№ 5 (57)

Objective: to propose a methodological approach for probabilistic analysis of the correctness of the trained software tools (SW) for artificial intelligence systems (AIS) during their development and operation in conditions of potential threats of malicious modification of the machine learning model (MLM). Research methods include methods of probability theory, methods of system analysis. The approach is based on the adaptation of the author's probabilistic models developed earlier to assess the quality of the information used and risk management, which are fixed to the level of implementation in GOST R 59341-2021 “System engineering. Protection of information in system information management process”.
Result: Under the conditions of accepted suppositions and assumptions, probabilistic models have been developed to assess the particular risks of non-detection of inaccuracies in machine learning during the development and operation of SW, as well as a method for assessing the integral risk of violation of the correctness of machine learning during specified period of prediction. Actual threat of MLM spoofing and the threat of MLM modification by poisoning the training data are analyzed. Proposals have been developed for the formation of input for risks prediction using the proposed models. The approach is illustrated by calculation examples with quantitative assessments, risk dependencies on the input and the rationale of recommendations. Scientific novelty: For the conditions of potential threats of malicious MLM modification, models and methods for assessing the particular risks of non-detection of incorrectness in machine learning during AIS development and operation and the integral risk are proposed.
Keywords: probability, poisoning of training data, model, risk, system, threats.

1. E`rtel` V., Vvedenie v iskusstvenny`j intellekt.-M. «E`ksmo», 2019. – 448s.
2. Lekun Yan, Kak uchitsya mashina (revolyuciya v oblasti nejronny`x setej i glubokogo obucheniya). – M. Al`pina PRO, 2021. – 335s.
3. Arlazarov V. V., Mobil`noe raspoznavanie i ego primenenie k sisteme vvoda identifikacionny`x dokumentov. – Dissertaciya na soiskanie uchenoj stepeni doktora texnicheskix nauk. -M. FICz IU RAN, 2023. – 358s.
4. Chakraborty A., Alam M., Dey V., Chattopadhayay A.U., Yay D.M., Adversarial attacks and defences: A survey //arXiv preprint arXiv:1810.00069. – 2018
5. Probabilistic modeling in system engineering. InTechOpen, 2018, 279p. – URL: http://www.intechopen.com/books/probabilisticmodeling-in-system-engineering
6. Klimov S. M. Modeli analiza i ocenki ugroz informacionno-psixologicheskix vozdejstvij s e`lementami iskusstvennogo intellekta. / Sbornik dokladov i vy`stuplenij nauchno-delovoj programmy` Mezhdunarodnogo voenno-texnicheskogo foruma «Armiya-2018». 2018. S. 273–277.
7. Manojlo A. V., Petrenko A. I., Frolov D. B. Gosudarstvennaya informacionnaya politika v usloviyax informacionno-psixologicheskoj vojny`. 4-e izd., pererab. i dop. — Goryachaya liniya-Telekom Moskva, 2020. — 636 s.
8. Kostogry`zov A. I. Prognozirovanie riskov po danny`m monitoringa dlya sistem iskusstvennogo intellekta / BIT. Sbornik trudov Desyatoj mezhdunarodnoj nauchno-texnicheskoj konferencii – M.: MGTU im. N.E`. Baumana, 2019, s. 220-229.
9. A. Kostogryzov and V. Korolev, Probabilistic Methods for Cognitive Solving of Some Problems in Artificial Intelligence Systems (Veroyatnostny`e metody` dlya kognitivnogo resheniya nekotory`x zadach v sistemax iskusstvennogo intellekta). Probability, combinatorics and control / IntechOpen, 2020, pp. 3-34. ─ URL: https://www.intechopen.com/books/probability-combinatorics-andcontrol
10. Kostogryzov A., Nistratov A., Nistratov G. (2020) Analytical Risks Prediction. Rationale of System Preventive Measures for Solving Quality and Safety Problems. In: Sukhomlin V., Zubareva E. (eds) Modern Information Technology and IT Education. SITITO 2018. Communications in Computer and Information Science, vol 1201. Springer, pp.352-364. https://www.springer.com/gp/book/9783030468941
11. Kostogryzov A, Nistratov A., Probabilistic methods of risk predictions and their pragmatic applications in life cycle of complex systems. In “Safety and Reliability of Systems and Processes”, Gdynia Maritime University, 2020. pp. 153-174. DOI: 10.26408/srsp-2020
12. Nistratov A.A., Analiticheskoe prognozirovanie integral`nogo riska narusheniya priemlemogo vy`polneniya sovokupnosti standartny`x processov v zhiznennom cikle sistem vy`sokoj dostupnosti. Chast` 1. Matematicheskie modeli i metody` // Sistemy` vy`sokoj dostupnosti. 2021. T.17 №3, s. 16–31, Chast` 2. Programmno-texnologicheskie resheniya. Primery` primeneniya // Sistemy` vy`sokoj dostupnosti. 2022. T.18 №2, s. 42–57.
13. Kostogry`zov A.I. O modelyax i metodax veroyatnostnogo analiza zashhity` informacii v standartizovanny`x processax sistemnoj inzhenerii //Voprosy` kiberbezopasnosti. 2022, №6(52), s.71-82.
14. Kostogryzov A., Makhutov N., Nistratov A., Reznikov G., Probabilistic predictive modeling for complex system risk assessments (Veroyatnostnoe uprezhdayushhee modelirovanie dlya ocenok riskov v slozhny`x sistemax). Time Series Analysis - New Insights. IntechOpen, 2023, pp. 73-105. http://mts.intechopen.com/articles/show/title/probabilistic-predictive-modelling-for-complex-systemrisk-assessments
15. Kostogry`zov A. I. Podxod k veroyatnostnomu prognozirovaniyu zashhishhennosti reputacii politicheskix deyatelej ot «fejkovy`x» ugroz v publichnom informacionnom prostranstve // Voprosy` kiberbezopasnosti. 2023, №3. S. 114–133. DOI:1021681/2311-3456-2023-3-114-133

The purpose of the study. Big data management technologies and systems are the basis for a huge number of modern digital services. On the one hand, they are built on traditional solutions, and on the other hand, they incorporate new approaches such as polystores or data outsourcing. The key role in the technology stack of the digital economy and novelty determine both the attractiveness of such assets for an attacker and the imperfection of protection methods. The aim of the paper is to analyze big data as an object of protection and to develop a multilevel concept of their security based on the consistency approach. Methods of the study. The paper uses a layered approach, which also corresponds to the ANSI/SPARC architecture of database management systems. Big data is considered at three levels from infrastructure to business logic, key technologies, vulnerabilities and protection methods are highlighted. The ANSI/SPARC also defines in more detail the level architecture of big data management systems based on polystores and analyzes their security. The technological basis for the security of big data management systems as a system of distributed dynamic auditing is defined, an example of such a system based on a distributed registry is given. Results of the study. The article identifies three levels of big data consideration: infrastructure, data engineering and business logic. The authors formulate the evolutionary changes of big data systems in comparison with traditional DBMS from the point of view of information security. The concept of big data management system is given, its own architectural levels based on ANIS/SPARK architecture are defined, for each of them security problems, reasons for their appearance and directions of protection development means are highlighted. The authors highlighted the key security requirement of big data management systems - consistent representation at the level of a global security monitor. For its implementation, in terms of collecting data about the system, the use of distributed dynamic ledger technologies is proposed. The system of distributed dynamic auditing for big data management based on HashGraph technology has been tested. Scientific novelty. The paper is the first to formulate a multilevel security concept for big data management systems, within the framework of which the key vulnerabilities of big data systems, different from other classes of systems and traditional DBMSs, are identified and systematized at different levels. For the first time the application of distributed ledger technology for collecting data on the life cycle of information in the big data management system was proposed. The conducted research allows for a more comprehensive approach to ensuring the security of big data and big data management systems, specifies and coordinates the sets of protection methods and means, and lays the foundation for the construction of such systems in a secure design.
Keywords:  information security, big data security, consistency approach, security architecture, security model,
polystore security, distributed registry. 

