. (2022). Post Quantum Cryptography: Comparison between RSA and McEliece. 2022 International Conference on ICT for Smart Society (ICISS), 01-05. https://doi.org/10.1109/ICISS55894.2022.9915232.
13.	 Makoui, F., Gulliver, T., & Dakhilalian, M. (2024). A McEliece-type Cryptosystem using a Random Inverse Matrix and an Error Vector with Large Hamming Weight. 2024, 14th International Conference on Advanced Computer Information Technologies (ACIT), 490–495. https://doi.org/10.1109/ACIT62333.2024.10712631.
14.	 Lim, V.G. Issledovanie chastotnogo kriptoanaliza shifra Vizhenera / V.G. Lim, V.Yu. CHernov // Informacionnye tekhnologii v modelirovanii i upravlenii: podhody, metody, resheniya: Sbornik materialov VII Vserossijskoj nauchnoj konferencii s mezhdunarodnym uchastiem, Tol'yatti, 16–18 aprelya 2024 goda. – Tol'yatti: Tol'yattinskij gosudarstvennyj universitet, 2024. – S. 284–291. – EDN GBPDJE.
15.	 Kotov, Yu.A. Sredstva analiza tekstov na osnove kriptoanaliza prostoj zameny / Yu.A. Kotov, D.I. Makarskaya // Sbornik nauchnyh trudov Novosibirskogo gosudarstven-nogo tekhnicheskogo universiteta. – 2020. – № 1-2(97). – S. 99–112. – DOI 10.17212/2307- 6879-2020-1-2-99-112. – EDN CFSRJB.
16.	 L. Tarangga, Arief G. (2020). Letter Frequency In Indonesian Language Using Proportion Estimation. Khazanah (2020): Jurnal Mahasiswa. https://doi.org/10.20885/khazanah.vol12.iss2.art62.

Purpose of the article: development and analysis of anomaly detection methods on Windows system end hosts within a centralized solution of SIEM class, using machine learning and integrated approach, to improve the efficiency and accuracy of detection of potential security threats in the context of modern cyberattacks.
Method: the research is based on a theoretical analysis of existing anomaly detection approaches, as well as a practical application of machine learning to analyze security event data collected through SIEM systems. The analysis includes studying the MITRE ATT&CK matrix to identify key events indicative of possible attacks and developing algorithms to detect them.
Results: the results of the study show that the developed anomaly detection methodology, based on the analysis of key events of the Windows system and an integrated approach to anomaly detection, allows to significantly improve the accuracy and efficiency of detection of information security incidents in the network infrastructure. This facilitates faster and more accurate response to security threats. Application of the findings can improve anomaly detection systems in Security Operations Centers (SOCs), thus strengthening the overall cybersecurity of organizations. The scientific novelty: work offers a new perspective on anomaly detection, emphasizing the need for complex analysis and the use of machine learning to process large amounts of data collected from SIEM systems. It also emphasizes the importance of adapting anomaly detection techniques to Windows system specifics and taking into account recent trends in cybersecurity.
Keywords: SIEM, anomaly behavior, event log, incident analysis, event monitoring, MITRE matrix

1.	 Dobkach, L.Ja. Analiz metodov raspoznavanija komp'juternyh atak / L.Ja. Dobkach // Pravovaja informatika. – 2020. – № 1. – S. 67–75.
2.	 Shablja V.O., Konovalenko S.A., Edunov R.V. Analiz processa funkcionirovanija SIEM-sistem // E-Scio. – 2022. – № 5 (68). – S. 284–295.
3.	 Prakticheskie aspekty vyjavlenija ujazvimostej pri provedenii sertifikacionnyh ispytanij programmnyh sredstv zashhity informacii / V.V. Varenica, A.S. Markov, V.V. Savchenko, V. L. Cirlov // Voprosy kiberbezopasnosti. – 2021. № 5(45). S. 36–44. DOI:10.21681/2311-3456-2021-5-36-44.
4.	 Sheluhin, O. I. Obnaruzhenie anomalij bol'shih dannyh nestrukturirovannyh sistemnyh zhurnalov / O.I. Sheluhin, V.S. Rjabinin // Voprosy kiberbezopasnosti. – 2019. – № 2(30). – S. 36–41. DOI:10.21681/2311-3456-2019-2-36-41.
5.	 Moskvichev A.D., Dolgachev M.V. Algoritmy korreljacii sobytij informacionnoj bezopasnosti // Avtomatizacija processov upravlenija. 2020. № 3. S. 50–59.
6.	 Vyjavlenie setevyh anomalij v sistemnyh zhurnalah operacionnoj sistemy Microsoft Windows s ispol'zovaniem metodov mashinnogo obuchenija / Pavlychev A.V. [i dr.] // Doklady TUSUR. 2021. – T. 24. – № 4. – S. 27–32. DOI: 10.21293/1818-0442-2021-24-4-27-32.
7.	 Gurina A.O., Guzev O.Ju., Eliseev V. L. Obnaruzhenie anomal'nyh sobytij na hoste s ispol'zovaniem avtokodirovshhika // International Journal of Open Information Technologies. Tom 8, № 8b 2020 g., sju 26–36.
8.	 Miroshnichenko E. L., Kalach A.V., Zenin A.A. Razrabotka modeli sbora informacii o sostojanii zashhishhaemoj sistemy dlja reshenija zadach upravlenija sistemoj obnaruzhenija, preduprezhdenija i likvidacii posledstvij komp'juternyh atak // Vestnik Voronezhskogo instituta FSIN Rossii. – 2020. – № 1. – S. 102–107.
9.	 Navackaja E.A. Sravnitel'nyj analiz metodologij Cyber kill chain i MITRE ATT&CK [Jelektronnyj resurs]. – Rezhim dostupa: https://elibrary.ru/download/elibrary_53928687_43554665.pdf (data obrashhenija: 07.03.2024).
10.	 Jedrian Prutjanu. Kak stat' hakerom: Sbornik prakticheskih scenariev, pozvoljajushhih ponjat', kak rassuzhdaet zloumyshlennik / Jedrian Prutjanu; per. s angl. D.A. Belikova – M.: DMK Press, 2020.– 379 s.
11.	 Antonov S.G., Gvozdeva G.A., Klimov S.M. Metodika povyshenija ustojchivosti funkcionirovanija informacionno-upravljajushhih sistem pri informacionno-tehnicheskih vozdejstvijah // Bezopasnye informacionnye tehnologii. Sbornik trudov Desjatoj mezhdunarodnoj nauchno-tehnicheskoj konferencii. – 2019. – S. 6–11.
12.	 Korolev I.D., Litvinov E.S., Pestov S.V. Analiz potokov dannyh o sobytijah i incidentah informacionnoj bezopasnosti, postupajushhih iz raznorodnyh istochnikov // Rezul'taty sovremennyh nauchnyh issledovanij i razrabotok. Sbornik statej VIII Vserossijskoj nauchnoprakticheskoj konferencii. – 2020. – S. 26–34.

