№ 6 (58)

The purpose of the 1st part of the work: on the basis of the analysis of the main strategies of operations and counteroperations in information warfare (IW), to form general provisions of the approach to mathematical modeling in order to propose a model and methods for probabilistic forecasting of particular and integral risks in the 2nd and final part, and with their help to conduct a systematic analysis of the identified opportunities for risk management in IW. Result of research: based on the results of the analysis of strategies of operations and counteroperations (in the 1st part of the article), a model and methods for probabilistic forecasting of particular and integral risks in IW are proposed. Based on their application, examples have been developed to illustrate the efficiency of the proposed approach. For some retrospective data, a systematic analysis of the identified opportunities for risk management in IW was carried out (in the 2nd final part) articles). Scientific novelty: today the impact of heterogeneous threats in the conduct of IW in the international public media space is expressed in purposeful compromising fabrications of a resonant nature (false facts, false intentions) that contribute to the discrediting and discrediting of the reputation of the state, its leadership and other representatives of the authorities. This front side of IoT is visible to all consumers of information, but without an adequate differentiation between “true” and “false”. The study of this on the front side, political science studies are devoted. In contrast to these studies, this paper proposes a mathematical basis for a system analysis of the development of information operations and possible ways to counteract them depending on specific initial data, formed on the basis of facts or estimated hypothetically. The paper examines the possibilities for popular methods of countering operations in IoT with the indication of achievable quantitative estimates for risk management.
Keywords:  probability, reputation, model, forecasting, risk, system analysis, threat.

1. Manojlo A.V. Fejkovye novosti kak ugroza nacional’noj bezopasnosti i instrument informacionnogo upravlenija // Vestnik Moskovskogo universiteta. Serija 12: Politicheskie nauki. — 2019. — № 2. — S. 41–42.
2. Trubeckoj A. Ju. Psihologija reputacii. — M.: Nauka, 2005. — 291 s.
3. Ustinova N. V. Politicheskaja reputacija: sushhnost’, osobennosti, tehnologii formirovanija: dis. kand. polit. nauk. — Ekaterinburg: UGU, 2005. — 166 s.
4. Shishkanova A. Ju. Reputacija politicheskogo lidera: osobennosti i tehnologii formirovanija // Ogarjov-Online. 2016. №7(72). S. 2.
5. Manojlo A. V., Petrenko A. I., Frolov D. B. Gosudarstvennaja informacionnaja politika v uslovijah informacionno-psihologicheskoj vojny. 4-e izd., pererab. i dop. — Gorjachaja linija-Telekom Moskva, 2020. — 636 s.
6. Manojlo A.V. Sovremennaja praktika informacionnyh vojn i psihologicheskih operacij. Virusnye tehnologii i «jepidemii» kaskadnogo tipa na primere operacii po razoblacheniju agenta vlijanija CRU, byvshego vice-prezidenta Venesujely Diosdado Kabel’o 17-21/08/2019. // Nacionalna sigurnost (Nacionalna sigurnost). 2019. Vypusk №3. S. 3-8. URL: https://nacionalna-sigurnost.bg/broi-3/
7. Manojlo A.V. Delo Skripalej kak operacija informacionnoj vojny // Vestnik Moskovskogo gosudarstvennogo oblastnogo universiteta. —2019. — № 1.
8. Manojlo A.V. Cepnye reakcii kaskadnogo tipa v sovremennyh tehnologijah virusnogo rasprostranenija fejkovyh novostej // Vestnik Moskovskogo gosudarstvennogo oblastnogo universiteta (Jelektronnyj zhurnal). — 2020. — № 3.
9. Klimov S. M. Modeli analiza i ocenki ugroz informacionno-psihologicheskih vozdejstvij s jelementami iskusstvennogo intellekta. / Sbornik dokladov i vystuplenij nauchno-delovoj programmy Mezhdunarodnogo voenno-tehnicheskogo foruma «Armija-2018». 2018. S. 273-277.
10. Kostogryzov A. I. Prognozirovanie riskov po dannym monitoringa dlja sistem iskusstvennogo intellekta / BIT. Sbornik trudov Desjatoj mezhdunarodnoj nauchno-tehnicheskoj konferencii – M.: MGTU im. N.Je. Baumana, 2019, ss. 220-229
11. Kostogryzov A., Nistratov A., Nistratov G. (2020) Analytical Risks Prediction. Rationale of System Preventive Measures for Solving Quality and Safety Problems. In: Sukhomlin V., Zubareva E. (eds) Modern Information Technology and IT Education. SITITO 2018. Communications in Computer and Information Science, vol 1201. Springer, pp.352-364. https://www.springer.com/gp/book/9783030468941
12. Kostogryzov A, Nistratov A. Probabilistic methods of risk predictions and their pragmatic applications in life cycle of complex systems. In “Safety and Reliability of Systems and Processes”, Gdynia Maritime University, 2020. pp. 153-174. DOI: 10.26408/srsp-2020
13. Kostogryzov A.I. Podhod k verojatnostnomu prognozirovaniju zashhishhennosti reputacii politicheskih dejatelej ot «fejkovyh» ugroz v publichnom informacionnom prostranstve // Voprosy kiberbezopasnosti. 2023, №3. S. 114–133. DOI:1021681/2311-3456-2023-3-114-133
14. Kostogryzov A., Makhutov N., Nistratov A., Reznikov G. Probabilistic predictive modeling for complex system risk assessments (Verojatnostnoe uprezhdajushhee modelirovanie dlja ocenok riskov v slozhnyh sistemah). Time Series Analysis — New Insights. IntechOpen, 2023, pp. 73-105. http://mts.intechopen.com/articles/show/title/probabilistic-predictive-modelling-for-complex-systemrisk-assessments
15. Kostogryzov A.I.. Nistratov A.A. Analiz ugroz zloumyshlennoj modifikacii modeli mashinnogo obuchenija dlja sistem s iskusstvennym intellektom // Voprosy kiberbezopasnosti. 2023, №5. DOI:1021681/2311-3456-2023-5-9-24, s. 9–24.

The purpose of the article: adaptation of the logical-probabilistic method of evaluating complex systems to the tasks of building information security systems in a multi-agent system. Research method: during the research, the main provisions of the methodology of structural analysis, system analysis, decision theory, category theory, methods for evaluating events under the condition of incomplete information, logical-probabilistic methods were used. The result: this article continues the consideration of information security issues based on the analysis of the relationship between the subjects and the object of protection. It is shown that the state of the agent’s relations can be obtained on the basis of appropriate assessments of states at the level of information resources and information flows from the agent. A scheme of features for representing events from the point of view of information security has been developed and a method for uniform representation of events and messages coming from different sources has been proposed. It is proved that the state of the relationship at the level of an information resource or information flow is determined as a result of the correlation of the current and reference sets of events. It is proved that events and their sets can be represented as multi-place relations of features. It is proved that each feature relation for an event can be named by the first element of the feature scheme. A feature convolution matrix has been developed containing only permitted combinations of feature parameters for sets of events describing the state of relations. It is proved that the application of the convolution matrix gives a linear dependence on the dimension of the sets of events. Formal definitions of the basic actions of the Defender and the Violator on the agent are given. The necessity of making changes to the composition and methods of registering information security events of information resources and information flows is substantiated. Scientific novelty: consideration of information security issues using the apparatus of mathematical and logical relations, as well as category theory. Development of an event convolution matrix based on a categorical approach to determine the state of an agent’s relationships. Proof of the linear dependence of the comparison operations of the current and reference sets of events when using the event convolution matrix. Development of formal definitions of basic agent operations for the Defender and the Violator. Two hypotheses describing the agent’s capabilities in the field of information security are formulated.
Keywords: information security model, assessment of complex systems, logical-probabilistic method, category theory, system analysis, multi-agent system.

