№ 2 (54)

Content of 2nd issue of magazine «Voprosy kiberbezopasnosti» at 2023:

Title Pages
Vasilyev, V. I. THEMATIC MODELING AND SUMMARIZATION OF TEXTS IN THE FIELD OF CYBER SECURITY (BASED ON JOURNAL PUBLICATIONS) / V. I. Vasilyev, A. M. Vulfin, N. V. Kuchkarova // Cybersecurity issues. – 2023. – № 2(54). – С. 2-22. – DOI: 10.21681/2311-3456-2023-2-2-22.

Abstract
Purpose: improving the quality of text document analysis through the use of machine learning and intellectual analysis models in summarizing and topic modeling tasks, which will reduce the load on an expert who analyzes and generalizes significant volumes of semi-structured text data on information security topics from various sources.
Methods: machine learning methods were used for the operational processing and analysis of large volumes of heterogeneous ill-structured information in natural language (NL). Methods of thematic modeling and summarization of texts based on deep neural networks, including neural network language models based on the architecture of transformers, are applied. Practical relevance: the main stages of the machine procedure of thematic modeling and summarization of professional texts in the field of information security are highlighted. The results of a comparative evaluation of the effectiveness of using clustering models, latent semantic analysis, Fast Text, Text Rank language models and BERT transformers for these purposes are presented. Recommendations are given regarding the prospects for the practical application of these models as a means of intellectual support for the professional activities of cybersecurity specialists. Scientific novelty: a complex of machine learning models for thematic modeling and summarization of professional texts is proposed, based on neural network models of attachments and transformer models, characterized by an algorithm for preparing a corpus of texts for training models and the use of a learning transfer algorithm, which will increase the efficiency of analysis and generalization of domain-specific corpora of texts.
Keywords: Text Mining, vector word embedding, transformer, text clustering, summarization, information security, cybersecurity.
References
1. Liu X., Xiong H., Shen N. A hybrid model of VSM and LDA for text clusteing // 2017 2nd IEEE International Conference on Computational Intelligence and Applications (ICCIA). IEEE, 2017, pp. 230-233.
2. Gambhir M., Gupta V. Recent automatic text summarization techniques: a survey // Artificial Intelligence Review. 2017, vol. 47, no. 1, pp. 1-66. DOI:10.1007/s10462-016-9475-9
3. Белякова А.Ю., Беляков Ю.Д. Обзор задачи автоматической суммаризации текста // Инженерный вестник Дона. 2020. № 10 (70). С. 142-159.
4. Sri S.H.B., Dutta S.R. A Survey on Automatic Text Summarization Techniques // Journal of Physics: Conference Series. IOP Publishing, 2021, vol. 2040, no. 1, pp. 012044. DOI: 10.1088/1742-6596/2040/1/012044
5. Liang Z. et al. Gated graph neural attention networks for abstractive summarization // Neurocomputing. 2021, vol. 431, pp. 128-136.
6. Masum A.K.M. et al. Abstractive method of text summarization with sequence to sequence RNNs // 2019 10th international conference on computing, communication and networking technologies (ICCCNT). IEEE, 2019, pp. 1-5.
7. Vaswani A. et al. Attantion is All You Need // 31st Conference on Neural Information Processing Systems (NIPS 2017), Long Beach, CA, USA. 2017, vol. 30, pp. 1-11.
8. Jonsson F. Evaluation of the Transformer Model for Abstractive Text Summarization: Degree Project in Computer Science and Engineering. Master’s in computer science dissertation. Stockholm, Sweden. 2019. URL: https://www.diva-portal.org/smash/get/diva2:1368180/FULLTEXT01.pdf (дата обращения: 28.10.2022).
9. Gupta A. et al. Automated news summarization using transformers // Sustainable Advanced Computing. Springer, Singapore, 2022. pp. 249-259. DOI: 10.1007/978-981-16-9012-9_21
10. Jatnika D., Bijaksana M.A., Suryani A.A. Word2vec model analysis for semantic similarities in english words // Procedia Computer Science. 2019, vol. 157, pp. 160-167.
11. Yang M. et al. A hierarchical clustering approach to fuzzy semantic representation of rare words in neural machine translation // IEEE Transactions on Fuzzy Systems. 2020, vol. 28, no. 5, pp. 992-1002.
12. Reimers N., Gurevych I. Sentence-BERT: Sentence Embeddings using Siamese BERT-Networks // Proceedings of the 2019 Conference on Empirical Methods in Natural Language Processing and the 9th International Joint Conference on Natural Language Processing (EMNLP-IJCNLP). 2019, pp. 3982-3992. DOI:10.18653/v1/D19-1410
13. Arora S., Hu W., Kothari P.K. An analysis of the t-sne algorithm for data visualization // Conference on learning theory. PMLR, 2018, pp. 1455-1462.
14. Dey A., Jenamani M., Thakkar J.J. Senti-N-Gram: An n-gram lexicon for sentiment analysis // Expert Systems with Applications. 2018, vol. 103, pp. 92-105.
15. Reiter E. A structured review of the validity of BLEU // Computational Linguistics. 2018, vol. 44, no. 3, pp. 393-401.
16. Васильев В.И., Вульфин А.М., Кучкарова Н.В. Оценка актуальных угроз безопасности информации с помощью технологии трансформеров // Вопросы кибербезопасности. 2022. № 2(48). С. 27-38. DOI 10.21681/2311-3456-2022-2-27-38
17. Bojanowski P. et al. Enriching Word Vectors with Subword Information // Transactions of the association for computational linguistics. 2017, vol. 5, pp. 135-146.
18. Miller D. Leveraging BERT for Extractive Text Summarization on Lectures // arXiv preprint arXiv:1906.04165. 2019. doi.org/10.48550/arXiv.1906.04165
19. Lee D.D., Seung H.S. Learning the Parts of Objects by Non-Negative Matrix Factorization // Nature. 1999, vol. 401, no. 6755, pp.788-791. DOI: 10.1038/44565
20. Williams T., Betak J. A Comparison of LSA and LDA for the Analysis of Railroad Accident Text // Procedia computer science. 2018, vol. 130, pp. 98-102.
21. See A., Liu P.J., Manning C.D. Get to the Point: Summarization with Pointer-Generator Networks // Proceedings of the 55th Annual Meeting of the Association for Computational Linguistics (Volume 1: Long Papers). 2017, pp. 1073-1083.
22. Dinh D.T., Fujinami T., Huynh V.N. Estimating the optimal number of clusters in categorical data clustering by silhouette coefficient // Knowledge and Systems Sciences: 20th International Symposium, Da Nang, Vietnam, November 29–December 1, 2019. Springer Singapore, 2019, pp. 1-17.
23. Jelodar H. et al. Latent Dirichlet allocation (LDA) and topic modeling: models, applications, a survey // Multimedia Tools and Applications. 2019, vol. 78, pp. 15169-15211.
24. Angelov D. Top2vec: Distributed representations of topics // arXiv preprint arXiv:2008.09470. 2020. doi.org/10.48550/arXiv.2008.09470
25. Grootendorst M. BERTopic: Neural topic modeling with a class-based TF-IDF procedure // arXiv preprint arXiv:2203.05794. 2022. doi.org/10.48550/arXiv.2203.05794
26. Шереметьева С.О., Бабина О.И. Платформа для концептуального аннотирования многоязычных текстов // Вестник Южно-Уральского государственного университета. Серия: Лингвистика. – 2020. Т. 17. №. 4. С. 53-60.
27. Schopf Т., Klimek S., Matthes F. PatternRank: Leveraging Pretrained Language Models and Part of Speech for Unsupervised Keyphrase // Proceedings of the 14th International Joint Conference on Knowledge Discovery, Knowledge Engineering and Knowledge Management KDIR. 2022, pp. 243-248. DOI:10.20944/PREPRINTS201908.0073.V1
28. McInnes L., Healy J., Melville J. UMAP: Uniform Manifold Approximation and Projection for Dimension Reduction // The Journal of Open Source Software. 2018, vol. 3, no. 29, pp. 861. DOI: 10.21105/joss.00861
29. McInnes L., Healy J., Astels S. hdbscan: Hierarchical Density Based Clustering // J. Open Source Softw. 2017, vol. 2, no. 11, pp. 205. DOI:10.21105/JOSS.00205
30. Carbonell J., Goldstein J. The use of MMR, diversity-based reranking for reordering documents and producing summaries // Proceedings of the 21st Annual International ACM SIGIR Conference on Research and Development in Information Retrieval, Melbourne, Australia, 1998. pp. 335-336. DOI:10.1145/290941.291025
31. Краснов Ф.В., Баскакова Е.Н., Смазневич И.С. Оценка прикладного качества тематических моделей для задач кластеризации // Вестник ТГУ. УВТиИ. 2021. № 56. С. 100-111. DOI: 10.17223/ 19988605/56/11
32. Gusev I. Dataset for Automatic Summarization of Russian News // Conference on Artificial Intelligence and Natural Language. Springer, Cham, 2020. pp. 122-134. DOI:10.1007/978-3-030-59082-6_9
33. Hasan T. et al. XL-Sum: large-scale multilingual abstractive summarization for 44 languages // Annual Meeting of the Association for Computational Linguistics and the International Joint Conference on Natural Language Processing 2021. Association for Computational Linguistics (ACL), 2021, pp. 4693-4703. DOI:10.18653/v1/2021.findings-acl.413
34. Mihalcea R., Tarau P. TextRank: Bringing Order into Texts // Proceedings of the 2004 Conference on Empirical Methods in Natural Language Processing. 2004. pp. 404-411.
35. Bar-Yossef Z., Mashiach L.T. Local Approximation of Pagerank and Reverse Pagerank // Proceedings of the 17th ACM conference on Information and knowledge management. 2008, pp. 279-288. DOI:10.1145/1458082.1458122
36. García-Hernández R. A. et al. Text Summarization by Sentence Extraction Using Unsupervised Learning // Mexican International Conference on Artificial Intelligence. Springer, Berlin, Heidelberg, 2008, pp. 133-143. DOI:10.1007/978-3-540-88636-5_12
2-22
Sidnyaev, N. I. CONSTRUCTION OF COMPOSITE CRITERIA FOR OPTIMIZATION OF TERMS AND GENERALIZED INDICATOR OF KNOWLEDGE BASES OF INTELLIGENT SYSTEMS / Sidnyaev N. I. , Sineva E. E. // Cybersecurity issues. – 2023. – № 2(54). – С. 23-35. – DOI: 10.21681/2311-3456-2023-2-23-35.

