№ 6 (70)

Purpose of the study: to conduct a theoretical analysis of the functioning of mandatory access control systems, in which,
in order to expand the functional capabilities for processing information, access subjects are allowed to perform «write
down».
Methods of research: application of the Poisson event flow apparatus for formalization and analysis of the functioning
of mandatory access control systems with the possibility of "write down".
Result: The process of functioning of the mandatory access control system with the possibility of «write down» is considered as a Poisson flow of homogeneous events of occurrence and implementation by high-level access subjects (users with a high access level) of needs for recording information in low-level access objects (files, documents with a low confidentiality level). As a result of each such event after the completion of the «write down», in order to prevent possible further familiarization of low-level users with high-level information, the confidentiality level of the access object is increased to the access level of the corresponding (writing) subject. The concept of degradation of the access control system is introduced, which consists in the fact that with two levels of access and confidentiality (high and low), over time all access objects in terms of confidentiality become high-level, and accordingly inaccessible for «reading» for subjects (users) with a low access level. 
The probability of the onset of degradation of the access control system in the case of stationarity and non- stationarity of the Poisson flow of "write down" events is analyzed. With decreasing intensity of "down write" events over time, an unusual at first glance nature of the change in the probability of degradation over time is considered, which can be called the «post­maximum attenuation» effect, consisting first in an increase in the probability of degradation over time with the achievement of a certain maximum value at a certain point in time, and then in a gradual decrease in the probability of degradation to zero. With a linear and exponential nature of the decrease in the intensity of the flow of «down write» events, relationships are obtained for the time point with the maximum probability of degradation, which is determined by the rate of decrease in the intensity of the flow of events.
Keywords: mandatory access control principle, «write down», «write down» event flow, degradation of the access control system, «post-maximum attenuation» effect

1. Bell D. E., LaPadula L. J. Secure Computers Systems: Unified Exposition and Multics Interpretation. Bedford, Mass.: MITRE Corp., 1976. – MTR–2997 Rev. 1.
2. 	 Guo J. K. et al. Applicability of low water-mark mandatory access control security in linux-based advanced networked consumer electronics //First IEEE Consumer Communications and Networking Conference, 2004. CCNC 2004. – IEEE, 2004. – С. 364–369.
3. 	 Landwher K. E. Formal Model Computer Security // Computer surveys, Vol 13, No 3, September 1981. pp. 247–278.
4. 	 Bishop, M. Introduction to Computer Security / M. Bishop. – Addison–Wesley Professional, 2004. – 785 p.
5. 	 Mohamed A., Auer D., Hofer D., Küng J. A systematic literature review for authorization and access control: definitions, strategies and models // International Journal of Web In-formation Systems. Vol. 18 No. 2/3, 2022. pp. 156-180. DOI 10.1108/IJWIS-04-2022-0077.
6. 	 Biba K. J. Integrity considerations for secure computer systems. ESD-TR- 76-372, ESD/AFSC, Hanscom AFB, Bedford, Mass., April 1977 (MITRE MTR–3153, NTIS AD A039324).
7. 	 Weissman C. Security controls in the ADEPT-50 time sharing system. Proc. 1969 AFIPS Fall Jt Computer Conf., vol. 35, AFIPS Press, Arlington, Va., pp. 119–133.
8. 	 McLean J. Security models and information flow. In Proceedings of the 1990 IEEE Symposium on Research in Security and Privacy. IEEE Computer Society Press, 1990.
9. 	 McLean J. The specification and modeling of computer security. Computer, 23(1): 9–16, January 1990.
10. 	Gaydamakin N.A. Model' i metriki osvedomlennosti v konfidentsial'noy informatsii. Chast' 1. Potentsial'naya osvedomlennost' // Prikladnaya diskretnaya matematika. 2023. № 61. S. 86–103.
11. 	Kingman Dzh. Puassonovskiye protsessy. – M.: MTSNMO, 2007. – 136 s.
12. 	Gavrilov L. A., Gavrilova N. S. The Biology of Life Span: A Quantitative Approach., New York: Harwood Academic Publishe, 1991.
13. 	Paramonov I. Yu. Model' ucheta tsennosti i stareniya informatsii pri otsenivanii effektivnosti funktsionirovaniya sistem informatsionnogo obespecheniya // Sistemy upravleniya, svyazi i bezopasnosti. 2016. № 1. S. 238–334.
14.	 Klimov Yu. N. Issledovaniye zakonomernostey stareniya nauchnoy informatsii // Mashinostroyeniye, metody issledovaniya i modelirovaniya. 2004 №4. C. 40–44.
15. 	Chernyavskiy A. D. Modelirovaniye skorosti rasprostraneniya marketingovoy informatsii s uchotom izmeneniya tsennosti informatsii vo vremeni // Ekonomicheskiy analiz: teoriya i praktika. 2009. № 7. S. 54–60.
16. 	Tashevskiy A. G. Matematicheskiye modeli prodolzhitel'nosti zhiznennogo tsikla tekhnicheskikh sistem // Nauchno-tekhnicheskiye vedomosti Cankt-Peterburgskogo gosu-darstvennogo politekhnicheskogo universiteta. 2014. № 1(190). C. 169–178.
17. 	 Papadimitriou P., Garcia-Molina H. Data Leakage Detection // IEEE transactions on knowledge and data engineering, vol. 23, no. 1, January 2011. pp. 51-63.

Purpose of the study: to substantiate approaches for the rational organization of monitoring and response to potential information security incidents.
Methods of research: the information system is described by a hierarchical model, developed and tested by the authors, which includes the management level, the personnel level, as well as the hardware and software levels. The model takes as input the sets of possible states of the information system and information security incidents, the admissible values of information security risk probabilities, and the set of admissible control actions. The model outputs a control action that maintains the information security risk probability within a specified range.
Results: the multi-level framework provides an end-to-end description of the information security incident management process – from incident detection to the formation of an improvement plan. It allows for quantitative assessment of the effectiveness of response measures at each level of the information system — management, personnel, hardware, and software. A key advantage of the approach is the ability to compensate for the shortcomings of one level by strengthening another, which expands the possibilities for keeping the information security risk probability within a specified range. Based on the obtained assessments, economically justified information security strategies are formed. The central practical conclusion is the principle of "risk redistribution," which replaces the dogmatic requirement to eliminate all vulnerabilities with targeted, measurable, and cost-effective management of the risk probability.
Scientific novelty: unlike existing models, the developed model explicitly accounts for the aggregate information security risk probability and the interdependence of all four levels of the information system by forming a corresponding operator.
Keywords:  terminology system, cybersecurity, information security incident management.

1. 	 Tokarev V. L. Intellektual'naja podderzhka obnaruzhenija incidentov informacionnoj bezopasnosti / V. L. Tokarev, A. A. Sychugov // Modelirovanie, optimizacija i informacionnye tehnologii. 2023. T. 11, № 1(40). S. 16-17. DOI 10.26102/2310-6018/2023.40.1.006.
2. 	 Kiselev A. A., Praktika sozdanija centra monitoringa informacionnoj bezopasnosti / A. A. Kiselev, I. V. Korotkih, V. V. Shott // Bezopasnost' cifrovyh tehnologij. 2022. T.11, № 1(40). S. 39–51.
3. 	 Olejnikova A. A. Koncepcija upravlenija informacionnoj bezopasnost'ju na osnove cikla nepreryvnogo detektirovanija i reagirovanija na incidenty bezopasnosti informacii / A. A. Olejnikova, V. V. Zolotarev // Izvestija JuFU. Tehnicheskie nauki. – 2023. – № 5(235). S. 66–81. DOI 10.18522/2311-3103-2023-5-66-81.
4. 	 Goncharenko S. N., Lachihina A. B. Monitoring incidentov bezopasnosti geoinformacionnoj sistemy upravlenija i kontrolja dejatel'nosti promyshlennogo predprijatija // Gornyj informacionno-analiticheskij bjulleten' (nauchno-tehnicheskij zhurnal). – 2022. – №. 3. S. 108–116
5. 	 Ma, C. Smart city and cyber-security; technologies used, leading challenges and future recommendations // Energy Reports. 2021. T. 7. S. 7999–8012.
6. 	 Kure, H. I., Islam, S., Mouratidis, H. An integrated cyber security risk management framework and risk predication for the critical infrastructure protection // Neural Computing and Applications. 2022. T. 34, №. 18. Rr. 15241–15271.
7. 	 Tuyishime, E. et al. Enhancing cloud security – proactive threat monitoring and detection using a siem-based approach // Applied Sciences. 2023. T. 13, №. 22. S. 12359.
8. 	 Krakovskij Ju. M., Kirgizbaev V. P. Sistemnyj podhod k modelirovaniju rabot po ustraneniju incidentov informacionnoj bezopasnosti primenitel'no k korporativnoj informacionnoj sisteme // Sovremennye tehnologii. Sistemnyj analiz. Modelirovanie. 2025. № 1(85). S. 116-126. 
9. 	 Obespechenie informacionnoj bezopasnosti integriruemyh informacionnyh sistem na baze doverija / V. V. Gryzunov, A. S. Krjukov, A. V. Shestakov, I. A. Zikratov // Trudy uchebnyh zavedenij svjazi. 2024. T. 10, № 4. S. 110–125. DOI 10.31854/1813-324X-2024-10-4-110-125.
10. 	Gryzunov V. V. Formirovanie uslovija garantirovannogo dostizhenija celi dejatel'nosti informacionnoj sistemoj na baze operatornogo uravnenija // Informatizacija i svjaz'. 2022. № 4. S. 67–74. DOI 10.34219/2078-8320-2022-13-4-67-74.
11. 	Bendicho, C. Cyber security in cloud: Risk assessment models //Intelligent Computing: Proceedings of the 2021 Computing Conference, Volume 1 – Cham : Springer International Publishing. 2021. Rr. 471–482. DOI 10.1007/978-3-030-80126-7_32.
12. 	Battaglioni M. et al. Magic: A method for assessing cyber incidents occurrence //IEEE Access. 2022. T. 10. Rr. 73458-73473. DOI 10.1109/ACCESS.2022.3190246.
13. 	Badhwar, R. Simplified Approach to Calculate the Probability of a Cyber Event //The CISO’s Next Frontier: AI, Post-Quantum Cryptography and Advanced Security Paradigms. – Cham : Springer International Publishing. 2021. Rr. 353-359. DOI 10.1007/978-3-030-79623-5_15.
14. 	 Zängerle, D., Schiereck, D. Modelling and predicting enterprise-level cyber risks in the context of sparse data availability // The Geneva Papers on Risk and Insurance-Issues and Practice. 2023. Т. 48, № 2. С. 434–462. DOI 10.1057/s41288-022-00282-6.

Purpose of the study: comparative assessment of the analytic hierarchy process and the analytic network process and their applicability to the study of information security systems Research method: system analysis and decision-making, including systematization, structurization, decomposition, composition; graph theory methods; matrix calculus Result: applicability of the analytic hierarchy process and the analytic network process for solving the problem of choosing one of the alternative variants of the information security system is shown. The analytic network process is more resourceintensive in comparison with the analytic hierarchy process, but it allows for a nuanced study of the information security system based on the analysis of mutual influences and interdependencies of system components, ensuring a high degree of validity of decisions made based on the analysis results. The significance of technological indicators in the study of the information security system is determined, which, on the one hand, characterize the efficiency of the information security technologies used in the system in the context of protected information quality, and on the other hand, the degree of implementation of the corresponding technologies in the information security system. A generalized classification of information technologies
and information security technologies has been developed, the structuring of the system of processes, technologies
and factors in the context of the system analysis of information technologies has been carried out, which serves as
a foundation for building hierarchical and network structures when researching information security systems.
Scientific novelty: it is shown that, in comparison with the hierarchy-centric model, the network-centric model and its basic tools – networks and supermatrices – allow for a detailed description of the actual mutual influences of various characteristics and properties of information security systems and to formalize the problem of assessment priorities of these systems taking into account such influences.
Keywords:  variant of system, quality indicator, supermatrix, influence vector, decision-making.

1.	 Kiberbezopasnost' cifrovoj industrii. Teorija i praktika funkcional'noj ustojchivosti k kiberatakam / D. P. Zegzhda, E. B. Aleksandrova, M. O. Kalinin [i dr.]. – M.: Nauchno-tehnicheskoe izdatel'stvo «Gorjachaja linija-Telekom», 2021. – 560 s. – ISBN 978-5-9912-0827-7. – EDN BLBTDA.
2.	 Jazov Ju. K. Metodologija ocenki jeffektivnosti zashhity informacii v informacionnyh sistemah ot nesankcionirovannogo dostupa / Ju. K. Jazov, S. V. Solov'ev. – Sankt-Peterburg: Izdatel'stvo «Naukoemkie tehnologii», 2023. – 258 s. – ISBN 978-5-907618-36-7. – EDN WVCHKW.
3.	 Kostogryzov A. I. O modeljah i metodah verojatnostnogo analiza zashhity informacii v standartizovannyh processah sistemnoj inzhenerii / A. I. Kostogryzov // Voprosy kiberbezopasnosti. – 2022. – № 6(52). – S. 71–82. – DOI 10.21681/2311-3456-2022-6-71-82. – EDN SGNKNH.
4.	 Kostogryzov A. I. Obzor standartizovannyh risk-orientirovannyh metodov i modelej dlja obespechenija garantij kachestva sistemy / A. I. Kostogryzov // Sovremennye informacionnye tehnologii i IT-obrazovanie. – 2022. – T. 18, №3. – S. 483–495. – DOI 10.25559/SITITO.18.202203.483-495. – EDN PAPJTZ.
5.	 Sostojanie i perspektivy razvitija metodicheskogo obespechenija tehnicheskoj zashhity informacii v informacionnyh sistemah / S. V. Solov'ev, M. A. Tarelkin, V. V. Tekunov, Ju. K. Jazov // Voprosy kiberbezopasnosti. – 2023. – № 1(53). – S. 41–57. – DOI 10.21681/2311-3456-2023-1-41-57. – EDN XAZKQT.
6.	 Starodubcev Ju. I. Strukturno-funkcional'naja model' kiberprostranstva / Ju. I. Starodubcev, P. V. Zakalkin, S. A. Ivanov // Voprosy kiberbezopasnosti. – 2021. – № 4(44). – S. 16–24. – DOI 10.21681/2311-3456-2021-4-16-24. – EDN BIXMGD.
7.	 Anosov S. S. Ocenka informacionnogo riska metodom dekompozicii i analiza setevyh i ierarhicheskih struktur / S. S. Anosov, I. Ju. Shahalov // Bezopasnye informacionnye tehnologii: Sbornik trudov Odinnadcatoj mezhdunarodnoj nauchno-tehnicheskoj konferencii, Moskva, 06-07 aprelja 2021 goda. – Moskva: Moskovskij gosudarstvennyj tehnicheskij universitet imeni N. Je. Baumana (nacional'nyj issledovatel'skij universitet) (Moskva), 2021. – S. 20–26. – EDN MYDQAT.
8.	 Klassifikacija informacionnyh tehnologij / V. N. Volkova, A. Ju. Vasil'ev, A. A. Efremov [i dr.] // Prikladnaja informatika. – 2015. – T. 10, № 5(59). – S. 124–141. – EDN UQFFCV.
9.	 Primenenie logiko-verojatnostnogo metoda v informacionnoj bezopasnosti (Chast' 1) / A. O. Kalashnikov, K. A. Bugajskij, D. S. Birin [i dr.] // Voprosy kiberbezopasnosti. – 2023. – № 4(56). – S. 23–32. – DOI: 10.21681/2311-3456-2023-4-23-32. – EDN GIHSBN.
10.	 Metagrammaticheskij podhod analiza ierarhij dlja sinteza sistem bezopasnosti atomnyh jelektrostancij / O. I. Atakishhev, V. G. Gribunin, I. L. Borisenkov, M. N. Lysachev // Voprosy kiberbezopasnosti. – 2023. – № 1(53). – S. 82–92. – DOI 10.21681/2311-3456-2023-1-82-92. – EDN XVBJDM.
11.	 Kalashnikov A.O. Upravlenie informacionnymi riskami slozhnoj sistemy s ispol'zovaniem mehanizma "kognitivnoj igry" / A.O. Kalashnikov, E.V. Anikina // Voprosy kiberbezopasnosti. – 2020. – №4(38). – S. 2-10. – DOI 10.21681/2311-3456-2020-04-2-10. – EDN BGGXVW.