1. Ryabinin, I.A. Reshenie odnoj zadachi ocenki nadezhnosti strukturno-slozhnoj sistemy raznymi logiko-veroyatnostnymi metodami / I.A. Ryabinin, A.V. Strukov // Modelirovanie i analiz bezopasnosti i riska v slozhnyh sistemah, Sankt-Peterburg, 19–21 iyunya 2019 goda. – Sankt-Peterburg: Sankt-Peterburgskij gosudarstvennyj universitet aerokosmicheskogo priborostroeniya, 2019. – pp. 159-172.
2. Demin, A.V. Glubokoe obuchenie adaptivnyh sistem upravleniya na osnove logiko-veroyatnostnogo podhoda / A.V. Demin // Izvestiya Irkutskogo gosudarstvennogo universiteta. Seriya: Matematika. – 2021. – T. 38. – pp. 65-83. – DOI 10.26516/1997-7670.2021.38.65.
3. Viktorova, V.S. Vychislenie pokazatelej nadezhnosti v nemonotonnyh logiko-veroyatnostnyh modelyah mnogourovnevyh sistem / V.S. Viktorova, A.S. Stepanyanc // Avtomatika i telemekhanika. – 2021. – № 5. – pp. 106-123. – DOI 10.31857/S000523102105007X.
4. Leont’ev, A.S. Matematicheskie modeli ocenki pokazatelej nadezhnosti dlya issledovaniya veroyatnostno-vremennyh harakteristik mnogomashinnyh kompleksov s uchetom otkazov / A.S. Leont’ev, M.S. Timoshkin // Mezhdunarodnyj nauchno-issledovatel’skij
zhurnal. – 2023. – № 1(127). – pp. 1-13. – DOI 10.23670/IRJ.2023.127.27.
5. Puchkova, F.YU. Logiko-veroyatnostnyj metod i ego prakticheskoe ispol’zovanie / F.YU. Puchkova // Informacionnye tekhnologii v processe podgotovki sovremennogo specialista: Mezhvuzovskij sbornik nauchnyh trudov / Ministerstvo prosveshcheniya Rossijskoj Federacii; Federal’noe gosudarstvennoe byudzhetnoe obrazovatel’noe uchrezhdenie vysshego obrazovaniya «Lipeckij gosudarstvennyj pedagogicheskij universitet imeni P.P. Semenova-Tyan-Shanskogo». Tom Vypusk 25. – Lipeck: Lipeckij gosudarstvennyj pedagogicheskij universitet imeni P.P. Semenova-Tyan-SHanskogo, 2021. – pp. 187-193.
6. Rossihina, L.V. O primenenii logiko-veroyatnostnogo metoda I.A. Ryabinina dlya analiza riskov informacionnoj bezopasnosti / L.V. Rossihina, O.O. Gubenko, M.A. CHernositova // Aktual’nye problemy deyatel’nosti podrazdelenij UIS: Sbornik materialov Vserossijskoj nauchno-prakticheskoj konferencii, Voronezh, 20 oktyabrya 2022 goda. – Voronezh: Izdatel’sko-poligraficheskij centr “Nauchnaya kniga”, 2022. – pp. 108-109.
7. Karpov, A.V. Model’ kanala utechki informacii na ob”ekte informatizacii / A.V. Karpov // Aktual’nye problemy infotelekommunikacij v nauke i obrazovanii (APINO 2018): VII Mezhdunarodnaya nauchno-tekhnicheskaya i nauchno-metodicheskaya konferenciya. Sbornik nauchnyh statej. V 4-h tomah, Sankt-Peterburg, 28 fevralya – 01 marta 2018 goda / Pod redakciej S.V. Bachevskogo. Tom 2. – SanktPeterburg: Sankt-Peterburgskij gosudarstvennyj universitet telekommunikacij im. prof. M.A. Bonch-Bruevicha, 2018. – pp. 378-382.
8. Metodika kiberneticheskoj ustojchivosti v usloviyah vozdejstviya targetirovannyh kiberneticheskih atak / D.A. Ivanov, M.A. Kocynyak, O.S. Lauta, I.R. Murtazin // Aktual’nye problemy infotelekommunikacij v nauke i obrazovanii (APINO 2018): VII Mezhdunarodnaya nauchno-tekhnicheskaya i nauchno-metodicheskaya konferenciya. Sbornik nauchnyh statej. V 4-h tomah, Sankt-Peterburg, 28 fevralya – 01 marta 2018 goda / Pod redakciej S.V. Bachevskogo. Tom 2. – Sankt-Peterburg: Sankt-Peterburgskij gosudarstvennyj universitet telekommunikacij im. prof. M.A. Bonch-Bruevicha, 2018. – pp. 343-346.
9. Eliseev, N.I. Ocenka urovnya zashchishchennosti avtomatizirovannyh informacionnyh sistem yuridicheski znachimogo elektronnogo dokumentooborota na osnove logiko-veroyatnostnogo metoda / N.I. Eliseev, D.I. Tali, A.A. Oblanenko // Voprosy kiberbezopasnosti. – 2019. – № 6(34). – pp. 7-16. – DOI 10.21681/2311-3456-2019-6-07-16.
10. Kocynyak, M.A. Matematicheskaya model’ targetirovannoj komp’yuternoj ataki / M.A. Kocynyak, O.S. Lauta, D.A. Ivanov // Naukoemkie tekhnologii v kosmicheskih issledovaniyah Zemli. – 2019. – T. 11, № 2. – pp. 73-81. – DOI 10.24411/2409-5419-2018-10261.
11. Belyakova, T.V. Funkcional’naya model’ processa vozdejstviya celevoj komp’yuternoj ataki / T.V. Belyakova, N.V. Sidorov, M.A. Gudkov // Radiolokaciya, navigaciya, svyaz’: Sbornik trudov XXV Mezhdunarodnoj nauchno-tekhnicheskoj konferencii, posvyashchennoj 160-letiyu so dnya rozhdeniya A.S. Popova. V 6-ti tomah, Voronezh, 16–18 aprelya 2019 goda. Tom 2. – Voronezh: Voronezhskij gosudarstvennyj universitet, 2019. – pp. 108-111.
12. Kalashnikov, A.O. Infrastruktura kak kod: formiruetsya novaya real’nost’ informacionnoj bezopasnosti / A.O. Kalashnikov, K.A. Bugajskij // Informaciya i bezopasnost’. – 2019. – T. 22, № 4. – pp. 495-506.
13. Bugajskij, K.A. Rasshirennaya model’ otkrytyh sistem (CHast’ 1) / K. A. Bugajskij, D. S. Birin, B. O. Deryabin, S. O. Cependa // Informaciya i bezopasnost’. – 2022. – T. 25, № 2. – pp. 169-178. – DOI 10.36622/VSTU.2022.25.2.001.
14. Kalashnikov A.O. Primenenie logiko-veroiatnostnogo metoda v informatsionnoi bezopasnosti (Chast 1) / Kalashnikov A.O., Bugaiskii K.A., Birin D.S., Deriabin B.O., Tsependa S.O., Tabakov K.V. // Voprosy kiberbezopasnosti. – 2023. – №4(56) – pp. 23-32.
15. Kalashnikov A.O. Primenenie logiko-veroiatnostnogo metoda v informatsionnoi bezopasnosti (Chast 2) / Kalashnikov A.O., Bugaiskii K.A., Anikina E. I., Pereskokov I.S., Petrov An.O., Petrov Al.O., Khramchenkova E.S., Molotov A.A. // Voprosy kiberbezopasnosti. – 2023. – №5(57). – pp. 113-127. DOI:10.21681/2311-3456-2023-6-113-127.
16. Bugajskij, K.A. Rasshirennaya model’ otkrytyh sistem (CHast’ 2) / K.A. Bugajskij, I.S. Pereskokov, A.O. Petrov, A.O. Petrov // Informaciya i bezopasnost’. – 2022. – T. 25, № 3. – pp. 321-330. – DOI 10.36622/VSTU.2022.25.3.001.
17. Bugajskij, K.A. Rasshirennaya model’ otkrytyh sistem (CHast’ 3) / K.A. Bugajskij, B.O. Deryabin, K.V. Tabakov, E.S. Hramchenkova, S.O. Cependa // Informaciya i bezopasnost’. – 2022. – T. 25, № 4. – pp. 501-512.
18. Kalashnikov, A. O. Model kolichestvennogo otsenivaniia agenta slozhnoi seti v usloviiakh nepolnoi informirovannosti / A. O. Kalashnikov, K. A. Bugaiskii // Voprosy kiberbezopasnosti. – 2021. – № 6(46). – pp. 26-35. – DOI 10.21681/2311-3456-2021-6-26-35.
19. Kotenko I. V. Tekhnologii bolshikh dannykh dlia korreliatsii sobytii bezopasnosti na osnove ucheta tipov sviazei / I. V. Kotenko, A. V. Fedorchenko, I. B. Saenko, A. G. Kushnerevich // Voprosy kiberbezopasnosti. – 2017. – № 5(24). – pp. 2-16. – DOI 10.21681/2311-3456-2017-5-2-16.
20. Doinikova, E. V. Sovershenstvovanie grafov atak dlia monitoringa kiberbezopasnosti: operirovanie netochnostiami, obrabotka tsiklov, otobrazhenie intsidentov i avtomaticheskii vybor zashchitnykh mer / E. V. Doinikova, I. V. Kotenko // Trudy SPIIRAN. – 2018. – № 2(57). – pp. 211-240.
21. Kulik, B. A. Logika i matematika: prosto o slozhnykh metodakh logicheskogo analiza / B. A. Kulik. – Sankt-Peterburg: Izdatelstvo «Politekhnika», 2021. – 141 p. – ISBN 978-5-7325-1166-6. – DOI 10.25960/7325-1166-6.