Research objective: the objective of this study is to examine and describe the concept of DevSecOps, its structure, and key components, as well as to develop a simplified DevSecOps maturity model. This model can be utilized by organizations to assess their current DevSecOps maturity level and identify priority areas for the phased implementation of secure software development practices.Methods: the research involved analyzing modern approaches to integrating security into DevOps processes, developing a DevSecOps maturity model based on international standards and practices, and creating methodologies for maturity assessment and metrics for monitoring and managing security.Results: the research revealed that DevSecOps unifies development, operations, and security processes, reducing cybersecurity risks by integrating protective measures at the early stages of the software lifecycle. Three key domains of DevSecOps were identified: technology, processes, and people, which form the foundation for transitioning to secure development. The proposed maturity model comprises three levels and 24 activities that organizations can use for self-assessment and strategy development for implementation. Additionally, metrics were introduced to monitor progress and evaluate the effectiveness of DevSecOps practices, including vulnerability detection and remediation time, early detection rates, and performance coefficients.Practical significance: a simplified DevSecOps maturity model was developed, providing a structured approach to implementing secure development practices. For the first time, comprehensive metrics for DevSecOps monitoring were proposed, enabling organizations to adopt a systematic approach to security management and risk minimization.
Keywords: information security, DevSecOps, secure software development, continuous testing, security integration,
security process automation, DevOps. 

1.	 Seliverstov S.D., Mironenko Y.V.Obzor metodologiiDevSecOps i ee klyuchevyh instrumentov dlya vnedreniya i obespecheniya bezopasnoj razrabotki PO // Student of the Year 2024 – sbornik statej Mezhdunarodnogo nauchno-issledovatel'skogo konkursa. Penza, 2024. pp. 107–111.
2.	 Ganzhur M.A., D'yachenko N.V., Otakulov A.S. Analiz metodologij DevOps i DevSecOps // Molodoj Issledovatel' Dona. 2021. № 5 (32). pp. 8–10.
3.	 Kim, G., Humble, J., Debois, P., & Willis, J. (2016). The DevOps Handbook: How to Create World-Class Agility, Reliability, & Security in Technology Organizations. IT Revolution Press.
4.	 Tuleubaeva A. A., Norkina A. N. Sovremennye problemy informacionnoj bezopasnosti v razrabotke programmnogo obespecheniya // Ugrozy i riski finansovoj bezopasnosti v kontekste cifrovoj transformacii: Materialy VII Mezhdunarodnoj nauchno-prakticheskoj konferencii Mezhdunarodnogo setevogo instituta v sfere POD/FT, Moscow, 24.11.2021. – Moskva: Nacional'nyj issledovatel'skij yadernyj universitet «MIFI», 2021. pp. 670–676.
5.	 Zinov'ev, L.D., Kaleda R.A. Primenenie metodov DevSecPps dlya integracii bezopasnosti v kazhdyj etap zhiznennogo cikla programmnogo obespecheniya // Informacionnye tekhnologii v nauke i obrazovanii. Problemy i perspektivy: Sbornik statej po materialam XI Vserossijskoj nauchno-prakticheskoj konferencii, g. Penza, 13.032.024. Penza: Penzenskij gosudarstvennyj universitet, 2024. pp. 271–273.
6.	 Reddy Chittibala, D. DevSecOps: Integrating Security into the DevOps Pipeline // International Journal of Science and Research. 2023. № 12(12). pp. 2074–2078. DOI 10.21275/sr24304171058.
7.	 Majorova, E.V., Sokolovskaya S.A., Chertok A.V. Preimushchestva gibkogo podhoda dlya soprovozhdeniya proektov razrabotki programmnogo produkta // Peterburgskij ekonomicheskij zhurnal. 2019. № 4. pp. 42–51. DOI 10.25631/PEJ.2019.4.42.51.
8.	 Fathi, V.A., D'yachenko N.V. Testirovanie bezopasnosti prilozhenij // Inzhenernyj vestnik Dona. 2021. № 5(77). pp. 108–120.
9.	 Kuz'mina, S.P. Rol' pajplajnov v sovremennoj kiberbezopasnosti: avtomatizaciya, zashchita i reagirovanie na ugrozy // Internauka. 2024. № 33-1(350). pp. 9-10.
10.	 Gorshkov A.G., Pitelinskij K.V., Mihajlov I.A., Mednikova Z.M., Umerzakova D.A. Osobennosti primeneniya koncepcii SSDLC pri razrabotke i testirovanii zashchishchennogo programmnogo obespecheniya // Informacionnye tekhnologii v proektirovanii i proizvodstve. 2024. № 3(195). pp. 30–36. DOI: 10.52190/2073-2597_2024_3_30.
11.	 Naidoo, R. Building Software Applications Securely with DevSecOps: A Socio-Technical Perspective // European Conference on Cyber Warfare and Security. 2022. № 1 (21). pp. 198–205. DOI: 10.34190/eccws.21.1.295.
12.	 Majorova, E.V., Sokolovskaya S.A., Chertok A.V. Obespechenie informacionnoj bezopasnosti pri gibkom podhode razrabotki programmnogo produkta // Cifrovye tekhnologii obrabotki i zashchity informacii: Sbornik nauchnyh statej / Podredakciej E.V. Stel'mashonok, I.N. Vasil'evoj. Saint-Peterburg: Sankt-Peterburgskij gosudarstvennyj ekonomicheskij universitet, 2020. pp. 83–92.

The aim of the work is to develop a methodology for classifying cyber-physical system security incidents by analyzing the degree of impact of attacks on key system components based on ontological models.Research method: anomaly detection method based on entropy calculation was used to develop a methodology for classifying cyber-physical system security incidents. The attack model was obtained based on the analysis of the physical nature of the attack and the impact on the digital components of the system. An ontological approach was also used to determine the rules for classifying incidents, which allows predicting security risks for a cyber-physical system.Research results: an analysis of the impact of various types of attacks on cyber-physical systems was carried out, attacks were divided into classes and the impact on the system by the level of consequences and impact was brought to a general form. Based on the analysis results, a model of attacks on cyber-physical systems was built, taking into account different ways of implementing an attack, and uniform attack response thresholds were defined, which allows creating universal correlation rules and simplifies this process, since the response threshold is associated with the degree of impact of the attack on the final subsystem. A methodology for classifying incidents and identifying key components of a cyber-physical system based on ontological models was developed, which allows predicting risks and selecting the optimal system configuration. Rules for classifying destructive impacts with uniform response thresholds for each parameter were also developed, while it is possible to increase both the number of parameters and the types of parameter values.Scientific novelty: the result of the work is a set of unique rules for classifying destructive impacts with a uniform response threshold for each parameter of a cyber-physical system
Keywords:  cyber-physical system, destructive impact, incident, consequences, set of attacks, ontological models, risks, classification rules.