Purpose: the aim of this work is to identify potential vulnerabilities in the implementations of asymmetric ciphers based on the elliptic curves, applied in modern blockchain systems.
Method: the research methods are based on the use of information theory, the theory of cryptography and cryptanalysis, the mathematical apparatus of probability theory and mathematical statistics, the theory of constructing blockchain systems, and the theory of information security.
Results: the paper considers the main techniques used to construct asymmetric ciphers based on the use of elliptic curves. The algorithm for adding two points, multiplying a point by a scalar, and determining the second coordinate of a point is considered. The properties of pseudorandom sequence generators are briefly considered separately: the principles of their construction and their impact on the stability of asymmetric ciphers in which they are used. The ECDSA digital signature algorithm, which is used in blockchain platforms such as Bitcion, Litecoin, Ethereum, and many others, is considered as a basic algorithm.
The scientific novelty lies in the consideration of a number of cases simulating the emergence of vulnerabilities
in asymmetric cryptography used in modern blockchain systems. For each case, a description of the problem is made,
a statement of the task is formulated, a possible solution is given and an assessment of its complexity is given. It is shown that with the correct use of the mathematical apparatus of ciphers, compliance with the requirements for the selection of starting parameters, the absence of errors in software implementations, sufficient stability is ensured.
Keywords:  mandatory access control principle, «write down», «write down» event flow, degradation of the access control system, «post-maximum attenuation» effect.

1.	 Kakarlapudi P.V., Mahmoud Q.H. A Systematic Review of Blockchain for Consent Management. Healthcare. 2021; 9(2):137. https://doi.org/10.3390/healthcare9020137.
2.	 Ishhukova E. A., Panasenko S. P., Romanenko K. S., Salmanov V. D. Kriptograficheskie osnovy blokchejn-tehnologij. – M.: DMK Press, 2022. – 302 s. ISBN: 978-5-97060-865-4.
3.	 Zhang H., Jiang W., Ding J. A Blockchain Network Admission Control Mechanism Using Anonymous Identity-Based Cryptography. Applied Sciences. 2025; 15(1):130. https://doi.org/10.3390/app15010130.
4.	 Chin Y.-C., Hsu C.-L., Lin T.-W., Tsai K.-Y. A Hierarchical Blockchain System for Social Economy Services. Electronics. 2024; 13(20):4004. https://doi.org/10.3390/electronics13204004.
5.	 Joni S. A., Rahat R., Tasnin N., Ghose P., Uddin M. A., Ayoade J. Hybrid-Blockchain-Based Electronic Voting Machine System Embedded with Deepface, Sharding, and Post-Quantum Techniques. Blockchains. 2024; 2(4):366-423. https://doi.org/10.3390/blockchains2040017.
6.	 Kim H., Kim W., Kang Y., Kim H., Seo H. Post-Quantum Delegated Proof of Luck for Blockchain Consensus Algorithm. Applied Sciences. 2024; 14(18):8394. https://doi.org/10.3390/app14188394.
7.	 Gu H., Shang J., Wang P., Mi J., Bhattacharjya A. A Secure Protocol Authentication Method Based on the Strand Space Model for Blockchain-Based Industrial Internet of Things. Symmetry. 2024; 16(7):851. https://doi.org/10.3390/sym16070851.
8.	 Thantharate P., Thantharate A. ZeroTrustBlock: Enhancing Security, Privacy, and Interoperability of Sensitive Data through ZeroTrust Permissioned Blockchain. Big Data and Cognitive Computing. 2023; 7(4):165. https://doi.org/10.3390/bdcc7040165.
9.	 Thanalakshmi P., Rishikhesh A., Marion Marceline J, Joshi GP, Cho W. A Quantum-Resistant Blockchain System: A Comparative Analysis. Mathematics. 2023; 11(18):3947. https://doi.org/10.3390/math11183947.
10.	 Wenhua Z., Qamar F., Abdali T.-AN., Hassan R., Jafri S. T. A., Nguyen Q. N. Blockchain Technology: Security Issues, Healthcare Applications, Challenges and Future Trends. Electronics. 2023; 12(3):546. https://doi.org/10.3390/electronics12030546.
11.	 Di Scala A. J., Gangemi A., Romeo G., Vernetti G. Special Subsets of Addresses for Blockchains Using the secp256k1 Curve. Mathematics. 2022; 10(15):2746. https://doi.org/10.3390/math10152746.
12.	 Longo R., Mascia C., Meneghetti A., Santilli G., Tognolini G. Adaptable Cryptographic Primitives in Blockchains via Smart Contracts. Cryptography. 2022; 6(3):32. https://doi.org/10.3390/cryptography6030032.
13.	 Bellés-Muñoz M., Whitehat B., Baylina J., Daza V., Muñoz-Tapia J. L. Twisted Edwards Elliptic Curves for Zero-Knowledge Circuits. Mathematics. 2021; 9(23):3022. https://doi.org/10.3390/math9233022.
14.	 Martínez V. G., Hernández-Álvarez L., Encinas L. H. Analysis of the Cryptographic Tools for Blockchain and Bitcoin. Mathematics. 2020; 8(1):131. https://doi.org/10.3390/math8010131.
15.	 Sala M., Sogiorno D., Taufer D. A Small Subgroup Attack on Bitcoin Address Generation. Mathematics. 2020; 8(10):1645. https://doi.org/10.3390/math8101645.
16.	 Markov A. S. Kiberbezopasnost' i informacionnaja bezopasnost' kak bifurkacija nomenklatury nauchnyh special'nostej // Voprosy kiberbezopasnosti. 2022, № 1(47), c. 2–9.
17.	 Petrenko A. S., Petrenko S. A. Basic Algorithms Quantum Cryptanalysis. The journal «Cybersecurity Issues», 2023, no. 1(53), pp. 100–115. doi: 10.21681/2311-3456-2023-1-100-115.
18.	 Petrenko A. S. Applied Quantum Cryptanalysis (scientific monograph). River Publishers, 2023, 256 pp. ISBN 9788770227933. doi: 10.1201/9781003392873.
19.	 Markov A. S. Vazhnaja veha v bezopasnosti otkrytogo programmnogo obespechenija // Voprosy kiberbezopasnosti, 2023, № 1(53),. S. 2–12.
20.	 Pandey D. K., Nicolosi A. R. Pseudorandom Function from Learning Burnside Problem. Mathematics. 2025; 13(7):1193. https://doi.org/10.3390/math13071193.
21.	 Ishchukova, E., Borlakov, R. Reliability of Information Conversion When Encrypting Graphic Images. In: Raza, Z., Babenko, M., Sajid, M., Lapina, M., Zolotarev, V. (eds) AISMA-2023: International Workshop on Advanced Information Security Management and Applications. AISMA 2023. Lecture Notes in Networks and Systems, vol. 1207. Springer, Cham, 2024. https://doi.org/10.1007/978-3-031-77229-0_10.
22.	 Jebrane J., Chhaybi A., Lazaar S., Nitaj A. Elliptic Curve Cryptography with Machine Learning. Cryptography. 2025; 9(1):3. https://doi.org/10.3390/cryptography9010003.
23.	 Martinez-Diaz I, Ali R, Jamil M. K. On the Search for Supersingular Elliptic Curves and Their Applications. Mathematics. 2025; 13(2):188. https://doi.org/10.3390/math13020188.
24.	 Aljaedi A., Rashid M., Jamal S. S., Alharbi A. R., Alotaibi M. An Optimized Flexible Accelerator for Elliptic Curve Point Multiplication over NIST Binary Fields. Applied Sciences. 2023; 13(19):10882. https://doi.org/10.3390/app131910882.
25.	 Lone P. N., Singh D., Stoffová V., Mishra D. C., Mir U. H., Kumar N. Cryptanalysis and Improved Image Encryption Scheme Using Elliptic Curve and Affine Hill Cipher. Mathematics. 2022; 10(20):3878. https://doi.org/10.3390/math10203878.
26.	 Sattar B. Sadkhan A Proposed Developments of Pollards Rho Method for Attacking the ECDLP // 2021 7th International Engineering Conference «Research & Innovation amid Global Pandemic» (IEC). DOI: 10.1109/IEC52205.2021.9476119.

Purpose of the study: investigation of the current FIDO2 password-free authentication standard for vulnerabilities and confirmation of its lack of evidence-based stability.
Methods of research: analysis of the current password-free authentication standard for vulnerabilities. Implementation and exploitation of the discovered vulnerability. This vulnerability is based on the use of a modified man-in-the-middle attack using malicious software and social engineering.
Research results: the analysis of the current standard of password-free authentication is carried out. As part of this analysis, a formal scheme of the WebAuthn protocol was formed. A vulnerability has been discovered that allows access to the account of a legitimate user protected by the current FIDO2 standard. To implement this vulnerability, a modified man-in-the-middle attack was used, in which a server was implemented that transmits messages during the attack. Malicious Trojan horse type software was implemented. This malicious software was previously placed in the victim's system, where it posed as the victim's browser, which was contacted by a legitimate server. On the attacker's side, a program was implemented that reads the authentication request in the attacker's system. This program is used to override the function during the authentication process and then forward the request to the server. As part of the implementation of this vulnerability and its subsequent implementation, the lack of evidence-based stability of the current FIDO2 password-free authentication standard was confirmed. A method of potential protection against this vulnerability has been proposed.
A method was also proposed to modify data collection at the registration stage, for subsequent notification of a potential victim attack during the signing procedure.
Scientific novelty: the discovered vulnerability confirms the lack of evidence-based stability of the current FIDO2 password-free authentication standard. Currently, all browsers use WebAuthn, which means that all modern browsers are affected by this vulnerability. A potential way to protect against this vulnerability and a way to prevent the victim from being attacked is proposed.
Keywords:  password-free authentication; asymmetric encryption; Self-XSS; Python; FIDO2; CTAP2.1; Authorization Gesture.

1.	 Sovremennye napravlenija primenenija kombinatoriki v oblasti zashhity personal'nyh dannyh / M. O. Tenjachkina, M. V. Bogdanova, K. I. Bykova, K. A. Sakalova // Mezhdunarodnyj nauchno-issledovatel'skij zhurnal. – 2024. –№9(147). –DOI: 10.60797/IRJ.2024.147.1.
2.	 Salita, D. S. Metody ocenki nadezhnosti parol'nyh sistem / D. S. Salita, A.A. Udovik // Problemy pravovoj i tehnicheskoj zashhity informacii. – 2020. – № 8. – S. 47–51.
3.	 Informacionnaja bezopasnost': parol'naja zashhita / I. A. Rjabov, M. G. Kojcan, A.A. Kuznecov, V. V. Ermolaeva // Tendencii razvitija nauki i obrazovanija. – 2023. – № 93-8. – S. 76–79. – DOI 10.18411/trnio-01-2023-401.
4.	 Nazarov, D. M. Metodika sozdanija nadezhnogo parolja dlja obespechenija jekonomicheskoj bezopasnosti v uslovijah cifrovizacii / D. M. Nazarov // Izvestija Sankt-Peterburgskogo gosudarstvennogo jekonomicheskogo universiteta. – 2022. – № 1(133). – S. 155–160.
5.	 Kochanova A. G. Nadjozhnye paroli: kak ih sozdat' i chem oni polezny // Vestnik nauki. 2023. № 6(63).
6.	 Abidarova A. A. Analiz nadezhnosti parolej dlja obespechenija informacionnoj bezopasnosti // Izvestija Tul'skogo gosudarstvennogo universiteta. Tehnicheskie nauki. 2021. – № 8. – S. 66–68.
7.	 Seliverstov V. V, Korchagin S. A. Analiz aktual'nosti i sostojanija sovremennyh fishing-atak na ob#ekty kriticheskoj informacionnoj infrastruktury // Inzhenernyj vestnik Dona. 2024. – № 6. – S. 216–229.
8.	 Stepkin, B. A. Kak trebovanija k parolju vlijajut na ego bezopasnost' / B. A. Stepkin, S. V. Malahov // Skif. Voprosy studencheskoj nauki. – 2021. – № 4(56). – S. 83–86.
9.	 Lyastani, S. G., Schilling, M., Neumayr, M., Backes, M., & Bugiel, S. (2020). Is FIDO2 the kingslayer of user authentication? A Comparative Usability Study of FIDO2 Passwordless Authentication. 2022 IEEE Symposium on Security and Privacy (SP), 268–285. https://doi.org/10.1109/sp40000.2020.00047
10.	 Dokuchaev V A., Mytenkov S. S., Rahmani D. D., Safonov I. A. Analiz ujazvimostej i riskov tradicionnyh parol'nyh sistem v kontekste korporativnyh raspredelennyh sistem i kriticheski vazhnyh infrastruktur // Jekonomika i kachestvo sistem svjazi. 2025. № 36. S. 135-147.
11.	 Mitra, A., & Ghosh, A. (2024). FIDO2: A comprehensive study on passwordless authentication. International Journal of Engineering Research and Applications, 14(7), 58–63. https://doi.org/10.9790/9622-14075863.
12.	 Dourado, M. R., Gestal, M., & Vázquez-Naya, J. M. (2020). Implementing a web application for W3C WebAuthn protocol testing. MDPI, 5. https://doi.org/10.3390/proceedings2020054005.
13.	 Bindel, N., Gama, N., Guasch, S., Ronen, E. (2023). To Attest or Not to Attest, this is the Question – Provable Attestation in FIDO2. In: Guo, J., Steinfeld, R. (eds) Advances in Cryptology – ASIACRYPT 2023. ASIACRYPT 2023. Lecture Notes in Computer Science, vol 14443. Springer, Singapore. https://doi.org/10.1007/978-981-99-8736-8_10.
14.	 Hanzlik, L., Loss, J., & Wagner, B. (2023). Token meets Wallet: Formalizing Privacy and Revocation for FIDO2. 2022 IEEE Symposium on Security and Privacy (SP), 1491–1508. https://doi.org/10.1109/sp46215.2023.10179373.
15.	 Gudipati, R. R. (2025). Demystifying fido: a technical deep dive into modern authentication // International journal of information technology and management information systems, 16(2), 452–466. https://doi.org/10.34218/ijitmis_16_02_029.
16.	 Bindel, N., Cremers, C., & Zhao, M. (2023b). FIDO2, CTAP 2.1, and WebAuthN 2: Provable Security and Post-Quantum Instantiation. 2022 IEEE Symposium on Security and Privacy (SP).  https://doi.org/10.1109/sp46215.2023.10179454.
17.	 Guan, J., Li, H., Ye, H., Zhao, Z. (2022). A Formal Analysis of the FIDO2 Protocols. In: Atluri, V., Di Pietro, R., Jensen, C.D., Meng, W. (eds) Computer Security – ESORICS 2022. ESORICS 2022. Lecture Notes in Computer Science, vol 13556. Springer, Cham. https://doi.org/10.1007/978-3-031-17143-7_1.
18.	 Dr. A.Shaji George. (2024). The Dawn of Passkeys: Evaluating a Passwordless Future. Partners Universal Innovative Research Publication (PUIRP), 02(01), 202–220. https://doi.org/10.5281/zenodo.10697886.
19.	 Kriptograficheskie osnovy blokchejn-tehnologij / E. A. Ishhukova, S. P. Panasenko, K. S. Romanenko, V. D. Salmanov. – Moskva: OOO «DMK Press. Jelektronnye knigi», 2022. – 301 s.
20.	 Barbosa, M., Boldyreva, A., Chen, S., Warinschi, B. (2021). Provable Security Analysis of FIDO2. In: Malkin, T., Peikert, C. (eds) Advances in Cryptology – CRYPTO 2021. CRYPTO 2021. Lecture Notes in Computer Science(), vol 12827. Springer, Cham. https://doi.org/10.1007/978-3-030-84252-9_5.
21.	 Borovkov V.E. Metody zashhity veb-prilozhenij ot zloumyshlennikov / V. E. Borovkov, P. G. Kljucharev // Voprosy kiberbezopasnosti. – 2023. – № 5(57). – S. 89–99. – DOI 10.21681/2311-3456-2023-5-89-99.
22.	 Kozachok, A. V. Podhody k ocenke poverhnosti ataki i fazzingu veb-brauzerov / A. V. Kozachok, D. A. Nikolaev, N. S. Erohina // Voprosy kiberbezopasnosti. – 2022. – № 3(49). – S. 32-43. – DOI 10.21681/2311-3456-2022-3-32-43.
23.	 Moskvichev A. D. Ispol'zovanie DNS-tunnelirovanija dlja peredachi vredonosnogo programmnogo obespechenija / A. D. Moskvichev, K. S. Moskvicheva // Voprosy kiberbezopasnosti. – 2022. – № 4(50). – S. 91-99. – DOI 10.21681/2311-3456-2022-4-91-99.