Purpose of work: research of methods for generating indicators of compromise within the infrastructure for use in systems for protecting information and cyber-physical systems. Research method: system analysis of open sources of data on indicators of compromise, methods of extracting them and methods of application when organizing cyber reconnaissance within the protected infrastructure. The result obtained: current problems of extracting indicators of compromise from internal sources in information and cyber-physical systems are formulated. Algorithmic support for the use of such indicators in cyber intelligence processes is proposed. Basic scenarios for using indicators of compromise from internal sources when processing dynamic streams of threat data in the context of changing attack vectors are formulated. It was found that the cyberintelligence industry currently lacks unification in terms of forming compromise indicators based on data from protected systems and further exchange of information between different defenses, but there are a number of dominant formats for the exchange of such data. In the course of the research, the tasks of searching and extracting data from internal sources to enrich cyberintelligence systems and identify targeted attack methods based on the use of proprietary sets of compromise indicators are considered and structured, and methods for their solution are proposed. Scientific novelty: methods for generating indicators of compromise within the protected infrastructure have been reviewed and systematized. Algorithmic support for the use of indicators from internal sources has been developed and basic scenarios for processing such data have been proposed to protect cyber-physical systems in the face of variable attack vectors.
Keywords: indicator of compromise, cyber-intelligence, context, cyber-physical system, security information event management, enrichment, ranking.

1. Abu M.S.; Selamat S.R., Ariffin A., Yusof R. Cyber Threat Intelligence – Issue and Challenges. Indones // Indonesian Journal of Electrical Engineering and Computer Science. – 2018. Vol. 10, no. 1. – P. 371–379.
2. Sauerwein C., Pekaric I., Felderer M., Breu R. An analysis and classification of public information security data sources used in research and practice // Computers & Security. – 2019. – Vol. 82. – P. 140-155.
3. Pala A., Zhuang J. Information sharing in cybersecurity: A review // Decision Analysis. – 2019. – Vol. 16, no. 3. – P. 172-196.
4. Meshherjakov R.V., Ishakov S.Ju. Issledovanie indikatorov komprometacii dlja sredstv zashhity informacionnyh i kiberfizicheskih sistem // Voprosy kiberbezopasnosti. – 2022. – № 5 (51). – S. 82-99. DOI: 10.21681/2311-3456-2022-5-82-89
5. Sauerwein C., Sillaber C., Mussmann A., Breu R. Threat Intelligence Sharing Platforms: An Exploratory Study of Software Vendors and Research Perspectives // Wirtschaftsinformatik und Angewandte Informatik. – 2017. – P. 837-851.
6. Zrahia A. Threat intelligence sharing between cybersecurity vendors: Network, dyadic, and agent views // Journal of Cybersecurity. – 2018. – Vol. 4, issue 1. – P. 1–16.
7. Caballero J., Gomez G., Matic S., Sanchez G., Sebastian S., Villacanas A. The Rise of GoodFATR: A Novel Accuracy Comparison Methodology for Indicator Extraction Tools // Future Generation Computer Systems. – 2023. – Vol. 144. – P. 74-89.
8. Alam M., Bhusal D., Park Y., Rastogi N. Looking Beyond IoCs: Automatically Extracting Attack Patterns from External [Jelektronnyj resurs]. – 2022. –URL: https://arxiv.org/abs/2211.01753 (data obrashhenija 19.09.2023).
9. Allegretta M., Siracusano G., Gonzalez R., Gramaglia M. Are crowd-sourced CTI datasets ready for supporting anti-cybercrime intelligence? // Computer Networks. – 2023. – Vol. 234. – P. 109920.
10. Liu R., Zhao Z., Sun C., Yang X., Gong X., Zhang J. A Research and Analysis Method of Open Source Threat Intelligence Data // Communications in Computer and Information Science (CCIS). – 2017. – Vol. 727. – P. 352–363.
11. Tergeuov O.S., Malikova F.U. Obnaruzhenie i ustranenie DDoS-ataki IoT-botnetov na osnove SIEM // Universum: tehnicheskie nauki. – 2022. – №4-1 (97). – S. 54-63.
12. Tounsi W., Rais H. A survey on technical threat intelligence in the age of sophisticated cyber attacks // Computer Security. – 2018. – Vol. 72. – P. 212–233.
13. Zibak A., Simpson A. Cyber threat information sharing: Perceived benefits and barriers // Proceedings of the 14th International Conference on Availability, Reliability and Security. – Canterbury, UK, 26–29 August 2019. – P. 1–9.
14. Guo Li V., Dunn M., Pearce P., McCoy D., Voelker G., Savage S, Levchenko K. Reading the tea leaves: a comparative analysis of threat intelligence // Proceedings of the 28th USENIX Conference on Security Symposium (SEC’19). – Santa Clara, USA, 14-16 August 2019. – P. 851-867.
15. Schaberreiter T., Kupfersberger V., Rantos K., Spyros A., Papanikolaou A., Ilioudis C., Quirchmayr G. A quantitative evaluation of trust in the quality of cyber threat intelligence sources // Proceedings of the 14th International Conference on Availability, Reliability and Security. – 2019. – P. 1-10.
16. Brown S., Gommers J., Serrano O. From Cyber Security Information Sharing to Threat Management // Proceedings of the 2nd ACM Workshop on Information Sharing and Collaborative Security. – Denver, CO, USA, 12–16 October 2015. – P. 43–49.
17. Wagner C., Dulaunoy A., Wagener G., Iklody A. MISP: The Design and Implementation of a Collaborative Threat Intelligence Sharing Platform // Proceedings of the 2016 ACM on Workshop on Information Sharing and Collaborative Security. – Vienna, Austria, 24 October 2016. – P. 49-56.
18. Wei Y., Bo L., Sun X., Li B., Zhang T., Tao C. Automated event extraction of CVE descriptions // Information and Software Technology. – 2023. – Vol. 158. – P. 107178.
19. Calva M., Beltran M. A Model for risk-Based adaptive security controls // Computers & Security. – 2022. – Vol. 115. – P. 102612.
20. Skopik F. Collaborative Cyber Threat Intelligence: Detecting and Responding to Advanced Cyber Attacks at National Level. – CRC Press: Boca Raton, FL, USA, 2018. – 446 p.
21. Lavrova D.S. An approach to developing the SIEM system for the Internet of Things // Automatic Control and Computer Sciences. – 2016. – Vol. 50. – P. 673-681.
22. Bryant B., Saiedian H. Improving SIEM Alert Metadata Aggregation with a Novel Kill-Chain Based Classification Model // Computers & Security. – 2020. – Vol. 94. – P. 101817.
23. Mavroeidis V., Bromander S. Cyber threat intelligence model: An evaluation of taxonomies, sharing standards, and ontologies within cyber threat intelligence // Proceedings of the 2017 European Intelligence and Security Informatics Conference (EISIC). – Athens, Greece: IEEE, 2017. – P. 91–98.