1. 	 Umar, A.; Giwa, M. A.; Kassim, A. Y.; Ilyasu, M. U.; Abdulwahab, I.; Agbon, E. E.; Ogedengbe, M. T. Development of an Android-Based, VoiceControlled Autonomous Robotic Vehicle. Eng. Proc. 2023, 58, 48. DOI:10.3390/ecsa-10-16026.
2. 	 Loganathan, A.; Ahmad, N. S. A systematic review on recent advances in autonomous mobile robot navigation. Eng. Sci. Technol. Int. J. 2023, 40, 101343. DOI:10.1016/j.jestch.2023.101343.
3. 	 Yaacoub, J.-P.A.; Noura, H.N.; Salman, O.; Chehab, A. Robotics Cyber Security: Vulnerabilities, Attacks, Countermeasures, and Recommendations. Int. J. Inf. Secur. 2022, 21, 115–158. DOI:10.1007/s10207-021-00545-8.
4. 	 Elikhchi, H.D.; Hamid, T.; Akpoduado, M. Robotics cyber security issues. In Lecture Notes in Networks and Systems, Proceedings of the ICACTCE’23—The International Conference on Advances in Communication Technology and Computer Engineering. ICACTCE 2023, Bolton, UK, 24–25 February 2023; Iwendi, C., Boulouard, Z., Kryvinska, N., Eds.; Springer: Cham, Switzerland, 2023; Volume 735. DOI:10.1007/978-3-031-37164-6_15.
5. 	 Botta, A.; Rotbei, S.; Zinno, S.; Ventre, G. Cyber security of robots: A comprehensive survey. Intell. Syst. Appl. 2023, 18, 200237. DOI:10.1016/j.iswa.2023.200237.
6. 	 Grishaeva, S.A.; Borzov, V.I. Information security risk management. In Proceedings of the 2020 International Conference Quality Management, Transport and Information Security, Information Technologies (IT&QM&IS), Yaroslavl, Russia, 7–11 September 2020; pp. 96–98.
7. 	 Aleksandrova, S.V.; Vasiliev, V.A.; Aleksandrov, M.N. Problems of implementing information security management systems. In Proceedings of the 2020 International Conference Quality Management, Transport and Information Security, Information Technologies (IT&QM&IS), Yaroslavl, Russia, 7–11 September 2020; pp. 78–81. DOI: 10.1109/ITQMIS51053.2020.9322896.
8. 	 Meng, L.; Zhang, L.; Yang, L.; Yang, W. A GPS-adaptive spoofing detection method for the small UAV cluster. Drones 2023, 7, 461. DOI:10.3390/drones7070461.
9. 	 Sun, Y.; Yu, M.; Wang, L.; Li, T.; Dong, M. A deep-learning-based GPS signal spoofing detection method for small UAVs. Drones 2023, 7, 370. DOI:10.3390/drones7060370.
10. 	Sajid, J.; Hayawi, K.; Malik, A.W.; Anwar, Z.; Trabelsi, Z. A Fog Computing Framework for Intrusion Detection of Energy-Based Attacks on UAV-Assisted Smart Farming. Appl. Sci. 2023, 13, 3857. DOI:10.3390/app13063857.
11. 	Nayfeh, M.; Li, Y.; Shamaileh, K.A.; Devabhaktuni, V.; Kaabouch, N. Machine learning modeling of GPS features with applications to UAV location spoofing detection and classification. Comput. Secur. 2023, 126, 103085. DOI: 10.1016/j.cose.2022.103085.
12. 	N. Sabuwala and R.D. Daruwala, «Securing Unmanned Aerial Vehicles by Encrypting MAVLink Protocol», 2022 IEEE Bombay Section Signature Conference (IBSSC), Mumbai, India, 2022, pp. 1–6, doi: 10.1109/IBSSC56953.2022.10037546.
13. 	J. Song, H. Yuan and B. Zhang, «Pixhawk-based scalable platform for multi-purpose surface unmanned vehicle», 2022 4th International Academic Exchange Conference on Science and Technology Innovation (IAECST), Guangzhou, China, 2022, pp. 1577–1580, doi: 10.1109/IAECST57965.2022.10061960.
14. 	W. Wang, Y. Zhao, Y. Liu, G. Liu, F. Zheng and C. Sun, «MQTT Protocol and Implementation of Equipment Management System for Industrial Internet of Things», 2024 43rd Chinese Control Conference (CCC), Kunming, China, 2024, pp. 6139–6144, doi: 10.23919/CCC63176.2024.10662474.
15.	 A. Miu, L. Ruse, R. Deaconescu and D. Tudose, «Integrating TLS/SSL with MQTT in NuttX Operating System», 2024 23rd RoEduNet Conference: Networking in Education and Research (RoEduNet), Bucharest, Romania, 2024, pp. 1–6, doi: 10.1109/RoEduNet64292.2024.10722675.
16. 	I. I. Rezvan, R. I. Vorobiev and S.V. Vorobieva, «The Accuracy Indicators Analysis of GPS and GLONASS Receivers», 2021 XV International Scientific-Technical Conference on Actual Problems Of Electronic Instrument Engineering (APEIE), Novosibirsk, Russian Federation, 2021, pp. 216–219, doi: 10.1109/APEIE52976.2021.9647658.
17. 	 H.M. Saputra, T. Permadi, C.H.A.H.B. Baskoro, N.S.M. Nor, B. Abdussalam and M.Y. Rezaldi, «Effect of IMU Sensor Positioning on 1-DOF Angle Measurement Accuracy for Robotic Charging Station (RoCharg-v1) Manipulator», 2023 International Conference on Computer, Control,InformaticsanditsApplications (IC3INA),Bandung,Indonesia,2023,pp.96–101,doi:10.1109/IC3INA60834.2023.10285798.
18. 	Basan, E.S.; Sushkin, N.A.; Babenko, L.K. Methodology for Detecting Attacks in the Context of Destructive Influences. In Proceedings of the 2023 IEEE XVI International Scientific and Technical Conference Actual Problems of Electronic Instrument Engineering (APEIE), Novosibirsk, Russia, 10–12 November 2023; pp. 1120–1124. DOI: 10.1109/APEIE59731.2023.10347616.
19. 	De˘girmenci, E.; Kırca, Y.S.; Özçelik, ˙I.; Yazıcı, A. ROSIDS23: Network intrusion detection dataset for robot operating system. Data Brief 2023, 51, 109739. DOI:10.1016/j.dib.2023.109739.
20.	 Spravil, J.; Hemminghaus, C.; von Rechenberg, M.; Padilla, E.; Bauer, J. Detecting maritime GPS spoofing attacks based on NMEA sentence integrity monitoring. J. Mar. Sci. Eng. 2023, 11, 928.
21. 	Ren, Y.; Restivo, R.D.; Tan,W.; Wang, J.; Liu, Y.; Jiang, B.; Wang, H.; Song, H. Knowledge distillation-based GPS spoofing detection for small UAV. Future Internet 2023, 15, 389. DOI:10.3390/fi15120389.
22. 	Yang, L.; Wen, C. Optimal jamming attack system against remote state estimation in wireless network control systems. IEEE Access 2021, 9, 51679–51688. DOI:10.1109/ACCESS.2020.3046483.
23. 	Jung, J.H.; Hong, M.Y.; Choi, H.; Yoon, J.W. An analysis of GPS spoofing attack and efficient approach to spoofing detection in PX4. IEEE Access 2024, 12, 46668–46677. DOI:10.1109/ACCESS.2024.3382543.
24. 	 Basan, E.; Basan, A.; Nekrasov, A.; Fidge, C.; Sushkin, N.; Peskova, O. GPS-spoofing attack detection technology for UAVs based on Kullback–Leibler divergence. Drones 2022, 6, 8. DOI:10.3390/drones6010008.
25. 	Basan, E.; Basan, A.; Nekrasov, A.; Fidge, C.; Gamec, J.; Gamcová, M. A self-diagnosis method for detecting UAV cyber attacks based on analysis of parameter changes. Sensors 2021, 21, 509. DOI:10.3390/s21020509.
26. 	Huang, X.; Tian, Y.; He, Y.; Tong, E.; Niu, W.; Li, C.; Liu, J.; Chang, L. Exposing spoofing attack on flocking-based unmanned aerial vehicle cluster: A threat to swarm intelligence. Secur. Commun. Netw. 2020, 2020, 8889122. DOI:10.1155/2020/8889122.
27. 	 Basan, E.; Basan, A.; Nekrasov, A.; Fidge, C.; Ishchukova, E.; Basyuk, A.; Lesnikov, A. Trusted operation of cyber-physical processes based on assessment of the system’s state and operating mode. Sensors 2023, Vol. 23. No. 4. 1996. DOI: 10.3390/s23041996.