1. Naeem M. et al. Trends and future perspective challenges in big data //Advances in Intelligent Data Analysis and Applications: Proceeding of the Sixth Euro-China Conference on Intelligent Data Analysis and Applications, 15–18 October 2019, Arad, Romania, Springer Singapore, 2022. pp. 309-325.
2. Kornev M. S. Istorija ponjatija “bol’shie dannye” (Big Data): slovari, nauchnaja i delovaja periodika // Vestnik RGGU. Serija: Literaturovedenie. Jazykoznanie. Kul’turologija. 2018. №1 (34). pp. 81-85
3. Otto B. The evolution of data spaces // Designing Data Spaces: The Ecosystem Approach to Competitive Advantage. Cham: Springer International Publishing. 2022. pp. 3-15.
4. Gupta D., Rani R. A study of big data evolution and research challenges //Journal of information science. 2019. Vol. 45. Is 3. pp. 322-340
5. Antipova K.G. Sposoby opredelenija bol’shih dannyh: Rossijskij i zarubezhnyj opyt // Juridicheskie issledovanija. 2021. № 9. pp. 143 - 157. doi: 10.25136/2409-7136.2021.9.36591
6. Badidi E., Mahrez Z., Sabir E. Fog computing for smart cities’ big data management and analytics: A review // Future Internet. 2020. Vol. 12. No. 11. pp.1-28. doi: 10.3390/fi12110190.
7. Wang J. et al. Big data service architecture: a survey // Journal of Internet Technology. 2020. Vol. 21. No 2. pp. 393-405.
8. Bhattarai B. P. et al. Big data analytics in smart grids: state of the art, challenges, opportunities, and future directions //IET Smart Grid. 2019. Vol. 2. No. 2. pp. 141-154. doi: 10.1049/iet-stg.2018.0261.
9. Ndikumana A. et al. Joint communication, computation, caching, and control in big data multi-access edge computing //IEEE Transactions on Mobile Computing. 2019. Vol. 19. No 6. pp. 1359-1374. doi: 10.1109/TMC.2019.2908403
10. Vogt M. et al. Polystore Systems and DBMSs: Love Marriage or Marriage of Convenience? //Heterogeneous Data Management, Polystores, and Analytics for Healthcare: VLDB Workshops, Poly 2021 and DMAH 2021, Virtual Event, August 20, 2021, Revised Selected Papers 7. – Springer International Publishing, 2021. pp. 65-69.
11. Lu J., Holubová I., Cautis B. Multi-model databases and tightly integrated polystores: Current practices, comparisons, and open challenges //Proceedings of the 27th ACM International Conference on Information and Knowledge Management. 2018. pp. 2301-2302.
12. Gobert M. Design, Manipulation and Evolution of Hybrid Polystores. 2023. https://pure.unamur.be/ws/portalfiles/
portal/74437131/2023_GobertM_these.pdf (access date 01.08.2023)
13. Poltavtseva, M. A. Evolution of Data Management Systems and Their Security // Proceedings - 2019 International Conference on Engineering Technologies and Computer Science: Innovation and Application, EnT 2019, Moscow, 26–27 march 2019. – Moscow, 2019. pp. 25-29. doi: 10.1109/EnT.2019.00010. EDN AGZBGD.
14. Poltavceva, M. A. Bezopasnost’ baz dannyh / Sankt-Peterburg : Federal’noe gosudarstvennoe avtonomnoe obrazovatel’noe uchrezhdenie vysshego obrazovanija “Sankt-Peterburgskij politehnicheskij universitet Petra Velikogo”, 2023. 143 p. EDN RICQEN.
15. Titarenko, D. V., Ismajlov Je. I. Bezopasnost’ bol’shih dannyh // Problemy informacionnoj bezopasnosti social’no-jekonomicheskih sistem : VII Vserossijskaja s mezhdunarodnym uchastiem nauchno-prakticheskaja konferencija, Gurzuf, 18–20 fevralja 2021 goda. – Simferopol’: Krymskij federal’nyj universitet im. V.I. Vernadskogo, 2021. pp. 121-122. EDN NFQQHT.
16. Skvorcov N. Konstantinov A., Kuznecov S. Cennost’ vashih dannyh / Moskva: Al’pina PRO, 2022. – 750 s.
17. Ogbuke N. J. et al. Big data supply chain analytics: ethical, privacy and security challenges posed to business, industries and society // Production Planning & Control. 2022. vol. 33. №. 2-3. pp. 123-137. doi: 10.1080/09537287.2020.1810764
18. Binjubeir M. et al. Comprehensive survey on big data privacy protection //IEEE Access. 2019. vol. 8. pp. 20067-20079. doi: 10.1109/ACCESS.2019.2962368
19. Madan S., Bhardwaj K., Gupta S. Critical analysis of big data privacy preservation techniques and challenges //International Conference on Innovative Computing and Communications: Proceedings of ICICC 2021, Vol. 3. – Springer Singapore, 2022. – pp. 267-278. doi: 10.1007/978-981-16-3071-2_23
20. Mehta B. B., Rao U. P. Improved l-diversity: scalable anonymization approach for privacy preserving big data publishing //Journal of King Saud University-Computer and Information Sciences. 2022. vol. 34. Is. 4. pp. 1423-1430. doi: 10.1016/j.jksuci.2019.08.006
21. Dhiman G. et al. Federated learning approach to protect healthcare data over big data scenario //Sustainability. 2022. vol. 14. Is 5. pp. 1-14. doi: 10.3390/su14052500
22. Stat’ev V. Ju., Dokuchaev V. A., Maklachkova V. V. Informacionnaja bezopasnost’ na prostranstve” Bol’shih dannyh” //T-CommTelekommunikacii i Transport. 2022. vol. 16. №. 4. pp. 21-28.
23. Poudel M. et al. Development of a polystore data management system for an evolving big scientific data archive //Heterogeneous Data Management, Polystores, and Analytics for Healthcare: VLDB 2019 Workshops, Poly and DMAH, Los Angeles, CA, USA, August 30, 2019, Revised Selected Papers 5. – Springer International Publishing, 2019. pp. 167-182. doi: 10.1007/978-3-030-33752-0_12
24. Esu M.T, Val’duries P. Principy organizacii raspredelennyh bah dannyh. – M.: DMK Press. – 2021. 678p.
25. Fong J. S. P. et al. Heterogeneous Database Connectivity //Information Systems Reengineering, Integration and Normalization: Heterogeneous Database Connectivity. 2021. pp. 317-367. doi: 10.1007/978-3-030-79584-9_9
26. Abdennebi A. et al. Machine learning based load distribution and balancing in heterogeneous database management systems // Concurrency and Computation: Practice and Experience. 2022. vol. 34. Is 4. pp. 1-13. doi: 10.1002/cpe.6641
27. Kim T. et al. Similarity query support in big data management systems //Information Systems. 2020. vol. 88.pp. 1-61. doi: 10.1016/j.is.2019.101455
28. van Gils B. Data Storage and Operations //Data in Context: Models as Enablers for Managing and Using Data. Cham : Springer Nature Switzerland, 2023. pp. 105-114.
29. Dziedzic A., Elmore A. J., Stonebraker M. Data transformation and migration in polystores //2016 IEEE High Performance Extreme Computing Conference (HPEC). IEEE, 2016. pp. 1-6. doi: 10.1109/HPEC.2016.7761594
30. Zegzhda, D. P. Osobennosti obespecheniya informacionnoj bezopasnosti vy`chislitel`ny`x sistem // Bezopasnost` informacionny`x texnologij. 2021. Vol. 28, № 1. pp. 42-61. doi: 10.26583/bit.2021.1.04. EDN ETQPVN.
31. Belim S. V., Belim S. Ju. Problemy postroenija politiki bezopasnosti pri ob#edinenii informacionnyh sistem //Matematicheskie struktury i modelirovanie. 2018. №. 3 (47). pp. 126-131.
32. Poltavcev A. A., Habarov A. R., Seljankin A. O. Ataki logicheskogo vyvoda i zashhita informacii v bazah dannyh // Problemy informacionnoj bezopasnosti. Komp’juternye sistemy. 2019. № 4. pp. 20-25. EDN NTRSDO
33. Poltavceva M. A. i dr. Modeli forenziki i rassledovanie incidentov v SUBD // Zashhita informacii. Insajd. 2021. № 3(99). pp. 18-23. EDN OMKIRU.
34. Poltavceva M. A., Torgov V. A. Primenenie tehnologij raspredelennogo reestra dlja audita i rassledovanija incidentov v sistemah obrabotki bol’shih dannyh // Problemy informacionnoj bezopasnosti. Komp’juternye sistemy. 2021. № 4. pp. 144-156. doi: 10.48612/jisp/r3x6-ea4a-aaxn. EDN YRRVXG.

The purpose of the study: is to identify promising areas of scientific research in the field of masking cyberspace objects in the context of machine learning technologies. Methods used: methods of general control theory and modeling, mathematical statistics, general scientific methods of analysis and synthesis. The result of the study: the scientific problem of masking cyberspace objects and applying of machine learning technologies in the conditions of information and technical influences of intruders is determined. Improving masking methods at the level of network nodes, local segments and information directions using generative and adversarial machine learning methods will increase the security of cyberspace objects by reducing the effectiveness of network intelligence of intruders based on machine learning methods and algorithms. The following issues require deep theoretical and experimental study: evaluation of the form, content, informativity, preprocessing and generation of «digital fingerprints» of fake and true information objects, selection of types and optimal architecture of deep learning algorithms, evaluation of the quality of masking methods as «evasion» and «poisoning» attacks on machine learning algorithms of potential attackers. Scientific novelty: consists in considering the concept of masking cyberspace objects in the conditions of information and technical impact of intruders from the standpoint of the general theory of control, modeling and application of machine learning technologies.
Keywords: modeling, control theory, proactive protection paradigm, network intelligence, machine learning. 