Abstract
The purpose of the research is to develop the concept of systematization of the knowledge base and solving problems of information cybersecurity of systems and when making search decisions based on the construction of a structured semantic content model of terms of a scientific and theoretical nature describing complex active systems.Research methods: statistical analysis, hypothesis testing methods, machine learning methods, reliability models, evaluation type models used in testing reliability indicators, parameters of behavioral systems.The result obtained: The result obtained: experimental results of the application of reliability evaluation models and consent criteria to different sizes of knowledge bases are discussed and the evaluation of the results of measuring the reliability index on these components, taking into account the failure rate, is given. The description of generalized algorithms for the functioning of evaluation and forecasting components, as well as their applicability to solving problems in the field of information security, is given. A general model of a spatial network is proposed, within the framework of which the subject carries out risk management by effectively, in one sense or another, distributing the homogeneous resource at his disposal between its nodes. For the implementation of decision-making, more optimistic criteria than the minimax criterion are recommended.Scientific novelty: consists in the development of mathematical models to maintain the logical and physical integrity of the knowledge bases of cybersystems using the desirability function and consent criteria. The basic requirements for ensuring reliable behavior and operability of an information system using oriented databases are highlighted and described. It is postulated that the best information system reliability is achieved through the use of automated monitoring systems using knowledge bases for continuous monitoring and periodic analysis of cybersystem objects with tracking the dynamics of changes in the event space.
Keywords: statistics, information systems, reliability, mathematical model, algorithm, desirability, hypothesis.
References
1. Sidnjaev N.I. Logiko-statisticheskij analiz problem planirovanija jeksperimenta. M., Izd-vo MGTU im. N.Je. Baumana, 2022. 352 s.
2. Izrailov K.E., Bujnevich M.V., Kotenko I.V., i dr. Ocenivanie i prognozirovanie sostojanija slozhnyh ob#ektov: primenenie dlja informacionnoj bezopasnosti // Voprosy kiberbezopasnosti. 2022. № 6(52), S. 2−21. DOI:10.21681/2311-3456-2022-6-2-21
3. Fedorov A.V., Shkodyrev V.P., Barsukov N.D. Sistema situacionnogo upravlenija i kontrolja ploho formalizuemyh scenariev dinamicheskih scen // Nauchno-tehnicheskie vedomosti Sankt-Peterburgskogo gosudarstvennogo politehnicheskogo universiteta. Informatika. Telekommunikacii. Upravlenie. 2018. T. 11. № 3. S. 20-28.
4. Yazdi M., Hafezi P., Abbassi R. A methodology for enhancing the reliability of expert system applications in probabilistic risk assessment // Journal of Loss Prevention in the Process Industries. – 2019. – vol. 58. – pp. 51-59.
5. Potjupkin A.Ju., Chechkin A.V. Iskusstvennyj intellekt na baze informacionno-sistemnoj izbytochnosti: monografija / A.Ju. Potjupkin, A.V. Chechkin. – M.: KURS, 2019. – 384 s.
6. Sidnjaev N.I., Butenko Ju.I., Bolotova E.E. Jekspertnaja sistema produkcionnogo tipa dlja sozdanija bazy znanij o konstrukcijah letatel’nyh apparatov / Ajerokosmicheskoe priborostroenie. – 2019. – № 6. – S. 38 – 52.
7. Ovakimjan A. S., Sarkisjan S. G., Zirojan M. A. Ispol’zovanie metodov Data Mining dlja postroenija nechetkih jekspertnyh sistem // Aktual’nye zadachi matematicheskogo modelirovanija i informacionnyh tehnologij (AZMMiIT 2020). – 2020. – S. 191-194.
8. Osnovina O. N., Zhukov P. I. Modelirovanie bazy znanij dlja podderzhki jekspluatacii tehnologicheskogo oborudovanija // Vestnik Voronezhskogo gosudarstvennogo tehnicheskogo universiteta. – 2019. – T. 15. – №. 6. – S. 30-37.
9. Kolenteev N.Ja. Prinjatie reshenij v uslovijah prirodnoj neopredelennosti / N.Ja. Kolenteev, A.S. Kobeleva // Special’naja tehnika i tehnologii transporta. 2020. – № 8(46). – S. 286-293.
10. Derevjanko B. A. Sovremennye metody i sredstva proektirovanija imitacionnyh sistem i sistem podderzhki prinjatija reshenij // Mjagkie izmerenija i vychislenija. – 2019. – №. 1. – S. 4-11.
11. Kljachkin V.N., Zhukov D.A. Prognozirovanie sostojanija tehnicheskogo ob#ekta s primeneniem metodov mashinnogo obuchenija // Programmnye produkty i sistemy. 2019. № 2. S. 244-250.
12. Serobabov A. S. Opredelenie intervalov termov vhodnogo parametra v medicinskoj jekspertnoj sisteme diagnostiki na osnove algomerativnoj klasterizacii // Informacionnye tehnologii i avtomatizacija upravlenija: materialy. – 2022. – S. 248.
13. Averin G.V., Zvjaginceva A.V. Postroenie shkal dlja izmerenija sostojanij slozhnyh ob#ektov v mnogomernyh prostranstvah // Vestnik Doneckogo nacional’nogo universiteta. Serija G: Tehnicheskie nauki. 2018. № 1. S. 13-23.
14. Kovalenko T. A., Borisenko A. Ju. Analiz jekspertnyh sistem // Problemy i perspektivy vnedrenija innovacionnyh telekommunikacionnyh tehnologij. – 2020. – S. 30-37.
15. Souza M. L. H. et al. A survey on decision-making based on system reliability in the context of Industry 4.0 //Journal of Manufacturing Systems. – 2020. – T. 56. – S. 133-156.
16. Ledeneva T. M., Moiseeva T. A. Obzor tipov produkcionnyh pravil v sistemah nechetkogo logicheskogo vyvoda //Aktual’nye problemy prikladnoj matematiki, informatiki i mehaniki. – 2022. – S. 1793-1798.
17. Sobolevskaja E. Ju., Glushkov S. V. Sostavlenie tablic osnovnyh termov dlja razrabotki intellektual’noj transportno-logisticheskoj informacionnoj sistemy upravlenija //Nauchno-tehnicheskoe i jekonomicheskoe sotrudnichestvo stran ATR v XXI veke. – 2019. – T. 1. – S. 71-76.
18. Keith A. J., Ahner D. K. A survey of decision making and optimization under uncertainty //Annals of Operations Research. – 2021. – T. 300. – №. 2. – S. 319-353.
19. Budko N. P., Vasil’ev N. V. Obzor grafo-analiticheskih podhodov k monitoringu informacionno-telekommunikacionnyh setej i ih primenenie dlja vyjavlenija anomal’nyh sostojanij // Sistemy upravlenija, svjazi i bezopasnosti. 2021. № 6. S. 53-75
20. Lavrishheva E. M., Zelenov S. V., Pakulin N. V. Metody ocenki nadezhnosti programmnyh i tehnicheskih sistem // Trudy Instituta sistemnogo programmirovanija RAN. – 2019. – T. 31. – №. 5. – S. 95-108.
21. Berman A. F., Nikolaichuk O. A., Yurin A. Y. The validation system for reliability and survivability of unique mechanical systems // IOP Conference Series: Materials Science and Engineering. – IOP Publishing, 2021. – vol. 1061. – №. 1. – p. 12.
23-35
Dichenko, S. A. A METHOD OF PARAMETRIC SYNTHESIS OF CRYPTO-CODE STRUCTURES FOR MONITORING AND RESTORING THE INTEGRITY OF INFORMATION / S. A. Dichenko, Samoylenko D. V. , Finko O. A. , Ryumshin K. Yu. // Cybersecurity issues. – 2023. – № 2(54). – С. 36-51. – DOI: 10.21681/2311-3456-2023-2-36-51.