The aim of the work is to develop a methodology for generating synthetic data for malware detection systems.The research method is synthetic data generation using natural language processing methods (T5 transformer and large language model Mistral 7b), originally designed to work with text problems.The result obtained: large datasets are required to expand the range of normal and abnormal behavior. Collecting real data requires a large amount of resources. In this work, one real dataset was collected and 3 synthetic datasets were generated (T5, Mistral 7b, T5 + Mistral 7b). Statistical analysis of the data shows that in most cases the combined dataset (T5 + Mistral 7b) achieves the best results, which is confirmed by a practical experiment. Synthetic data obtained using T5 and Mistral 7b separately are not enough to be used as a training set (a strong decrease in the F1-measure from 0,98 to 0,83 is observed). Using the combined data leads to a result close to the real data (0,98 and 0,97).The scientific novelty consists in determining the possibility of using only synthetic data to train deep learning models, which allows expanding the scope of normal and abnormal behavior in anomaly detection systems.
Keywords: malware, deep learning, T5, Mistral 7b, transformers, large language model, ransomware, computer attacks.

1.	 Lapsar' A.P., Nazarjan S.A., Vladimirova A. I. Povyshenie ustojchivosti objektov kriticheskoj informacionnoj infrastruktury k celevym komp'juternym atakam // Voprosy kiberbezopasnosti [Cybersecurity issues], 2022, No 2 (48), pp. 39–51. DOI:10.21681/2311-3456-2022-2-39-51.
2.	 Punyasiri D. L.S. Signature & Behavior Based Malware Detection, 2023. DOI:10.13140/RG.2.2.22127.20640.
3.	 Yunmar R. A. et al. Hybrid Android Malware Detection: A Review of Heuristic-Based Approach // IEEE Access, 2024, V. 12, pp. 41255-41286. DOI:10.1109/ACCESS.2024.3377658.
4.	 Antić J. et al. Runtime security monitoring by an interplay between rule matching and deep learning-based anomaly detection on logs // 2023 19th International Conference on the Design of Reliable Communication Networks (DRCN), IEEE, 2023, pp. 1–5. DOI:10.1109/ DRCN57075.2023.10108105.
5.	 Mushtaq E., Zameer A., Nasir R. Knacks of a hybrid anomaly detection model using deep auto-encoder driven gated recurrent unit // Computer Networks, 2023, V. 226, pp. 109681. DOI: 10.1016/j.comnet.2023.109681.
6.	 Sharma P. et al. A comparative analysis of malware anomaly detection // Advances in Computer, Communication and Computational Sciences: Proceedings of IC4S 2019. Springer Singapore, 2021, pp. 35–44. DOI:10.1007/978-981-15-4409-5_3.
7.	 Liu C. et al. MOBIPCR: Efficient, accurate, and strict ML-based mobile malware detection // Future Generation Computer Systems, 2023, V. 144, pp. 140–150. DOI: 10.1016/j.future.2023.02.014.
8.	 Akhtar M.S., Feng T. Evaluation of machine learning algorithms for malware detection // Sensors. 2023, V. 23, No. 2, pp. 946. DOI: 10.3390/s23020946.
9.	 Basole S., Di Troia F., Stamp M. Multifamily malware models // Journal of Computer Virology and Hacking Techniques, 2020, V. 16, pp. 79–92. DOI:10.48550/arXiv.2207.00620.
10.	 Dhanya K.A. et al. Obfuscated Malware Detection in IoT Android Applications Using Markov Images and CNN // IEEE Systems Journal, 2023. Vol. 17, No. 2, pp. 2756–2766. DOI: 10.1109/JSYST.2023.3238678.
11.	 Ullah F. et al. NMal-Droid: network-based android malware detection system using transfer learning and CNN-BiGRU ensemble // Wireless Networks, 2023, Vol. 30. P. 6177–6198. DOI: 10.1007/s11276-023-03414-5.
12.	 Jahromi A.N. et al. An improved two-hidden-layer extreme learning machine for malware hunting // Computers & Security, 2020, V. 89, pp. 101655. DOI: 10.1016/j.cose.2019.101655.
13.	 Reddy V.S.K. et al. MDC-Net: Intelligent Malware Detection and Classification using Extreme Learning Machine // 2023 Third International Conference on Artificial Intelligence and Smart Energy (ICAIS), IEEE, 2023, pp. 1590–1594. DOI:10.1109/ICAIS56108.2023.10073874.
14.	 Bhardwaj S., Dave M. Integrating a Rule-Based Approach to Malware Detection with an LSTM-Based Feature Selection Technique // SN Computer Science, 2023, V. 4, pp. 737. DOI: 10.1007/s42979-023-02177-2.
15.	 Devi R.A., Arunachalam A.R. Enhancement of IoT device security using an Improved Elliptic Curve Cryptography algorithm and malware detection utilizing deep LSTM // High-Confidence Computing, 2023, V. 3, No 2, pp. 100117. DOI:10.1016/j.hcc.2023.100117.
16.	 Al-Khater W., Al-Madeed S. Using 3D-VGG-16 and 3D-Resnet-18 deep learning models and FABEMD techniques in the detection of malware // Alexandria Engineering Journal, 2024, V. 89, P. 39–52. DOI: 10.1016/j.aej.2023.12.061.
17.	 Kamalov B.R., Tumbinskaja M.V. Programmnoe obespechenie obnaruzhenija «skrytyh majnerov» v brauzernoj srede // Prikladnaja informatika [Applied Computer Science], 2023, V. 18, No 1, pp. 96–110. DOI: 10.37791/2687-0649-2023-18-1-96-110.
18.	 Warmsley D. et al. A Survey of Explainable Graph Neural Networks for Cyber Malware Analysis // 2022 IEEE International Conference on Big Data (Big Data), IEEE, 2022, pp. 2932–2939. DOI:10.1109/BigData55660.2022.10020943.
19.	 Hu W., Tan Y. Generating adversarial malware examples for black-box attacks based on GAN // Data Mining and Big Data: 7th International Conference, DMBD 2022, Beijing, China, November 21–24, 2022, Proceedings, Part II. Singapore: Springer Nature Singapore, 2023. pp. 409–423. DOI: 10.1007/978-981-19-8991-9_29.
20.	 Kozak E. Obuchenie nejronnyh setej i ego znachenie dlja razvitija programmnoj inzhenerii // Sovremennaja nauka: aktual'nye problemy teorii i praktiki. Serija: estestvennye i tehnicheskie nauki [Modern science: actual problems of theory and practice. Series: Natural and technical sciences], 2021, No 8, pp. 68–71. – DOI 10.37882/2223-2966.2021.08.16.
21.	 Devlin J. et al. Bert: Pre-training of deep bidirectional transformers for language understanding // arXiv preprint arXiv:1810.04805, 2018.
22.	 Fernandez P. «Through the looking glass: envisioning new library technologies» AI-text generators as explained by ChatGPT // Library hi tech news, 2023, V. 40, No 3, pp. 11–14. DOI: 10.1108/LHTN-02-2023-0017.
23.	 Hinton M., Wagemans J.H.M. How persuasive is AI-generated argumentation? An analysis of the quality of an argumentative text produced by the GPT-3 AI text generator // Argument & Computation. 2023, V. 14, No 1, pp. 59–74. DOI:10.3233/AAC-210026.
24.	 Kolin K.K. i dr. Iskusstvennyj intellekt v tehnologijah mashinnogo perevoda // Social'nye novacii i social'nye nauki [Social innovation and social sciences], 2021, No 2 (4), pp. 64–80. DOI 10.31249/snsn/2021.02.05.
25.	 Ge J., Lai J. C. Artificial intelligence-based text generators in hepatology: ChatGPT is just the beginning // Hepatology communications, 2023, V. 7, No 4, pp. e0097. DOI: 10.1097/HC9.0000000000000097.
26.	 Kozachok A.V., Spirin A.A., Erohina N.S. Metod generacii semanticheski korrektnogo koda dlja fazzingetestirovanija interpretatorov javascript // Voprosy kiberbezopasnosti [Cybersecurity issues], 2023, No 5, pp. 80–88. DOI: 10.21681/2311-3456-2023-5-80-88.
27.	 Raffel C. et al. Exploring the limits of transfer learning with a unified text-to-text transformer // Journal of machine learning research, 2020, V. 21, No 140, pp. 1–67. DOI:10.48550/arXiv:1910.10683.
28.	 Starodubov M. I., Artem'eva I. L., Selin N.A. Metod obnaruzhenija programm-vymogatelej na osnove analiza povedencheskogo otcheta ispolnjaemogo objekta // Voprosy kiberbezopasnosti [Cybersecurity issues], 2024, No 3, pp. 85–89. DOI: 10.21681/2311-3456-2024-3-85-89.
29.	 Bera S., Shrivastava V.K. Analysis of various optimizers on deep convolutional neural network model in the application of hyperspectral remote sensing image classification // International Journal of Remote Sensing, 2020, V. 41, No 7, pp. 2664–2683. DOI:10.1080/01431161.2019.1694725.