1. Starodubcev YU.I., Zakalkin P.V., Ivanov S.A. Tekhnosfernaya vojna kak osnovnoj sposob razresheniya konfliktov v usloviyah globalizacii  // Voennaya mysl’. 2020. № 10. S. 16-21.
2. Daniel Ventre. Artificial Intelligence, Cybersecurity and Cyber Defense. Wiley. 2020. 237 p. ISBN 978-1-78630-467-4.
3. Sejnovski, T. Antologiya mashinnogo obucheniya: «Izdatel’stvo «Eksmo», 2022. 509 s.
4. Dauni, Allen B. Izuchenie slozhnyh sistem s pomoshch’yu Python / per. s ang. D.A. Belikova. – M.: DMK Press, 2019. 160 s.
5. Gribunin V.G., Kondakov S.E. K voprosu o zashchite informacii v intellektualizirovannyh obrazcah vooruzheniya // Voprosy kiberbezopasnosti. 2021. № 5(45). S. 5–11. DOI: 10.21681/2311-3456-2021-5-5-11.
6. Aneesh Sreevallabh Chivukula, Xinghao Yang, Bo Liu, Wei Liu, Wanlei Zhou. Adversarial Machine Learning. Attack Surfaces, Defense Mechanisms, Learning Theories in Artificial Intelligence. Springer. 2023. 302 p. ISBN 978-3-030-99771-7.
7. Wang G., Ciptadi A., Ahmadzadeh A. Deployable Machine Learning for Security Defense. Communications in Computer and Information Science. 2020. Vol. 1271. 163 p.
8. Jin-Hee Cho, Dilli P. Sharma, Hooman Alavizadeh, Seunghyun Yoon, Noam Ben-Asher, Terrence J. Moore, Dong Seong Kim, Hyuk Lim, and Frederica F. Nelson. Toward Proactive, Adaptive Defense: A Survey on Moving Target Defense. arXiv:1909.08092v1 [cs.NI] 12 Sep 2019.
9. Kristin E. Heckman, Frank J. Stech. Roshan K. Thomas, Ben Schmoker, Alexander W. Tsow. Cyber Denial, Deception and Counter Deception. A Framework for Supporting Active Cyber Defense. Springer. 2023. 302 p. ISBN 978-3-030-99771-7.
10. Maksimov R.V., Orekhov D.N., Sokolovskij S.P. Model’ i algoritm funkcionirovaniya klient-servernoj informacionnoj sistemy v usloviyah setevoj razvedki // Sistemy upravleniya, svyazi i bezopasnosti. 2019. № 4. S. 50-99.
11. Lebedkina T.V., Horev G.A. Model’ funkcionirovaniya i algoritm konfigurirovaniya adresacii lozhnyh setevyh informacionnyh ob”ektov v usloviyah setevoj razvedki // Sistemy upravleniya, svyazi i bezopasnosti. 2023. № 2. S. 23-62.
12. Gorbachev A.A. Model’ i parametricheskaya optimizaciya proaktivnoj zashchity servisa elektronnoj pochty ot setevoj razvedki // Voprosy kiberbezopasnosti. 2023. № 3(49). S. 69–81. DOI: 10.21681/2311-3456-2023-3-69-81.
13. Maksimov R.V., Sokolovskij S.P., Voronchihin I.S. Algoritm i tekhnicheskie resheniya dinamicheskogo konfigurirovaniya klient-servernyh vychislitel’nyh setej // Informatika i informatizaciya. 2020. № 5. S. 1018-1049. 14. Fraunholz D., Anton S.D., Lipps C., Reti D., Krohmer D., Pohl F., Tammen M., Schotten H.D. Demystifying Deception Technology: A Survey. pp. 1-25. arXiv:1804.06196v1 [cs.CR] 17 Apr 2018.
15. Voronchihin I.S., Ivanov I.I., Maksimov R.V., Sokolovskij S.P. Maskirovanie struktury raspredelennyh informacionnyh sistem v kiberprostranstve // Voprosy kiberbezopasnosti. 2019. № 6(34). S. 92-99. DOI: 10.21681/2311-3456-2019-6-92-99.
16. Moskvin A.A., Maksimov R.V., Gorbachev A.A. Model’, optimizaciya i ocenka effektivnosti primeneniya mnogoadresnyh setevyh soedinenij v usloviyah setevoj razvedki // Voprosy kiberbezopasnosti. 2023. № 3(55). S. 13-22.
17. Kuchurov V.V., Maksimov R.V., SHerstobitov R.S. Model’ i metodika maskirovaniya adresacii korrespondentov v kiberprostranstve // Voprosy kiberbezopasnosti. 2020. № 6(40). S. 2-13. DOI: 10.21681/2311-3456-2020-6-2-13.
18. Sokolovskij S.P., Telen’ga A.P. Metodika formirovaniya lozhnogo setevogo trafika informacionnyh sistem dlya zashchity ot setevoj razvedki // Vestnik komp’yuternyh i informacionnyh tekhnologij. 2022. № 2(212). S. 40-47.
19. SHerstobitov R.S., SHarifullin S.R., Maksimov R.V. Maskirovanie integrirovannyh setej svyazi vedomstvennogo naznacheniya // Sistemy upravleniya, svyazi i bezopasnosti. 2018. № 4. S. 136-175.
20. Uorr Keti. Nadezhnost’ nejronnyh setej: ukreplyaem ustojchivost’ II k obmanu / SPb.: Piter, 2021. — 272 s.: il. ISBN 978-5-4461-1676-8.

Research objective: to improve the security of information systems in cyberspace against computer reconnaissance. Research method: methods of mathematical statistics, nonlinear dynamics, multicriteria optimization. Research results: modern approaches to the allocation of cyberspace levels are considered, the concept of information system metastructure is introduced as protocols and mechanisms that provide an interface at different levels of cyberspace between the basic components of the system, applications and services that serve them, as well as data and information, the scientific problem of masking metastructures of information systems in cyberspace is formulated, which consists in the management of demasking features of metastructures of information systems in cyberspace. Scientific novelty: the proposed concept differs from the known ones by singling out metastructures of information systems at different levels of cyberspace, setting tasks of masking, poisoning, mimicry and imitation of information systems, management of demasking features of metastructures by identifying models of information systems.
Keywords: computer reconnaissance, computer attack, network traffic, model identification, Hurst index, dynamic time warping, Kulbak-Leibler distance.