Abstract
The purpose of the work is to develop a method for monitoring and restoring the integrity of information in secure multidimensional data storage systems that ensures the stability of the systems under consideration under the destructive influences of an intruder and disturbances in the operating environment.Research method: in the course of the research, the scientific and methodological apparatus of the theory of algebraic systems was used in conjunction with the methods of cryptographic information protection and the mathematical apparatus of coding theory to implement the procedures of crypto-code transformations. Models of reliable data storage systems were studied to justify the feasibility of procedures for ensuring the confirmed integrity of the processed information.Results of the study: a method for formalized representation of information in secure multidimensional data storage systems used in the interests of information and analytical systems, which makes it possible to visually describe the developed structures for monitoring and restoring data integrity under the destructive influences of an intruder and disturbances in the operating environment. A mathematical model of the process of monitoring and restoring data integrity based on crypto-code transformations based on the aggregation of cryptographic methods and methods of error-correcting coding is presented. Combining well-known classical solutions to ensure data integrity will reduce the introduced redundancy, as well as expand the functionality of secure information and analytical systems, which consists in confirming the reliability of restoring the integrity of distorted or lost data without additional costs of their repeated control by cryptographic methods. The proposed model takes into account the structure of multidimensional representation of information in the considered data storage systems of information and analytical systems.Scientific novelty: the developed method of parametric synthesis of crypto-code structures for monitoring and restoring the integrity of information in secure multidimensional data storage systems differs from the known ones by obtaining optimal crypto-code structures due to the rational aggregation of cryptographic and code transformations in the parameter space of the considered data storage systems. Crypto-code structures formed on the basis of building multidimensional hash codes and performing transformations in extended Galois fields provide cryptographic control and restoration of information integrity with the possibility of flexible introduction of redundancy and confirmation with cryptographic reliability of information integrity after the restoration procedure.
Keywords:  information-analytical systems, Big Data, multidimensional data representation, verified integrity,
cryptographic methods, hash function, error-correcting coding, crypto-code constructions, emergence.
References
1. Reinsel D., Gantz J., Rydning J. Data Age 2025: The Evolution of Data to Life-Critical // International Data Corporation. 2017. – Pp. 1–27.
2. Dedić N., Stanier C. Towards Differentiating Business Intelligence, Big Data, Data Analytics and Knowledge Discovery // Springer International Publishing. 2017. – Pp. 114 – 122.
3. Onay C., Öztürk E. A review of credit scoring research in the age of Big Data // Journal of Financial Regulation and Compliance. 2018. № 26(3).– Pp. 382–405.
4. Dichenko S.A. Model’ ugroz bezopasnosti informacii zashhishhjonnyh informacionno-analiticheskih sistem special’nogo naznachenija // Voprosy oboronnoj tehniki. Serija 16: Tehnicheskie sredstva protivodejstvija terrorizmu. 2022. № 1–2 (163–164). – S. 64–71.
5. Kaljuzhnyj A.V., Maksimov V.A., Shushakov A.O. Model’ funkcionirovanija geterogennoj bortovoj sistemy hranenija dannyh s uchetom neodnorodnoj informacionnoj vazhnosti hranimyh dannyh // Trudy Voenno-kosmicheskoj akademii imeni A.F. Mozhajskogo. 2019. №671. S. 33 – 40.
6. Homonenko A.D., Basyrov A.G., Bubnov V.P., Zabrodin A.V., Krasnov S.A., Lohvickij V.A., Tyrva A.V. Modeli i metody issledovanija informacionnyh sistem. – SPb. : Lan’. 2019. – 204 s.
7. Pavlov A.N., Slin’ko A.A., Vorotjagin V.N. Metodika ocenivanija strukturno-funkcional’noj zhivuchesti bortovyh sistem malyh kosmicheskih apparatov v uslovijah vozniknovenija neraschetnyh poletnyh situacij // Informacija i kosmos. 2019. № 2. S. 139–147.
8. Buchinskij D.I., Voznjuk V.V., Fomin A.V. Issledovanie pomehoustojchivosti prijomnika signalov s mnogopozicionnoj fazovoj manipuljaciej k vozdejstviju pomeh s razlichnoj strukturoj // Trudy Voenno-kosmicheskoj akademii imeni A.F. Mozhajskogo. 2019. № 671. S. 120 – 127.
9. Nosov A.P., Ahrem A.A., Rahmankulov V.Z. Analiz jeffektivnosti dekompozicii OLAP-giperkubov dannyh dlja metodov jeksponencial’noj vychislitel’noj slozhnosti // Matematika i matematicheskoe modelirovanie. 2021. № 3. S. 29–45.
10. Bopp V.A. Tehnologija rezervnogo kopirovanija. preimushhestva i nedostatki // Izvestija Tul’skogo gosudarstvennogo universiteta. Tehnicheskie nauki. 2019. № 3. S. 134–137.
11. Dichenko S.A. Model’ kontrolja celostnosti mnogomernyh massivov dannyh // Problemy informacionnoj bezopasnosti. Komp’juternye sistemy. 2021. № 2 (46). – S. 97–103.
12. Sapozhnikov V.V. Osnovy teorii nadezhnosti i tehnicheskoj diagnostiki // SPb.: Lan’. 2019. – 588 s.
13. Fin’ko O.A., Dichenko S.A. Gibridnyj kripto-kodovyj metod kontrolja i vosstanovlenija celostnosti dannyh dlja zashhishhjonnyh informacionno-analiticheskih sistem // Voprosy kiberbezopasnosti. 2019. №6(34). S. 17–36. DOI:10.21681/2311-3456-2019-6-17-36
14. Dichenko S.A., Finko O.A. Controlling and restoring the integrity of multi-dimensional data arrays through cryptocode constructs // Programming and Computer Software. 2021. Vol. 47. No. 6. – Pp. 415–425.
15. Dichenko S., Finko O. Two-dimensional control and assurance of data integrity in information systems based on residue number system codes and cryptographic hash functions // V sbornike: Integrating Research Agendas and Devising Joint Challenges. International Multidisciplinary Symposium ICT Research in Russian Federation and Europe. 2018. Pp. 139–146.
16. Dichenko S.A. An integrity control model for multidimensional data arrays // Automatic Control and Computer Sciences. 2021. Vol. 55. No. 8. Pp. 1188–1193.
17. Samoylenko D., Eremeev M., Finko O., Dichenko S. Protection of information from imitation on the basis of crypt-code structures // Advances in Intelligent Systems and Computing (sm. v knigah). 2019. Vol. 889. Pp. 317–331.
18. Kalmykov I., Chistousov N., Aleksandrov A., Provornov I. Application of correcting polynomial modular codes in infotelecommunication systems // Advances in Intelligent Systems and Computing. 2020. T. 1226. S. 387–398.
19. Baljuk A.A., Fin’ko O.A. Mnogoagentnaja autentifikacija cifrovyh dvojnikov v kiberfizicheskih sistemah // Voprosy kiberbezopasnosti. 2022. №5 (51). S. 100 –113.
20. Sharapov I.O., Samojlenko D.V., Kushpelev A.S. Matematicheskaja model’ imitozashhishhennoj obrabotki dannyh v robototehnicheskih kompleksah na osnove kriptokodovyh konstrukcij // Avtomatizacija processov upravlenija. 2022. № 1 (67). S. 106–114.
21. Samoylenko D.V., Eremeev M.A., Finko O.A., Dichenko S.A. Parallel linear generator of multivalued pseudorandom sequences with operation errors control // SPIIRAS Proceedings. 2018. No. 4 (59). Pp. 31–61.
36-51
Moldovyan, A. A. A NEW APPROACH TO THE DEVELOPMENT OF MULTIDIMENSIONAL CRYPTOGRAPHY ALGORITHMS / A. A. Moldovyan, D. N. Moldovyan, N. A. Moldovyan // Cybersecurity issues. – 2023. – № 2(54). – С. 52-64. – DOI: 10.21681/2311-3456-2023-2-52-64.