The goal of the investigation: to develop an approach to building an intrusion detection system based on federated machine learning.
Result: the concept and architecture of an intrusion detection system based on federated machine learning is developed. The proposed architecture includes new components responsible for the organization of federated learning, such as components of data selection, local model training, sensitive information risk assessment, detection of federated learning attacks, and also defines their links with other functional elements of the system. To perform experimental evaluation of the components of the intrusion detection system based on federated learning, the metrics for evaluating their performance are formulated, they allow one to estimate, among other things, the requirements for the computational resources of the system. An approach to modeling the data distribution between the interacting components is proposed, and experimental evaluations of the intrusion detection performance using machine learning models trained in federated mode are obtained. Scientific novelty: literature analysis has shown that the use of federated learning for building intrusion detection systems is associated with a number of open practical problems; in particular, there is no general methodology for building and evaluating the effectiveness of such systems. This paper proposes an architecture of the intrusion detection system that takes into account the practical features of using federated learning, and also presents the results of experimental evaluation of the effectiveness of intrusion detection models trained in federated mode. Contribution: Novikova E.S. and Kotenko I.V. - the general concept and architecture of an intrusion detection system using federated learning, data collection methodology for researching the security of cyber-physical systems; Novikova E.S. and Izrailov K.E. - development of the functionality of individual components of the intrusion detection system, Meleshko A.V. - performing experiments.
Keywords: cybersecurity, cyberphysical systems, detection of anomalies and cyberattacks, distributed machine learning, convolutional neural network, performance assessment.