1. Starodubcev, Yu. I. Texnosfernaya vojna kak osnovnoj sposob razresheniya konfliktov v usloviyax globalizacii / Yu. I. Starodubcev, P. V. Zakalkin, S. A. Ivanov. // Voennaya My`sl`. — 2020. — № 10. — S. 16-21.
2. Starodubcev, Yu. I. Konceptual`ny`e napravleniya resheniya problemy` obespecheniya ustojchivosti Edinoj seti e`lektrosvyazi Rossijskoj Federacii / Yu. I. Starodubcev, S. A. Ivanov, P. V. Zakalkin. // Voennaya My`sl`. — 2021. — № 4. — S. 39-49.
3. Zdzikot, T. Cyberspace and Cybersecurity / T. Zdzikot. // Cybersecurity in Poland. — Cham: Springer, 2022. — S. 9-21. DOI 10.1007/978-3-030-78551-2_2
4. Theoretical basis and technical methods of cyberspace geography / Gao Chundong, Guo Qiquan, Jiang Dong [i dr.]. // Journal of Geographical Sciences. — 2019. — № 29. — S. 1949–1964.
5. Joint Chiefs of Staff. Cyberspace operations. Joint Chiefs of Staff (US); 19 2022 Dec 19. Joint Publication No.: JP 3-12. // Official Website of the Joint Chiefs of Staff: [sajt]. — URL: https://www.jcs.mil/Doctrine/Joint-Doctrine-Pubs/3-0-Operations-Series/ (data obrashheniya: 26.08.2023).
6. Lockheed Martin’s Cyber-Kill Chain. // Leading Aerospace and Defense | Lockheed Martin: [sajt]. — URL: https://www.lockheedmartin.com/en-us/capabilities/cyber/cyber-kill-chain.html (data obrashheniya: 26.08.2023).
7. Telen`ga A.P. Analiz vozmozhnostej obnaruzheniya metastruktur informacionny`x sistem special`nogo naznacheniya. / A. P. Telen`ga // Kiberbezopasnost`: ugrozy`, tendencii, texnologii zashhity`: materialy` II Mezhvedomstvennoj nauch.-praktich. konf., 19-20 maya 2022 g. / Krasnodarskoe vy`sshee voennoe ordenov Zhukova i Oktyabr`skoj Revolyucii Krasnoznamennoe uchilishhe imeni generala armii S.M.Shtemenko. – Krasnodar: KVVU, 2022. C.70-76
8. Zheng, Y. Dynamic defenses in cyber security: Techniques, methods and challenges / Y. Zheng, Z. Li, X. Xu // Digital Communications and Networks. — 2022. — № 8. — S. 422–435.
9. Shaping Attacker Behavior: Evaluation of an Enhanced Cyber Maneuver Framework / J. A. McKneely, T. K. Sell, K. A. Straub [i dr.] // HCII 2022: HCI for Cybersecurity, Privacy and Trust. — Cham: Springer, 2022. — S. 358–379. – DOI: 10.1007/978-3-031-05563-8_23
10. Lilli, E. How Can We Know What We Think We Know about Cyber Operations? / E. Lilli // Journal of Global Security Studies. — 2023. — № 8(2). — S. 1–18. – DOI 10.1093/jogss/ogad011
11. Dynamic-chaos information technologies for data transmission, storage, and protection / Yu. V. Gulyaev, R. V. Belyaev, G. M. Vorontsov [et al.] // Radioe`lektronika. Nanosistemy`. Informacionny`e texnologii. – 2018. – Vol. 10, No. 2. – P. 279-312. – DOI 10.17725/rensit.2018.10.279.
12. Chetvertakova, Yu. S. Postroenie modelej stoxasticheskix nelinejny`x dinamicheskix sistem na osnove dvuxe`tapnoj procedury` parametricheskoj identifikacii / Yu. S. Chetvertakova, O. S. Chernikova // Nauka. Texnologii. Innovacii: Sbornik nauchny`x trudov. V 9-ti chastyax, Novosibirsk, 30 noyabrya – 04 2020 goda / Pod redakciej A.V. Gadyukinoj. Tom Chast` 2. – Novosibirsk: Novosibirskij gosudarstvenny`j texnicheskij universitet, 2020. – S. 94-98.
13. Karganov, V. V. K voprosu o neobxodimosti modelirovaniya informacionny`x sistem organizacii, funkcioniruyushhix v usloviyax ugroz bezopasnosti / V. V. Karganov // Nacional`naya bezopasnost` Rossii: aktual`ny`e aspekty` : Sbornik statej Vserossijskoj nauchnoprakticheskoj konferencii, Sankt-Peterburg, 30 iyulya 2019 goda. – Sankt-Peterburg: Chastnoe nauchno-obrazovatel`noe uchrezhdenie dopolnitel`nogo professional`nogo obrazovaniya Gumanitarny`j nacional`ny`j issledovatel`skij institut «NACzRAZVITIE», 2019. – S. 20-30.
14. Budko, N. P. Obshhie principy` funkcionirovaniya i trebovaniya k postroeniyu struktur perspektivny`x sistem monitoringa raspredelenny`x informacionno-telekommunikacionny`x setej / N. P. Budko // Texnika sredstv svyazi. – 2021. – № 2(154). – S. 38-59.
15. Golovanov, A. A. Sravnitel`ny`j analiz sistem obnaruzhenij anomalij c ispol`zovaniem potoka setevogo trafika i protokola NETFLOW / A. A. Golovanov, O. I. Mel`nikova // Mezhdunarodny`j nauchno-issledovatel`skij zhurnal. – 2023. – № 6(132). – DOI 10.23670/IRJ.2023.132.18.
16. Poltavceva, M. A. Formirovanie struktur danny`x v zadachax aktivnogo monitoringa bezopasnosti // Problemy` informacionnoj bezopasnosti. Komp`yuterny`e sistemy`. – 2021. – № 1. – S. 9-19.
17. Alothman, B., Raw Network Traffic Data Preprocessing and Preparation for Automatic Analysis // 2019 International Conference on Cyber Security and Protection of Digital Services (Cyber Security). – 2019. – P. 1-5, DOI: 10.1109/CyberSecPODS.2019.8885333.
18. Chernigovskij, A. V. Ocenka stepeni samopodobiya setevogo trafika / A. V. Chernigovskij, M. V. Krivov // Informacionny`e texnologii. Problemy` i resheniya. – 2019. – № 1(6). – S. 115-120.
19. Chen, L. A deep multi-task representation learning method for time series classification and retrieval / L. Chen, D. Chen, F. Yang, J. Sun // Information Sciences. – 2021. – Vol. 555. – P. 17-32. – DOI 10.1016/j.ins.2020.12.062.
20. Kalinin, M. Yu. E`ntropijny`e ocenki reshayushhix statistik algoritma klassifikacii sluchajny`x processov / M. Yu. Kalinin, O. N. Choporov // Modelirovanie, optimizaciya i informacionny`e texnologii. – 2020. – T. 8, № 4(31). – DOI: 10.26102/2310-6018/2020.31.4.034.
21. Sokolovskij, S. P. Metodika formirovaniya lozhnogo setevogo trafika informacionny`x sistem dlya zashhity` ot setevoj razvedki / S. P. Sokolovskij, A. P. Telen`ga // Vestnik komp`yuterny`x i informacionny`x texnologij. – 2022. – T. 19, № 2(212). – S. 40-47. – DOI: 10.14489/vkit.2022.02.pp.040-047.

The aim of the work is to develop a model of an intelligent botnet destructor containing autonomous and semi-autonomous resources. Research method: multiset methods, conceptual modeling, process algorithmizing. Research result: a model for the formation of rules for the transition of states of intelligent destructors of a single network as an autonomous element and as part of a single network at the same time has been developed. A feature of the model is its adaptability to external disturbances using an agent-based model of the methodology of a system of systems and the semantics of connections between them using a single indestructible core of the rule base and multiple choice of the tree-like hierarchy of the decision field of association bases. Production-type rules are presented in a simplified algebraic form by analogy with modern algorithms for constructing a digital signature (organization of a trust zone with public keys). The resulting statement solves such a problem as the natural appearance of hermits and outcasts in the form of single-tasking autonomous, which was one of the key problems of polymorphic destructors. The scientific novelty lies in the development of a new element of conceptual modeling of model destructors - an attributive process that allows you to adaptively change the rules for the transition of states.
Keywords: destructor, modeling, intelligent agent, facet, hierarchy, transition rules, autonomous, decision field,
polymorphic. 

1. Ryzhenko A.A. Model of facet and hierarchical pyramidal system of support of management of information space of corporation. System analysis in economics – 2018: Proceedings of the V International research and practice conference-biennale (21-23 november 2018). – Moscow, Prometheus publishing house, 2018. – pp. 146-149.
2. Ryzhenko A.A. Formirovanie centrov adaptacii resursov kak neobhodimogo jelementa mezhdunarodnogo sotrudnichestva / Bol’shaja Evrazija: razvitie, bezopasnost’, sotrudnichestvo. Ezhegodnik. – M.: INION RAN, 2018. – Vyp.1, ch.1. – S. 327-328.
3. Julien Duchêne, Colas Le Guernic, Eric Alata, Vincent Nicomette & Mohamed Kaâniche State of the art of network protocol reverse engineering tools. Journal of Computer Virology and Hacking Techniques volume 14, pages53-68 (2018)
4. Razieh Eskandari, Mahdi Shajari & Mojtaba Mostafavi Ghahfarokhi ERES: an extended regular expression signature for polymorphic worm detection. Journal of Computer Virology and Hacking Techniques volume 15, pages177–194 (2019)
5. Hadis Ghanei, Farnoush Manavi & Ali Hamzeh, A novel method for malware detection based on hardware events using deep neural networks. Journal of Computer Virology and Hacking Techniques, volume 17, pages 319-331 (2021)
6. Varshini Reddy, Naimisha Kolli & N. Balakrishnan, Malware detection and classification using community detection and social network analysis. Journal of Computer Virology and Hacking Techniques, volume 17, pages 333-346 (2021)
7. Samanvitha Basole, Fabio Di Troia & Mark Stamp Multifamily malware models. Journal of Computer Virology and Hacking Techniques volume 16, pages79-92 (2020)
8. Mina Ebrahim & Seyed Alireza Hashemi Golpayegani, Anomaly detection in business processes logs using social network analysis. Journal of Computer Virology and Hacking Techniques, volume 18, pages 127-139 (2022)
9. Francesco Mercaldo & Antonella Santone, Audio signal processing for Android malware detection and family identification. Journal of Computer Virology and Hacking Techniques, volume 17, pages 139-152 (2021)
10. Ryzhenko A.A. Piramidal’naja model’ raspredelenija informacionnyh resursov goskorporacij na fasetno-ierarhicheskom urovnevom osnovanii / A.A. Ryzhenko, N.Ju. Ryzhenko // Analiz, modelirovanie, upravlenie, razvitie social’no-jekonomicheskih sistem: sbornik nauchnyh trudov XIII Vserossijskoj s mezhdunarodnym uchastiem shkoly-simpoziuma AMUR-2019, Simferopol’-Sudak, 14-27 sentjabrja 2019 / red. sovet: A.V. Sigal (preds.) i dr. – Simferopol’ : IP Kornienko A.A., 2019. – s. 346-353 ISBN 978-5-6042038-4-2
11. Ryzhenko A.A. Modificirovannyj algoritm virusa polimorfika kak osnova destruktora informacionnoj sredy / Informatika: problemy, metodologija, tehnologii: sbornik materialov XVIII mezhdunarodnoj nauchno-metodicheskoj konferencii: v 7 t. / pod redakciej N.A. Tjukacheva; Voronezh, Voronezhskij gosudarstvennyj universitet, 14-15 fevralja 2019 g. – Voronezh: Izdatel’stvo «Nauchnoissledovatel’skie publikacii» (OOO «Vjelborn»), 2019. – T. 5. – S. 857-861.
12. Jiaxing Cheng, Ying Li, Cheng Huang, Ailing Yu & Tao Zhang ACER: detecting Shadowsocks server based on active probe technology. Journal of Computer Virology and Hacking Techniques volume 16, pages217–227 (2020)
13. Ryzhenko A.A. Model’ destruktora-polimorfa cifrovoj sredy / Problemy upravlenija bezopasnost’ju slozhnyh sistem: materialy HHVI Mezhdunar. konfer., 19 dekabrja 2018 g., Moskva / pod obshh. red. A.O. Kalashnikova, V.V. Kul’by. M.: IPU RAN, 2018. – s. 158-162.
14. Rizwan Ur Rahman & Deepak Singh Tomar, Threats of price scraping on e-commerce websites: attack model and its detection using neural network. Journal of Computer Virology and Hacking Techniques, volume 17, pages 75-89 (2021)
15. Ryzhenko A.A. Bezopasnost’ informacii cifrovoj jekonomiki / A.A. Ryzhenko, N.Ju. Ryzhenko // Aktual’nye problemy i perspektivy razvitija jekonomiki. Trudy Jubilejnoj XX Vserossijskoj s mezhdunarodnym uchastiem nauchno-prakticheskoj konferencii. Simferopol’, 2021. S. 289-291.
16. Systems of Systems Characterization and Types - NATO STO. URL: https://www.sto.nato.int/publications/STO%20Educational%20
Notes/STO-EN-SCI-276/EN-SCI-276-01.pdf (data obrashhenija: 15.08.2023) 