The purpose of the study: development and evaluation of a method for countering FGSM, ZOO, OPA adversarial attacks on image classification systems based on the integration of noise pollution, neural cleansing and JPEG data compression.Research methods: system analysis, machine learning, image noising, neural cleansing, JPEG data compression, computational experiment.Results obtained: an analysis of works on the topic of attacks on image classification systems (ICS) based on the application of machine learning methods, and methods of protection against them was carried out. Based on the results of this analysis, it was revealed that the most common attacks on ICS include adversarial attacks, namely: Fast Gradient Sign Method (FGSM), Zero-Order Optimization (ZOO) and One Pixel Attack (OPA). The topic of countering these attacks is currently of great interest. The essence of the impact of these attacks on ICS is disclosed, and their influence on the accuracy of image recognition is revealed. A method for countering adversarial attacks is proposed, based on image noising with Gaussian and Poisson noise, as well as the use of JPEG compression and neural cleansing technology. Experiments were conducted showing the high efficiency of the proposed method. The experiments were aimed at assessing the accuracy of image recognition contained in two different data sets - a set of images of personal computer parts and a set of handwritten digital images. The results of image recognition were evaluated before and after exposure of the ICS to adversarial attacks, as well as after applying the proposed method to these sets.Scientific novelty: an analysis of works on the topic of protection against adversarial attacks showed that currently the most typical attacks on ICS are FGSM, ZOO and OPA attacks. The proposed method for countering adversarial attacks on ICS differs from other known protection methods in that it integrates the capabilities of countering attacks contained in three different approaches (neural cleansing, noise pollution and JPEG compression) and identifies the optimal parameters of these approaches. The high efficiency of the proposed method was confirmed in experiments conducted on two different data sets.Contribution: Igor Kotenko and Igor Saenko - general concept of adversarial attacks on ICS and methods of protection against them based on well-known works; Igor Kotenko and Oleg Lauta - description of methods of impact of adversarial attacks; Nikita Vasilev and Vladimir Sadovnikov - implementation of the proposed approach; Igor Kotenko and Igor Saenko - theoretical justification of the proposed approach.
Keywords: cybersecurity, machine learning, adversarial attacks, image classification, noise pollution, attack defense, artificial intelligence.