Purpose of the study: the study aims to apply artificial intelligence methods, including machine learning and neural networks, to assess the security of Microsoft Active Directory and identify factors affecting the security level of corporate networks. The work focuses on developing and comparing algorithms capable of predicting the vulnerability levels of Active Directory users and subsystems.
Methods of research: the study is based on machine learning methods, including metric algorithms (linear regression,
nearest neighbour method, decision tree, random forest, gradient boosting) and neural networks, implemented in the Jupyter Notebook environment using the pandas, sklearn and keras libraries. Based on the prepared dataset, the parameters reflecting the configuration of Active Directory users were standardised and normalised. To verify the effectiveness of the algorithms, a comparison was made based on the criteria of prediction accuracy and root mean square error. 
Results: an analysis was conducted of factors affecting the security of the Active Directory corporate infrastructure, including operating system type, password length and validity period, privilege level, delegation settings, and the presence of Kerberos pre-authentication. Various machine learning algorithms were implemented and tested based on the prepared dataset. The results showed that the decision tree model demonstrated the best performance, with a prediction accuracy of 0.96 and a root mean square error of 0.091, indicating its high effectiveness in assessing Active Directory security. In addition, a neural network model was developed and its ability to correctly process Active Directory parameters and determine the security level of users of this system was confirmed. The results obtained indicate the promise of using artificial intelligence technologies to automate vulnerability analysis and predict information security risks in corporate networks.
Scientific novelty: the scientific novelty of the research lies in the development and testing of an integrated approach to assessing Active Directory security based on machine learning and neural networks. The use of intelligent models is proposed to predict the level of user security, taking into account the complex parameters of the Active Directory infrastructure, which allows the formation of an automated early warning system for corporate network vulnerabilities.
Keywords:  Active Directory, information security, artificial intelligence, machine learning, neural networks, decision tree, security assessment, vulnerabilities, corporate networks.

1. Review of prevention schemes for man-in-the-middle (MITM) attack in vehicular ad hoc networks. Al-Shareeda M. A. International Journal of Engineering and Management Research. 2020. – 6 p. – DOI 10.31033/ijemr.10.3.23.
2. Pravotorova A. Ju. Ocenka stojkosti parolej: sravnitel'noe issledovanie jeffektivnosti dliny i slozhnosti / A. Ju. Pravotorova // Nauka. Innovacii. budushhee – 2025 : Sbornik statej II Mezhdunarodnoj nauchno-prakticheskoj konferencii, Petrozavodsk, 15 maja 2025 goda. – Petrozavodsk: Mezhdunarodnyj centr nauchnogo partnerstva «Novaja Nauka» (IP Ivanovskaja I.I.), 2025. – S. 125–132. – EDN MEPXNB.
3. Khalil Nabab Pinjari. LSTM-Enabled Big Data Security Framework Integrating Kerberos Authentication on AWS for Robust Cloud Protection / Khalil Nabab Pinjari, Abu Zar Muhammad, Yogesh Kumar Sharma // Nanotechnology Perceptions. – 2024. – Vol. 20, No. 7. – DOI 10.62441/nano-ntp.v20i7.4414. – EDN ZHQLIB.
4. Abramova E. V. Vozmozhnosti Google Colab i Jupyter Notebook dlja reshenija zadach iskusstvennogo intellekta / E. V. Abramova, L. A. Maksimenko // Regulirovanie zemel'no-imushhestvennyh otnoshenij v Rossii: pravovoe i geoprostranstvennoe obespechenie, ocenka nedvizhimosti, jekologija, tehnologicheskie reshenija. – 2023. –№1. – S. 23–29. –DOI 10.33764/2687-041X-2023-1-23-29. – EDN CYLSKT.
5. Il'ichev V. Ju. Analiz massivov dannyh s ispol'zovaniem biblioteki Pandas dlja Python / V. Ju. Il'ichev, E. A. Jurik // Nauchnoe obozrenie. Tehnicheskie nauki. – 2020. – № 4. – S. 41–45. – EDN BKGJHM.
6.	 Sudarikov G. V. Ispol'zovanie biblioteki Pandas dlja analiza dannyh / G. V. Sudarikov, I. A. Ashmarov // Mir obrazovanija - obrazovanie v mire. – 2023. – № 1(89). – S. 184–188. – DOI 10.51944/20738536_2023_1_184. – EDN NWHNRO.
7.	 Florescu D. A Machine Learning Based Software Pipeline to Pick the Variable Ordering for Algorithms with Polynomial Inputs / D. Florescu, M. England // Lecture Notes in Computer Science. – 2020. – Vol. 12097 LNCS. – P. 302–311. – DOI 10.1007/978-3-030-52200-1_30. – EDN JDDNYT.
8.	 Retnoningsih, E. Mengenal Machine Learning Dengan Teknik Supervised Dan Unsupervised Learning Menggunakan Python / E. Retnoningsih, R. Pramudita // Bina Insani ICT Journal. – 2020. – Vol. 7, No. 2. – P. 156. – DOI 10.51211/biict.v7i2.1422. – EDN TNZXLG.
9.	 Bulgakova E. V. Problema tochnosti i ob#jasnimosti pri vnedrenii iskusstvennogo intellekta v sistemy upravlenija informaciej i sobytijami bezopasnosti / E. V. Bulgakova, D. S. Dojnikov, A. N. Kubankov // Naukoemkie tehnologii v kosmicheskih issledovanijah Zemli. – 2025. – T. 17, № 3. – S. 35–41. – DOI 10.36724/2409-5419-2025-17-3-35-41. – EDN QBTNNT.
10.	 Magerramov I. M. Nechetkie podhody k resheniju zadach klassifikacii / I. M. Magerramov, T. S. Aleksandrova // Intellektual'nye resursy – regional'nomu razvitiju. – 2021. – № 2. – S. 76–82. – EDN XRMACX.
11.	 Feng, G. Common Python Data Analysis Method Based on Deep Learning / G. Feng // Journal of Physics: Conference Series. – 2021. – Vol. 2037, No. 1. – P. 012132. – DOI 10.1088/1742-6596/2037/1/012132. – EDN YQAYRU.
12.	 Abdulkadirov, R. Survey of Optimization Algorithms in Modern Neural Networks / R. Abdulkadirov, P. Lyakhov, N. Nagornov // Mathematics. – 2023. – Vol. 11, No. 11. – P. 2466. – DOI 10.3390/math11112466. – EDN BAUENY.
13.	 Tao, Ch. Applications of Bayesian Neural Networks in Outlier Detection / Ch. Tao // Big Data. – 2023. – Vol. 11, No. 5. – P. 369–386. – DOI 10.1089/big.2021.0343. – EDN DXZRFS.
14.	 Iiduka, H. Training deep neural networks using conjugate gradient-like methods / H. Iiduka, Y. Kobayashi // Electronics. – 2020. – Vol. 9, No. 11. – P. 1–25. – DOI 10.3390/electronics9111809. – EDN TMEEXV.
15.	 Trunov E. E. Obnaruzhenie ugroz bezopasnosti informacii s ispol'zovaniem glubokih nejronnyh setej v komp'juternyh setjah v rezhime real'nogo vremeni / E. E. Trunov, S. G. Kljuev // Modelirovanie, optimizacija i informacionnye tehnologii. – 2022. – T. 10, № 3(38). – S. 12-13. – DOI 10.26102/2310-6018/2022.38.3.011. – EDN MNLGVN.
16.	 Nakhushev, R. S. Application of the neural networks for cryptographic information security / R. S. Nakhushev, N. V. Sukhanova // Proceedings of the 2020 IEEE International Conference «Quality Management, Transport and Information Security, Information Technologies», IT and QM and IS 2020, Yaroslavl, 07–11 sentjabrja 2020 goda. – Yaroslavl, 2020. – P. 421–423. – DOI 10.1109/ITQMIS51053.2020.9322981. – EDN FALTNR.

Objective: to enhance the effectiveness of monitoring and responding to multivector attacks in a decentralized Internet of Things (IoT) environment by integrating federated learning, deep autoencoders, and the distributed IOTA ledger. The priorities include accurate attack detection, minimizing false positives, reducing response time, and preserving data privacy.
Method: a problem-oriented system was developed, combining local monitoring on IoT nodes with autoencoders
for anomaly detection, federated learning using the FedAvg algorithm for collective model updates, and decentralized
alert dissemination via the distributed IOTA ledger. The system implements secure exchange of model parameters, digital message signing, and asynchronous response through a publish/subscribe network.
Results: experimental studies on the real N-BaIoT dataset simulating multivector attacks demonstrated high detection
accuracy (approximately 95%), achieving an F1-score above 94%, with false positive rates around 4%. The system's
response time did not exceed 5 seconds, significantly improving operational reaction to attacks. Federated learning provided steady improvement in model quality considering data distribution and heterogeneity. The architecture proved scalable, fault-tolerant, and capable of effectively detecting complex threats across multiple system levels.
Practical value: the solution is implementable in industrial IoT, smart cities, and medical networks to enhance cybersecurity while maintaining privacy and reducing network load.
Scientific novelty: the study presents a comprehensive synthesis of federated learning, deep autoencoders, and distributed ledger technology for effective monitoring of multivector attacks in decentralized IoT environments. The proposed approach combines the advantages of distributed learning and blockchain mechanisms to achieve high adaptability, accuracy, and security in rapidly growing and diverse IoT infrastructures.
Keywords:  Internet of Things; multivector attacks; intrusion detection; federated learning; autoencoder; IOTA; blockchain; anomaly; security monitoring.