The purpose of the study: formation of methodology for collecting and generating datasets used to develop and test the effectiveness of anomaly and cyber attack detection approaches based on machine learning, including deep learning models. Research methods: methods of system analysis and modeling, machine learning, statistical data analysis. Results obtained: approaches to the formation of training data sets used for the development of anomaly and cyber attack detection methods were investigated and systematized. The methodology of data collection for analyzing the security of industrial cyber-physical systems is developed, the key stages are illustrated on the example of building a test bench of a water treatment plant system designed to study its security against cyber attacks. Scientific novelty: The analysis of the state of arts in the field of forming datasets used to assess the cyber security of industrial systems has shown that there is currently no unified methodology for data collection and validation for testing anomaly and cyber attack detection techniques based on machine learning. The methodology presented in this paper specifies a sequence of interrelated steps that define actions ranging from the formalization of the industrial process to the validation of the acquired data. The sequential execution of these steps will allow the creation of datasets that contain both network data and readings from sensors and actuators of the cyberphysical system, have a clear annotation scheme and are validated against real data from similar systems. Contribution: Igor Kotenko and Elena Fedorchenko -general concept of data collection methodology for cyberphysical systems security research; Igor Kotenko, Elena Fedorchenko and Evgenia Novikova -elaboration of methodology stages; Evgenia Novikova and Elena Fedorchenko -analysis of the state of affairs on the creation of training data sets for the development and testing of analytical models of anomaly and cyber attack detection; Aleksandr Danilov and Igor Saenko -formalization of the flotation process of water treatment development and development of a test bench in accordance with the formulated requirements for the training data set.
Keywords:  cyber security, automated control systems, anomaly and cyber attack detection, training sets, test
bed, water treatment facilities. 

1. Kotenko I.V., Ushakov I.A. [Big data technologies for monitoring computer security] Технологии больших данных для мониторинга компьютерной безопасности. Information security. Inside [Защита информации. Инсайд], No. 3, 2017. pp. 23-33.
2. Kotenko I.V., Levshun D.S., Chechulin A.A., Ushakov I.A., Krasov A.V. [Integrated approach to provide security of cyber-physical systems based on microcontrollers] Комплексный подход к обеспечению безопасности киберфизических систем на основе микроконтроллеров. Cybersecurity issues [Вопросы кибербезопасности]. 2018. No 3 (27). pp.29-38. DOI: 10.21681/2311-3456-2018-3-29-38.
3. Kotenko I., Saenko I., Lauta O., Kribel. [A method for early detection of cyberattacks based on the integration of fractal analysis and statistical methods] Метод раннего обнаружения кибератак на основе интеграции фрактального анализа и статистических методов. Pervaya milya [Первая миля]. 2021. № 6 (98). pp. 64-71. DOI: 10.22184/2070-8963.2021.98.6.64.70
4. Kotenko V.I., Saenko I.B., Kotsynyak M.A., Lauta O.S. [Assessment of Cyber-Resilience of Computer Networks based on Simulation of Cyber Attacks by the Stochastic Networks Conversion Method] Оценка киберустойчивости компьютерных сетей на основе моделирования кибератак методом преобразования стохастических сетей. SPIIRAS Proceedings [Труды СПИИРАН]. 2017. No 6(55). pp.160-184. DOI: https://doi.org/10.15622/sp.55.7.
5. Branitskiy A., Kotenko I., Saenko I. Applying Machine Learning and Parallel Data Processing for Attack Detection in IoT // IEEE Transactions on Emerging Topics in Computing, 2021, vol. 9, no. 4, pp. 1642-1653. DOI: 10.1109/TETC.2020.3006351.
6. Wu Z., Guo Y., Lin W., Yu S., Ji Y. A weighted deep representation learning model for imbalanced fault diagnosis in cyber-physical systems. Sensors, vol. 18, no. 4, 2018, 1096. DOI: 10.3390/s18041096.
7. Canizo M., Triguero I., Conde A., Onieva E. Multi-head CNN–RNN for multi-time series anomaly detection: An industrial case study. Neurocomputing, vol. 363, pp. 246–260, 2019, pp. 246-260. DOI: 10.1016/j.neucom.2019.07.034.
8. Xia F., Chen X., Yu S., Hou M., Liu M., You L. Coupled attention networks for multivariate time series anomaly detection. Arxiv. 2023. URL: https: arxiv.org/pdf/2306.07114.pdf (accessed on: 29.08.2023).
9. Luo Y., Xiao Y., Cheng L., Peng G., Yao D.D., Deep learning-based anomaly detection in cyber-physical systems: Progress and opportunities. ACM Comput. Surv., 2021. vol. 54, no. 5, Article 106, 36 p. DOI: 10.1145/3453155.
10. Kotenko I, Gaifulina D., Zelichenok I. Systematic Literature Review of Security Event Correlation Methods. IEEE Access, 2022, vol. 10, pp. 43387-43420. DOI: 10.1109/ACCESS.2022.3168976.
11. Tushkanova O., Levshun D., Branitskiy A., Fedorchenko E., Novikova E., Kotenko I. Detection of cyber attacks and anomalies in cyberphysical systems: approaches, data sources, evaluation. Algorithms, vol. 16, no. 2, 2023, 85. DOI: 10.3390/a16020085.
12. Conti M., Donadel D., Turrin F. A survey on industrial control system testbeds and datasets for security research. IEEE Communications Surveys & Tutorials, vol. 23, no. 4, pp. 2248-2294, 2021.
13. Lemay A., Fernandez J.M. Providing SCADA network data sets for intrusion detection research. 9th Workshop on Cyber Security Experimentation and Test (CSET 16). Austin, TX: USENIX Association, Aug. 2016.
14. Goh J., Adepu S., Junejo K.N., Mathur A.A dataset to support research in the design of secure water treatment systems. Critical Information Infrastructures Security. Cham: Springer International Publishing, 2017, pp. 88-99. DOI: 10.1007/978-3-319-71368-7_8.
15. Shin H.-K., Lee W., Yun J.-H., Kim H. HAI 1.0: HIL-based augmented ICS security dataset. Proceedings of the 13th USENIX Conference on Cyber Security Experimentation and Test, 2020, pp. 1–1.
16. Dominguez M., Fuertes J.J., Prada M.A., Alonso S., Moran A., Perez D. Design of platforms for experimentation in industrial cybersecurity. Applied Sciences, vol. 12, no. 13, 2022, 6520. DOI: 10.3390/app12136520.
17. Kyzas G.Z., Matis K.A. Flotation in water and wastewater treatment. Processes, vol. 6, no. 8, 2018, 116. DOI: 10.3390/pr6080116.
18. Antonova E.S. [Modeling of wastewater treatment process in a flotation plant with an induction aeration system with dispersant] Моделирование процесса очистки сточных вод во флотационной установке с эжекционной системой аэрации с диспергатором. Bezopsnost’ v technosphere [Безопасность в техносфере]. 2021. № 6 (98). p. 64-71. DOI: 10.22184/2070-8963.2021.98.6.64.70 

Purpose of the work is to develop of a method for input data generation for fuzzing testing of JavaScript engines and its evaluation. Research method studying the patterns of data generation and the percentage of code coverage in order to increase it. The proposed method allows you to generate input data to identify more vulnerabilities during subsequent fuzzing testing, by increasing the percentage of code coverage. Results of the research: the JavaScript engines is the most vulnerable block of the web-browser architecture, as a result, there is a need to constantly increase the volume of analysis/testing of its source code. Fuzzing testing of a web-browser engine based on complexly structured input data, such as JavaScript code, is an urgent task. The paper presents the vulnerabilities of modern web-browsers, as well as key problems that arise when testing JavaScript engines. The most significant problems are: the lack of publicly available syntactically and semantically correct input data for fuzzing testing, the problem of overcoming internal mechanisms for filtering input data, the choice of a rational data mutation algorithm, and the problem of increasing the degree of coverage of the code under test. The authors propose a method for generating input data for fuzzing testing of JavaScript engines, which improves the quality and speed of fuzzing testing. Scientific and practical significance: the results lies in the development of a new method for generating input data for fuzzing testing of JavaScript engines of web-browsers, based on the use of neural network language models, which increases the coverage of the source code.
Keywords: web-browser, JavaScript engine, code coverage, software defects, software vulnerabilities, fuzzing
testing, information security