1.	 Magomadova A.R., Saparbiev A.Sh., Natal'son A.V. Vlijanie iskusstvennogo intellekta na obrabotku estestvennogo jazyka v IT-tehnologijah // Nauchno-tehnicheskij vestnik Povolzh'ja. 2023. № 12. S. 323–325.
2.	 Zotkina A.A., Shindina N.S. Osnovnye zadachi NLP i kak ih reshajut nejronnye seti // Sovremennye informacionnye tehnologii. 2023. № 37 (37). S. 14–17.
3.	 Dem'janchuk S.V. Sovremennye tehnologii i intellektual'nye sistemy v upravlenii jekspluataciej avtotransporta // Transportnoe delo Rossii. 2024. № 1. S. 245–248.
4.	 Dorofeev N.A., Snigur G. L., Frolov M.Ju., Smirnov A.V., Sasov D.A., Zubkov A.V. Iskusstvennyj intellekt, mashinnoe obuchenie i nejronnye seti v morfologii // Vestnik Volgogradskogo gosudarstvennogo medicinskogo universiteta. 2024. T. 21. № 1. S. 3–8. DOI: 10.19163/1994-9480-2024-21-1-3-8.
5.	 Garafutdinova L.V., Kalichkin V.K., Fedorov D.S. Ob#ektno orientirovannaja klassifikacija izobrazhenij distancionnogo zondirovanija zemli s ispol'zovaniem mashinnogo obuchenija // Vestnik NGAU (Novosibirskij gosudarstvennyj agrarnyj universitet). 2024. № 2 (71).
S. 37–47. DOI: 10.31677/2072-6724-2024-71-2-37-47.
6.	 Karpushkina I.S., Skomorohina E.R., Chikenev S.D. Reshenie zadachi klassifikacii medicinskih izobrazhenij s pomoshh'ju metodov mashinnogo obuchenija // Original'nye issledovanija. 2023. T. 13. № 4. S. 79–84.
7.	 Zotkina A.A. Analiz algoritmov mashinnogo obuchenija, ispol'zuemyh v klassifikacii izobrazhenij, publikuemyh pol'zovateljami social'nyh setej // Sovremennye informacionnye tehnologii. 2023. № 38 (38). S. 38–40.
8.	 Khan A., Sohail A., Zahoora U., Qureshi A.S. A survey of the recent architectures of deep convolutional neural networks // Artificial Intelligence Review. 2020. Vol. 53, No. 8. Pp. 5455–5516. DOI: 10.1007/s10462-020-09825-6.
9.	 Rao S., Stutz D., Schiele B. Adversarial training against location optimized adversarial patches // Computer Vision – ECCV 2020 Workshops. ECCV 2020. LNCS. Vol. 12539. 2020. Pp. 429–448. DOI: 10.1007/978-3-030-68238-5_32.
10.	 Deng Y., Zheng X., Zhang T., Chen C., Lou G., Kim M. An analysis of adversarial attacks and defenses on autonomous driving models // 2020 IEEE International Conference on Pervasive Computing and Communications (PerCom). 2020. P. 1–10. DOI: 10.1109/PerCom45495.2020.9127389.
11.	 Kotenko I., Saenko I., Lauta O., Vasiliev N., Iatsenko D. Attacks against machine learning systems: analysis and GAN-based approach to protection // Proceedings of the Seventh International Scientific Conference «Intelligent Information Technologies for Industry» (IITI’23). IITI 2023. LNNS. Vol. 777. P. 49–59. 2023. DOI: 10.1007/978-3-031-43792-2_5.
12.	 Zheng Y., Jie Z., Shiguang S. Adaptive image transformations for transfer-based adversarial attack. ECCV 2022. ECCV 2022. Lecture Notes in Computer Science. 2022. pp. 1–17. DOI: 10.1007/978-3-031-20065-6_1.
13.	 Zolfi A., Kravchik M., Elovici Y., Shabtai A. The translucent patch: A physical and universal attack on object detectors // 2021 IEEE/ CVF Conference on Computer Vision and Pattern Recognition (CVPR). 2021. P. 15227–15236. DOI: 10.1109/CVPR46437.2021.01498.
14.	 Cucu A. -V., Valenzise G., Stănescu D., Ghergulescu I., Găină L.I., Guşiţă B. Defense method against adversarial attacks using JPEG compression and One-Pixel Attack for improved dataset security // 2023 27th International Conference on System Theory, Control and Computing (ICSTCC). 2023. P. 523–527. DOI: 10.1109/ICSTCC59206.2023.10308520.
15.	 Ning L. -B., Dai Z., Su J., Pan Ch., Wang L., Fan W., Li Q. Interpretation-empowered neural cleanse for backdoor attacks // Companion Proceedings of the ACM Web Conference 2024 (WWW '24). 2024. P. 951–954. DOI: 10.1145/3589335.3651525.
16.	 Ren K., Zheng T., Qin Zh., Liu X. Adversarial attacks and defenses in deep learning // Engineering. 2020. Vol. 6. P. 346–360. DOI: 10.1016/j.eng.2019.12.012.
17.	 Khamaiseh S.Y., Bagagem D., Al-Alaj A., Mancino M., AlomariH.W. Adversarial deep learning: A survey on adversarial attacks and defense mechanisms on image classification // IEEE Access. 2022. Vol. 10. P. 102266–102291. DOI: 10.1109/ACCESS.2022.3208131.
18.	 Irfan M.M., Ali S., Yaqoob I., Zafar N. Towards deep learning: A review on adversarial attacks // 2021 International Conference on Artificial Intelligence (ICAI). 2021. P. 91–96. DOI: 10.1109/ICAI52203.2021.9445247.
19.	 Sharma S., Chen Z. A Systematic study of adversarial attacks against network intrusion detection systems // Electronics. 2024. Vol. 13, No. 24. P. 5030. DOI: 10.3390/electronics13245030.
20.	 Wang W., Sun J., Wang G. Visualizing One Pixel Attack Using Adversarial Maps // 2020 Chinese Automation Congress (CAC). 2020. P. 924–929. DOI: 10.1109/CAC51589.2020.9327603.

Purpose of the study: the study of indicators and mathematical methods for assessing vulnerabilities of automated systems. Consideration of the applicability of probability theory, Student's distribution, and normal random variables in order to comprehensively assess vulnerabilities. Methods of research: probability theory, Student's distributions, and normal random variables. The object of the study is an automated system with quantitative indicators (in terms of the number of components and the number of vulnerabilities in them). Result(s): the obtained mathematical models of vulnerability assessment significantly reduce the level of uncertainty associated with determining the criticality of threats and their likelihood. The use of statistical methods such as probability theory and Student's distribution allows for a more objective and reproducible assessment of vulnerabilities, excluding subjective factors from the process. In particular, the use of such methods helps to take into account various variations in vulnerability parameters, such as the likelihood of their exploitation, possible consequences and risks, which makes the process more accurate and data-driven. This is especially important in situations where it is necessary to work with limited or incomplete data, such as when evaluating new or subtle vulnerabilities. In addition, these models contribute to a significant reduction in the influence of the human factor, which is critical to ensure the objectivity and stability of the assessment. While expert assessment is an important element in traditional analysis methods, mathematical models minimize the need for subjective decisions, which in turn increases accuracy and reduces the likelihood of errors caused by personal interpretation of data. As a result, the use of such models leads to a more automated and objective vulnerability assessment process, which contributes to improved information security risk management and increased security of automated systems. Scientific novelty: it consists in the application of probability theory, Student's distribution and normal random variables in order to reduce uncertainty in assessing the vulnerabilities of automated systems. The proposed models, unlike existing ones, allow the use of numerical indicators obtained experimentally, unlike methods (for example, CVSS) using expert assessment.
Keywords:  mathematical modeling, statistical methods, uncertainty reduction, quantitative indicators, information security, risk analysis, automated systems.