1. 	 Yaacoub J.-P. A., Noura H. N., Salman O. Security of federated learning with IoT systems: issues, limitations, challenges, and solutions // Internet of Things and Cyber-Physical Systems. 2023. Vol. 3. P. 155–179. DOI: 10.1016/j.iotcps.2023.04.001.
2. 	 Khraisat A., Alazab A., Jan T. Federated learning for intrusion detection in IoT environments: a privacy-preserving strategy // Discover Internet of Things. 2025. Vol. 5, № 1. Article 17 p. DOI: 10.1007/s43926-025-00169-7.
3. 	 Olanrewaju-George B., Pranggono B. Federated learning-based intrusion detection system for the internet of things using unsupervised and supervised deep learning models // Cyber Security and Applications. 2025. Vol. 3, December. Article 100068. DOI: 10.1016/j.csa.2024.100068.
4. 	 Karunamurthy A., Vijayan K., Kshirsagar P. R. et al. An optimal federated learning-based intrusion detection for IoT environment // Sci Rep. 2025. Vol. 15, Article 8696. DOI: 10.1038/s41598-025-93501-8.
5. 	 Rampone G., Ivaniv T., Rampone S. A hybrid federated learning framework for privacy-preserving near-real-time intrusion detection in IoT environments // Electronics. 2025. Vol. 14, №7. Article 1430. DOI: 10.3390/electronics14071430.
6. 	 Meidan Y., Bohadana M., Mathov Y., Mirsky Y., Shabtai A., Breitenbacher D., Elovici Y. N-BaIoT – network-based detection of IoT botnet attacks using deep autoencoders // IEEE Pervasive Computing. 2018. Vol. 17, № 3. P. 12–22. DOI: 10.1109/MPRV.2018.03367731.
7. 	 Anand R. V., Magesh G., Alagiri I. et al. Design of an improved model using federated learning and LSTM autoencoders for secure and transparent blockchain network transactions // Sci Rep. 2025. Vol. 15, Article 1615. DOI: 10.1038/s41598-024-83564-4.
8. 	 Nguyen V.-D., Diro A., Chilamkurti N., Heyne W., Phan K. T. Novel blockchain-enabled federated learning scheme for IoT anomaly detection // IEEE Access [электронный ресурс]. DOI: 10.1109/11070312. URL: https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=11070312 (дата обращения – 03.09.2025).
9. 	 Friha O., Ferrag M. A., Benbouzid M., Berghout T., Kantarci B., Choo K.-K. R. 2DF-IDS: decentralized and differentially private federated learning-based intrusion detection system for industrial IoT // Computers & Security. 2023. Vol. 127. Article 103097. DOI: 10.1016/j.cose.2023.103097.
10. 	Begum K., Mozumder M. A. I., Joo M., Kim H. BFLIDS: blockchain-driven federated learning for intrusion detection in IoMT networks // Sensors. 2024. Vol. 24, № 14. Article 4591. DOI: 10.3390/s24144591.
11. 	 Yang E., Jeong S., Seo C. Harnessing feature pruning with optimal deep learning-based DDoS cyberattack detection on IoT environment // Scientific Reports. 2025. Vol. 15. DOI: 10.1038/s41598-025-02152-2.
12. 	Saranya K., Valarmathi A. A multilayer deep autoencoder approach for cross layer IoT attack detection using deep learning algorithms // Scientific Reports. 2025. Vol. 15, Article 10246. DOI: 10.1038/s41598-025-93473-9.
13. 	Regan C., Nasajpour M., Parizi R. M., Pouriyeh S., Dehghantanha A., Choo K.-K. R. Federated IoT attack detection using decentralized edge data // Machine Learning with Applications. 2022. Vol. 8. Article 100263. DOI: 10.1016/j.mlwa.2022.100263.
14. 	Khan A. A., Waseem M., Alshamrani N., Alharbi M., Alhazmi A. S., Zohdy A. M., Alattas F. A., Al Ghamdi A. Learning-based methods for cyber attacks detection in IoT systems: a survey on methods, analysis, and future prospects // Electronics. 2022. Vol. 11, № 9. Article 1502. DOI: 10.3390/electronics11091502.
15. 	Ferrag M. A., Friha O., Maglaras L., Janicke H., Shu L. Security of federated learning with IoT systems: issues, limitations, challenges, and solutions // Internet of Things. 2023. Т. 22. С. 100222. DOI: 10.1016/j.iot.2023.100222.
16. 	 Alshaikhli M., Elfouly T., Elharrouss O., Mohamed A., Ottakath N. Evolution of internet of things from blockchain to IOTA: a survey // IEEE Access. 2022. Vol. 10. P. 844–866. DOI: 10.1109/ACCESS.2021.3138353.
17. 	 Shalabi K., Abu Al-Haija Q., Al-Fayoumi M. A. A blockchain-based intrusion detection/prevention systems in IoT network: a systematic review // Procedia Computer Science. 2024. Vol. 236. P. 410–419. DOI: 10.1016/j.procs.2024.05.048.
18. 	Alharthi H., Alshehri S., Kalkatawi M. Revolutionizing IoT security: a blockchain and federated learning-based anomaly detection system // In: Proceedings of the 2024 7th Artificial Intelligence and Cloud Computing Conference (AICCC '24). 2024. P. 565–572. DOI: 10.1145/3719384.3719466.
19. 	Al Sadi A., Mazzocca C., Melis A., Montanari R., Prandini M., Romandini N. P-IOTA: a cloud-based geographically distributed threat alert system that leverages P4 and IOTA // Sensors. 2023. Vol. 23, № 6. Article 2955. DOI: 10.3390/s23062955.
20. 	Lazzarini R., Tianfield H., Charissis V. Federated learning for IoT intrusion detection // AI. 2023. Vol. 4. №. 3. P. 509–530. DOI: 10.3390/ai4030028.
21. 	 Ferrag M. A., Friha O., Maglaras L., Janicke H., Shu L. On the performance of federated learning algorithms for IoT // IoT. 2023. Т. 3, № 2. С. 273–284. DOI: 10.3390/iot3020016.
22. 	Alsaedi A., Moustafa N., Tari Z., Mahmood A., Anwar A. Security and privacy-enhanced federated learning for anomaly detection in IoT infrastructures // Journal of Information Security and Applications. 2021. Vol. 58. Article 102413. DOI: 10.1016/j.jisa.2021.102413. 
23. 	Khan M. A., Waseem M., Alshamrani N., Alharbi M., Alhazmi A. S., Zohdy A. M., Alattas F. A., Al Ghamdi A. Security considerations for Internet of Things: a survey // SN Computer Science. 2020. Vol. 1, no. 4. Article 193. DOI: 10.1007/s42979-020-00201-3.
24. 	 Ceccarelli M., Zecchini M., Brighente A., Conti M. GitHub – MMw-Unibo/FETA: enabling federated learning at the edge through the IOTA Tangle [электронный ресурс]. URL: https://github.com/MMw-Unibo/FETA (дата обращения – 03.09.2025).
25. 	Tebueva F. B., Ryabtsev S. S., Ogur M. G., Andreev I. A., Goryainov S. A. Information Security Threat Model for Agents in Decentralized Internet of Things Environment, Formalizing Attack Scenarios on Trusted Interaction Information Security // Kuznechno-shtampovochnoe proizvodstvo. Obrabotka materialov davleniem. 2024. No. 11. pp. 220–232. (in Russian).

Purpose of the study: development and research of an algorithm for detecting an optical signal for synchronizing stations of a quantum key distribution system with increased protection against unauthorized access.
Methods of research: probability distribution, statistical analysis, single-photon detection.
Results: the importance of the time synchronization process, which is implemented through high-precision detection of an optical signal, is substantiated. An optical signal detection algorithm for a synchronization method with increased protection against unauthorized access is investigated. An improved algorithm for analyzing the time domain of synchronization signal propagation using avalanche photodetectors is proposed. It is shown that the proposed algorithm allows using avalanche photodetectors in the single photon counting mode. An analysis of the time characteristics of the developed synchronization algorithm is carried out and an analytical expression for calculating the time delay of detection is presented, which provides a sequential analysis of time windows taking into account the tunable recovery time of the photodetector.
The analytical expression can be used for engineering calculations when designing a QKD system. The proposed algorithm significantly reduces the likelihood of unauthorized access to the synchronization process and allows determining the time parameters of the signal window with a given accuracy, which is critical for the subsequent operation of the quantum key distribution system.
Scientific novelty: an algorithm for detecting an optical signal during synchronization is proposed, which is characterized by increased protection against unauthorized access. An analytical expression for engineering calculations of the delay of detection during synchronization is presented.
Keywords:  security, synchronization, quantum distribution, single-photon, optical pulse.

1.	 Subramani S., Svn S. K. Review of security methods based on classical cryptography and quantum cryptography // Cybernetics and Systems. – 2025. – Т. 56. – №. 3. – P. 302-320. DOI: https://doi.org/10.1080/01969722.2023.2166261.
2.	 Portmann C., Renner R. Security in quantum cryptography //Reviews of Modern Physics. – 2022. – Т. 94. – №. 2. – С. 025008. DOI: https://doi.org/10.1103/RevModPhys.94.025008.
3.	 Grasselli F. Quantum cryptography // Quantum science and technology. Cham: Springer. – 2021. DOI: 10.1007/978-3-030-64360-7.
4.	 Kumari A. B. et al. One time pad encryption technique in cryptography //International Journal of Computational Learning & Intelligence. – 2023. – Т. 2. – №. 1. – P. 1–7.
5.	 Al-Smadi A. M. et al. Files cryptography based on one-time pad algorithm //International Journal of Electrical and Computer Engineering (IJECE). – 2021. – Т. 11. DOI: 10.11591/ijece.v11i3.pp2335-2342.
6.	 Parshutkin A., Neaskina M. Increasing the security of information from leakage through side electromagnetic emissions / Voprosy kiberbezopasnosti. – 2022. – № 3(49). – P. 82–89. DOI 10.21681/2311-3456-2022-3-82-89.
7.	 Chen Y. A. An integrated space-to-ground quantum communication network over 4,600 kilometres // Nature. – 2021. – Vol. 589, No. 7841. – P. 214–219. DOI: https://doi.org/10.1038/s41586-020-03093-8.
8.	 A. D. Deev, A. A. Kalinkin, S. P. Kulik. Kvantovye kommunikacii cherez atmosfernye (kosmicheskie) kanaly svyazi // Internet iznutri. – 2024. – № 20. – Pp. 43–47.
9.	 E. V. Zyakin, A. V. Molokanov, K. M. Churikov. Promising QKD protocols for optical communications in free space // New Technologies. Science, Engineering, Pedagogics: Proceedings of the All-Russian Scientific-Practical Conference, Moscow, 2024, pp. 141–148.
10.	 Petrenko A. S. Method for constructing post-quantum algorithms of eds with two hidden groups / Voprosy kiberbezopasnosti. – 2025. – № 2(66). – P. 52–63. DOI 10.21681/2311-3456-2025-2-52-63.
11.	 Nadlinger D. P. et al. Experimental quantum key distribution certified by Bell's theorem // Nature. – 2022. – Т. 607. – №. 7920. – P. 682–686. DOI: https://doi.org/10.1038/s41586-022-04941-5.
12.	 Lin D. High performance frame synchronization for continuous variable quantum key distribution systems // Optics Express. – 2015. – Vol. 23, No. 17. – P. 22190–22198. DOI: https://doi.org/10.1364/OE.23.022190.
13.	 Calderaro L. et al. Fast and simple qubit-based synchronization for quantum key distribution //Physical Review Applied. – 2020. – Т. 13. – №. 5. – P. 054041. DOI: https://doi.org/10.1103/PhysRevApplied.13.054041.
14.	 Williams J. et al. Implementation of quantum key distribution and quantum clock synchronization via time bin encoding //Quantum Computing, Communication, and Simulation. – SPIE, 2021. – Т. 11699. – P. 16–25. DOI: https://doi.org/10.1117/12.2581862.
15.	 Cochran R. D., Gauthier D. J. Qubit-based clock synchronization for QKD systems using a Bayesian approach // Entropy. – 2021. – Т. 23. – №. 8. – P. 988. DOI: https://doi.org/10.3390/e23080988.
16.	 Nonclassical attack on a quantum keydistribution system / A. Pljonkin, D. Petrov, L. Sabantina, K. Dakhkilgova // Entropy. – 2021. – Vol. 23, No. 5.
17.	 Sabanov A. G., Shelupanov A. A. Identification and authentication in the digital world. Moscow, Hot Line-Telecom, 2022. 18.	 Civelli S. et al. Optical identification for user authentication in quantum key distribution systems //IET Conference Proceedings CP839. – Stevenage, UK : The Institution of Engineering and Technology, 2023. – Т. 2023. – №. 34. – P. 815–818. DOI: https://doi.org/10.1049/icp.2023.2346.
19.	 Krawec W. O. Security of a High Dimensional Two–Way Quantum Key Distribution Protocol //Advanced Quantum Technologies. – 2022. – Т. 5. – №. 10. – С. 2200024. DOI: https://doi.org/10.1002/qute.202200024.
20.	 Zheng X., Zhao Z. Quantum key distribution with two-way authentication // Optical and Quantum Electronics. – 2021. – Т. 53. – №. 6. – P. 304. DOI: https://doi.org/10.1007/s11082-021-02845-8.
21.	 Pat. 2667755 RF, MPK H04L9/08. Sistema relyativistskoj kvantovoj kriptografii / Kravcov K. S. i dr. (RF). – № 2017117184; zayavl. 05.17.2017; opubl. 24.09.2024.
22.	 Lavie E., Lim C. C. W. Improved coherent one-way quantum key distribution for high-loss channels // Physical Review Applied. – 2022. – Т. 18. – №. 6. – С. 064053. DOI: https://doi.org/10.1103/PhysRevApplied.18.064053.
23.	 Pljonkin A. et al. The Study of Synchronization in Quantum Key Distribution System //Futuristic Trends in Network and Communication Technologies: Third International Conference. – Springer Singapore, 2021. – З. 68–80. DOI: https://doi.org/10.1007/978-981-16-1483-5_7.
24.	 Rumyancev K. E. Veroyatnostnye xarakteristiki algoritma obnaruzheniya sinxrosignalov na osnove vybora smezhnoj pary segmentov s maksimal'nym summarnym otschyotom / K. E. Rumyancev, P. D. Mironova // Izvestiya YuFU. Texnicheskie nauki. – 2023. – № 3 (233). – P. 96–107.
25.	 Mironova P. D. Algoritm obnaruzheniya sinxrosignalov na osnove vybora smezhnoj pary segmentov s maksimal'nym summarnym otschyotom // Fundamental'nye i prikladnye aspekty komp'yuternyx texnologij i informacionnoj bezopasnosti: Sbornik statej Vseros. nauch.-texn. konf. – Taganrog: YuFU, 2023. – P. 52–53.
26.	 Signorelli F. et al. InGaAs/InP SPAD detecting single photons at 1550 nm with up to 50 % efficiency and low noise // 2021 IEEE International Electron Devices Meeting (IEDM). – IEEE, 2021. – P. 20.3. 1–20.3. 4. DOI: 10.1109/IEDM19574.2021.9720559.

Purpose of the study: the paper focuses on the development of scheme for cryptographic protection data in cloud storages using standardized and emerging block-cipher modes, post-quantum encryption algorithms, and quantum-dependent keys.
Methods of research: system-level analysis of information security threats during processing and storage when using application-layer access protocols for cloud storage. Synthesis of cryptographic mechanisms and formats to build an automated hybrid cryptographic scheme for client-side information processing using symmetric and asymmetric ciphers.
Result(s): the article presents the development of the Utro-1 cryptographic scheme for ensuring information security in cloud storage access application protocols. Formats, functions and encryption logic are described; several practical tests of the software implementation are carried out. The article provides explanations on the conditions for using post-quantum algorithms and/or quantum-dependent keys in the scheme.
Scientific novelty: the scientific novelty and relevance lie in achieving new scientific and technical results in the field of protecting data transmitted to cloud storage using Russian and promising foreign cryptographic tools and methods; in developing a cryptographic scheme to protect information from unauthorized access by means of a hybrid composition of symmetric and asymmetric ciphers.
Keywords: encryption, cloud storage, cryptographic security, network access, application-level protocol, information security, key generation.