1. Bytes A. et al. FieldFuzz: In Situ Blackbox Fuzzing of Proprietary Industrial Automation Runtimes via the Network //Proceedings of International Symposium on Research in Attacks, Intrusions and Defenses (RAID). – 2023 ¬ DOI: 10.1145/3607199.3607226.
2. Lee S. et al. Montage: A neural network language model-guided javascript engine fuzzer //Proceedings of the 29th USENIX Conference on Security Symposium. – 2020. – S. 2613-2630, DOI: 10.48550/arXiv.2001.04107.
3. Groß S. Fuzzil: Coverage guided fuzzing for javascript engines // Department of Informatics, Karlsruhe Institute of Technology, 2018.
4. Kozachok A. V. i dr. Obzor issledovanij po primeneniju metodov mashinnogo obuchenija dlja povyshenija jeffektivnosti fazzingtestirovanija // Vestnik Voronezhskogo gosudarstvennogo universiteta, serija: sistemnyj analiz i informacionnye tehnologii. – 2021. – №. 4. – S. 83–106., DOI: 10.17308/sait.2021.4/3800.
5. C. Han. js-vuln-db, A collection of JavaScript engine CVEs with PoCs, 2019. https://github.com/tunz/js-vuln-db.
6. Huang W. et al. testrnn: Coverage-guided testing on recurrent neural networks //arXiv preprint arXiv:1906.08557. – 2019, DOI: 10.48550/arXiv.1906.08557.
7. Gouveia I. P., Völp M., Esteves-Verissimo P. Behind the last line of de-fense: Surviving SoC faults and intrusions //Computers & Security. – 2022. – T. 123. – S. 102920, DOI: 10.1016/j.cose.2022.102920.
8. Fioraldi A. et al. AFL++ combining incremental steps of fuzzing research //Proceedings of the 14th USENIX Conference on Offensive Technologies. – 2020. – S. 10-10.
9. Chao W. C. et al. Design and Implement Binary Fuzzing Based on Libfuzz-er //2018 IEEE Conference on Dependable and Secure Computing (DSC). – IEEE, 2018. – S. 1-2.
10. Peng Chen and Hao Chen. 2018. Angora: Efficient fuzzing by principled search.
11. Österlund S. et al. Parmesan: Sanitizer-guided greybox fuzzing //Proceedings of the 29th USENIX Conference on Security Symposium. – 2020. – S. 2289-2306.
12. Kozachok A. V., Nikolaev D. A., Erohina N. S. Podhody k ocenke po-verhnosti ataki i fazzingu veb-brauzerov // Voprosy kiberbezopasnosti. – 2022. – №. 3 (49). – S. 32–43, DOI: 10.21681/2311-3456-2022-3-32-43.
13. Lin G. et al. Software vulnerability detection using deep neural networks: a survey //Proceedings of the IEEE. – 2020. – T. 108. – №. 10. – S. 1825-1848, DOI: 10.1109/JPROC.2020.2993293.
14. Hanif H. et al. The rise of software vulnerability: Taxonomy of software vulnerabilities detection and machine learning approaches // Journal of Network and Com-puter Applications. – 2021. – T. 179. – S. 103009, DOI: 10.1016/j.jnca.2021.103009.
15. Chernis B, Verma R. Machine Learning Methods for Software Vulnerabil-ity Detection. In: Proceedings of the Fourth ACM International. Workshop on Security and Privacy Analytics ACM. 2018. p. 31–39, DOI: 10.1145/3180445.3180453.
16. Zhu X. et al. Fuzzing: a survey for roadmap // ACM Computing Surveys (CSUR). – 2022. – T. 54. – №. 11s. – S. 1-36, DOI: 10.1145/3512345.
17. Kaloudi N., Li J. The ai-based cyber threat landscape: A survey //ACM Computing Surveys (CSUR). – 2020. – T. 53. – №. 1. – S. 1-34, DOI: 10.1145/3372823.
18. She D, Pei K, Epstein D, Yang J, Ray B, Jana S. NEUZZ: Efficient Fuzzing with Neural Program Smoothing; IEEE Symposium on Security & Privacy; 2019 – s. 38, DOI: 10.1109/SP.2019.00052.
19. Allamanis M. et al. A survey of machine learning for big code and natural-ness //ACM Computing Surveys (CSUR). – 2018. – T. 51. – №. 4. – S. 1-37, DOI: 10.1145/3212695.
20. Karampatsis R. M. et al. Big code! = big vocabulary: Open-vocabulary models for source code //Proceedings of the ACM/IEEE 42nd International Conference on Software Engineering. – 2020. – S. 1073-1085, DOI: 10.1145/3377811.3380342.
21. Hu Jr Z. A Software Package for Generating Code Coverage Reports with Gcov, 2021.
22. Beyer D., Lemberger T. TestCov: Robust test-suite execution and coverage measurement // 34th IEEE/ACM International Conference on Automated Software Engineering (ASE), 2019, pp. 1074-1077, DOI: 10.1109/ASE.2019.00105.

The purpose of the article is an analytical review of web application protection methods. Research method: an analysis of scientific publications on the topic of the article.
Results: the review article analyzes the literature devoted to the protection of web applications from vulnerabilities, as well as software such as web backdoors that are embedded by an attacker to perform illegitimate operations. The high threat of the latter is due to the fact that they can be uploaded to the web server through vulnerabilities, as well as through other paths available to an attacker. In addition, the source code of the web backdoor may be different. All this complicates the process of effective detection. The article provides a classification of protection methods and their comparative characteristics. Special attention is paid to intellectual methods of protection and problems that arise when training models. The main problems are poor-quality, incomplete datasets, as well as the lack of verification by many researchers of their results in real conditions. The scientific novelty lies in the systematization and a fairly extensive review of works in the field of protecting web applications from vulnerabilities and backdoors that can be used by attackers. The work identifies problems related to this area, which emphasizes the importance and relevance of this topic.
Keywords: web vulnerabilities, web backdoors, web shells, machine learning. 

1. Dissanayake N., Dias. K. Web-based Applications: Extending the General Perspective of the Service of Web // 10th International Research Conference of KDU (KDU-IRC 2017) on Changing Dynamics in the Global Environment: Challenges and Opportunities, 2017.
2. Navyashree S., Rashmi R. Hybrid Web Application using Content Management System App used by all platforms // Advances in Computational Sciences and Technology. 2019. Vol. 12. P. 23-36.
3. Adetunji O., Ajaegbu C., Nzechukwu O. Dawning of Progressive Web Applications (PWA): Edging Out the Pitfalls of Traditional Mobile Development // American Scientific Research Journal for Engineering, Technology, and Sciences. 2020. Vol. 68(1). P. 85–99.
4. Zhu T., Weng Z., Fu L., Ruan L. A Web Shell Detection Method Based on Multiview Feature Fusion // Applied Sciences. 2020. Vol. 10(18). P. 1-16.
5. Wu Y., Sun Y., Huang C., Jia P., Liu L. Session-Based Webshell Detection Using Machine Learning in Web Logs // Security and Communication Networks. 2019. Vol. 2019. P. 1-11.
6. Lesko S. A. Modeli i metody zashchity web–resursov: sistematicheskiy obzor // CLOUD OF SCIENCE. 2020. № 3. P. 577-610.
7. Nidhra S. Black Box and White Box Testing Techniques - A Literature Review // International Journal of Embedded Systems and Applications. 2021. Vol. 2. P. 29-50.
8. Martin-Lopez A., Arcuri A., Segura S., Ruiz-Cortes A. Black-Box and White-Box Test Case Generation for RESTful APIs: Enemies or Allies? // Conference: International Symposium on Software Reliability Engineering. 2021. P.1-11.
9. Diaz-Verdejo J., Munoz-Calle J., Estepa A., Estepa R., Madinabeitia G. On the Detection Capabilities of Signature-Based Intrusion Detection Systems in the Context of Web Attacks // Applied Sciences. 2022. Vol. 12. P.1-16.
10. Kumazaki M., Yamaguchi Y., Shimada H., Hasegawa H. WAF Signature Generation with Real-Time Information on the Web // The Fourteenth International Conference on Emerging Security Information, Systems and Technologies. 2020. P. 40-45.
11. Adem T., Cemal G., Omer F. Web tabanlı saldırı önleme sistemi tasarımı ve gerçekleştirilmesi: yeni bir hibrit model // Journal of the Faculty of Engineering and Architecture of Gazi University. 2016. Vol. 31(3). P. 645-653.
12. Berman D., Buczak A., Chavis J., Corbett C. A Survey of Deep Learning Methods for Cyber Security // Information (Switzerland). 2019. Vol. 10. P. 1-35.
13. Chawla S., Chalapathy R. Deep Learning for Anomaly Detection: A Survey // Computer Science. 2019. P.1-47.
14. Applebaum S., Gaber T., Ahmed A. Signature-based and Machine-Learning-based Web Application Firewalls: A Short Survey // Procedia Computer Science. 2021. Vol. 189. P. 359-367.
15. Tekerek A., Bay O. Design and Implementation of an Artificial Intelligence-Based Web Application Firewall Model // Neural Network World. 2019. Vol. 29. P. 189-206.
16. Demetrio L., Valenza A., Costa G., Lagorio G. WAF-A-MoLE: Evading Web Application Firewalls through Adversarial Machine Learning // Conference: 35th Annual ACM Symposium on Applied Computing. 2020. P. 1745-1752.
17. Zheron O. Prikladnoye mashinnoye obucheniye s pomoshchyu Scikit-Learn. Keras i Tensorflow: kontseptsii. instrumenty i tekhniki dlya sozdaniya intelektualnykh sistem. 2 izd.: Per. s angl. / O. Zheron. – SPb.: OOO «Dialektika». 2020. – P. 1040.
18. Goryunov. M.N. Sintez modeli mashinnogo obucheniya dlya obnaruzheniya kompyuternykh atak na osnove nabora dannykh CICIDS2017 / M.N. Goryunov. A.G. Matskevich. D.A. Rybolovlev // Trudy Instituta sistemnogo programmirovaniya RAN. – 2020. – № 32(5). – P. 81-94.
19. Tingting L., Chunhui R., Yusheng F., Jie X., Jinhong G., Xinyu C. Webshell Detection Based on the Word Attention Mechanism // IEEE Access. Deep Learning: Security and Forensics Research Advances and Challenges. 2019. P. 185140 – 185147.
20. Zhuo-Hang L., Han-Bing Y., Rui M. Automatic and Accurate Detection of Webshell Based on Convolutional Neural Network // 15th International Annual Conference, CNCERT 2018. 2018. P. 73-85.
21. Pan Z., Chen Y., Chen Y., Shen Y., Guo X. Webshell Detection Based on Executable Data Characteristics of PHP Code // Wireless Communications and Mobile Computing. 2021. P.1-12.
22. Neamtiu I., Foster J., Hicks M. Understanding source code evolution using abstract syntax tree matching // in Proceedings of the 2005 international workshop on Mining software repositories - MSR ‘05. 2005. P. 1–5.
23. Fu J., Li L., Wang Y. Webshell Detection Based on Convolutional Neural Network // Journal of Zhengzhou University (Natural Science Edition). 2019. Vol 51(2). P. 1-8. 