1. Kotenko I., Izrailov K., Buinevich M. Static Analysis of Information Systems for IoT Cyber Security: A Survey of Machine Learning Approaches . Sensors. 2022. Vol. 22. Iss. 4. pp. 1335. DOI: 10.3390/s22041335.
2. Izrailov K., Buinevich M. [A method for detecting attacks of different genesis on complex objects based on state information. Part 1. Prerequisites and scheme] Метод обнаружения атак различного генеза на сложные объекты на основе информации состояния. Часть 1. Предпосылки и схема. Cybersecurity issues [Вопросы кибербезопасности]. 2023. No 3(55). pp. 90-100. DOI: 10.21681/2311-3456-2023-3-90-100. (in Russian)
3. Izrailov K., Buinevich M. [A method for detecting attacks of different genesis on complex objects based on state information. Part 2. Algorithm, model and experiment] Метод обнаружения атак различного генеза на сложные объекты на основе информации состояния. Часть 2. Алгоритм, модель и эксперимент. Cybersecurity issues [Вопросы кибербезопасности]. 2023. No 4(56). pp. 80-93. DOI: 10.21681/2311-3456-2023-4-80-93. (in Russian)
4. Kotenko I., Saenko I., Lauta O., Kribel. [A method for early detection of cyberattacks based on the integration of fractal analysis and statistical methods] Метод раннего обнаружения кибератак на основе интеграции фрактального анализа и статистических методов. Pervaya milya [Первая миля]. 2021. № 6 (98). pp. 64-71. DOI: 10.22184/2070-8963.2021.98.6.64.70
5. Kotenko V.I., Saenko I.B., Kotsynyak M.A., Lauta O.S. [Assessment of Cyber-Resilience of Computer Networks based on Simulation of Cyber Attacks by the Stochastic Networks Conversion Method] Оценка киберустойчивости компьютерных сетей на основе моделирования кибератак методом преобразования стохастических сетей. SPIIRAS Proceedings [Труды СПИИРАН]. 2017. No 6(55). pp.160-184. DOI: https://doi.org/10.15622/sp.55.7.
6. Branitskiy A., Kotenko I., Saenko I. Applying Machine Learning and Parallel Data Processing for Attack Detection in IoT. IEEE Transactions on Emerging Topics in Computing, 2021, vol. 9, no. 4, pp. 1642-1653. DOI: 10.1109/TETC.2020.3006351.
7. Tushkanova O, Levshun D, Branitskiy A, Fedorchenko E, Novikova E, Kotenko I. Detection of Cyberattacks and Anomalies in CyberPhysical Systems: Approaches, Data Sources, Evaluation. Algorithms. 2023. 16(2):85. DOI: 10.3390/a16020085
8. McMahan H. B., Moore E., Ramage D., Hampson S., Arcas B.A.Y. Communication-efficient learning of deep networks from decentralized data. International Conference on Artificial Intelligence and Statistics, 2016. URL: https://api.semanticscholar.org/CorpusID:14955348 (accessed on: 20.08.2023).
9. Romanov N., Izrailov K., PokusovV. [Intelligent programming support system: machine learning feat. fast development of secure programs] Система поддержки интеллектуального программирования: машинное обучение feat. быстрая разработка безопасных программ. Informatization and communication [Информатизация и связь]. 2021. No 5. pp. 7-17. DOI: 10.34219/2078-8320-2021-12-5-7-16. (in Russian)
10. Astillo P.V., Duguma D.G., Park H., Kim J., Kim B., and You I. Federated intelligence of anomaly detection agent in IoTmd-enabled diabetes management control system. Future Generation Computer Systems, 128:395-405, 2022. ISSN 0167-739X. DOI: 10.1016/j.future.2021.10.023.
11. Campos E.M., Saura P.F., Gonzalez-Vidal A., Hernandez-Ramos J., Bernabe J., Baldini G., and Skarmeta A. Evaluating federated learning for intrusion detection in internet of things: Review and challenges. Computer Networks, 203:108661, 2022. ISSN 1389-1286. doi:https://doi.org/10.1016/j.comnet.2021.108661.
12. Fedorchenko E., Novikova E., and Shulepov A. Comparative review of the intrusion detection systems based on federated learning: Advantages and open challenges. Algorithms, 15(7), 2022. ISSN 1999-4893. DOI::10.3390/a15070247.
13. Friha O., Ferrag M. A., Shu L., Maglaras L., Choo K.-K., and Nafaa M. Felids: Federated learning-based intrusion detection system for agricultural internet of things. Journal of Parallel and Distributed Computing, 165:17–31, 2022. ISSN 0743-7315. DOI: 10.1016/j.jpdc.2022.03.003.
14. Bonawitz K., Ivanov V., Kreuter B., Marcedone A., McMahan H.B., Patel S., Ramage D., Segal A., and Seth K. Practical secure aggregation for privacy-preserving machine learning. Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, CCS ’17, pp.1175–1191, New York, NY, USA, 2017. Association for Computing Machinery. ISBN 9781450349468. DOI:10.1145/3133956.3133982.
15. Stevens T., Skalka C., Vincent C., Ring J., Clark S., and Near J.. Efficient differentially private secure aggregation for federated learning via hardness of learning with errors. Proc. of 31st USENIX Security Symposium (USENIX Security 22), pp.1379–1395, Boston, MA, August 2022. USENIX Association. ISBN 978-1-939133-31-1. URL:https://www.usenix.org/conference/usenixsecurity22/ presentation/stevens (accessed on: 20.08.2023).
16. Aouedi O., Piamrat K., Muller G., and Singh K. Fluids: Federated learning with semi- supervised approach for intrusion detection system. 2022 IEEE 19th Annual Consumer Communications & Networking Conference (CCNC), pp.523–524, 2022. DOI: 10.1109/CCNC49033.2022.9700632.
17. Qin Y. and Kondo M. Federated learning-based network intrusion detection with a feature selection approach. // 2021
International Conference on Electrical, Communication, and Computer Engineering (ICECCE), pp.1–6, 2021. DOI: 10.1109/
ICECCE52056.2021.9514222.
18. Fan Y., Li Y., Zhan M., Cui H., and Zhang Y. Iotdefender: A federated transfer learning intrusion detection framework for 5G IoT . Proc. of 2020 IEEE 14th International Conference on Big Data Science and Engineering (BigDataSE), pp.88–95, 2020. DOI: 10.1109/BigDataSE50710.2020.00020.
19. Nguyen T.D., Marchal S., Miettinen M., Fereidooni H., Asokan N., and Sadeghi A.-R. Diot: A federated self-learning anomaly detection system for IoT. Proc. 2019 IEEE 39th International Conference on Distributed Computing Systems (ICDCS), pp.756–767, 2019.
20. Rey V., Sanchez P.M.S., Celdran A.H., and Bovet G. Federated learning for malware detection in IoT devices. Computer Networks, 204:108693, 2022. ISSN 1389-1286. DOI: 10.1016/j.comnet.2021.108693.
21. Meidan Y., Bohadana M., Mathov Y., Mirsky Y., Shabtai A., Breitenbacher D., and Elovici Y. N-baiot—network-based detection of IoT botnet attacks using deep autoencoders. IEEE Pervasive Computing, 17(3):12–22, 2018. DOI: 10.1109/MPRV.2018.03367731.
22. Sharafaldin I., Lashkari A.H., and Ghorbani A. Toward generating a new intrusion detection dataset and intrusion traffic characterization. Proc. of 4th International Conference on Information Systems Security and Privacy. pp.108–116, 2018. DOI: 10.5220/0006639801080116.
23. Vaccari I., Chiola G., Aiello M., Mongelli M., Cambiaso E. MQTTset, a New Dataset for Machine Learning Techniques on MQTT . Sensors. 2020; 20(22):6578. https://doi.org/10.3390/s20226578.
24. Elsayed M. S., Le-Khac N. -A. and Jurcut A. D. InSDN: A Novel SDN Intrusion Dataset. IEEE Access, vol. 8, pp. 165263-165284, 2020. DOI: 10.1109/ACCESS.2020.3022633.
25. Rodrıguez-Barroso N., Stipcich G., Jimenez-Lopez D., Ruiz-Millan J.A., Martınez-Camara E., Gonzalez-Seco G., M. Luzon V., Veganzones M., and Herrera F. Federated learning and differential privacy: Software tools analysis, the sherpa.ai fl framework and methodological guidelines for preserving data privacy. Information Fusion, 64:270–292, 2020. ISSN 1566-2535. DOI: 10.1016/j.inffus.2020.07.009.
26. Sarhan M., Lo W.W., Layeghy S., and Portmann M. Hbfl: A hierarchical blockchain-based federated learning framework for a collaborative IoT intrusion detection, 2022. URL:https://arxiv.org/abs/2204.04254 (accessed on: 20.08.2023).
27. Moustafa N. The BoT-IoT dataset, 2019. URL https://dx.doi.org/10.21227/r7v2-x988 (accessed on: 20.08.2023).
28. Abdel-Basset M., Moustafa N., Hawash H., Razzak I., Sallam K., and Elkomy O. Federated intrusion detection in blockchain-based smart transportation systems. IEEE Transactions on Intelligent Transportation Systems, 23(3):2523–2537, 2022. DOI: 10.1109/TITS.2021.3119968.
29. Liu H., Zhang S., Zhang P., Zhou X., Shao X., Pu G., and Zhang Y. Blockchain and federated learning for collaborative intrusion detection in vehicular edge computing. IEEE Transactions on Vehicular Technology, 70(6):6073–6084, 2021. DOI: 10.1109/TVT.2021.3076780.
30. Chai H., Leng S., Chen Y., and Zhang K. A hierarchical blockchain-enabled federated learning algorithm for knowledge sharing in internet of vehicles. IEEE Transactions on Intelligent Transportation Systems, 22(7):3975–3986, jul 2021. ISSN 1524-9050. DOI: 10.1109/TITS.2020.3002712.
31. Novikova E., Doynikova E., and Golubev S. Federated learning for intrusion detection in the critical infrastructures: Vertically partitioned data use case. Algorithms, 15(4), 2022. ISSN 1999-4893. DOI: 10.3390/a15040104.
32. Saputra F.A., Salman M., Hasim J.N., Nadhori I.U., Ramli K. The next-generation NIDS platform: Cloud-based snort NIDS using containers and big data. Big Data and Cognitive Computing, 6(1), 2022. ISSN 2504-2289. DOI: 10.3390/bdcc6010019.
33. Gong C., Zheng Z., Wu F., Shao Y., Li B., and Chen G. To store or not? online data selection for federated learning with limited storage. Proc. of the ACM Web Conference 2023, WWW ’23, page 3044–3055, New York, NY, USA, 2023. Association for Computing Machinery. ISBN 9781450394161. DOI: 10.1145/3543507.3583426.
34. Jiang C., Xia C., Liu Z., and Wang T. Feddroidmeter: A privacy risk evaluator for fl- based android malware classification systems. Entropy, 25(7), 2023. ISSN 1099-4300. DOI: 10.3390/e25071053..
35. Blanchard P., El Mhamdi E.M., Guerraoui R., and Stainer J. Machine learning with adversaries: Byzantine tolerant gradient descent. Proc. of the 31st International Conference on Neural Information Processing Systems, NIPS’17, pp.118–128, Red Hook, NY, USA, 2017. Curran Associates Inc. ISBN 9781510860964.
36. Yin D., Chen Y., Kannan R., and Bartlett P. Byzantine-robust distributed learning: Towards optimal statistical rates. Proc. of the 35th International Conference on Machine Learning, volume 80 of Proceedings of Machine Learning Research, pp.5650–5659. PMLR, 10–15 Jul 2018.
37. Cao X., Fang M., Liu J., and Gong N.J. Fltrust: Byzantine-robust federated learning via trust bootstrapping. CoRR, abs/2012.13995, 2020. URL: https://arxiv.org/abs/2012.13995. (accessed on: 20.08.2023).
38. Flower — a friendly framework for federated learning. URL https://flower.dev/. (accessed on: 20.08.2023).
39. Li X., Jiang M., Zhang X., Kamp M., and Dou Q.. Fedbn: Federated learning on non-iid features via local batch normalization. CoRR, abs/2102.07623, 2021. (accessed on: 20.08.2023).
40. Reddi S.J., Charles Z., Zaheer M., Garrett Z., Rush K., Konecny J., Kumar S., and McMahan H.B. Adaptive federated optimization. CoRR, abs/2003.00295, 2020. (accessed on: 20.08.2023).
41. Yin D., Chen Y., Ramchandran K., Bartlett P.L. Byzantine-Robust Distributed Learning: Towards Optimal Statistical Rates. International Conference on Machine Learning. 2018. URL: https://api.semanticscholar.org/CorpusID:3708326 (accessed on: 20.08.2023).
42. Novikova E., Fedorchenko E., Kotenko I.., Kholod I. [Analytical Review of Intelligent Intrusion Detection Systems Based on Federated Learning: Advantages and Open Challenges] Аналитический обзор подходов к обнаружению вторжений, основанных на федеративном обучении: преимущества использования и открытые задачи. Informatics and Automation [Информатика и автоматизация]. 2023. No 22 (5). pp.1034–1082. DOI: DOI:10.15622/ia.22.5.4 (in Russian)