1. 	 Minakov, S. S. (2020). The main cryptographic mechanisms for protection of data, transmitted to cloud services and storage area networks. Cybersecurity issues., 3(37), 66–75. DOI 10.21681/2311-3456-2020-03-66-75.
2. 	 Minakov, S. S., Karpov, I. V., Tikhov, S. V., Martynov, I. V. (2025). Variant postroeniya programmnogo resheniya s gibridnoj kriptograficheskoj sistemoj zashhity dannyx, xranyashhixsya na oblachnom nakopitele, i perspektivnymi rezhimami raboty blochnyx shifrov. Sistemy i sredstva zashhity informacii: Sbornik statej 16-j mezhvedomstvennoj nauchno-prakticheskoj konferencii imeni E. A. Matveeva, Penza, 10–13 sentyabrya 2024 goda, 94–105.
3. 	 Tacchino, F., Chiesa, A., Carretta, S. and Gerace, D. (2020), Quantum Computers as Universal Quantum Simulators: State-of-the-Art and Perspectives. Adv. Quantum Technol., 3, 1900052. DOI 10.1002/qute.201900052.
4. 	 Philip Ball. (2020). Physicists in China challenge Google's 'quantum advantage'. Nature., 588, 380. DOI 10.1038/d41586-020-03434-7.
5. 	 Smirnov, N. S., Krivko, E. A., Solovyova, A. A. et al. (2024). Wiring surface loss of a superconducting transmon qubit, Sci Rep., 14, 7326. DOI 10.1038/s41598-024-57248-y.
6. 	 Minakov, S. S. (2024). Aktual'nye nauchnye voprosy osushhestvleniya texniko-kriminalisticheskix meropriyatij i primeneniya instrumental'nyx sredstv pri reagirovanii na komp'yuternye incidenty i analize raspredelennyx zashhishhennyx sistem, obrabatyvayushhix svedeniya konfidencial'nogo xaraktera. Sudebnaya ekspertiza i issledovaniya., 4, 123–129.
7. 	 Zubov, A. Yu. (2022). Kriptosistema blochnogo gammirovaniya s autentifikaciej. Mathematical Aspects of Cryptography., 13(4), 5–35.
8. 	 Alekseev, E. K., Akhmetzyanova, L. R. Babueva, A. A. Smyshlyaev, S. V. (2020). Data storage security and full disk encryption. PDM., 49, 78–97. DOI 10.17223/20710410/49/6.
9. 	 Bogdanov, D. S., Nozdrunov, V. I. (2022). Some properties of the DEC mode of operation of block ciphers, Mathematical Aspects of Cryptography, 13(3), 37–44.
10. 	Koreneva, A. M., Firsov, G. V. (2023). Ob odnom rezhime raboty blochnyx shifrov dlya zashhity sistemnyx nositelej s blochnoorientirovannoj strukturoj. PDM Prilozhenie. 16, 52–56, DOI 10.17223/2226308X/16/14.
11. 	Aliev, F. K., Korolkov, A. V., Matveev, E. A. (2022). Class of quantum cryptographic systems AKM2021 based on the use of singlet states of multicubic quantum systems // Journal Highly available systems, 18(3), 5–22.

Purpose of the study: to analyze the state and maturity of the regulatory and legislative framework in the field of information security (IS) of digital electric power industry, to identify areas for further improvement of IS software and hardware systems, to implement industry IS requirements in experimental samples of relay protection and automation for digital substations.
Methods of research: systems analysis, analysis of scientific industry problem, classification, abstraction.
Result(s): of critical information infrastructure (CII) protection in the electric power industry; examines the degree of compliance of existing industry facilities with established legislative requirements for cybersecurity; outlines an approach to the development of cross-platform hardware and software systems (HSS) for digital substations (DSS) equipped with built-in information protection mechanisms, including a practical example - a relay protection and automation (RPA) device.
Scientific novelty: a technology for constructing trusted software and hardware systems for digital electric power engineering with integrated information security functions and the ability to integrate cybersecurity algorithms, providing for six levels of abstraction, is proposed.

Keywords: information security, cybersecurity, digital substation, critical information infrastructure, cyber threat, computer attack, relay protection and automation, technological information, intelligent electrical networks.

1. 	 Zinin V. M. Aktual'nyye resheniya NIPOM s uchotom doktriny energeticheskoy bezopasnosti RF. // «RUM» № 6 (596), 2020. s. 38–45.
2. 	 Kulikov A.L., Trebovaniya k informatsionnoy bezopasnosti v elektroenergetike i ikh realizatsiya v intellektual'nykh ustroystvakh tsifrovykh podstantsiy / A. L Kulikov, V. M. Zinin // Intellektual'naya elektrotekhnika. 2022. № 3(19). S. 49–78.
3.	 Izrailov K. Ye. Assessment and prediction of the complex objects state: applicatioin for information security/ K. Ye. Izrailov, M. V. Buynevich, I. V. Kotenko, V. A. Desnitskiy // Voprosy kiberbezopasnosti. – 2022. – № 6(52). – S. 2–21. – DOI 10.21681/23113456-6-2022-2-21.
4. 	 Loskutov, A. A. Kiberfizicheskiy stend kompleksnykh ispytaniy intellektual'nykh elektronnykh ustroystv zashchity i avtomatiki / A. A. Loskutov, A. L. Kulikov, I. A. Petrov, A. S. Simanov // Elektrotekhnika. 2024. № 10. S. 49–60.
5. 	 Kotenko I. V., Fedorchenko Ye. V, Novikova Ye. S., Sayenko I. B., Danilov A. C. Metodologiya sbora dannykh dlya analiza bezopasnosti promyshlennykh kiberfizicheskikh sistem / I. V. Kotenko, Ye. V. Fedorchenko, Ye. S. Novikova, I. B. Sayenko, A. C. Danilov // Voprosy kiberbezopasnosti. 2023. № 5(57). S. 69–79. DOI:10.21681/2311-3456-2023-5-69-79.
6. 	 Rajkumar V. S. Cyber Attacks on Power Grids: Causes and Propagation of Cascading Failures / V. S. Rajkumar, A. Stefanov, A. Presekal, P. Palensky, J. R.Torres // IEEE Access, 11, 2023, 103154–103176. https://doi.org/10.1109/ACCESS.2023.3317695.
7. 	 Wan, Y.; Cao, J. A Brief Survey of Recent Advances and Methodologies for the Security Control of Complex Cyber–Physical Networks. Sensors 2023, 23, 4013. https://doi.org/10.3390/s23084013.
8. 	 Ding, S. Research on Network Security Measures in Electric Power Communication Network / S. Ding, F. Chen; H. Ye; X. Lu // 2024 International Conference on Electrical Drives, Power Electronics & Engineering (EDPEE) DOI: 10.1109/EDPEE61724.2024.00136.
9. 	 Loskutov, A. A. Sovremennyye metody formirovaniya logicheskoy chasti tsifrovoy zashchity i avtomatiki sistem elektrosnabzheniya promyshlennykh potrebiteley: monografiya / A. A. Loskutov, A. L. Kulikov; Nizhegorod. gos. tekhn. un-t im. R. Ye. Alekseyeva. – Nizhniy Novgorod, 2025. – 392 s.
10. 	Boger, A. M. Mathematical model of the vector of a ddos attack on the ics using the method of topological transformation of stochastic networks/ A.M. Boger, A.N. Sokolov // Voprosy kiberbezopasnosti. 2023. № 4(56). S. 72–79. DOI:10.21681/2311-3456-2023-4-72-79.
11. Gurina, L. A. Development of an integrated approach to ensuring the cyber security of interconnected information systems under intelligent management of a microgrid community/ L. A. Gurina, N. V. Tomin // Voprosy kiberbezopasnosti. 2023. № 4(56). S. 94–104. DOI:10.21681/2311-3456-2023-4-94-104.
12. Blazek P. Smart Grids Transmission Network Testbed: Design, Deployment, and Beyond / P. Blazek, A. Bohacik, R. Fujdiak, V. Jurak, M. Ptacek // IEEE Open Journal of the Communications Society, Vol. 6, 13 December 2024, pp. 51–76. DOI: 10.1109/OJCOMS.2024.3517340.
13. 	Suhail Hussain S. M.,Ustun T. S., Kalam A. A Review of IEC 62351 Security Mechanisms for IEC 61850 Message Exchanges // IEEE Transactions on Industrial Informatics, Vol. 16, Issue: 9, September 2020, pp. 5643–5654. DOI: 10.1109/TII.2019.2956734.
14. 	Rajkumar, V. S. Cyber Attacks on Power System Automation and Protection and Impact Analysis // V. S. Rajkumar, M. Tealane, A.Stefanov, A. Presekal, P. Palensky / 2020 IEEE PES Innovative Smart Grid Technologies Europe (ISGT-Europe) Virtual, October 26–28, 2020.
15. 	Gaspar, J. Smart Substation Communications and Cybersecurity: A Comprehensive Survey / J. Gaspar, T. Cruz, Ch-T. Lam, P. Simões // IEEE Communications surveys & tutorials, Vol. 25, no. 4, fourth quarter, 2023.
16. 	Lebedev A. A. Development the software complex for automated verification of the correct setup of the relay protection and automation complex on the digital substation / A. A. Lebedev, E. A. Voloshin, M. S. Malyutin, V. D. Uksekov, A. D. Guseynov, K. V. Latyshov // 2021 4th International Youth Scientific and Technical Conference on Relay Protection and Automation (RPA). DOI: 10.1109/RPA53216.2021.9628680.
17. 	 Rubio, S. Smart Grid Protection, Automation and Control: Challenges and Opportunities / Rubio, S., Bogarra, S.; Nunes, M.; Gomez, X. // Appl. Sci. 2025, 15, 3186. https://doi.org/10.3390/app15063186.
18. 	Kabbara, N. Towards Software-Defined Protection, Automation, and Control in Power Systems: Concepts, State of the Art, and Future Challenges. / Kabbara, N., Nait Belaid, M. O., Gibescu, M., Camargo, L. R., Cantenot, J., Coste, T., Audebert, V., Morais, H. // Energies 2022, 15, 9362. https://doi.org/10.3390/en15249362.
19. 	Junho H. Cybersecurity of Sampled Value Messages in Substation Automation System / J. Hong, M. Girdhar; C-W Ten, S. Lee, S. Choi // 2022 IEEE Power & Energy Society General Meeting (PESGM). DOI: 10.1109/PESGM48719.2022.9916758.
20. 	Glukhov A. P., Belova Ye. I., Glukhov A. A. Podkhod k otsenivaniyu funktsional'nosti doverennykh programmno-apparatnykh kompleksov // Intellektual'nyye tekhnologii na transporte. 2024. № 2(38). S. 69–76. DOI: 10.20295/2413-2527-2024-238-69-76.
21. Kulikov A. L., Zinin V. M., Sharafeyev T. R. Printsipy realizatsii kiberbezopasnykh resheniy dlya krossplatformennykh intellektual'nykh elektronnykh ustroystv (IEU) v sostave tsifrovykh podstantsiy (TSPS) // V sbornike: Elektroenergetika v natsional'nykh proyektakh. Sbornik statey. Pod redaktsiyey N.D. Rogaleva. Moskva, 2020. s. 167–177.
22. 	Loskutov, A. A. Metody vyyavleniya kiberugroz na tsifrovykh podstantsiyakh / A. A. Loskutov, A. L. Kulikov, P. S. Pelevin, A. S. Simanov // Elektrotekhnika. 2025. № 10. S. 59–69.
23. 	Voyevodin, V. A. On the formulation of the task of assessing the stability of the functioning of critical information infrastructure facilities / V. A. Voyevodin // Voprosy kiberbezopasnosti. – 2025. – № 1(65). – S. 41–49. – DOI 10.21681/2311-3456-2025-1-41-49.
24. 	Gurina, L. A. Intelligent methods of ensuring cybersecurity multi-agent control system of microgrid/ L. A. Gurina, N. V. Tomin // Voprosy kiberbezopasnosti. 2023.– № 6(64). – S. 53–64. DOI: 10.21681/2311-3456-2024-6-53-64.
25.	 Izrailov K. Ye. Different genesis attacks to complex objects detecting method based on condition information. Part 1. Prerequisites and schema/ K. Ye. Izrailov, M. V. Buynevich // Voprosy kiberbezopasnosti. 2023.– № 4(56). – S. 80–93. DOI: 10.21681/2311-3456-2023-4-80-93.
26.	 Kostogryzov A. I., Threat analysis of malicious modification of the machine learning model for artificial intelligence systems / A. I. Kostogryzov, A. A. Nistratov // Voprosy kiberbezopasnosti. 2023. № 5(57). S. 9–24. DOI:10.21681/2311-3456-2023-5-9-24.

The purpose of the study: theoretical substantiation and development of a method of personality recognition based on bioacoustic scanning in order to implement the process of multi-factor authentication within one local device, as well as to minimize errors of the first and second types in multi-factor authentication systems.
Research methods: the methods of wave theory of physics were applied, including aspects of the propagation of ultrasonic waves and their interaction with biological tissues. Statistical methods for evaluating hypotheses and machine learning algorithms in the form of generative-adversarial neural networks were also used.
Scientific novelty: a new method of personality recognition based on bioacoustic scanning data characterizing
the geometry of the bone of the distal phalanx of the finger and the ratio of soft tissues of the finger has been developed. The proposed bioacoustic method of scanning the distal phalanx of the finger, in contrast to ultrasound scanning of the papillary pattern, works at lower frequencies (15-17 MHz) and allows fixing the unique characteristics of not only the skin, but also deeper tissues Finger. The bone geometry of the distal phalanx, as well as the ratio of the soft tissues of the finger, has not previously been used as an authentication characteristic of a person. 
Result and practical significance: the method of identity authentication by bioacoustic finger scanning is substantiated, within the framework of which the geometry of the bone of the distal phalanx of the finger is recorded, including protrusions, notches, ridges and nail tuberosity, which are unique for each person, and the relative location of the soft tissues of the finger pad, taking into account their mutual ratio in volume. The practical significance of the proposed method is due to the fact that this approach is less vulnerable to fakes and, accordingly, attacks with the help of dummies, since biometric characteristics are hidden from the eyes of the attacker, unlike the geometry of the face and the image of the iris of the eye in public photos, left on various surfaces of fingerprints, etc data transmission channels.

Keywords: authentication, type I error, type II error, fingerprint, generative adversarial neural network, spoofing attack, biometric scanner, bioacoustics.