1.	 Efimov A.O., Livshits I.I., Meshcheryakov M.O., et al. On certain aspects of standardization and operating conditions of automated systems // Vestnik of Dagestan State Technical University. Technical Sciences. – 2023. – Vol. 50, No. 4. – P. 101–108. – DOI 10.21822/2073-6185-2023-50-4-101-108.
2.	 Levshun D.S., Vesnin D.V., Kotenko I.V. Forecasting vulnerability categories in device configurations using artificial intelligence methods // Cybersecurity Issues. – 2024. – No. 3. – P. P. 33–39. DOI: 10.21681/2311-3456-2024-3-33-39.
3.	 Drovdnikova I.G., Etepnev A.S., Rogozin E.A. Main types of vulnerabilities and interrelation of security components in substantiating reliability indicators of information protection systems against unauthorized access in automated systems // Devices and Systems. Control, Monitoring, Diagnostics. – 2019. – No. 3. – P. 59–64.
4.	 Efimov A.O., Rogozin E.A. Assessment of the security level (operational safety) of automated systems based on their vulnerabilities, formalized using the queuing theory // Vestnik of Dagestan State Technical University. Technical Sciences. – 2023. – Vol. 50, No. 2. – P. 83–89. – DOI 10.21822/2073-6185-2023-50-2-83-89.
5.	 Bezzateev S.V., et al. Risk assessment methodology for information systems based on user behavior analysis and information security incidents // Scientific and Technical Bulletin of Information Technologies, Mechanics and Optics. – 2021. – Vol. 21, No. 4. – P. 553–561. DOI: 10.17586/2226-1494-2021-21-4-553-561.
6.	 Xie H.A comprehensive review on the application of CVSS 4.0 and deep learning in vulnerability analysis // Applied and Computational Engineering. – 2024. – Vol. 87. – P. 234–240. DOI:10.54254/2755-2721/87/20241621.
7.	 Lala S.K., Kumar A., Subbulakshmi T. Secure web development using OWASP guidelines // 2021 5th International Conference on Intelligent Computing and Control Systems (ICICCS). – IEEE, 2021. – P. 323–332. DOI: 10.1109/ICICCS51141.2021.9432179.
8.	 Serdechny A. L., Tarelkin M.A., Lomov A.A., Simonov K.V. Source maps containing information on software vulnerabilities // Information and Security. – 2019. – Vol. 22, No. 3. – P. 411–422.
9.	 Rogozin E.A., Drovdnikova I.G., Efimov A.O., Romanova V.R. On the analysis of regulatory documents on information security of automated systems of the Ministry of Internal Affairs of the Russian Federation for assessing their security level // Vestnik of Dagestan State Technical University. Technical Sciences. – 2022. – Vol. 49, No. 4. – P. 97–103. – DOI 10.21822/2073-6185-2022-49-4-97-103.
10.	 Drovdnikova I.G., Popova A.D. Methods for assessing the security level of software for automated systems of the Ministry of Internal Affairs and directions for their improvement // Vestnik of Dagestan State Technical University. Technical Sciences. – 2023. – Vol. 50, No. 4. – P. 85–92. – DOI 10.21822/2073-6185-2023-50-4-85-92.
11.	 Efimov A.O., Livshits I.I., Meshcheryakova T.V., Rogozin E.A. Conceptual foundations for assessing the security level of automated systems based on their vulnerabilities // Information Technology Security. – 2023. – Vol. 30, No. 2. – P. 63–79. – DOI 10.26583/bit.2023.2.04.
12.	 Varenitsa V.V., et al. Practical aspects of vulnerability detection in the certification testing of information protection software // Cybersecurity Issues. – 2021. – No. 5 (45). – P. 36–44. DOI:10.21681/2311-3456-2021-5-36-44.
13.	 Chakraborty S., et al. Deep learning-based vulnerability detection: Are we there yet? // IEEE Transactions on Software Engineering. – 2020. – Vol. 48, No. 9. – P. 3280–3296. DOI:10.48550/arXiv.2009.07235.
14.	 Li Y., Wang S., Nguyen T. N. Vulnerability detection with fine-grained interpretations // Proceedings of the 29th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering. – 2021. – P. 292–303. DOI: 10.1145/3468264.3468597.
15.	 Lin, G., Wen, S., Han, Q. -L., Zhang, J., and Xiang, Y. Software Vulnerability Detection Using Deep Neural Networks: A Survey in Proceedings of the IEEE. Oct. 2020, vol. 108, no. 10, p. 1825–1848. DOI: 10.1109/JPROC.2020.2993293.
16.	 Preobrazhensky Yu.P., Choporov O.N., Ruzhitsky E. On data protection issues in information systems // Vestnik of Voronezh Institute of High Technologies. – 2021. – No. 1(36). – P. 70–73.
17.	 Khorev A.A., Chumakov A.A. Analysis of the possibility of implementing security threats to information processed by computing devices using radio modules // Vestnik UrFO. Security in the Information Sphere. – 2023. – No. 4(50). – P. 77-88. – DOI 10.14529/secur230408.
18.	 Livshits I.I. Security assessment method for cloud IT components based on existing standards // SPIIRAS Proceedings. – 2020. – Vol. 19, No. 2. – P. 383–411. – DOI 10.15622/sp.2020.19.2.6.
19.	 Levshun D.S., Gaifullina D.A., Chechulin A.A., Kotenko I.V. Problematic issues of cybersecurity in cyber-physical systems // Informatics and Automation. – 2020. – Vol. 19, No. 5. – P. 1050–1088. – DOI 10.15622/ia.2020.19.5.6.
20.	 Bokova O. I., Drovdnikova I.G., Etepnev A.S., et al. Methods for assessing the reliability of information protection systems against unauthorized access in automated systems // SPIIRAS Proceedings. – 2019. – Vol. 18, No. 6. – P. 1301–1332. – DOI 10.15622/sp.2019.18.6.1301-1332.
21.	 Stelmakh S.F., Astankov A.M., Suvorov A.N., Demidova N.S. Method for calculating the preparation time of reusable rocket blocks for subsequent launches // MAI Proceedings. – 2024. – No. 138.

Purpose of the study: development of a method for early detection of targeted attacks based on retrospective analysis of the state of the protected object. Methods of research: comparative analysis within the framework of the system approach; synthesis of the structure of the retrospective method; synergetics; methods of formal logic. Result(s): a comprehensive analysis of the properties of targeted attacks and the peculiarities of their implementation at early stages is performed, which allows for a deeper understanding of the mechanisms used by attackers to achieve their goals. The regularities of changes in the state of critical information infrastructure objects in different operating conditions under the influence of targeted attacks are considered. Characteristic signs signaling the beginning of an attack are revealed, which serves as a basis for the development of effective defense methods. For early detection of targeted attacks, an original method based on the comparison of the state of the object under study, subjected to external targeting, at different points in time is developed. A method of increasing the reliability of attack detection using formal logic is proposed. Scientific novelty: synthesized method of early detection of targeted computer based on the analysis of changes in the state of the protected object under the influence of destructive impact; proposed a way to increase the reliability of detection of the hidden phase of a targeted attack on the basis of optimal threshold values and the use of logical procedures.
Keywords:  destructive information impact, state assessment, critical information infrastructure object, early detection, information security