The purpose of the study: to determine the refined semantic meaning, indicator and criterion for assessing the information stability of the process of functioning of a heterogeneous system for detecting, preventing and eliminating the consequences of computer attacks, as well as the formation on their basis of a targeted sequence of actions to obtain a quantitative assessment of the aspect of stability under consideration. Research method: system analysis, system dynamic modeling using algebraic expressions and logical conditions. Research results: the need to develop a scientific and methodological apparatus for assessing the information stability of the process of functioning of a heterogeneous system for detecting, preventing and eliminating the consequences of computer attacks at the stage of its operation under conditions of destructive influences aimed at disrupting its process of functioning and availability has been determined. An analysis of the conceptual apparatus was carried out and terminological vagueness in the subject area under study was identified. A refined semantic meaning, indicator and criterion for assessing the information stability of the process of functioning of the object under consideration under given operating conditions has been generated. Based on the representation of a given object of assessment in the form of a cybernetic system and a system-dynamic model, a system of key indicators and a targeted sequence of actions have been developed to obtain a quantitative assessment of the current level of the sustainability aspect under consideration. Directions for the development of the developed scientific and methodological apparatus for assessing the information stability of the process of functioning of the object under consideration are proposed. The scientific novelty lies in the provision of a theoretically justified formalized approach to assessing the information stability of the process of functioning of a heterogeneous system for detecting, preventing and eliminating the consequences of computer attacks, which, unlike the known ones, allows us to form a scientific and technological basis for obtaining a comprehensive assessment of the stability of a given object and the implementation of the proposed scientific and technical solutions on practice.
Keywords: cybernetic system, system-dynamic model, rate of change of information resource, vulnerability, computer attack, functional-parametric control procedures, disruption of the functioning process, disruption of accessibility. 

1. Kotenko I.V., Saenko I.B., Zakharchenko R.I., Velichko D.V. Subsystem for preventing computer attacks on critical information infrastructure objects: analysis of functioning and implementation // Issues of cybersecurity. 2023. No. 1(53). pp. 13-27. DOI:10.21681/2311-3456-2023-1-13-27.
2. Cybersecurity of the digital industry. Theory and practice of functional resistance to cyber attacks / Ed. Professor of the Russian Academy of Sciences, Doctor of Technical Sciences D.P. Zegrzdy. – M.: Hotline – Telecom, 2022. 560 p.3. Erokhin S.D., Petukhov A.N., Pilyugin P.L. Security management of critical information infrastructures. – M.: Hotline – Telecom, 2023. 240 p.
4. Konovalenko S.A., Korolev I.D., Sekunov V.G. Modeling a system for detecting, preventing and eliminating the consequences of computer attacks // Information systems and technologies. 2022. No. 1(129). pp. 105-113.
5. Information security audit device in automated systems: Pat. 180789 Ross. Federation / applicant, patent holder E.S. Tarazevich, N.I. Volodina, B.S. Ryzhov, V.V. Kiselev, Federal State Budgetary Institution “4th Central Research Institute” of the Ministry of Defense of the Russian Federation. – No. 2017137955; appl. 31.10.2017, publ. 22.06.2018, Bulletin. No. 18. – 10 p.
6. Minaev V.A., Korolev I.D., Konovalenko S.A., Vasiliev D.S., Sekunov V.G. Structural-functional model for simulating computer attacks on automated systems // Bulletin of the Russian New University. Series: Complex systems: models, analysis, control. 2020. No. 1. pp. 3-16. DOI: 10.25586/RNU.V9187.20.01.P.003.
7. Konovalenko, S.A. Model of adaptive control of a system for detecting, preventing and eliminating the consequences of computer attacks // Information and Security. 2022. Vol. No. 25. No. 1. pp. 141-154. DOI: 10.36622/VSTU.2022.25.1.012.
8. Konovalenko S.A. Functional model for the synthesis of a control script for a system for detecting, preventing and eliminating the consequences of computer attacks // Issues of information protection. 2022. No. 2 (137). pp. 3-12. DOI: 10.52190/2073-2600_2022_2_3.
9. Makarenko S.I. Models of a communication system under conditions of deliberate destabilizing influences and reconnaissance. Monograph. – St. Petersburg: High-tech technologies, 2020. 337 p.
10. Mikhailov R.L., Makarenko S.I. Assessing the stability of a communication network under the influence of destabilizing factors // Systems, networks and telecommunication devices. 2013. No. 4. pp. 69-79.
11. Maltsev V.A. Analysis of stability as a complex functional property of the system of maintenance and repair of military equipment // Izvestia of Tula State University. Technical science. 2019. No. 4. pp. 215-221.
12. Digital twins: monograph / ed. P.A. Sozinov. – M.: Radio engineering, 2022. pp. 113-232.
13. Starodubtsev Yu.I., Zakalkin P.V., Ivanov S.A. Structural-functional model of cyberspace // Issues of cybersecurity. 2021. No. 4(44). pp. 16-24. DOI:10.21681/2311-3456-2021-4-16-24.
14. Minaev V.A., Sychev M.P., Vaits E.V., Kirakosyan A.E. Simulation modeling of computer virus epidemics // Bulletin of the Russian New University. Series: Complex systems: models, analysis and control. 2019. No. 3. pp. 3-12. DOI: 10.25586/RNU.V9187.19.03.P.003.
15. Minaev V.A., Sychev M.P., Vaitz E.V., Bondar K.M. System-dynamic modeling of network information operations // Engineering technologies and systems. 2019. Vol. No. 29. No. 1. pp. 20-39. DOI: 10.15507/2658-4123.029.201901.020-039.
16. Konovalenko S.A. Model of a system for comprehensive assessment of the stability of a heterogeneous system for detecting, preventing and eliminating the consequences of computer attacks at the stage of its operation / Questions of defense technology. Episode 16: Technical means of countering terrorism. 2023. No. 3-4 (177-178). pp. 71-81. DOI: 10.53816/23061456_2023_3–4_71.