1.	 Sim J. Y. Identity Recognition Based on Bioacoustics of Human Body / Sim J. Y., Noh H. W., Goo W., Kim N., Chae S.-H. and Ahn C.-G. // IEEE Transactions on Cybernetics, vol. 51, no. 5, pp. 2761–2772, May 2021, DOI: 10.1109/TCYB.2019.2941281.
2.	 Roy A. Masterprint: exploring the vulnerability of partial fingerprint-based authentication systems / Roy A., Memon N. and Ross A. // IEEE Transactions on Information Forensics and Security, vol. 12, no. 9, September 2017.
3.	 Bontrager P. DeepMasterPrints: generating MasterPrints for dictionary attacks via latent variable evolution / Bontrager P., Roy A., Togelius J., Memon N. and Ross A. // 2018 IEEE 9th International Conference on Biometrics Theory, Applications and Systems (BTAS), Redondo Beach, CA, USA, 2018, pp. 1–9, DOI: 10.1109/BTAS.2018.8698539.
4.	 Bondarenko I. N. Ul'trazvukovaja harakteristika kozhi, mjagkih tkanej lica, shei, kistej ruk u zhenshhin raznyh vozrastnyh grupp: nerandomizirovannoe observacionnoe kross-sekcionnoe issledovanie // Kubanskij nauchnyj medicinskij vestnik. – 2021. – T. 28, № 3. – S. 16–28. – DOI 10.25207/1608-6228-2021-28-3-16-28.
5.	 Chastikova V. A. Osobennosti realizacii biometricheskoj sistemy autentifikacii lichnosti na osnove papilljarnogo uzora / V. A. Chastikova, V. G. Guljaj, D. S. Suchkov // Molodezhnaja nauka. Sbornik luchshih nauchnyh rabot molodyh uchenyh: Materialy LI studencheskoj nauchnoj konferencii, Krasnodar, 29 fevralja 2024 goda. – Krasnodar: Kubanskij gosudarstvennyj tehnologicheskij universitet, 2024. – S. 222–225. – EDN RDBTAL.
6.	 Chajkovskaja T. V. Issledovanie naprjazhenno-deformirovannogo sostojanija kosti srednej falangi ukazatel'nogo pal'ca ruki cheloveka pri izmenenii plotnosti gubchatoj kostnoj tkani / T. V. Chajkovskaja, E. S. Marchenko // Fundamental'nye osnovy mehaniki. – 2022. – № 10. – S. 119–122. – DOI 10.26160/2542-0127-2022-10-119-122. – EDN JAAFKI.
7.	 Chastikova V. A. Predotvrashhenie oshibok I roda pri skanirovanii v sistemah kontrolja i upravlenija dostupom putem ispol'zovanija GAN-seti / V. A. Chastikova, V. G. Guljaj, D. S. Suchkov // Iskusstvennyj intellekt. Formirovanie budushhego: Materialy I Mezhdunarodnoj nauchno-prakticheskoj konferencii, Krasnodar, 29 aprelja 2024 goda. – Krasnodar: IP Alzidan M., 2024. – S. 296–299. – EDN ESSLTN.
8.	 Krasov A. V. Razrabotka metodologii testirovanija sistem zashhity informacii v virtual'nyh kompleksah dlja obnaruzhenija oshibok I i II-roda / A. V. Krasov, R. R. Maksudova, V. V. Nefedov [i dr.] // Vestnik Sankt-Peterburgskogo gosudarstvennogo universiteta tehnologii i dizajna. Serija 1: Estestvennye i tehnicheskie nauki. – 2021. – № 1. – S. 45–52. – DOI 10.46418/2079-8199_2021_1_7.
9.	 Chastikova V. A. Podhod k postroeniju sistem analiza incidentov informacionnoj bezopasnosti na osnove gibridizacii metodov mashinnogo obuchenija / V. A. Chastikova, V. G. Guljaj // Jelektronnyj setevoj politematicheskij zhurnal «Nauchnye trudy KubGTU». – 2023. – № 6. – S. 107–117. – EDN YPTPGQ.
10.	 Suvorov A. Yu. Statistical hypothesis testing: general approach in medical research / A. Yu. Suvorov, N. M. Bulanov, A. N. Shvedova [et al.] // Sechenov Medical Journal. – 2022. – Vol. 13, No. 1. – P. 4–13. – DOI 10.47093/2218-7332.2022.426.08.
11.	 Ismagilov R. F. Konstruirovanie modeli obuchajushhej nejronnoj seti dlja biometricheskoj mnogofaktornoj autentifikacii pol'zovatelja informacionnoj sistemy / R. F. Ismagilov, N. D. Lushnikov, A. S. Ismagilova // Voprosy zashhity informacii. – 2023. – № 1(140). – S. 19–23. – DOI 10.52190/2073-2600_2023_1_19.
12.	 Belov N. I. Primenenie termograficheskij modeli lica v zadachah identifikacii i autentifikacii / N. I. Belov, V. M. Korzhuk // Computational Nanotechnology. – 2023. – T. 10, № 3. – S. 109–120. – DOI 10.33693/2313-223X-2023-10-3-109-120.
13.	 Slavoljubova I. A. Differencirujushhie vozmozhnosti papilljarnyh uzorov srednih falang pal'cev ruk (na primere evrazijskih populjacij) / I. A. Slavoljubova, A. M. Judina, L. Ju. Shpak // Vestnik Moskovskogo universiteta. Serija 23: Antropologija. – 2023. – № 4. – S. 58–68. – DOI 10.32521/2074-8132.2023.4.058-068.
14.	 Chastikova V. A. Nejrosetevaja sistema biometricheskoj identifikacii lichnosti po golosu / V. A. Chastikova, S. A. Zherlicyn, D. O. Vojlova // Vestnik Adygejskogo gosudarstvennogo universiteta. Serija 4: Estestvenno-matematicheskie i tehnicheskie nauki. – 2023. – № 1(316). – S. 70–79. – DOI 10.53598/2410-3225-2023-1-316-70-79.
15.	 Pozhar V. Je. Spektral'no-poljarizacionnye sistemy trjohmernogo tehnicheskogo zrenija na osnove akustoopticheskoj fil'tracii / V. Je. Pozhar, A. S. Machihin // Svetotehnika. – 2022. – № 5. – S. 32–35. – EDN BHPGOK.
16.	 Kormilina A. R. Ul'trazvukovaja jelastografija sdvigovoj volny v ocenke zhjostkosti kostnoj mozoli / A. R. Kormilina, M. G. Tuhbatullin // Rossijskij jelektronnyj zhurnal luchevoj diagnostiki. – 2020. – T. 10, № 2. – S. 122–128. – DOI 10.21569/2222-7415-2020-10-2-122-128.
17.	 Kol'cova I. S. Akustojelektronnyj metod izmerenija skorosti ul'trazvukovyh voln v zhidkostjah / I. S. Kol'cova, A. S. Homutova // Akusticheskij zhurnal. – 2023. – T. 69, № 3. – S. 317–321. – DOI 10.31857/S032079192260041X.
18.	 Romanenko K. V. Ul'trazvukovoe issledovanie kozhi / K. V. Romanenko, O. O. Borovaja, N. V. Ermilova, V. V. Zaharova // Torsuevskie chtenija: nauchno-prakticheskij zhurnal po dermatologii, venerologii i kosmetologii. – 2021. – № 2(32). – S. 17–20. – EDN XSCBLX. 
19.	 Potehin D. S. Sovremennye tendencii razvitija ul'trazvukovoj diagnostiki / D. S. Potehin, P. V. Komarov // Vysokoproizvoditel'nye vychislitel'nye sistemy i tehnologii. – 2022. – T. 6, № 2. – S. 71–77. – EDN GGXQYK.
20.	 Jankevich S. V.Obzor shemotehnicheskih reshenij pri postroenii silovoj chasti ul'trazvukovyh generatorov / S. V.Jankevich,G. V. Malinin // Vestnik Chuvashskogo universiteta. – 2020. – № 1. – S. 212–220. – EDN TTQVYO.
21.	 Borisov V. I. Akusticheskoe pole izluchenija p'ezopreobrazovatelja v vide dvuhmernoj prjamougol'noj fazirovannoj reshetki / V. I. Borisov, A. S. Nikitin, E. N. Prokopenko, S. S. Sergeev // Vestnik Belorussko-Rossijskogo universiteta. – 2021. – № 2(71). – S. 58–67. – DOI 10.53078/20778481_2021_2_58.
22.	 Bessonov L. V. Constructing the dependence between the Young's modulus value and the Hounsfield units of spongy tissue of human femoral heads / L. V. Bessonov, A. A. Golyadkina, P. O. Dmitriev [et al.] // Izvestiya of Saratov University. Mathematics. Mechanics. Informatics. – 2021. – Vol.21, No. 2. – P. 182–193. – DOI 10.18500/1816-9791-2021-21-2-182-193.
23.	 Kashin Ja. M. Zajavka na patent na izobretenie № 2024118715 ot 04.07.2024 «Ustrojstvo registracii biometricheskih parametrov dlja dvuhfaktornoj autentifikacii lichnosti» / Ja. M. Kashin, V. A. Chastikova, V. G. Guljaj; zajavitel' Federal'noe gosudarstvennoe bjudzhetnoe obrazovatel'noe uchrezhdenie vysshego obrazovanija «Kubanskij gosudarstvennyj tehnologicheskij universitet».
24.	 Kashin Ja. M. Zajavka na patent na sposob № 2024118723 ot 04.07.2024 «Sposob dvuhfaktornoj autentifikacii lichnosti» / Ja. M. Kashin, V. A. Chastikova, V. G. Guljaj; zajavitel' Federal'noe gosudarstvennoe bjudzhetnoe obrazovatel'noe uchrezhdenie vysshego obrazovanija «Kubanskij gosudarstvennyj tehnologicheskij universitet».
25.	 Chastikova V. A. Programma dlja identifikacii lichnosti po otpechatku pal'ca / V. A. Chastikova, V. G. Guljaj, D. S. Suchkov // Svidetel'stvo o gosudarstvennoj registracii programmy dlja JeVM № 2024661103, zajavl. 07.05.2024: opubl. 15.05.2024, Rossijskaja Federacija.

Purpose of the research: ensuring the resilience of cloud blockchain ecosystems and platforms of the ‘Data Economy’ of the Russian Federation based on cyber immunity in the face of hybrid quantum-classical attacks.
Methods of the research: methods of system analysis, methods of probability theory and mathematical statistics,
methods of the theory of stability of complex systems.
Results of the research: the analysis of research in the subject area has demonstrated that existing methods for ensuring the resilience of various information and computing systems consider either classical or quantum threats and do not fully ensure the resilience of cloud blockchain platforms under hybrid attacks characterized by the presence of both threat types. To resolve this problematic situation, an objective has been set to develop a novel method for ensuring the resilience of cloud blockchain platforms based on cyber immunity, and a hypothesis has been formulated regarding the feasibility of achieving the research goal through the application of this method.
A method for ensuring the resilience of cloud blockchain platforms based on cyber immunity under hybrid quantum-classical attacks has been developed, enabling compliance with the compromise-probability requirements under constraints on the execution time of a blockchain node’s program cycle by varying the cryptographic key length and the cyber immunity coverage coefficient.
A study of the developed method has demonstrated the capability to achieve the required resilience of cloud blockchain platforms under hybrid quantum-classical attacks, and the conditions for the existence of a solution have been determined, thereby confirming the formulated hypothesis.
Scientific novelty: the developed method is the first to take into account new conditions such as hybrid attacks
on cloud blockchain platforms, which are formally described through newly introduced parameters of the number of quantum computer qubits available to the attacker and the proportion of malicious input data. Furthermore, the application of this method for the first time imbues cloud blockchain platforms with a new emergent property of cyber immunity, which consists of the ability to detect known and previously unknown attacks aimed at violating the semantics of computations, counter them, and restore normal operation if violations occur.

Keywords: threats to information security, quantum threats to security, blockchain ecosystems and platforms,
cybersecurity, cyber resilience, methods of analysis and synthesis of quantum-resistant blockchain.