Abstract
Purpose of work is the reduction in the size of the public key of public-key algorithms of multivariate cryptography based on the computational difficulty of solving systems of many power equations with many unknowns.Research method is use of non-linear mappings defined as exponentiation operations in finite extended fields GF(qm) represented in the form of finite algebras. The latter makes it possible to perform the exponentiation operation in the field GF(qm) by calculating the values of power polynomials over the field GF(q), which define a hardly reversible nonlinear mapping of the vector space over GF(q) with a secret trapdoor. Due to the use of nonlinear mappings of this type, it is possible to specify a public key in multidimensional cryptography algorithms in the form of a nonlinear mapping implemented as a calculation of the values of a set of polynomials of the third and sixth degree. At the same time, due to the use of masking linear mappings that do not lead to an increase in the number of terms in polynomials, the size of the public key is reduced in comparison with known analogue algorithms, in which the public key is represented by a set of polynomials of the second and third degrees. The proposed approach potentially expands the areas of practical application of post-quantum algorithms for public encryption and electronic digital signature, related to multidimensional cryptography, by significantly reducing the size of the public key.Results of the study are the main provisions of a new approach to the development of algorithms of multidimensional cryptography are formulated. Hardly invertible nonlinear mappings with a secret trapdoor are proposed in the form of exponentiation operations to the second and third powers in finite extended fields GF(qm), represented in a form of a finite algebra. A rationale is given for specifying a public key in a form that includes a superposition of two non-linear mappings performed as a calculation of a set of second and third degree polynomials defined over GF(q). Techniques for implementing mappings of this type are proposed and specific options for specifying the fields GF(qm) in the form of finite algebras are considered. An estimate of the size of the public key in the algorithms developed within the framework of the new approach is made. at a given security level.. Practical relevance includes the developed main provisions of a new method for constructing multidimensional cryptography algorithms based on the computational difficulty of solving systems of many power equations with many unknowns and related to post-quantum cryptoschemes. The proposed approach expands the areas of practical application of post-quantum algorithms of this type by significantly reducing the size of the public key, whichprovides the prerequisites for improving performance and reducing technical resources for their implementation.
Keywords: finite fields; polynomials; mapping; non-linear mappings; computationally difficult problem; multivariate cryptography; public encryption; digital signature; post-quantum cryptography.
References
1. Alagic G., Apon D., Cooper D. , Dang Q., Dang T., Kelsey J., Lichtinger, J. Yi-Kai Liu, Miller C., Moody D., Peralta R., Perlner R., Robinson A., Smith-Tone D. Status Report on the Third Round of the NIST Post-Quantum Cryptography Standardization Process, NIST IR 8413, National lnstitute of Standards and Technology, July 2022, 99 pp. [Jelektronnyj resurs]. URL: https://doi.org/10.6028/NIST.IR.8413 (obrashhenie 6 janvarja 2023).
2. Call for Additional Digital Signature Schemes for the Post-Quantum Cryptography Standardization Process. September 6, 2022, 99pp. [Jelektronnyj resurs]. URL: https://csrc.nist.gov/csrc/media/Projects/pqc-dig-sig/documents/call-for-proposals-dig-sig-sept-2022.pdf (obrashhenie 6 janvarja 2023).
3. Ding J., Petzoldt A., Schmidt D.S. Multivariate Cryptography // In: Multivariate Public Key Cryptosystems. Advances in Information Security. Springer, New York. 2020. V. 80. P. 7-23. https://doi.org/10.1007/978-1-0716-0987-3_2
4. Ding J., Petzoldt A., Schmidt D.S. The Matsumoto-Imai Cryptosystem // In: Multivariate Public Key Cryptosystems. Advances in Information Security. Springer, New York. 2020. V. 80. P. 25-60. https://doi.org/10.1007/978-1-0716-0987-3_3
5. Ding J., Petzoldt A., Schmidt D.S. Hidden Field Equations // In: Multivariate Public Key Cryptosystems. Advances in Information Security. Springer, New York. 2020. V. 80. P. 61-88 https://doi.org/10.1007/978-1-0716-0987-3_4
6. Ding J., Petzoldt A., Schmidt D.S. Oil and Vinegar // In: Multivariate Public Key Cryptosystems. Advances in Information Security. Springer, New York. 2020. V. 80. P. 89-151. https://doi.org/10.1007/978-1-0716-0987-3_5
7. Ding J., Petzoldt A., Schmidt D.S. MQDSS // In: Multivariate Public Key Cryptosystems. Advances in Information Security. Springer, New York. 2020. V. 80. P. 153-168. https://doi.org/10.1007/978-1-0716-0987-3_6
8. Rainbow Signature. One of three NIST Post-quantum Signature Finalists [online] 2021. https://www.pqcrainbow.org/ (obrashhenie 6 janvarja 2023).
9. Hashimoto, Y. (2021). Recent Developments in Multivariate Public Key Cryptosystems // In: Takagi, T., Wakayama, M., Tanaka, K., Kunihiro, N., Kimoto, K., Ikematsu, Y. (eds) International Symposium on Mathematics, Quantum Theory, and Cryptography. Mathematics for Industry. Springer, Singapore. 2021. V. 33. P. 209-229. https://doi.org/10.1007/978-981-15-5191-8_16
10. GeMSS: A Great Multivariate Short Signature, https://www-polsys.lip6.fr/Links/NIST/GeMSS.html (obrashhenie 6 janvarja 2023).
11. J. Ding, A. Petzoldt Current State of Multivariate Cryptography // IEEE Security and Privacy Magazine. 2017, vol. 15, no. 4, pp. 28-36.
12. Ikematsu Y., Nakamura S., Takagi T. Recent progress in the security evaluation of multivariate publickey cryptography // IET Information Security. 2022. P. 1-17. DOI:10.1049/ise2.12092
13. Ding J., Petzoldt A., Schmidt D.S. Solving Polynomial Systems. In: Multivariate Public Key Cryptosystems // Advances in Information Security. Springer. New York. 2020. V. 80. P. 185-248. https://doi.org/10.1007/978-1-0716-0987-3_8
14. Øygarden M., Smith-Tone, D., Verbel, J. On the Effect of Projection on Rank Attacks in Multivariate Cryptography // In: Cheon, J.H., Tillich, JP. (eds) Post-Quantum Cryptography. PQCrypto 2021. Lecture Notes in Computer Science. 2021. V. 12841. P.98-113. Springer, Cham. https://doi.org/10.1007/978-3-030-81293-5_6
15. 15. Øygarden M., Felke P., Raddum H., Cid C. Cryptanalysis of the Multivariate Encryption Scheme EFLASH // Topics in Cryptology – CTRSA 2020. Lecture Notes in Computer Science. 2020. V. 12006. P. 85-105.
16. Li W., Lu F., Zhao H. Power analysis attacks against QUAD // IAENG International Journal of Computer Science. 2019. V. 46. No. 1. P. 54–60.
17. Kr ̈amer J., Loiero M. Fault attacks on UOV and Rainbow // Constructive Side-Channel Analysis and Secure Design. Proceedings of the International Workshop on Constructive Side-Channel Analysis and Secure Design. Darmstadt, Germany, 2019. P. 193–214.
18. Park A., Shim K., Koo N., Han D. Side-channel attacks on post-quantum signature schemes based on multivariate quadratic equations // IACR Transactions on Cryptographic Hardware and Embedded Systems. 2018. V. 2018. No 3. P. 500–523.
19. Park A, Kyung-Ah Shim, Namhun Koo, Dong-Guk Han. Side-Channel Attacks on Post-Quantum Signature Schemes based on Multivariate Quadratic Equations: Rainbow and UOV // IACR Transactions on Cryptographic Hardware and Embedded Systems. 2018. V. 2018. No. 3. P. 500–523. DOI:10.46586/tches.v2018.i3.500-523
20. Moldovyan N.A., Moldovyanu P.A. Vector Form of the Finite Fields GF(pm) // Bulletin of Academy of Sciences of Moldova. Mathematics. 2009. No 3 (61). P. 57-63.
52-64
Averyanov, V. S. ON PRIMARY TECHNICAL DEVICES AND REQUIREMENTS FOR QUANTUM SYSTEM SECURITY KEYS / V. S. Averyanov, I. N. Kartsan // Cybersecurity issues. – 2023. – № 2(54). – С. 65-72. – DOI: 10.21681/2311-3456-2023-2-65-72.