The purpose of the research is to develop mathematical models for quantitative assessment of indicators of completeness, reliability, relevance and security of information support for organizing and maintaining technical information protection in government agencies, organizations and enterprises The methods of research are: mathematical apparatus of factor analysis, methods of set theory, fuzzy number theory and probability theory. The result of the research: indicators for assessing the quality of information support for technical information protection activities are proposed: completeness, reliability, relevance and security of information necessary for such support; the correlation of these quality indicators with a comprehensive indicator for assessing the effectiveness of information support is revealed. Taking into account the content of the subject area model of technical information protection, it is shown that the completeness, reliability and relevance of security information support is determined by the sets of: functions provided for in the subject area model and actually implemented in the information system; tasks, the solution of which ensures the implementation of functions; information objects and their attributes to be used in accordance with the domain model and actually used in solving information security problems. To assess the indicator of information security required for information support of information protection activities, it is proposed to use a device for fuzzy estimates of the probabilities of the implementation of threats regarding system and user information, violation of the confidentiality, integrity or availability of which can disrupt the information support. Analytical relations have been developed to calculate the quality indicators of in-formation support, makes it possible to quantify the requirements for information support of information protection activities and for the created information support systems for government agencies, organizations and enterprises.
Keywords:  information system, effectiveness, subject area, completeness, reliability, relevance, information
protection.

1. Ju.K.Jazov. Organizacija zashhity informacii v informacionnyh sistemah ot nesankcionirovannogo dostupa: monografija / Ju.K.Jazov, S.V.Solov’ev. Voronezh: Kvarta, 2018. – 588 s.
2. Solov’ev S. V. Informacionnoe obespechenie dejatel’nosti po tehnicheskoj zashhite informacii / S.V. Solov’ev, Ju.K. Jazov / Voprosy kiberbezopasnosti. 2021, №1 (41), s. 69–79. DOI: 10.21681/2311-3456-2021-1-69-79
3. Sjuntjurenko O.V. Informacionnoe obespechenie: faktory razvitija, upravlenie, jeffektivnost’. Nauchno-tehnicheskaja informacija. Serija 2: Informacionnye processy i sistemy. 2016. №6. S 7–15.
4. Trojanovskaja M. A. Informacionnoe obespechenie dejatel’nosti organov gosudarstvennogo upravlenija: ponjatie i znachenie. Mezhdunarodnyj nauchno-issledovatel’skij zhurnal. 2020. №5-2(95). S.100-103.
5. Chernov V. A. Teorija jekonomicheskogo analiza. Izd-vo OOO «Prospekt». – M.: 2017.
6. Sazanova L. A. Analiz osobennostej proizvodstvennoj funkcii Kobba-Duglasa. V sbornike: Aktual’nye tendencii i innovacii v razvitii rossijskoj nauki / sbornik nauchnyh statej. Moskva. 2020. S. 120–123.
7. Kolesnikova, E. V. Modelirovanie razvitija informacionnogo obespechenija organizacionno-tehnicheskih sistem tehnicheskoj zashhity informacii s uchetom prognoza izmenenij predmetnoj oblasti / E. V. Kolesnikova // Sbornik dokladov mezhdunarodnoj konferencii «Radiojelektronnye ustrojstva i sistemy dlja infokommunikacionnyh tehnologij – RJeUS-2016», Rossijskoe nauchno-tehnicheskoe obshhestvo radiotehniki, jelektroniki i svjazi im. A. S. Popova. – 2016. – tom 2 – S. 564–569.
8. Jazov Ju. K. Metodologija ocenki jeffektivnosti zashhity informacii v informacionnyh sistemah ot nesankcionirovannogo dostupa: monografija / Ju.K. Jazov, S.V. Solov’ev. – Sankt-Peterburg: Naukoemkie tehnologii, 2023. – 258 s.
9. Vasil’ev V. I., Vul’fin A. M., Kirillova A. D., Kuchkarova N. V. Metodika ocenki aktual’nyh ugroz i ujazvimostej na osnove tehnologij kognitivnogo modelirovanija i Text Mining // Sistemy upravlenija, svjazi i bezopasnosti. 2021. № 3. S. 110–134. DOI: 10.24412/2410-9916-2021-3-110-134.
10. Butrik E.E. Podhod k opredeleniju aktual’nyh ugroz bezopasnosti informacii v avtomatizirovannyh sistemah upravlenija tehnologicheskimi processami s primeneniem banka dannyh ugroz bezopasnosti informacii FSTJeK Rossii / E.E.Butrik, S.V.Solov’ev // Informacija i bezopasnost’. – Voronezh,2018. – Vypusk 19 (2). – s.203 – 210.
11. Olifer, V.G. Bezopasnost’ komp’juternyh sistem / V.G.Olifer, N.A.Olifer – M.: Gorjachaja linija – Telekom, 2017.– 644 s.: ill.
12. Jazov, Ju.K. Seti Petri-Markova i ih primenenie dlja modelirovanija processov realizacii ugroz bezopasnosti informacii v informacionnyh sistemah: monografija / Ju. K. Jazov, A. V. Anishhenko. – Voronezh: Kvarta,2020. 173 s.
13. Rubcova, I.O. Ob ocenke jeffektivnosti zashhity jelektronnogo dokumentooborota s primeneniem apparata setej Petri-Markova [Tekst] / I. O. Rubcova, Ju. K. Jazov, O.C. Avsent’ev, A.O. Avsent’ev // Trudy SPIIRAN, №5(25) – 2019.
14. Pegat, A. Nechetkoe modelirovanie i upravlenie / A.Pegat; per. s angl.– 2-e izd. – M.: BINOM. Laboratorija znanij, 2015. – 798 s.: il. – (Adaptivnye intellektual’nye sistemy).