The research purpose: research of opportunities to increase the hardware security using detection of the register-transfer level schema parts that are at confidentiality violation risk.
Methods: the use of register-transfer level scheme mathematical modeling and the application of classical probabilistic algorithms for Boolean functions property testing to the model in order to locate potentially vulnerable areas in the microcircuit internal logic.
Results: based on the combinational and sequential circuits mathematical model, which defines the internal logic via Boolean function sets, a concrete pipeline microarchitecture model with split states and data transfer has been developed, which allows the one to research using chosen mathematical apparatus further. Singled out the processed by special computing devices data confidentiality intruder model. For the specific pipeline microarchitecture model and the confidentiality violator, that can be placed at any production process stage, the accumulated from the schema data dimension minimization problem has been considered. In the context of the researching model, the complexity analysis of the one algorithms class has been performed. Based on the results of the analysis, modifications of some of the algorithms are proposed. The constructed algorithms make it possible to find the location of input and output pins that are potentially vulnerable to sequential and combinational circuits elements confidentiality violations, by determining the indices of arguments of Boolean functions. The scientific novelty: consists in the one probabilistic algorithms class applicability analysis to the detection vulnerable schema logic device areas problem and in based on the algorithm’s modification implementation in the purpose of vulnerable elements input pins detection accuracy increasing.
Keywords: complex programmable logic device, register-transfer level, pipeline microarchitecture, intruder model, Boolean functions, Boolean circuits, actual arguments. 

1. Antonov A. A., Barabanov A. V., dr. Cifrovoj sintez: prakticheskij kurs / pod obshh. red. A.Ju. Romanova, Ju.V. Panchula. – M.: DMK Press, 2020. – 556 s.
2. Xue M., Gu C., Liu W., et al. Ten years of hardware Trojans: a survey from the attacker’s perspective. // IET Computers & Digital Techniques. 14. pp. 231-246. 2020. DOI: 10.1049/iet-cdt.2020.0041
3. Wan Z., Yu B., et al. A Survey of FPGA-Based Robotic Computing. // IEEE Circuits and Systems Magazine, 21, pp. 48-74. 2020. DOI: 10.1109/MCAS.2021.3071609.
4. Quraishi M., Tavakoli E., Ren F. A Survey of System Architectures and Techniques for FPGA Virtualization. // IEEE Transactions on Parallel & Distributed Systems, vol. 32, no. 09, pp. 2216-2230. 2021. DOI: 10.1109/TPDS.2021.3063670
5. Turincev K. A., Poplavskij D. A., Kalinkina A. A. Apparatnoe sredstvo dlja uskorenija reshenija zadach dizassemblirovanija // MOLODYE UChJoNYE ROSSII: sbornik statej XVII Vserossijskoj nauchno-prakticheskoj konferencii. – Penza: Nauka i Prosveshhenie, 2023. S. 32-37.
6. Zhang J., Qu G. Recent Attacks and Defenses on FPGA-based Systems. ACM Transactions on Reconfigurable Technology Syst. 12, 3, Article 14 (2019), p. 24. 2019. DOI: 10.1145/3340557
7. Demenkova T. A., Pevcov E. F. Apparatno-programmnye resursy zashhity integral’nyh shem i intellektual’nyh sistem // Nauchnotehnicheskij vestnik Povolzh’ja. 2018. № 12. S. 213-218.
8. Huang H., Shen H., Li S., et al. A Hardware Trojan Trigger Localization Method in RTL based on Control Flow Features. 2022 IEEE 31st Asian Test Symposium (ATS), Taichung City, Taiwan, pp. 138-143. 2022. DOI: 10.1109/ATS56056.2022.00036
9. Palumbo A., Cassano L., Luzzi B., Hernandez J., et al. Is your FPGA bitstream Hardware Trojan-free? Machine learning can provide an answer. // Journal of Systems Architecture. Volume 128. 2022. DOI: 10.1016/j.sysarc.2022.102543
10. Chithra C., Kokila J., Ramasubramanian N. Detection of Hardware Trojans using Machine Learning in SoC FPGAs // 2020 IEEE International Conference on Electronics, Computing and Communication Technologies, Bangalore, India. pp. 1-7. 2020. DOI: 10.1109/CONECCT50063.2020.9198475
11. Zhang L., Dong Y., Wang J., et al. A hardware Trojan detection method based on the electromagnetic leakage. China Communications, vol. 16, no. 12, pp. 100-110. 2019. DOI: 10.23919/JCC.2019.12.007
12. Yu S., Gu C., Liu W., et al. A Novel Feature Extraction Strategy for Hardware Trojan Detection 2020 IEEE International Symposium on Circuits and Systems, Seville, Spain, 2020, pp. 1-5. DOI: 10.1109/ISCAS45731.2020.9180479
13. Cruz J., Posada C., Masna N., et al. A Framework for Automated Exploration of Trojan Attack Space in FPGA Netlists. IEEE Transactions on Computers. pp. 1-12. 2023. DOI: 10.1109/TC.2023.3266592
14. Ahmed Q., Platzner M. On the Detection and Circumvention of Bitstream-level Trojans in FPGAs // 2022 IEEE Computer Society Annual Symposium on VLSI , Nicosia, Cyprus. pp. 434-439. 2022. DOI: 10.1109/ISVLSI54635.2022.00097
15. Yang J., Zhang Y., Hua Y., et al. Hardware Trojans Detection Through RTL Features Extraction and Machine Learning. 2021 Asian Hardware Oriented Security and Trust Symposium (AsianHOST), Shanghai, China, pp. 1-4, 2021. DOI: 10.1109/AsianHOST53231.2021.9699658
16. Zhang Q., Liu L., Yuan Y., et al. A Gate-Level Information Leakage Detection Framework of Sequential Circuit Using Z3. // Electronics, 11, 4216. 2022.
17. Matrosova A., Provkin V. Applying Incompletely Specified Boolean Functions for Patch Circuit Generation // 2021 IEEE East-West Design & Test Symposium. Batumi, Georgia. pp. 1-4 2021. DOI: 10.1109/EWDTS52692.2021.9581029
18. Sabri M., Shabani A., Alizadeh B. SAT-Based Integrated Hardware Trojan Detection and Localization Approach Through Path-Delay Analysis // IEEE Transactions on Circuits and Systems II: Express Briefs, vol. 68, no. 8. pp. 2850-2854. 2021. DOI: 10.1109/TCSII.2021.3074549
19. Xie Z., Daowen Q., Guangya C., et al. Testing Boolean Functions Properties. FundamFundamenta Informaticae 182(4). pp. 321-344. 2021. DOI: 10.3233/FI-2021-2076
20. De A., Mossel E., Neeman J. Junta Correlation is Testable // 2019 IEEE 60th Annual Symposium on Foundations of Computer Science, Baltimore, MD, USA. pp. 1549-1563. 2019. DOI: 10.1109/FOCS.2019.00090
21. Harris D. M., Harris S. L. Cifrovaja shemotehnika i arhitektura komp’jutera. / per. s angl. Imagination Technologies. – M.: DMK Press, 2018. – 792 s.: cv. il.
22. Liu Z., Chen X., Servedio R., et al. Distribution-free Junta Testing. ACM Trans. Algorithms 15, 1, Article 1, 23 p. 2018. DOI: 10.1145/3264434
23. Bshouty N. Almost optimal distribution-free junta testing. // 34th Computational Complexity Conference, CCC 2019, NJ, USA. pp. 2:1–2:13, 2019. DOI: 10.4230/LIPIcs.CCC.2019.2