Abstract
Purpose of the article: development of new methods, algorithms and models to detect unauthorized actions of an intruder/s in relation to broadcast data represented in the form of one-photon pure states of light particles, which will allow: to strengthen the secrecy of basic security keys, improve procedures for data exchange and processing by legitimate users of the telecommunications system, expand the functionality of existing technological solutions in their classic representation.Research method: system analysis, information security assessment method.The result: risks of critical system errors for procedures of basic states measurement results matching and supposed potential possibilities of attacker to realize vulnerabilities through active phase of attacks with explicit critical outcome are presented. It is established that translation of mixed single-photon states and imposition on receiving hardware is explicitly uncontrolled, unaccountable and not contained in any algorithm of quantum protocols, which, according to the authors, is the most critical vulnerability of modern cryptographic systems based on quantum mechanics. A way to solve problems of “silent” scanning and to counteract hidden active attacks on quantum channel and particle states is proposed. The essence of the solution consists in non-orthogonality of states of a random basis vector and duplication of a main communication channel containing an information path on pulse signals broadcasting, where a known number of synchro-sentences in a backup line allows to trace an attacker. Fundamental is the knowledge of the primary-natural errors occurring at each of the stages of the formation of the main security key.
Keywords: system errors, BB84 protocol (4 + 2), single-photon systems, optical devices, telecommunication systems, attacker, data transfer protocol.
References
1. Krebs C. et al. Advisory memorandum on identification of essential critical infrastructure workers during Covid-19 response. – 2020.
2. Schaad J., Ramsdell B., Turner S. Secure/multipurpose internet mail extensions (S/MIME) version 4.0 message specification. – 2019. – №. rfc8551.
3. Zhukov A.O., Kartsan I.N., Averyanov V.S. Cybersecurity of the Arctic Zone. Information and telecommunication technologies. 2021. № 51. pp. 9-13.
4. Averyanov V.S., Kartsan I.N. Digital methods of communication organization in the Arctic zone. In book: Measurement, Automation and Modelling in Industry and Scientific Research (IAMP-2020). Proceedings of the XV All-Russian scientific and technical conference of students, graduate students and young scientists with international participation. 2020. pp. 60-61.
5. Puchkov I.I. Dispersion and signal attenuation in optical communication lines//PROFESSIONAL OF THE YEAR 2018. – 2018. - S. 23-26.
6. Averyanov V.S., Kartsan I.N. On a splitting attack in distribution of cryptographic security keys. Information protection. Insider. 2022. № 4 (106). pp. 20-23.
7. Kolyako A.V., Pleshkov A.S., Tret’yakov D.B., Entin V.M., Ryabtsev I.I., Neizvestny I. Investigation of the long-term stability of singlephoton quantum key generation in a polarization-coded circuit. Siberian Physical Journal. 2021. Vol. 16(2). pp. 81-93.
8. Levchenko S.A., Roenkov D.N. Quantum-cryptographic methods of information protection. SPbNTORES: Proceedings of the annual STC. 2019. № 1(74). pp. 201-203.
9. Belinsky A.V. On the violation of causality in experiments with photons // Vestnik of Moscow University. Series 3. Physics. Astronomy. - 2018. - №. 3. - рр. 14-25.
10. Averyanov V.S., Kartsan I.N. Key sequence safety by Charles Bennett protocol. In the collection: Russian science, innovations, education - ROSNIO-2022. collection of scientific articles on the materials of the All-Russian scientific conference. Krasnoyarsk, 2022. pp. 72-75.
11. Larionov N.V. Q-distribution for a single-atom laser operating in the “classical” mode // Journal of Experimental and Theoretical Physics. - 2022. - Т. 161. - №. 2. - рр. 166-176.
12. Sidorov A.I. Sensor photonics // SPb: ITMO University. - 2019.
13. Belyaev S.S. et al. Construction of cryptographically stable pseudorandom sequences generation function based on the “Grasshopper” encryption algorithm // Cyber Security Issues. - 2021. - №. 4 (44). - рр. 25-34.
14. Axelrod V.A., Averyanov V.S., Kartsan I.N. Quantum key distribution protocol BB84. In the collection: Russian science, innovations, education - RUSNIO-2022. collection of scientific articles on the materials of the All-Russian scientific conference. Krasnoyarsk, 2022. pp. 142-147.
15. Vershinina K.V., Saltykov A.R. Application of modified BB84-DS protocol for quantum key distribution (QKD). In the collection: Actual problems of infotelecommunications in science and education. collection of scientific works: in 4 volumes. Saint-Petersburg State University of Telecommunications by Prof. M.A.Bonch-Bruevich. Saint-Petersburg, 2021. pp. 151-155.
16. Zavala M., Barán B. QKD BB84. A taxonomy. В сборнике: Proceedings - 2021 47th Latin American Computing Conference, CLEI 2021. 47. 2021. DOI: 10.1109/CLEI53233.2021.9639932.
17. Alshaer N., Nasr M.E., Ismail T. Hybrid MPPM-BB84 quantum key distribution over fso channel considering atmospheric turbulence and pointing errors. IEEE Photonics Journal. 2021. Т. 13. № 6. С. 7600109. DOI: 10.1109/JPHOT.2021.3119767.
18. Vasiliu E. V. Resistance of ping-pong protocol with Greenberger-Horn-Zeilinger triplets to attack using auxiliary quantum systems // Informatics. - 2018. - №. 1 (21). - рр. 117-128.
19. Tudorache A.G., Manta V., Caraiman S. Quantum steganography based on the B92 quantum protocol //Mathematics. – 2022. – Vol. 10. – №. 16. – pp. 2870.
20. Komarova A. V., Korobeinikov A. G. Analysis of the main existing post-quantum approaches and electronic signature schemes // Cyber Security Issues. - 2019. - №. 2 (30). - pp. 58-68.
21. Gulakov I. R. et al. Detection of an information leakage channel from a multimode optical fiber by means of a silicon photomultiplier tube // Reports of the Belarusian State University of Informatics and Radioelectronics. - 2022. - Vol. 20. - №. 6. - pp. 37-44.
22. Kolyako A. V. et al. A study of the long-term stability of single-photon quantum key generation in a polarization-coded circuit // Siberian Physical Journal. - 2022. - Vol. 16. - №. 2. - pp. 81-93.
23. Torkhov N. A. Quantum-mechanical state of quantum system and tunneling effect (new view) // VHF Engineering and Telecommunication Technologies. - 2020. - №. 1-1. - pp. 331-332.
65-72
Kotenko, I. V. MANAGEMENT OF ACCESS TO ELECTRONIC INFORMATION AND EDUCATIONAL ENVIRONMENT OF UNIVERSITIES OF FEDERAL EXECUTIVE AUTHORITIES / I. V. Kotenko, I. B. Saenko, R. I. Zakharchenko, A. S. Kapustin, M. Kh. Al-Barri // Cybersecurity issues. – 2023. – № 2(54). – С. 73-84. – DOI: 10.21681/2311-3456-2023-2-73-84.

Abstract
The purpose of the article: analysis of the problem of ensuring timely authorized access to the resources of the electronic information and educational environment of universities of federal executive authorities and identification of possible directions for its solution.Research methods: system analysis of the problem of ensuring access of officials of universities of federal executive authorities to the resources of the electronic information and educational environment.The result obtained: approaches to improving the existing access control model, optimizing the role-based access scheme and determining unauthorized access attempts based on machine learning methods are proposed.Scope of the proposed approach: access control system of the electronic information and educational environment of universities of federal executive authorities.Scientific novelty: consists in a comprehensive analysis of the problem of creating and functioning of the electronic information and educational environment of universities of federal executive authorities, during which the structure of this environment is determined and its characteristic features are highlighted. Based on the analysis of information security threats in the electronic information and educational environment, the necessity of creating an access control system to its resources, which provides timely authorized access, is substantiated. The proposed approaches to improving the access control system affect not only the improvement of the existing access model by supplementing it with solutions available in the attribute-based access model, but also the optimization of the role-based access scheme using the developed genetic algorithm and the detection of unauthorized access attempts associated with overcoming access rules, based on application of machine learning methods. Experimental results are presented that confirm the effectiveness of the proposed approaches.Contribution: Igor Kotenko - analysis of the state of the art in the creation and application of the electronic information and educational environment of universities of federal executive authorities, setting the task and developing proposals for developing the functionality of the access control system, development of approaches to genetic optimization of the access scheme and detection of unauthorized access attempts using machine learning methods; Igor Saenko - development of approaches to improving the access control system related to the use of an attribute-based access model, genetic optimization of the access scheme and detection of unauthorized access attempts using machine learning methods; Roman Zakharchenko - analysis of technical solutions that ensure the implementation of the access control system to the resources of the electronic information and educational environment of universities of federal executive authorities, Alexander Kapustin - analysis of security threats and access control models to resources of the electronic information and educational environment of universities of federal executive authorities, Mazen Al-Barri - development and experimental study of an approach to detect attempts of unauthorized access to the resources of the electronic information and educational environment of universities of federal executive authorities, based on the use of machine learning methods.
Keywords:  cybersecurity, electronic information and educational environment, access control model, mandatory access control, role-based access control, genetic algorithm, machine learning.
References
1. Volkov A.G. Status and development prospects of the electronic information and educational environment in the military educational organization of higher education // Humanitarian Bulletin of the Military Academy of Strategic Missile Forces. – 2017. – No. 4 (8). – pp. 14-21. (in Russian)
2. Voronkov I.Yu., Golubev M.A., Merzhvinskaya L.V., Repyakh N.A. Methodological bases for planning the activities of a military educational organization in the context of the introduction of an electronic information and educational environment // Proceedings of the Military Space Academy named after A.F. Mozhaisky. – 2019. – No. 671. – pp. 393-400. (in Russian)
3. Kamyshentsev Yu.I. Educational and scientific (research) activity in the formed electronic information and educational environment of the military university // Scientific and methodological bulletin of the Military University of the Ministry of Defense of the Russian Federation. – 2019. – No. 12 (12). – pp. 134-141. (in Russian)
4. Ragozin A.N. Prospects and problems of development of the electronic information and educational environment of higher military educational institutions (on the example of the RVVDKU) // Bulletin of military education. – 2021. – No. 1 (28). – pp. 22-26. (in Russian)
5. Kalinichenko I.A., Ziborov O.V., Yarmak K.V. Improving the electronic information and educational environment of the Moscow University of the Ministry of Internal Affairs of Russia named after V.Ya. Kikot // Bulletin of economic security. – 2019. – No. 3. – pp. 362-366. (in Russian)
6. Loknov A.I. Development of an electronic information and educational environment at the St. Petersburg University of the Ministry of Internal Affairs of Russia // Pedagogy and psychology in the activities of law enforcement officers: integration of theory and practice. Materials of the All-Russian scientific-practical conference. A.S. Dushkina, N.F. Geizhan (Eds.). – 2019. – pp. 229-233. (in Russian)
7. Kotenko P.K., Shevtsov V.I. Electronic Information and Educational Environment in the System of State Accreditation of Educational Organizations of the Ministry of Emergency Situations of Russia // Prospects of Science and Education. – 2020. – No. 1 (43). – pp. 430-442. DOI: 10.32744/pse.2020.1.31. (in Russian)
8. Bulat R.E., Lebedev A.Yu., Nikitin N.A., Baichorova Kh.S. Psychological and pedagogical resources for increasing the readiness of students for the educational process in the conditions of an electronic information and educational environment // Scientific and analytical journal “Bulletin of the St. Petersburg University of the State Fire Service of the Ministry of Emergency Situations of Russia”. – 2020. – No. 3. – pp. 172-178. (in Russian)
9. Voronov S.A., Ryazanov G.V. Electronic information and educational environment: the experience of using the Moodle learning management system in a military educational organization // Bulletin of the St. Petersburg Military Institute of the National Guard Troops. – 2021. – No. 1 (14). – pp. 11-15. (in Russian)
10. Plyukhin A.Yu. Electronic Information and Educational Environment as a Means of Forming the Research Readiness of Teachers in the Higher Educational Institutions of the National Guard // Bulletin of the Voronezh State Pedagogical University. – 2021. – No. 4 (293). – pp. 110-115. (in Russian)
11. Shkapenko T.M. E-learning: the current state of the problem in the higher education system in Russia and foreign countries // Bulletin of MGIMO University. – 2013. – No. 6 (33). – pp. 71-76. (in Russian).
12. Kalinin S.V., Levchenko A.A., Fedulov B.A. Features of the implementation of the electronic information and educational environment of the legal institute of the Ministry of Internal Affairs of Russia in the teaching of special disciplines // Bulletin of the Barnaul Law Institute of the Ministry of Internal Affairs of Russia. – 2019. – No. 1 (36). – pp. 183-185. (in Russian).
13. Mitroshin P.A. Development of a fault-tolerant electronic information and educational environment of an educational institution, taking into account the requirements of information security // Technology of technosphere safety. – 2021. – No. 3 (93). – pp. 73-87. DOI: 10.25257/TTS.2021.3.93.73-87. (in Russian)
14. GOST R 59383-2021. Information Technology. Methods and means of ensuring security. Access control basics. Introduction date 2021-11-30 / Federal Agency for Technical Regulation. – M.: Standartinform, 2021. (in Russian)
15. Devyanin P.N., Kulyamin V.V., Petrenko A.K., Khoroshilov A.V., Shchepetkov I.V. Integration of mandatory and role-based access control and mandatory integrity control in a verified hierarchical security model of an operating system // Proceedings of ISP RAS. – 2020. – Vol. 32, No. 1. – pp. 7-26. DOI: 10.15514/ISPRAS-2020-32(1)-1. (in Russian)
16. Hu V.C., Kuhn R., Ferraiolo D., Voas J. Attribute-based access control // Computer. – 2015. – Vol. 48, No. 2. – pp. 85-88. DOI: 10.1109/MC.2015.33.
17. Kotenko I. V., Levshun D. S., Saenko I. B. Verification of Attribute-Based Access Control Policies in Cloud Infrastructures Using the Model Check Method // Control Systems, Communications and Security. – 2019. – No. 4. – pp. 421-436. DOI: 10.24411/2410-9916-2019-10417. (in Russian)
18. Saenko I.B., Biryukov M.A., Yasinsky S.A., Gryazev A.N. Implementation of security criteria when building a unified system for restricting access to information resources in cloud infrastructures // Information and space. – 2018. – No. 1. – pp. 81-85. (in Russian).
19. Saenko I., Kotenko I. Design and performance evaluation of improved genetic algorithm for Role Mining Problem // Proceedings of the 2012 20th Euromicro International Conference on Parallel, Distributed and Network-based Processing, Munich, Germany, 2012. – pp. 269-274. DOI: 10.1109/PDP.2012.31.
20. Kotenko I., Saenko I. Improved genetic algorithms for solving the optimisation tasks for design of access control schemes in computer networks // International Journal of Bio-Inspired Computation. – 2015. – Vol. 7, No. 2. – pp. 98-110. DOI: 10.1504/IJBIC.2015.069291.
21. Saenko I.B., Kotenko I.V., Al-Barri M.H. The use of artificial neural networks to detect anomalous behavior of users of data processing centers // Voprosy kiberbezopasnosti. – 2022. – No. 2 (48). – pp. 87-97. DOI: 10.21681/2311-3456-2022-2-87-97. (in Russian)
22. Saenko I.B., Kotenko I.V., Al-Barri M.H. Research on the possibilities of detecting anomalous behavior of data center users using machine learning models // Twentieth National Conference on Artificial Intelligence with International Participation, KII-2022 (Moscow,
December 21–23, 2022). Proceedings of the conference. Vol. 2. – M.: MPEI Publishing House, 2022. – pp. 232-241. (in Russian).
23. Kotenko I., Saenko I., Branitskiy A. Framework for Mobile Internet of Things Security Monitoring based on Big Data Processing and Machine Learning // IEEE Access. – 2018. – Vol.6. – pp. 72714-72723. DOI: 10.1109/ACCESS.2018.2881998.
24. Gowtham M., Pramod H.B. Semantic Query-Featured Ensemble Learning Model for SQL-Injection Attack Detection in IoT-Ecosystems // IEEE Transactions on Reliability. – 2022. – Vol. 71, No. 2. – pp. 1057-1074. DOI: 10.1109/TR.2021.3124331.
73-84
Baksheev, A. S. DEVELOPMENT OF A METHODOLOGY FOR MONITORING THE LEVEL OF INFORMATION SECURITY OF CRITICAL INFORMATION INFRASTRUCTURE OBJECTS / A. S. Baksheev, I. I. Livshitz // Cybersecurity issues. – 2023. – № 2(54). – С. 85-98. – DOI: 10.21681/2311-3456-2023-2-85-98.