1.	 Mourtzis, D., Angelopoulos, J., & Panopoulos, N. (2023). Blockchain Integration in the Era of Industrial Metaverse. Applied Sciences, 13, 3, 1353. DOI: 10.3390/app13031353.
2.	 Markov, A. S. (2023). Important milestones in open source software security. Cybersecurity issues, 1(53), 2–12. DOI: 10.21681/2311-3456-2023-1-2-12.
3.	 Gai, K., Guo, J., Zhu, L., & Yu, S. (2020). Blockchain Meets Cloud Computing: A Survey. IEEE Communications Surveys & Tutorials, 22, 3, 2009–2030. DOI: 10.1109/COMST.2020.2989392.
4.	 Khanna, A., Sah, A., Bolshev, V., Burgio, A., Panchenko, V., & Jasinski, M. (2022). Blockchain–Cloud Integration: A Survey. Sensors, 22(14), 5238. DOI: 10.3390/s22145238.
5.	 Petrenko, A. S., Lomako, A. G., & Petrenko, S. A. (2023). Analysis of the Current State of Research Blockchain Quantum Resilience Problems. Part 1. Zaŝita informacii. Inside, 3(111), 38–46.
6.	 Petrenko, S. A., & Balyabin A. A. (2025). Model of quantum threats to national blockchain ecosystems and platforms. Cybersecurity issues, 1(65), 7–17. DOI: 10.21681/2311-3456-2025-1-7-17.
7.	 Balyabin, A. A., Petrenko, S. A., & Kostyukov, A. D. (2024). Model of security threats and cyber resistance of cloud platforms of the critical IT infrastructure of the Russian Federation. Zaŝita informacii. Inside, 5(119), 26–34.
8.	 Fernandez-Carames, T. M., & Fraga-Lamas, P. (2020). Towards post-quantum blockchain: A review on blockchain cryptography resistant to quantum computing attacks. IEEE Access, 8, 21091–21116. DOI: 10.1109/ACCESS.2020.2968985.
9.	 Shahid, F., & Khan, A. (2020). Smart Digital Signatures (SDS): A post-quantum digital signature scheme for distributed ledgers. Future Generation Computer Systems, 111, 241–253. DOI: 10.1016/j.future.2020.04.042.
10.	 Sahin, M. S., & Akleylek, S. (2023). A survey of quantum secure group signature schemes: Lattice-based approach. Information Security Applications, 73, 103432. DOI: 10.1016/j.jisa.2023.103432.
11.	 Moskvin, V. S., & Bogatyrev, V. A. (2022). Post-quantum digital signing algorithms and their application in distributed registry. High technologies in Earth space research, 14, 4, 47–53. DOI: 10.36724/2409-5419-2022-14-4-47-53.
12.	 Yang, Z., Salman, T.,Jain, R.,&Pietro, R.D. (2020). Decentralization Using Quantum Blockchain: A Theoretical Analysis. IEEE Transactions on Quantum Engineering, 3, 1–16. DOI: 10.1109/TQE.2022.3207111.
13.	 Li, Q., Wu,J., Quan,J., Shi,J., & Zhang, S. (2022). Efficient Quantum Blockchain With a Consensus Mechanism QDPoS. IEEE Transactions on Information Forensics and Security, 17, 3264–3276. DOI: 10.1109/TIFS.2022.3203316.
14.	 Wen, X. J., Chen, Y. Z., Fan, X. C., Zhang, W., Yi, Z. Z., & Fang, J. B. (2022). Blockchain consensus mechanism based on quantum zeroknowledge proof. Optics and Laser Technology, 147, 107693. DOI: 10.1016/j.optlastec.2021.107693.
15.	 Sun, X., Kulicki, P., & Sopek, M. (2020). Multi-Party Quantum Byzantine Agreement without Entanglement. Entropy, 22, 10, 1152. DOI: 10.3390/e22101152.
16.	 Singh, S., Rajput, N. K., Rathi, V. K., Pandey, H. M., Jaiswal, A. K., & Tiwari, P. (2023). Securing Blockchain Transactions Using Quantum Teleportation and Quantum Digital Signature. Neural Processing Letters, 55, 3827–3842. DOI: 10.1007/s11063-020-10272-1.
17.	 Wang, W., Yu, Y., & Du, L. (2022). Quantum blockchain based on asymmetric quantum encryption and a stake vote consensus algorithm. Scientific Reports, 12, 1, 1. DOI: 10.1038/s41598-022-12412-0.
18.	 Petrenko, A. S., Petrenko, S. A., & Kostyukov, A. D. (2022). The perfect model of the blockchain platform. Zaŝita informacii. Inside, 4(106), 34–44.
19.	 Petrenko, A. S., & Petrenko, S. A. (2022). Quantum resilience estimation method blockchain. Cybersecurity issues, 3(49), 2–22. DOI 10.21681/2311-3456-2022-3-2-22.
20.	 Balyabin A. A., & Petrenko S. A. (2025). On the creation of cyberresilient cloud platforms for managing cyber-physical objects in the context of growing security threats. Zaŝita informacii. Inside, 4(124), 20–30.
21.	 Zegzhda, D. P., Aleksandrova, E. B., Kalinin, M. O., Markov, A. S., Zhukov, I. Yu., Ivanov, D. V., Konoplev, A. S., Lavrova, D. S., Moskvin, D. A., Pavlenko, E. Yu., Poltavtseva, M. A., Shenets, N. N., Dakhnovich, A. D., & Krundyshev, V. M. (2021). Kiberbezopasnost' tsifrovoi industrii. Teoriya i praktika funktsional'noi ustoichivosti k kiberatakam. Moscow, Goryachaya liniya-Telekom Publ, 560 p.
22.	 Andrushkevich, D. V., Biryukov, D. N., & Timashov, P. V. (2021). Porozhdenie stsenariev predotvrashcheniya komp'yuternykh atak na osnove logiko-ontologicheskogo podkhoda. Trudy Voenno-kosmicheskoi akademii imeni A. F.Mozhaiskogo, 677, 118–134.
23.	 Sheluhin, O. I, Rybakov, S. Yu., & Vanyushina, A. V. (2023). Influence of fractal dimension on quality classification of computer attacks by machine learning methods. High technologies in Earth space research, 15, 1, 57–64. DOI: 10.36724/2409-5419-2023-15-1-57-64.
24.	 Aljuaid, W. H., & Alshamrani, S. S. (2024). A deep learning approach for intrusion detection systems in cloud computing environments. Applied sciences, 14, 13, 5381. DOI: 10.3390/app14135381.
25.	 Novikova, E. S., Kotenko, I. V., Meleshko, A. V., & Izrailov, K. E. (2023). Federated learning based intrusion detection: system architecture and experiments. Cybersecurity issues, 6(58), 50–66. DOI: 10.21681/2311-3456-2023-6-50-66.
26.	 Shamsutdinov, R. R., Vasilyev, V. I., & Vulfin, A. M. (2024). Intelligent system for monitoring information security of the industrial internet of things using artificial immune systems mechanisms. System engineering and information technologies, 6, 4(19), 14–31. DOI: 10.54708/2658-5014-SIIT-2024-no4-p14.
27.	 Balyabin, A. A. (2024). Model of the cloud platform of critical IT infrastructure of the Russian Federation under the conditions of information technology impacts. Zaŝita informacii. Inside, 5(119), 35–44.
28.	 Balyabin, A. A., Petrenko S. A., & Kostyukov A. D. (2022). Cloud and edge recovery method computing based on cyber immunity. Zaŝita informacii. Inside, 6(108), 26–31.
29.	 Wrieden, J. K., & Vassilakis, V. G. (2023). An Analysis of the Threats Posed by Botnet Malware Targeting Vulnerable Cryptocurrency Miners. 2023 Fourteenth International Conference on Ubiquitous and Future Networks (ICUFN), 82–87. DOI: 10.1109/ICUFN57995.2023.10201027.
30.	 Petrenko, A. S. (2025). Method for analyzing the quantum resilience of national blockchain ecosystems and platforms. Zaŝita informacii. Inside, 2(122), 18-27.
31.	 Tuokkola, M., Sunada, Y., Kivijarvi, H., Albanese, J., Gronberg, L., Kaikkonen, J. P., Vesterinen V., Govenius, J., & Mottonen, M. (2025). Methods to achieve near-millisecond energy relaxation and dephasing times for a superconducting transmon qubit. Nature Communications, 16, 5421. DOI: 10.1038/s41467-025-61126-0.
32.	 Milul, O., Guttel, B., Goldblatt, U., Hazanov, S., Joshi, L. M., Chausovsky, D., Kahn, N., Ciftyurek, E., Lafont, F., & Rosenblum, S. (2023). Superconducting cavity qubit with tens of milliseconds single-photon coherence time. PRX Quantum, 4, 3, 030336. DOI: 10.1103/PRXQuantum.4.030336.
33.	 Balyabin, A. A., & Petrenko S. A. (2025). Model' samovosstanovlenie kiberfizicheskikh sistem KII RF v usloviyakh kiberatak na osnove kiberimmuniteta. The 2025 Symposium on Cybersecurity of the Digital Economy – CDE'25 : Collected papers, 76–91.
34.	 Balyabin, A. A., & Petrenko S. A. (2025). Metodika samovosstanovleniya kiberfizicheskikh sistem KII RF v usloviyakh kiberatak na osnove kiberimmuniteta. The 2025 Symposium on Cybersecurity of the Digital Economy – CDE'25 : Collected papers, 103–114.

Purpose of the study: development of a signal-based method for determining the state of an adversarial attack on graphic objects processed by a neural network during classification.
Methods of research: the use of explainable artificial intelligence (Grad-CAM) for visualization of adversarial FGSM attack is employed. A signal-based method relying on integral calculation of the gradient surface of the explanation heatmap has been proposed.
Result(s): methods of explainable artificial intelligence for identifying important features and ways to utilize the obtained heatmaps for attack detection have been described and tested. In the practical part, one of the modern approaches is considered: analysis of bias and blurring of explanations using Grad-CAM. An analysis and review of the effectiveness in enhancing model resistance to attacks has been conducted. Various effects of impact resulting from attacks on attention zones and the nature of their changes have been identified. An integral method for calculating the presence of an adversarial attack in the input image has been proposed, which is applicable for automatic attack detection. 
Scientific novelty: the research is aimed at enhancing the informativeness regarding the nature of the attack, the degree of impact on the attacked input image, and the development of a signal-based detection method for identifying the presence of an adversarial attack.

Keywords: neural network technologies, attacks on artificial intelligence systems, attacks on explainable artificial intelligence, information security, visualization of neural network attacks.

1.	 Goodfellow I. J., Shlens J., Szegedy C. Explaining and harnessing adversarial examples //arXiv preprint arXiv:1412.6572. – 2014.
2.	 Chakraborty T., Trehan U., Mallat K., Dugelay J.-L. Generalizing Adversarial Explanations with Grad-CAM // Proceedings of CVPR Workshop on Art of Robustness, 2022, pp. 186–192. DOI: 10.1109/CVPRW56347.2022.00031.
3.	 Baniecki H., Biecek P. Adversarial attacks and defenses in explainable artificial intelligence: A survey // Information Fusion, 2024, 107:102303. DOI: 10.1016/j.inffus.2024.102303.
4.	 Selvaraju R. R. et al. Grad-cam: Visual explanations from deep networks via gradient-based localization //Proceedings of the IEEE international conference on computer vision. – 2017. – С. 618–626.
5.	 Lucas M. et al. RSI-Grad-CAM: Visual explanations from deep networks via Riemann-Stieltjes integrated gradient-based localization // International Symposium on Visual Computing. – Cham : Springer International Publishing, 2022. – С. 262–274.
6.	 Bassi P. R. A. S., Dertkigil S. S. J., Cavalli A. Improving deep neural network generalization and robustness to background bias via layerwise relevance propagation optimization //Nature Communications. – 2024. – Т. 15. – №. 1. – С. 291.
7.	 Gaspar D., Silva P., Silva C. Explainable AI for intrusion detection systems: LIME and SHAP applicability on multi-layer perceptron // IEEE Access. – 2024. – Т. 12. – С. 30164–30175.
8.	 Hariharan S. et al. XAI for intrusion detection system: comparing explanations based on global and local scope //Journal of Computer Virology and Hacking Techniques. – 2023. – Т. 19. – №. 2. – С. 217–239.
9.	 Huang T. et al. Bridging the performance gap between fgsm and pgd adversarial training //arXiv preprint arXiv:2011.05157. – 2020.
10.	 Zhong Z. Improving Model Robustness through Hybrid Adversarial Training: Integrating FGSM and PGD Methods. Applied and Computational Engineering, 109, 57–62. – 2024.

The purpose of the research: the aim of the study is to develop, implement and validate a system of quantitative metrics for assessing the quality of the self-reflection process of large language models that automate the generation of penetration testing scenarios, as well as to study the influence of external memory mechanisms (RAG) on the depth of analysis, the systematicity of the approach and the ability to iteratively improve.
Research methods: The study was conducted based on a comparative analysis of 16 pentest scenarios performed using YandexGPT and GigaChat in configurations with and without the RAG mechanism. Self-reflection metrics were used for
the assessment, including discourse coherence, marker index, completeness of coverage, and exploitation potential.
The results were compared with reference virtual machine passes (Basic Pentesting: 1, Devguru, Symfonos 2, Tomato: 1) to determine the degree of compliance with industry standards.
Research results: The analysis showed that all models develop high discourse coherence (1.0) and resistance
to the semantic step (0.0), which confirms their ability for logical coherent thinking. The highest self-reflection activity was implemented by GigaChat without RAG (marker index - 0.273), but the highest values of completeness of coverage (0,2–0,6) were recorded for models with RAG. The key result was the behavior of YandexGPT with RAG, which in the Basic Pentesting: 1 scenario identified a vulnerability in the ProFTPD 1.3.3c service and offered to connect it via Metasploit and proftpd_133c_backdoor, indicating the transition to the active response phase. GigaChat with RAG demonstrated the most mature self-reflection, achieving an overall improvement of 0.615 when analyzing the .git leak. The findings confirm that RAG significantly enhances coverage and quality analysis, but achieving standalone pentesting requires integration with variables capable of performing and assessing vulnerabilities.
Scientific novelty: the scientific novelty lies in the development and application of a comprehensive system of self-reflection metrics to assess the quality of the LLM cognitive process in pentest tasks. It has been shown for the first time that RAG not only increases the completeness of coverage, but can also initiate the transition to the exploitation phase. The proposed approach allows us to assess not only the result, but also the quality of internal analysis, thereby opening the way to creating manageable and transparent LLM agents for cybersecurity.

Keywords: Penetration Testing, FSTEC BDU, Natural Language Processing, Computational Linguistics, Retrieval-Augmented Generation, RAG, Self-Reflection, Quality Metrics.

1.	 Konev, A., & Payusova, T. (2025). Large language models in information security and penetration testing: a systematic review
of application possibilities. Scientific and Technical Journal of Information Technologies Mechanics and Optics, 25(1), 42–52. DOI: 10.17586/2226-1494-2025-25-1-42-52.
2.	 Gholami, N. Y. (2024). Large Language Models (LLMs) for Cybersecurity: A Systematic review. World Journal of Advanced Engineering Technology and Sciences, 13(1), 057–069. DOI: 10.30574/wjaets.2024.13.1.0395.
3.	 Happe, A., & Cito, J. (2023). Getting pwn’d by AI: penetration testing with large language models. Proceedings of the 31st ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering. DOI: 10.1145/3611643.3613083.
4.	 Renze, M., & Guven, E. (2024). Self-Reflection in large Language model Agents: Effects on Problem-Solving Performance. 2nd International Conference on Foundation and Large Language Models (FLLM), 516–525. DOI: 10.1109/FLLM63129.2024.10852426.
5.	 Shinn, N., Cassano, F., Berman, E., Gopinath, A., Narasimhan, K. & Yao, S. (2023). Reflexion: Language agents with verbal reinforcement learning. Advances in Neural Information Processing Systems, 36, 8634-8652. DOI: 10.5555/3666122.3666499.
6.	 Asai, A., Wu, Z., Wang, Y., Sil, A., & Hajishirzi, H. (2023). Self-RAG: Learning to Retrieve, Generate, and Critique through Self-Reflection. arXiv (Cornell University). DOI: 10.48550/ARXIV.2310.11511.
7.	 Yao, S., Zhao, J., Yu, D., Du, N., Shafran, I., Narasimhan, K., & Cao, Y. (2023, January). React: Synergizing reasoning and acting
in language models. In International Conference on Learning Representations (ICLR). DOI:10.48550/ARXIV.2210.03629.
8.	 Madaan, A., Tandon, N., Gupta, P., Hallinan, S., Gao, L., Wiegreffe, S., ... & Clark, P. (2023). Self-refine: Iterative refinement with selffeedback. Advances in Neural Information Processing Systems, 36, 46534-46594. DOI: 10.48550/ARXIV.2303.17651.
9.	 Pan, L., Saxon, M., Xu, W., Nathani, D., Wang, X., & Wang, W. Y. (2024). Automatically correcting large language models: Surveying
the landscape of diverse automated correction strategies. Transactions of the Association for Computational Linguistics, 12, 484–506.
DOI: 10.1162/tacl_a_00660.
10.	 Lyu, Q., Havaldar, S., Stein, A., Zhang, L., Rao, D., Wong, E., ... & Callison-Burch, C. (2023, November). Faithful chain-of-thought reasoning. In The 13th International Joint Conference on Natural Language Processing and the 3rd Conference of the Asia-Pacific Chapter
of the Association for Computational Linguistics (IJCNLP-AACL 2023). DOI: 10.18653/v1/2023.ijcnlp-main.20.
11.	 Gou, Z., Shao, Z., Gong, Y., Shen, Y., Yang, Y., Duan, N., & Chen, W. (2024). Critic: Large language models can self-correct with toolinteractive critiquing. DOI:10.48550/ARXIV.2305.11738.
12.	 Desai, S., & Durrett, G. (2020). Calibration of Pre-trained Transformers. Proceedings of the 2020 Conference on Empirical Methods
in Natural Language Processing (EMNLP). 295–302. DOI:10.18653/v1/2020.emnlp-main.21.
13.	 Jiang, Z., Araki, J., Ding, H., & Neubig, G. (2021). How can we know when language models know? On the calibration of language models
for question answering. Transactions of the Association for Computational Linguistics, 9, 962-977. DOI:10.1162/tacl_a_00407.
14.	 Zhao, Z., Wallace, E., Feng, S., Klein, D., & Singh, S. (2021, July). Calibrate before use: Improving few-shot performance of language
models. In International conference on machine learning (pp. 12697–12706). PMLR. DOI:10.48550/ARXIV.2102.09690.
15.	 Chen, Y., Sikka, K., Cogswell, M., Ji, H., & Divakaran, A. (2024). Measuring and improving chain-of-thought reasoning in vision-language
models. Proceedings of the 2024 Conference of the North American Chapter of the Association for Computational Linguistics: Human
Language Technologies. 1. 192-210. DOI: 10.18653/v1/2024.naacl-long.11.
16.	 Liu, Y., Deb, B., Teruel, M., Halfaker, A., Radev, D., & Awadallah, A. H. (2023). On improving summarization factual consistenc from natural language feedback. Proceedings of the 61st Annual Meeting of the Association for Computational Linguistics. 1. 15144–15161. DOI:10.18653/v1/2023.acl-long.844.
17.	 Elazar, Y., Kassner, N., Ravfogel, S., Ravichander, A., Hovy, E., Schütze, H., & Goldberg, Y. (2021). Measuring and improving consistency in pretrained language models. Transactions of the Association for Computational Linguistics, 9, 1012–1031. DOI: 10.1162/tacl_a_00410.
18.	 Zheng, L., Chiang, W. L., Sheng, Y., Zhuang, S., Wu, Z., Zhuang, Y., ... & Stoica, I. (2023). Judging llm-as-a-judge with mt-bench and chatbot arena. Advances in neural information processing systems, 36, 46595–46623. DOI: 10.48550/ARXIV.2306.05685.
19.	 Reimers, N., & Gurevych, I. (2019). Sentence-bert: Sentence embeddings using siamese bert-networks. Proceedings of the 2019 Conference on Empirical Methods in Natural Language Processing and the 9th International Joint Conference on Natural Language Processing (EMNLP-IJCNLP). 3982–3992. DOI: 10.18653/V1/D19-1410.