The purpose of the article: adaptation of the logical-probabilistic method of evaluating complex systems to the tasks of building information security systems in a multi-agent system. Research method: during the research, the main provisions of the methodology of structural analysis, system analysis, decision theory, methods of evaluating events under the condition of incomplete information were used. The result: this article continues the consideration of information security issues based on the analysis of the relationship between the subjects and the object of protection. The presentation of the subject and object of protection in the form of an intelligent agent is justified, taking into account the requirements for information protection. Formal definitions of the information security agent and its main characteristics are given: information resource, information flow and access rights of the subject. It is shown that the concept of an information security agent is the basis for identifying structures in an information system. The axiomatics of the relations of the subject and the object as agents of information security, as well as the relations between information resources and information flows within the agent, has been developed. The possibility of determining the state of an agent based on events and messages generated during its operation is shown. Scientific novelty: consideration of information security issues using the apparatus of mathematical and logical relations. Development of formal definitions of the information security agent and its constituent information resources and information flows, which are the basic universal components of the description of structures in the information system. Definition of the concept of an information security agent by considering the mapping of the subject and its goal-setting on the object.
Keywords:  information security model, assessment of complex systems, logical-probabilistic method, theory of relations, system analysis, multi-agent system. 

1. Rjabinin I. A. Reshenie odnoj zadachi ocenki nadezhnosti strukturno-slozhnoj sistemy raznymi logiko-verojatnostnymi metodami / I.A. Rjabinin, A.V. Strukov // Modelirovanie i analiz bezopasnosti i riska v slozhnyh sistemah, Sankt-Peterburg, 19–21 ijunja 2019 goda. – Sankt-Peterburg: Sankt-Peterburgskij gosudarstvennyj universitet ajerokosmicheskogo priborostroenija, 2019. – S. 159-172.
2. Demin A. V. Glubokoe obuchenie adaptivnyh sistem upravlenija na osnove logiko-verojatnostnogo podhoda / A.V. Demin // Izvestija Irkutskogo gosudarstvennogo universiteta. Serija: Matematika. – 2021. – T. 38. – S. 65-83. – DOI 10.26516/1997-7670.2021.38.65
3. Viktorova V.S. Vychislenie pokazatelej nadezhnosti v nemonotonnyh logiko-verojatnostnyh modeljah mnogourovnevyh sistem / V.S. Viktorova, A.S. Stepanjanc // Avtomatika i telemehanika. – 2021. – № 5. – S. 106-123. – DOI 10.31857/S000523102105007X.
4. Leont’ev A.S. Matematicheskie modeli ocenki pokazatelej nadezhnosti dlja issledovanija verojatnostno-vremennyh harakteristik mnogomashinnyh kompleksov s uchetom otkazov / A.S. Leont’ev, M.S. Timoshkin // Mezhdunarodnyj nauchno-issledovatel’skij zhurnal. – 2023. – № 1(127). S. 1 – 13. – DOI 10.23670/IRJ.2023.127.27.
5. Puchkova F.Ju. Logiko-verojatnostnyj metod i ego prakticheskoe ispol’zovanie / F.Ju. Puchkova // Informacionnye tehnologii v processe podgotovki sovremennogo specialista: Mezhvuzovskij sbornik nauchnyh trudov / Ministerstvo prosveshhenija Rossijskoj Federacii; Federal’noe gosudarstvennoe bjudzhetnoe obrazovatel’noe uchrezhdenie vysshego obrazovanija «Lipeckij gosudarstvennyj pedagogicheskij universitet imeni P.P. SEMENOVA-TJaN-ShANSKOGO». Tom Vypusk 25. – Lipeck: Lipeckij gosudarstvennyj pedagogicheskij universitet imeni P.P. Semenova-Tjan-Shanskogo, 2021. – S. 187-193.
6. Rossihina L.V. O primenenii logiko-verojatnostnogo metoda I.A. Rjabinina dlja analiza riskov informacionnoj bezopasnosti / L.V. Rossihina, O.O. Gubenko, M.A. Chernositova // Aktual’nye problemy dejatel’nosti podrazdelenij UIS: Sbornik materialov Vserossijskoj nauchno-prakticheskoj konferencii, Voronezh, 20 oktjabrja 2022 goda. – Voronezh: Izdatel’sko-poligraficheskij centr “Nauchnaja kniga”, 2022. – S. 108-109.
7. Karpov A.V. Model’ kanala utechki informacii na ob#ekte informatizacii / A.V. Karpov // Aktual’nye problemy infotelekommunikacij v nauke i obrazovanii (APINO 2018): VII Mezhdunarodnaja nauchno-tehnicheskaja i nauchno-metodicheskaja konferencija. Sbornik nauchnyh statej. V 4-h tomah, Sankt-Peterburg, 28 fevralja – 01 marta 2018 goda / Pod redakciej S.V. Bachevskogo. Tom 2. – SanktPeterburg: Sankt-Peterburgskij gosudarstvennyj universitet telekommunikacij im. prof. M.A. Bonch-Bruevicha, 2018. – S. 378-382.
8. Metodika kiberneticheskoj ustojchivosti v uslovijah vozdejstvija targetirovannyh kiberneticheskih atak / D.A. Ivanov, M.A. Kocynjak, O.S. Lauta, I.R. Murtazin // Aktual’nye problemy infotelekommunikacij v nauke i obrazovanii (APINO 2018): VII Mezhdunarodnaja nauchno-tehnicheskaja i nauchno-metodicheskaja konferencija. Sbornik nauchnyh statej. V 4-h tomah, Sankt-Peterburg, 28 fevralja – 01 marta 2018 goda / Pod redakciej S.V. Bachevskogo. Tom 2. – Sankt-Peterburg: Sankt-Peterburgskij gosudarstvennyj universitet telekommunikacij im. prof. M.A. Bonch-Bruevicha, 2018. – S. 343-346.
9. Eliseev N. I. Ocenka urovnja zashhishhennosti avtomatizirovannyh informacionnyh sistem juridicheski znachimogo jelektronnogo dokumentooborota na osnove logiko-verojatnostnogo metoda / N.I. Eliseev, D.I. Tali, A.A. Oblanenko // Voprosy kiberbezopasnosti. – 2019. – № 6(34). – S. 7-16. – DOI: 10.21681/2311-3456-2019-6-07-16.
10. Kocynjak M.A. Matematicheskaja model’ targetirovannoj komp’juternoj ataki / M.A. Kocynjak, O.S. Lauta, D.A. Ivanov // Naukoemkie tehnologii v kosmicheskih issledovanijah Zemli. – 2019. – T. 11, № 2. – S. 73-81. – DOI 10.24411/2409-5419-2018-10261.
11. Beljakova T.V. Funkcional’naja model’ processa vozdejstvija celevoj komp’juternoj ataki / T.V. Beljakova, N.V. Sidorov, M.A. Gudkov // Radiolokacija, navigacija, svjaz’: Sbornik trudov XXV Mezhdunarodnoj nauchno-tehnicheskoj konferencii, posvjashhennoj 160-letiju so dnja rozhdenija A.S. Popova. V 6-ti tomah, Voronezh, 16–18 aprelja 2019 goda. Tom 2. – Voronezh: Voronezhskij gosudarstvennyj universitet, 2019. – S. 108-111.
12. Kalashnikov A. O. Infrastruktura kak kod: formiruetsja novaja real’nost’ informacionnoj bezopasnosti / A.O. Kalashnikov, K.A. Bugajskij // Informacija i bezopasnost’. – 2019. – T. 22, № 4. – S. 495-506.
13. Bugajskij K.A. Rasshirennaja model’ otkrytyh sistem (Chast’ 1) / K. A. Bugajskij, D. S. Birin, B. O. Derjabin, S. O. Cependa // Informacija i bezopasnost’. – 2022. – T. 25, № 2. – S. 169-178. – DOI 10.36622/VSTU.2022.25.2.001.
14. Nesterov A. Ju. Problema sub#ekta v iskusstvennoj prirode / A. Ju. Nesterov // Gumanitarnyj vektor. – 2021. – T. 16, № 2. – S. 22-28. – DOI 10.21209/1996-7853-2021-16-2-22-28.