Abstract
Purpose of work is to increase the level of security of subjects of critical information infrastructure through the use of a “dual” regime to implement a full cycle of ensuring the security of critical information infrastructure facilities - a full national regime and a combined regime.Research method: to achieve the purpose of the work, methods of analysis, comparison, generalization, structural decomposition from the theory of system analysis, determination of criteria for monitoring the level of information security of CII objects were used.Research result: the paper presents a detailed analysis and comparison of existing concepts for controlling the level of information security used to obtain a certain level of security. A method for monitoring the level of information security of CII objects is proposed.The scientific novelty lies in the development of a methodology for monitoring the level of information security of CII objects, using an information security audit model for CII objects, which in turn uses the possibility of a “dual mode” for a full cycle of ensuring the security of CII objects - full national and combined modes, allowing, if necessary, to include additional functional blocks.
Keywords: security measures, vulnerabilities, standard, risk, audit, information security, penetration testing.
References
1. Livshits I. I., Baksheev A.S. Investigation of methods for monitoring the level of information security at critical information infrastructure facilities / I. I. Livshits, A. S. Baksheev. // Cybersecurity issues. — 2022. — № 6(52). — Pp. 40-52.
2. Lontsikh P.A., Livshits I.I. On the issue of assessing the compliance of electronic services with information security requirements based on the ISO 27001 standard in the Customs Union / P.A. Lontsikh, I.I. Livshits. — Text: direct // Bulletin of the IrSTU. — 2015. — №11 (106). — Pp. 44-57.
3. Lipnitsky A.A., Lyashenko V.A., Pak M.A., Bykovsky P.S. Cybersecurity of automated control systems. The upper block level system. Basic Cybersecurity configurations of system software // Current scientific research in the modern world. – 2020. – № 6-2 (62). – Pp. 62-71.
4. Tkachenko A. Cybersecurity of automated process control systems and certification of imported software and hardware // Chemical engineering. - 2018. – No. 3. – pp. 30-32.
5. Kostarev S.V., Karaganov V.V., Lipatnikov V.A. Analysis of cybersecurity threats. Problems of information security // In the book: INFORMATION SECURITY TECHNOLOGIES IN THE CONDITIONS OF CYBERNETIC CONFRONTATION. Kostarev S.V., Karaganov V.V., Lipatnikov V.A. St. Petersburg, 2020. pp. 68-93.
6. Robertovich A.V., Tabakaeva V.A., Selifanov V. V. Development of methods for auditing cybersecurity of state information systems related to significant objects of critical information infrastructure operating on the basis of data processing centers // Interexpo GeoSiberia. 2020. №1.
7. Kure, H.I., Islam, S. & Mouratidis, H. An integrated cyber security risk management framework and risk predication for the critical infrastructure protection. Neural Comput & Applic 34, 15241–15271 (2022). https://doi.org/10.1007/s00521-022-06959-2
8. Eshbaev A.Kh. Theoretical Framework of Risk Management // Current scientific research in the modern world. – 2021. – № 2-7 (70). – С. 23-30.
9. Miller K.D. A Framework for Integrated Risk Management in International Business // Journal of International Business Studies. – 1992. – Т. 23. – № 2. – С. 311-331.
10. Phillips P.W.B., Smyth S. Grounding the Management of Liabilities in the Risk Analysis Framework // Bulletin of Science, Technology and Society. – 2007. – Т. 27. – № 4. – С. 274-285.
11. Maletič D., Maletič M., Pačaiová H., Nagyová A., Gomišček B. Framework Development of an Asset Manager Selection Based on Risk Management and Performance Improvement Competences // Safety. – 2021. – Т. 7. – № 1.
12. Makarenko S. I. Penetration testing based on the NIST SP 800-115 standard / S.I. Makarenko. // Cybersecurity issues. — 2022. — № 3(49). — Pp. 44-57.
13. Makarenko S.I., Smirnov G.E. Analysis of standards and methods of penetration testing // Control systems, communications and security. 2020. №4.
14. Nesterovsky O.I., Pashkovskaya E.S., Butrik E.E. Methodical approach to the organization of information security control at critical information infrastructure facilities // Bulletin of the Ministry of Internal Affairs of Russia. - 2021. — No. 2. — pp.126-133
15. An V.R., Tabakaeva V.A. Development of an algorithm for conducting a cybersecurity audit // In the book: MNSK-2021. Materials of the 59th International Scientific Student Conference. Novosibirsk, 2021. P. 5.
16. Osak A.B., Panasetsky D.A., Buzina E.Ya. Reliability of emergency automation and relay protection from the standpoint of cybersecurity // In the collection: Methodological issues of reliability research of large energy systems. International Scientific Seminar named after Y.N. Rudenko: In 2 books. Responsible editor Voropai N.I., 2018. pp. 99-108.
17. V.D. Nogin. Decision-making under many criteria. – St. Petersburg. UTAS Publishing House, 2007. – 104 p.
85-98
Legashev, L. V. THE TECHNIQUE OF BUILDING A SUSTAINABLE PROTECTION SYSTEM BASED ON ADVERSARIAL MACHINE LEARNING IN 6G WIRELESS NETWORKS / L. V. Legashev, L. S. Grishina // Cybersecurity issues. – 2023. – № 2(54). – С. 99-108. – DOI: 10.21681/2311-3456-2023-2-99-108.