1. 	 Lapsar' A.P., Nazarjan S.A., Vladimirova A. I. Povyshenie ustojchivosti ob#ektov kriticheskoj informacionnoj infrastruktury k celevym komp'juternym atakam // Voprosy kiberbezopasnosti. 2022, № 2. S. 39–51 DOI:10.21681/2311-3456-2022-2-39-51.
2. 	 Skryl' S.V., Gajfulin V.V., Domrachev D.V., Sychev V.M., Grachjova Ju.V. Aktual'nye voprosy problematiki ocenki ugroz komp'juternyh atak na informacionnye resursy znachimyh ob#ektov kriticheskoj informacionnoj infrastruktury // Bezopasnost' informacionnyh tehnologij. 2021. T. 28. № 1. S. 84–94. DOI: 10.26583/bit.2021.1.07.
3. 	 Zhilenkov A.A., Chernyj S.G. Sistema bezavarijnogo upravlenija kriticheski vazhnymi ob#ektami v uslovijah kiberneticheskih atak // Voprosy kiberbezopasnosti. 2020. №. 2. S. 58–66. DOI:10.21681/2311-3456-2020-2-58-66.
4. 	 Kubarev A.V., Lapsar' A.P., Fedorova Ja.V. Povyshenie bezopasnosti jekspluatacii znachimyh ob#ektov kriticheskoj infrastruktury s ispol'zovaniem parametricheskih modelej jevoljucii // Voprosy kiberbezopasnosti. 2020. № 1. S. 8–17. DOI: 10.21681/2311-3456-2020-01-08-17.
5. 	 Trapeznikov E.V. Vybor sredstv z ashhity informacii v avtomatizirovannyh sistemah na osnove markovskih modelej kiberatak // Bezopasnost' informacionnyh tehnologij. 2023. T.30, № 4. S. 1022113. DOI: http://dx.doi.org/10.26583/bit.2023.4.06.
6. 	 Jakovishin A.D. Sposoby optimizacii processov reagirovanija na incidenty IB// Vestnik nauki. 2024. T. 1, № 2(71). S. 498–504.
7. 	 Boldyrihin N.V., Komockij R.I., Ljan D. I. Issledovanie sistem obnaruzhenija vtorzhenij // Molodoj uchenyj. 2023. № 2 (449). S. 6–9.
8. 	 Novikova E.S., Kotenko I.V., Meleshko A.V., Izrailov K.E. Obnaruzhenie vtorzhenij na osnove federativnogo obuchenija: arhitektura sistemy i jeksperimenty // Voprosy kiberbezopasnosti. 2023. № 6. S. 50–66. DOI: 10.21681/2311-3456-2023-6-50-66.
9. 	 Tokarev M.N. Analiz sistem obnaruzhenija vtorzhenij (chast' 1) // Aktual'nye issledovanija. 2024. № 2-1 (184). S. 47–50.
10. 	Tokarev M.N. SIEM-Sistema kak instrument obespechenija informacionnoj bezopasnosti v organizacii // Aktual'nye issledovanija. 2024. № 2-1 (184). S. 51–53.

Objective: the aim of this research is to develop an effective method for detecting phishing Internet domains using machine learning algorithms in real-time data streaming. Methodology: the work involves an analysis of features characterizing arbitrary Internet domains, and the development of a software complex that allowed collecting a custom dataset containing a set of features for over 250,000 domains. Several machine learning models were )trained on the obtained dataset and compared in terms of accuracy and speed. The selected classifier was used to develop a software prototype that was tested on a sample of 1,000 arbitrary Internet domains.
Results: a classifier and software prototype were developed, enabling the categorization of arbitrary Internet domains as either phishing or legitimate within given accuracy and speed parameters. The validity and justification of the proposed scientific findings, results, and conclusions are supported by a comprehensive review of the current state of the field, systematic justification of the proposed models, which do not contradict known positions of other authors, and a series of experiments confirming the results of theoretical studies. The dataset collected during the work was published on the Kaggle platform for open access and use by researchers for developing various intelligent methods for detecting phishing domains. Scientific novelty: the scientific novelty lies in the development of a method for detecting phishing domains in realtime data streaming, which can be used in intrusion detection systems and in the development of web applications that protect users from unwanted content. A software prototype was implemented and tested based on the obtained model, demonstrating an accuracy of 98.5% with an average processing speed of 1.2 seconds per resource.
Keywords: phishing domains, internet security, machine learning, real-time data streaming, classification algorithms, phishing detection.

1.	 Al-Hawawreh M., Aljuhani A., Jararweh Y. Chatgpt for cybersecurity: practical applications, challenges, and future directions //Cluster Computing. 2023. T. 26. №. 6. S. 3421–3436. DOI: 10.1007/s10586-023-04124-5.
2.	 Vijayalakshmi M. et al. Web phishing detection techniques: a survey on the state-of-the-art, taxonomy and future directions // Iet Networks. – 2020. – T. 9. – №. 5. – S. 235–246. DOI: 10.1049/iet-net.2020.0078.
3.	 Kalaharsha P., Mehtre B.M. Detecting Phishing Sites--An Overview // arXiv preprint arXiv:2103.12739. – 2021.
4.	 Basit A. et al. A comprehensive survey of AI-enabled phishing attacks detection techniques // Telecommunication Systems. – 2021. – T. 76. – S. 139–154. DOI: 10.48550/arXiv.2103.12739.
5.	 Paliath S., Qbeitah M.A., Aldwairi M. Phishout: Effective phishing detection using selected features // 2020 27th International Conference on Telecommunications (ICT). IEEE, 2020. S. 1–5. DOI: 10.1109/ICT49546.2020.9239589.
6.	 Rashid J. et al. Phishing detection using machine learning technique // 2020 first international conference of smart systems and emerging technologies (SMARTTECH). IEEE, 2020. S. 43–46. DOI:10.1109/SMART-TECH49988.2020.00026.
7.	 Selishhev A.D. Razrabotka programmno-matematicheskogo obespechenija sistemy informacionnoanaliticheskogo monitoringa fishingovyh atak // Innovacionnye nauchnye issledovanija. – 2020. – №. 12–2. – S. 33–39.
8.	 Afanas'eva N.S., Elizarov D.A., Myznikova T.A. Klassifikacija fishingovyh atak i mery protivodejstvija im // Inzhenernyj vestnik Dona. – 2022. – №. 5 (89). – S. 3263–3277. DOI: 10.1007/s10586-023-04042-6.
9.	 Kumar M. et al. Machine learning models for phishing detection from TLS traffic // Cluster Computing. – 2023. – S. 1–15.
10.	 Tanimu J., Shiaeles S. Phishing Detection Using Machine Learning Algorithm // 2022 IEEE International Conference on Cyber Security and Resilience (CSR). – IEEE, 2022. – S. 317–322. DOI: 10.1109/CSR54599.2022.9850316.
11.	 Shoaib M., Umar M.S. URL based phishing detection using machine learning // 2023 6th International Conference on Information Systems and Computer Networks (ISCON). IEEE, 2023. S. 1–7. DOI: 10.1109/ISCON57294.2023.10112184.
12.	 Uddin M. M. et al. A Comparative Analysis of Machine Learning-Based Website Phishing Detection Using URL Information // 2022 5th International Conference on Pattern Recognition and Artificial Intelligence (PRAI). – IEEE, 2022. – S. 220–224. DOI: 10.1109/PRAI55851.2022.9904055.
13.	 Pujara P., Chaudhari M.B. Phishing website detection using machine learning: a review // International Journal of Scientific Research in Computer Science, Engineering and Information Technology. – 2018. – T. 3. – №. 7. – S. 395–399.
14.	 Mathankar S. et al. Phishing Website Detection using Machine Learning Techniques // 2023 11th International Conference on Emerging Trends in Engineering & Technology-Signal and Information Processing (ICETET-SIP). – IEEE, 2023. – S. 1–6. DOI: 10.1109/PRAI55851.2022.9904055.
15.	 Omari K. Comparative study of machine learning algorithms for phishing website detection //International Journal of Advanced Computer Science and Applications. 2023. T. 14. №. 9. DOI:10.14569/IJACSA.2023.0140945.