Purpose: to identify the current opportunities, threats and prospects for the application of artificial intelligence in military affairs to develop proposals for expanding the potential for its use, ensuring the economic, scientific and technological development and security of Russia.
Research method: analysis of data on the use of artificial intelligence in military affairs, synthesis and scientific forecasting, expert assessment, factual analysis within the framework of a systems approach, interdisciplinary approach.
Result: this article analyzes the concept of «artificial intelligence in military affairs», its current indicators, and characteristics against the backdrop of the accelerated development of artificial intelligence in general. It presents key factors determining the feasibility of developing and implementing artificial intelligence systems in the military sphere, as well as the main areas of their use and their role in international politics and global security. The risks and threats of their application are identified. An analysis of the capabilities of various countries in using artificial intelligence technologies at strategic, operational, and tactical levels, the corresponding threats in armed conflicts and wars, and a forecast for the development of promising technologies is provided. The impact of artificial intelligence technologies in military affairs on strategic stability,
national, and international security is discussed. It is demonstrated that the characteristics of artificial intelligence technologies in military affairs are currently one of the most important indicators of a state's influence and potential in the world but require the development of trust-building measures and the creation of an international control regime.
Practical value: proposals for expanding the potential for using artificial intelligence in military affairs to ensure economic, scientific and technological development and security of Russia.

Keywords: artificial intelligence, military affairs, artificial intelligence system, latest technologies, armed confrontation, nuclear weapons, strategic nuclear forces, combat control system, strategic stability.

1. Romashkina N. P., Markov A. S., Stefanovich D.V. Information Technologies and International Security : [electronic resource]. – Moscow: IMEMO, 2023. – 111 p. – ISBN 978-5-9535-0613-7. – DOI 10.20542/978-5-9535-0613-7. // https://www.imemo.ru/publications/info/information-technologies-and-international-security.
2. Romashkina N., Stefanovich D. Iskusstvennyj intellekt i estestvennaya vojna // Rossiya v global'noj politike. 2025. № 6(136). S. 69–83, DOI 10.31278/1810-6439-2025-23-6-69-83.
3. Ponkin I. V. Voennaya analitika. Voennoe primenenie iskusstvennogo intellekta i cifry / Konsorcium «Analitika. Pravo. CifrA». – M.: Buki Vedi, 2022. – 106 s. ISBN 978-5-4465-3667-2.
4. Turing A. M. Computing machinery and intelligence // Mind. 1950. № 59. P. 433–460. // https://philosophie.universite.tours/documents/1950_Alan_Turing.pdf (accessed 23.09.2025).
5. Romashkina N. P. Global'nye voenno-politicheskie problemy mezhdunarodnoj informacionnoj bezopasnosti: tendencii, ugrozy, perspektivy // Voprosy kiberbezopasnosti. 2019. №. 1(29). S. 2–9, DOI: 10.21681/2311–3456-2019-1-2-9.
6. Romanenko P. G., Bojko A. P., Subbotin D. V. Povyshenie upravlyaemosti mul'tiservisnykh setej svyazi special'nogo naznacheniya za schet vnedreniya tekhnologij iskusstvennogo intellekta // Voennaya mysl'. 2025. № 7. S. 85–93.
7. Markov A. S., SHeremet I. A. Bezopasnost' programmnogo obespecheniya v kontekste strategicheskoj stabil'nosti // Vestnik akademii voennyh nauk. 2019. № 2(67). P. 82–90.
8. Lin H. Artificial Intelligence and Nuclear Weapons: A Commonsense Approach to Understanding Costs and Benefits // Texas National Security Review. 2025. Vol. 8. No. 3. P. 98–109.
9. Romashkina N. P. Mezhdunarodno-pravovoj rezhim kontrolya nad kiberoruzhiem v budushchem miroporyadke: ugrozy i perspektivy // Diplomaticheskaya sluzhba. 2023. № 2. S. 150–161. DOI 10.33920/vne-01-2302-07. // https://www.imemo.ru/files/File/ru/publ/2023/DipSluzhba-022023-Romashkina.pdf, (accessed 23.09.2025).
10. Romashkina N. P., Markov A. S., Stefanovich D. V. Mezhdunarodnaya bezopasnost', strategicheskaya stabil'nost' i informacionnye tekhnologii / otv. red. A. V. Zagorskij, N. P. Romashkina. – M.: IMEMO RAN, 2020. – 98 s. DOI: 10.20542/978-5-9535-0581-9. // https://www.imemo.ru/publications/info/romashkina-np-markov-as-stefanovich-dv-mezhdunarodnaya-bezopasnosty-strategicheskaya-stabilynosty-i-informatsionnie-tehnologii-otv-red-av-zagorskiy-np-romashkina-m-imemo-ran-2020-98-s, (accessed 23.07.2025).
11. Wehsener A., Reddie A. W., Walker L., Reiner P. AI-NC3 Integration in an Adversarial Context: Strategic Stability Risks and Confidence Building Measures // Institute for Security and Technology. 2023. February // https://securityandtechnology.org/wp-content/uploads/2024/10/AI-NC3-Integration-in-an-Adversarial-Context.pdf (дата обращения 23.10.2025).

The purpose of the study: to substantiate the possibility of predicting failures of industrial Internet of Things devices based on supervised machine learning methods.
Research method: to achieve the goal, a methodology was developed and tested, including the stages of data collection, preprocessing, formation of training samples, selection of informative features, training of classification models and assessment of the quality of forecasts. Logistic regression was used as a basic method, which makes it possible to identify patterns that precede failures in conditions of high heterogeneity of data from industrial Internet of Things devices.
Result: the experiment was performed on real data from an industrial Internet of Things device, including 81 equipment performance indicators represented by time series. The results demonstrate that the probability of failure begins to increase long before the actual failure, which confirms the possibility of early detection of threats.
The practical significance lies in the possibility of introducing the developed methodology into existing monitoring systems for the transition from reactive to proactive risk management.
The conclusion obtained confirms that the proposed methodology provides an increase in the reliability of IIoT systems, reduces equipment downtime and contributes to increasing the cyber resilience of industrial processes.

Keywords: predictive diagnostics, supervised learning, cyber-physical systems, information security, artificial intelligence methods, automated process control systems.

1. Kiberbezopasnost' cifrovoj industrii. Teoriya i praktika funkcional'noj ustojchivosti k kiberatakam / D.P. Zegzhda, E. B. Aleksandrova, M. O. Kalinin [i dr.]. – M.: «Goryachaya liniya-Telekom», 2021. – 560 s.
2. Sistemnaya inzheneriya v problemah nacional'noj bezopasnosti: Tematicheskij blok «Nacional'naya bezopasnost'» / A. V. Anishchenko, V. B. Artem'ev, M. K. Bondareva [i dr.]; pod. red. Mahutova N.A. – M.: «Znanie», 2025. – 904 s.
3. Majlybaev E. Organizaciya zashchity informacii v sistemah IoT / Majlybaev E., Ruslan M. // Vestnik KazATK. 2024. № 5 (134). S. 168-175.
4. Markov A. S. Standarty kiberbezopasnosti CHetvertoj promyshlennoj revolyucii i Industrii 4.0 / A. S. Markov, Yu. A. Timofeev // Zashchita informacii. Insajd. – 2021. – № 3(99). – S. 54–60.
5. Markov G. A. Kontrol' IoT pri pomoshchi sredstv informacionnoj bezopasnosti v gosudarstvennom i korporativnom upravlenii / G. A. Markov, E. D. Markova // Sb. trudov XIII mezhdunarodnoj nauchno-tekhnicheskoj konferencii «Bezopasnye informacionnye tekhnologii». – Moskva: MGTU im. N.E.Baumana, 2024. – S. 148–153.
6. Markov G. A. Problemy obespecheniya informacionnoj bezopasnosti v promyshlennyh sistemah / G. A. Markov, V. M. Krundyshev, D. P. Zegzhda // Metody i tekhnicheskie sredstva obespecheniya bezopasnosti informacii. – 2024. – № 33. – S. 100-101.
7. Oshchepkov N. V. Analiz metodov protivodejstviya ugrozam dlya promyshlennogo interneta veshchej / Oshchepkov N. V., Krotova E. L. – Mezhdunarodnyj nauchno-issledovatel'skij zhurnal. 2024. № 7(145). S. 1–5.
8. Shevcov V. Yu., Analiz ugroz i uyazvimostej koncepcij IoT i IIoT / Shevcov V. Yu., Kasimovskij N. P. // NBI tekhnologii. 2020. T. 14. № 3. S. 28–34.
9. Petrenko S. Cyber resilient platform for internet of things (IIoT/IoT)ed systems: survey of architecture patterns / S. Petrenko // Voprosy Kiberbezopasnosti. – 2021. – No. 2(42). – P. 81–91. – DOI 10.21681/2311-3456-2021-2-81-91.
10. Budnikov S. A., Metodika ocenki effektivnosti sistem bezopasnosti avtomatizirovannyh sistem upravleniya / Budnikov S. A., Kovalenko S. M., Bocharova A.I. // Voprosy kiberbezopasnosti. – 2023. – №3. – S.2–12. DOI:10.21681/2311-3456-2023-3-2-12.
11. Dorgushaova A. K. Obzor ispol'zovaniya tekhnologij mashinnogo obucheniya v obespechenii informacionnoj bezopasnosti dannyh: nastoyashchee i budushchee / Dorgushaova A. K., Dovgal' V. A., Kozlova N. Sh., Kozlov R. S. // Vestnik Adygejskogo gosudarstvennogo universiteta. Seriya: Estestvenno-matematicheskie i tekhnicheskie nauki. 2024. Vyp. 1(336). S. 51–59. DOI: 10.53598/2410-32252024-1-336-51-59.
12. Egorov A. A. Standartizaciya po Iskusstvennomu intellektu v promyshlennosti (obzor zarubezhnogo sostoyaniya). CHast' 2 / A. A. Egorov // Avtomatizaciya i IT v energetike. – 2023. – № 1(162). – S. 6–19.
13. Zegzhda D. P. Avtomatizaciya upravleniya bezopasnost'yu intellektual'nyh sistem s ispol'zovaniem grafa atak i analiza riskov / D. P. Zegzhda, D. A. Moskvin, E. M. Orel // Zashchita informacii. Insajd. – 2022. – № 2(104). – S. 22–28.
14. Markov G. A. Matematicheskaya model' upravleniya sobytiyami informacionnoj bezopasnosti v sistemah promyshlennogo Interneta veshchej / G. A. Markov // Metody i tekhnicheskie sredstva obespecheniya bezopasnosti informacii. – 2024. – № 33. – S. 101–103.
15. Markov G. A. Osobennosti obespecheniya informacionnoj bezopasnosti v sistemah promyshlennogo Interneta veshchej / G. A. Markov, V. M. Krundyshev // Sb. trudov X Mezhdunarodnoj nauchno-prakticheskoj konferencii «Intellektual'naya inzhenernaya ekonomika i Industriya 5.0». V 2-h tomah, Sankt-Peterburg, 25–28 aprelya 2024 goda. – SPb.: Sankt-Peterburgskij politekhnicheskij universitet Petra Velikogo, 2024. – S. 217–220. – DOI 10.18720/IEP/2024.1/53.
16. Petrenko A. A. Kiberustojchivaya platforma Interneta veshchej / A. A. Petrenko, S. A. Petrenko, A. D. Kostyukov // Zashchita informacii. Insajd. – 2020. – № 4(94). – S. 20–30.
17. Fedorchenko E. V., Ocenivanie zashchishchennosti informacionnyh sistem na osnove grafovoj modeli eksplojtov / Fedorchenko E. V., Kotenko I. V., Fedorchenko A. V. // Voprosy kiberbezopasnosti. – 2023. – № 3. – S. 23–36. DOI:10.21681/2311-3456-2023-3-23-36.
18. Firyulin M. E. Zadacha razrabotki modelej ocenki effektivnosti informacionnyh processov v centrah obrabotki dannyh v usloviyah kompleksnoj zashchity informacii // Vestnik Voronezhskogo instituta MVD Rossii. – 2015. – № 3. – S.234–238.
19. Shchetkin A. A. Sistema monitoringa i prognozirovaniya povedeniya oborudovaniya na baze IIoT / A. A. Shchetkin, A. S. Bevz, S. S. Ancyferov [i dr.] // Avtomatizaciya v promyshlennosti. – 2024. – № 3. – S. 51–55. – DOI: 10.25728/avtprom.2024.03.10.
20. Communication-Efficient Federated Edge Learning for NR-U-Based IIoT Networks / Q. Chen, X. Xu, Z. You [et al.] // IEEE Internet of Things Journal. – 2022. – Vol. 9, No. 14. – P. 12450–12459. – DOI: 10.1109/jiot.2021.3136205.
21. Karacayılmaz G. A novel approach detection for IIoT attacks via artificial intelligence / G. Karacayılmaz, H. Artuner // Cluster Computing. – 2024. – DOI 10.1007/s10586-024-04529-w.