Abstract
The purpose of research is to develop the technique of analytical processing of big data of services and applications in the new generation communication networks to detect cybersecurity incidents and build sustainable protection systems based on adversarial machine learning.The methods of research: Analysis of modern methods of machine learning and neural network technologies, synthesis and formalization of algorithms for adversarial attacks on machine learning models.Scientific novelty: a technique for analytical processing of emulated data of services and applications for detecting cybersecurity incidents is presented, which provides a groundwork in the field of research into the security issues of complex intelligent services and applications in the infrastructure of wireless networks of the next generation.The result of research: The article proposes a technique of building a sustainable protection system against adversarial attacks in wireless ad hoc networks of the next generation. The main types of adversarial attacks, including poisoning attacks and evasion attacks, are formalized, and methods for generating adversarial examples on tabular, textual, and visual data are described. Several scenarios were generated and exploratory analysis of datasets was carried out using the DeepMIMO emulator. Potential application problems of binary classification and prediction of signal attenuation between a user and a base station for adversarial attacks are presented. The algorithmization of the processes of building and training a sustainable protection system against adversarial attacks in wireless networks of the next generation is presented on the example of emulated data.
Keywords: adversarial attacks, wireless ad hoc networks, machine learning, MIMO.
References
1. Bose A. J., Aarabi P. Adversarial attacks on face detectors using neural net based constrained optimization // 2018 IEEE 20th International Workshop on Multimedia Signal Processing (MMSP). – IEEE, 2018. – P. 1-6. DOI: 10.1109/MMSP.2018.8547128
2. Laidlaw C., Feizi S. Functional adversarial attacks // arXiv preprint arXiv:1906.00001. – 2019. DOI: https://doi.org/10.48550/arXiv.1906.00001
3. Guo C. et al. Simple black-box adversarial attacks // International Conference on Machine Learning. – PMLR, 2019. – P. 2484-2493. DOI: https://doi.org/10.48550/arXiv.1905.07121
4. Wallace E. et al. Universal adversarial triggers for attacking and analyzing NLP // arXiv preprint arXiv:1908.07125. – 2019. DOI: https://doi.org/10.48550/arXiv.1908.07125
5. Morris J. X. et al. Textattack: A framework for adversarial attacks in natural language processing. – 2020. DOI: https://doi.org/10.48550/arXiv.2005.05909
6. Lepekhin M., Sharoff S. Experiments with adversarial attacks on text genres // arXiv preprint arXiv:2107.02246. – 2021. DOI: https://doi.org/10.48550/arXiv.2107.02246
7. Fursov I. et al. Adversarial Attacks on Deep Models for Financial Transaction Records // arXiv preprint arXiv:2106.08361. – 2021. DOI: https://doi.org/10.1145/3447548.3467145
8. Finlayson S. G. et al. Adversarial attacks on medical machine learning // Science. – 2019. – V. 363. – №. 6433. – P. 1287-1289. DOI: 10.1126/science.aaw4399
9. Newaz A. K. M. I. et al. Adversarial attacks to machine learning-based smart healthcare systems // GLOBECOM 2020-2020 IEEE Global Communications Conference. – IEEE, 2020. – P. 1-6. DOI: 10.1109/GLOBECOM42002.2020.9322472
10. Liu Q. et al. Adversarial attack on DL-based massive MIMO CSI feedback // Journal of Communications and Networks. – 2020. – V. 22. – №. 3. – P. 230-235. DOI: 10.1109/JCN.2020.000016
11. Wang X., Zheng Z., Fei Z. ASAP: Adversarial Learning Based Secure Autoprecoder Design for MIMO Wiretap Channels // IEEE Wireless Communications Letters. – 2022. – V. 11. – №. 9. – P. 1915-1919. DOI: 10.1109/LWC.2022.3187089
12. Catak E., Catak F. O., Moldsvor A. Adversarial machine learning security problems for 6G: mmWave beam prediction use-case // 2021 IEEE International Black Sea Conference on Communications and Networking (BlackSeaCom). – IEEE, 2021. – P. 1-6. DOI: 10.1109/BlackSeaCom52164.2021.9527756
13. Kuzlu M. et al. The Adversarial Security Mitigations of mmWave Beamforming Prediction Models using Defensive Distillation and Adversarial Retraining // arXiv preprint arXiv:2202.08185. – 2022. DOI: https://doi.org/10.1007/s10207-022-00644-0
14. Karabulut M. A., Shah A. F. M. S., Ilhan H. A Novel MIMO-OFDM Based MAC Protocol for VANETs // IEEE Transactions on Intelligent Transportation Systems. – 2022. DOI: 10.1109/TITS.2022.3180697
15. 15. Guo H. et al. Vehicular intelligence in 6G: Networking, communications, and computing // Vehicular Communications. – 2022. – V. 33. – P. 1-19. DOI: https://doi.org/10.1016/j.vehcom.2021.100399
16. 16. Cheng X., Huang Z., Chen S. Vehicular communication channel measurement, modelling, and application for beyond 5G and 6G // IET Communications. – 2020. – V. 14. – №. 19. – P. 3303-3311. DOI: https://doi.org/10.1049/iet-com.2020.0531 
17. 17. Ballet V. et al. Imperceptible adversarial attacks on tabular data // arXiv preprint arXiv:1911.03274. – 2019. DOI: https://doi.org/10.48550/arXiv.1911.03274
18. 18. Alkhateeb A. DeepMIMO: A generic deep learning dataset for millimeter wave and massive MIMO applications // arXiv preprint arXiv:1902.06435. – 2019. DOI: https://doi.org/10.48550/arXiv.1902.06435
99-108
Izrailov, K. E. PROTECTION GENERALIZED MODEL AGAINST CYBER ATTACKS ON VOIP / K. E. Izrailov, A. K. Makarova, A. V. Shestakov // Cybersecurity issues. – 2023. – № 2(54). – С. 109-121. – DOI: 10.21681/2311-3456-2023-2-109-121.

Abstract
The goal of the study creation of a protection model against cyberattacks on information and telecommunication resources used in practice Internet voice exchange services (VoIP).Research methods: analysis of Best Practices and scientific publications, system analysis, criterion comparison.
Result: systematization of the cyberattacks main methods on VoIP and methods of protection against them, based on existing Best Practices and scientific publications. The investigation methodological scheme presented in a schematic form, is described. As a result, a list of 8 specialized and 9 main methods of cyberattacks, as well as 4 specialized and 10 main methods of protection was obtained, which made it possible to create a protection generalized model against cyberattacks on VoIP. The model representation in tabular form consists of 17 rows and 14 columns, which corresponds to the number of all cyberattack methods and protection methods. The cells of the table contain expertly obtained values of the effectiveness of counteracting cyberattacks by each of the protection methods according to a 3-point system. The model is extended with additional integral indicators of the danger of cyberattacks and the effectiveness of protection obtained analytically. 3 cyberattacks least amenable to protection and 3 most effective protection methods were identified. The scientific novelty consists in bringing together the whole set of cyberattacks methods on VoIP and protection against them methods into a single system that characterizes the effectiveness of countering.
Keywords: VoIP, cyberattack method, protection method, protection model, categorical division
References
1. Kalashnikov A.O., Bugayskiy K.A. Model’ otsenki bezopasnosti slozhnoy seti. (chast’ 1) // Voprosy kiberbezopasnosti. 2022. № 4 (50). S. 26-38.
2. Perminov A.A., Tezin A.V. Povysheniye zashchishchennosti ispol’zovaniya protokola SIP v IP-ATS na platforme Asterisk // Tekhnicheskiye i matematicheskiye nauki. Studencheskiy nauchnyy forum : sbornik statey po materialam LVI studencheskoy mezhdunarodnoy
nauchno-prakticheskoy konferentsii (Moskva, 14 dekabrya 2022 goda). Tom 11 (56). 2022. S. 63-73.
3. Conti M., Dragoni N., Lesyk V. A Survey of Man In The Middle Attacks // IEEE Communications Surveys & Tutorials. Vol. 18. No. 3. PP. 2027-2051.
4. Kuz’min YU.A. Preduprezhdeniye telefonnogo moshennichestva (kriminologicheskiy aspekt) // Oeconomia et Jus. 2022. № 3. S. 47-54.
5. Shendevitskiy I.M., Syachin K.I. Issledovaniye standarta audiokompandirovaniya G.711 ispol’zuyemogo v oborudovanii
mul’tipleksirovaniya // Studencheskiy vestnik. 2023. № 1-10 (240). S. 70-75.
6. Lipatnikov V.A., Shevchenko A.A., Kosolapov V.S., Sokol D.S. Metod obespecheniya informatsionnoy bezopasnosti seti VoIP-telefonii s prognozom strategii vtorzheniy narushitelya // Informatsionno-upravlyayushchiye sistemy. 2022. № 1 (116). S. 54-67.
7. Alekseyev A.S., Sokol D.S. Obespecheniye zashchishchonnosti VoIP // Vestnik sovremennykh issledovaniy. 2019. № 3.3(30). C. 4-8.
8. Tas I.M., Unsalver B.G., Baktir S. A Novel SIP Based Distributed Reflection Denial-of-Service Attack and an Effective Defense Mechanism // IEEE Access. 2020. V. 8. PP. 112574-112584.
9. Zhou C.V., Leckie C., Ramamohanarao K. Protecting SIP server from CPU-based DoS attacks using history-based IP filtering // IEEE Communications Letters. Vol. 13. No. 10. PP. 800-802.
10. Srivatsa M., Iyengar A., Liu L., Jiang H. Privacy in VoIP Networks: Flow Analysis Attacks and Defense // IEEE Transactions on Parallel and Distributed Systems. Vol. 22. No. 4. PP. 621-633.
11. Mentsiev A.U., Dzhangarov A.I. VoIP security threats // Ingineering Journal of Don. 2019. No 1(52). P. 75.
12. Mochalov V.P., Bratchenko N.Yu., Palkanov I.S., Aliev E.V. Mathematical model of the load balancing system of DPC server clusters under fractal load conditions // Modern Science and Innovations. 2022. № 4 (40). С. 41-49.
13. Akilov M.V., Kovtsur M.M., Nesudimov Ye.YU., Potemkin P.A. Issledovaniye metodik obnaruzheniya uyazvimostey Web-prilozheniy IAST i SAST // Informatsionnaya bezopasnost’ regionov Rossii (IBRR-2021): Materialy XII Sankt-Peterburgskoy mezhregional’noy konferentsii (Sankt-Peterburg, 27–29 noyabrya 2021 g.). 2021. S. 378-379.
14. Lavrova D.S., Popova Ye.A., Shtyrkina A.A., Shterenberg S.I. Preduprezhdeniye dos-atak putem prognozirovaniya znacheniy korrelyatsionnykh parametrov setevogo trafika // Problemy informatsionnoy bezopasnosti. Komp’yuternyye sistemy. 2018. № 3. S. 70-77
15. Melih Tas I., Unsalver B.G., Baktir S. A novel SIP based distributed reflection denial-of-service attack and an effective defense mechanism // IEEE Access. 2020. Т. 8. С. 112574-112584.
16. Makarova A.K., Polyanicheva A.V., Samatova K.A. Analiz uyazvimostey oborudovaniya peredachi golosovogo trafika // Aktual’nyye problemy infotelekommunikatsiy v nauke i obrazovanii (APINO 2022) : sbornik nauchnykh statey XI Mezhdunarodnoy nauchnotekhnicheskoy i nauchno-metodicheskoy konferentsii (Sankt-Peterburg, 15–16 fevralya 2022 g.). 2022. S. 665-669.
17. Slonchak E.V., Shabalin A.M. Organizatsiya IP-telefonii v seti predpriyatiya // Matematicheskoye i informatsionnoye modelirovaniye : materialy Vserossiyskoy konferentsii molodykh uchenykh (Tyumen’, 18–23 maya 2022 goda). 2022. S. 310-318.
18. Zurakhov V.S., Andrianov V.I., Davydovich I.V., Stepanova A.A., Metodologiya provedeniya stress testirovaniya na tselevoy veb-server v tselyakh poiska skrytykh uyazvimostey // Vestnik Sankt-Peterburgskogo gosudarstvennogo universiteta tekhnologii i dizayna. Seriya 1: Yestestvennyye i tekhnicheskiye nauki. 2021. № 1. S. 59-62.
19. Yeliseyev D.I., Savel’yev Ye.A., Ivanov D.A., Achkasov N.B. Problemy zashchity rechevykh servisov v mul’tiservisnoy seti spetsial’nogo naznacheniya // Izvestiya Tul’skogo gosudarstvennogo universiteta. Tekhnicheskiye nauki. 2021. № 2. S. 290-300.
20. Berezina Ye.O., Vitkova L.A., Akhrameyeva K.A., Klassifikatsiya ugroz informatsionnoy bezopasnosti v setyakh IOT // Vestnik SanktPeterburgskogo gosudarstvennogo universiteta tekhnologii i dizayna. Seriya 1: Yestestvennyye i tekhnicheskiye nauki. 2020. № 2. S. 11-18.
21. Shterenberg S.I., Poltavtseva M.A. Raspredelennaya sistema obnaruzheniya vtorzheniy s zashchitoy ot vnutrennego narushitelya // Problemy informatsionnoy bezopasnosti. Komp’yuternyye sistemy. 2018. № 2. S. 59-68. 
22. Butcher D., Li X., Guo J. Security Challenge and Defense in VoIP Infrastructures // IEEE Transactions on Systems, Man, and Cybernetics, Part C (Applications and Reviews). Vol. 37. No. 6. PP. 1152-1162.
23. Rohloff K., Cousins D.B., Sumorok D. Scalable, Practical VoIP Teleconferencing With End-to-End Homomorphic Encryption // IEEE Transactions on Information Forensics and Security. Vol. 12. No. 5. PP. 1031-1041.
24. Buinevich M., Izrailov K., Kotenko I., Ushakov I., Vlasov D. Detection of stego-insiders in corporate networks based on a hybrid NoSQL database model // The proceedings of 4th International Conference on Future Networks and Distributed Systems (New York, USA, 26-27 november 2020). Iss. 26. PP. 1–6. DOI: 10.1145/3440749.3442612.
25. Kotenko I., Krasov A., Ushakov I., Izrailov K. Approach to combining different methods for detecting insiders // The proceedings of 4th International Conference on Future Networks and Distributed Systems (New York, USA, 26-27 november 2020). Iss. 26. PP. 1–6. DOI: 10.1145/3440749.3442619.
26. Skorykh M.A., Izrailov K.Ye., Bashmakov A.V. Zadachaoriyentirovannoye sravneniye sredstv analiza setevogo trafika // Teoriya i praktika obespecheniya informatsionnoy bezopasnosti: sbornik nauchnykh trudov po materialam Vserossiyskoy nauchno-teoreticheskoy konferentsii (Moskva, 03 dekabrya 2021 g.). 2021. S. 103-107.
27. Dibirov G.M., Babkov I.N., Kovtsur M.M. Sravnitel’nyy analiz resheniy dlya konteynerizatsii // Molodezhnaya shkola-seminar po problemam upravleniya v tekhnicheskikh sistemakh imeni A.A. Vavilova. 2022. T. 1. S. 27-29.
28. Kotenko I., Izrailov K., Buinevich M. Static Analysis of Information Systems for IoT Cyber Security: A Survey of Machine Learning Approaches // Sensors. 2022. Vol. 22. Iss. 4. PP. 1335. DOI: 10.3390/s22041335
29. Izrailov K., Levshun D., Kotenko I., Chechulin A. Classification and analysis of vulnerabilities in mobile device infrastructure interfaces // Communications in Computer and Information Science. 2022. T. 1544 CCIS. PP. 301-319. DOI: 10.1007/978-981-16-9576-6_21
30. Buynevich M.V., Akhunova D.G., Yaroshenko A.YU. Kompleksnyy metod resheniya tipovoy zadachi risk-menedzhmenta v infologicheskoy srede (na primere ranzhirovaniya trebovaniy pozharnoy bezopasnosti). Chast’ 1 // Nauchno-analiticheskiy zhurnal «Vestnik SanktPeterburgskogo universiteta Gosudarstvennoy protivopozharnoy sluzhby MCHS Rossii». 2020. № 3. S. 88-99.
31. Buynevich M.V., Akhunova D.G., Yaroshenko A.YU. Kompleksnyy metod resheniya tipovoy zadachi risk-menedzhmenta v infologicheskoy srede (na primere ranzhirovaniya trebovaniy pozharnoy bezopasnosti). Chast’ 2 // Nauchno-analiticheskiy zhurnal «Vestnik SanktPeterburgskogo universiteta Gosudarstvennoy protivopozharnoy sluzhby MCHS Rossii». 2020. № 4. S. 78-89.
32. Yaroshenko A.YU. Predposylki k neobkhodimosti nepreryvnogo ranzhirovaniya trebovaniy pozharnoy bezopasnosti // Natsional’naya bezopasnost’ i strategicheskoye planirovaniye. 2021. № 3 (35). S. 100-105.
33. Buynevich M.V., Matveyev A.V., Smirnov A.S. Aktual’nyye problemy podgotovki spetsialistov v oblasti informatsionnoy bezopasnosti MCHS Rossii i konstruktivnyye podkhody k ikh resheniyu // Nauchno-analiticheskiy zhurnal «Vestnik Sankt-Peterburgskogo universiteta Gosudarstvennoy protivopozharnoy sluzhby MCHS Rossii». 2022. № 3. S. 1-17.
34. Borodushko I.V., Matveyev A.V., Maksimov A.V. Informatsionno-analiticheskaya podderzhka problemno-oriyentirovannogo upravleniya strategicheski znachimymi organizatsionnymi sistemami Rossii // Sovremennyye naukoyemkiye tekhnologii. 2022. № 7. S. 26-31.
35. Izrailov K.Ye., Buynevich M.V., Kotenko I.V., Desnitskiy V.A. Otsenivaniye i prognozirovaniye sostoyaniya slozhnykh ob»yektov: primeneniye dlya informatsionnoy bezopasnosti // Voprosy kiberbezopasnosti. 2022. № 6(52). S. 2-21. DOI 10.21681/23113456-6-2022-2-21.
109-121

Be the first to comment

Leave a Reply

Your email address will not be published.


*


This site uses Akismet to reduce spam. Learn how your comment data is processed.