Purpose of the paper: research of popular information security processes and measures in information systems with graph DBMS and assessment of their applicability using vulnerability scanning tools and security testing methods.
Methods: graph theory, system analysis, injection protection, input filtering, Brute force.
Results: the main threats and vulnerabilities for graph DBMS have been identified. The analysis of information security processes and measures involved in SQL DBMS allowed the authors to determine a list of measures most suitable for use in graph DBMS. During the study the researchers tested Neo4j‘s security with help of software tools and utilities to identify vulnerabilities which were subsequently eliminated by information security processes and measures. Finally, the investigators checked and assessed security of graph DBMS’s security tools combination. The results obtained have practical significance for various information systems that implement graph DBMS in business processes. They can also be used to develop basic criteria needed when creating or improving graph database management systems. Scientific novelty: the novelty of the research lies in proof of processes’ and measures’ applicability that ensure information security of an information system with a graph DBMS.
Keywords:  graph DBMS, processes and measures, information security, Acunetix, Nmap, OWASP ZAP proxy, Burp Suite, Neo4j, threats, vulnerabilities, vulnerability scanner.

1. Sicari S., Rizzardi A., Coen-Porisini A. Security&privacy issues and challenges in NoSQL databases //Computer Networks. – 2022. – Vol. 206. – pp. 108828. DOI: 10.1016/j.comnet.2022.108828.
2. K.V. Plaksij, A.A. Nikiforov, N.G. Miloslavskaya. Issledovanie grafovyh SUBD, prigodnyh dlya raboty s bol’shimi dannymi pri obnaruzhenii del po otmyvaniyu dohodov, poluchennyh prestupnym putem, i finansirovaniyu terrorizma // Bezopasnost informacionnyh tekhnologij. – 2019. – Vol. 26, № 3. – pp. 103-116. DOI: 10.26583/bit.2019.3.09.
3. Agafonov A. A. i dr. Bezopasnost sistem baz dannyh //Samara: Izd-vo Samar. un-ta. – 2023. – Vol. 1.
4. K.V. Plaksij, A.A. Nikiforov, N.G. Miloslavskaya, L. L. Kulagina. Issledovanie voprosov obespecheniya informacionnoj bezopasnosti grafovyh SUBD, prigodnyh dlya raboty s bol’shimi dannymi, pri obnaruzhenii del po otmyvaniyu dohodov, poluchennyh prestupnym putem, i finansirovaniyu terrorizma. // Bezopasnost informacionnyh tekhnologij. – 2020. Vol. 27, № 4. – pp. 53-64. DOI: 10.26583/bit.2020.4.05
5. Dissanayaka A. M. et al. Security assurance of MongoDB in singularity LXCs: an elastic and convenient testbed using Linux containers to explore vulnerabilities //Cluster Computing. – 2020. – Т. 23. – С. 1955-1971. DOI: 10.1007/s10586-020-03154-7
6. Makarenko S. I., Smirnov G. E. Analiz standartov i metodik testirovaniya na proniknovenie //Sistemy upravleniya, svyazi i bezopasnosti. – 2020. – №. 4. – pp. 44-72. DOI: 10.24411/2410-9916-2020-10402
7. Kore A. et al. Burp Suite Extension for Script based Attacks for Web Applications //2022 6th International Conference on Electronics, Communication and Aerospace Technology. – IEEE, 2022. – С. 651-657. DOI: 10.1109/ICECA55336.2022.10009116
8. Abdullah H. S. Evaluation of open source web application vulnerability scanners //Academic Journal of Nawroz University. – 2020. – Т. 9. – №. 1. – С. 47-52. DOI: 10.25007/ajnu.v9n1a532 
9. Devi R. S., Kumar M. M. Testing for security weakness of web applications using ethical hacking //2020 4th International Conference on Trends in Electronics and Informatics (ICOEI)(48184). – IEEE, 2020. – С. 354-361. DOI: 10.1109/ICOEI48184.2020.9143018
10. Saputra I. P., Utami E., Muhammad A. H. Comparison of anomaly based and signature based methods in detection of scanning vulnerability //2022 9th International Conference on Electrical Engineering, Computer Science and Informatics (EECSI). – IEEE, 2022. – С. 221-225. DOI: 10.23919/EECSI56542.2022.9946485
11. Putra S. A., Budiono A., Hediyanto U. Y. K. S. Vulnerability Assesment Web Proposal Tugas Akhir Mahasiswa Menggunakan Acunetix dan NMAP //eProceedings of Engineering. – 2023. – Т. 10. – №. 2.
12. Kuchkin V. P. Metody zashchity baz dannyh //Problemy nauki. – 2021. – №. 4 (63). – pp. 33-35.
13. Fahd K., Venkatraman S., Hammeed F. K. A comparative study of NoSQL system vulnerabilities with big data //Int. J. Manag. Inf. Technol. – 2019. – Т. 11. – №. 4. – С. 1-19. DOI: 10.5121/ijmit.2019.11401
14. Ankomah E. et al. A Comparative Analysis of Security Features and Concerns in NoSQL Databases //International Conference on Frontiers in Cyber Security. – Singapore : Springer Nature Singapore, 2022. – С. 349-364. DOI: 10.1007/978-981-19-8445-7_22
15. Zirwan A. Pengujian dan Analisis Keamanan Website Menggunakan Acunetix Vulnerability Scanner //Jurnal Informasi dan Teknologi. – 2022. – С. 70-75. DOI: 10.37034/jidt.v4i1.190

The purpose of the work is to determine the requirements for ensuring the basic and additional properties of information security in the interaction of counterparties in information systems related to ensuring the traceability of product quality; to develop and formally verify the method of generation and secure distribution of a session key that meets these requirements.
Result: The use of product quality traceability systems is a powerful tool for solving a wide range of technological and social problems, for example: state control in regulated areas, ensuring consumer safety, forming a competitive advantage of the manufacturer, etc. However, the widespread introduction of such decentralized systems is associated with a number of contradictions, one of which is directly related to the problem of ensuring data confidentiality and the need for their controlled use in the dynamic composition of counterparties and consumers. The paper proposes a direction for overcoming this contradiction by forming scenarios for obtaining controlled access to the private information of the interacting party using cryptographic procedures. To implement such scenarios, a method and a protocol based on it have been developed for generating and distributing a secret session key using a trusted third party. A formal proof of the security of the proposed solution is provided using a specialized tool for protocol verification. The results obtained are primarily focused on application in distributed ledger systems, which involve the division of data into private and public blocks. However, they can also be used in other systems that require confidentiality, accessibility, and unprovability, especially when there are limitations on computing resources. Scientific novelty: consists in the problem-oriented analysis of the specific requirements for ensuring the information security of the process of entering and extracting data into the system for tracking the quality of goods in the given scenarios of its use. Based on the selected requirements, the problem of developing an adapted method for generating and distributing a secret session key between two subscribers with the involvement of a trusted party is formulated and solved. Based on the developed A practical communication protocol is synthesized and a formal proof of compliance with the specified information security requirements, resistance to MITM and repetition attacks is carried out.
Keywords: cybersecurity, confidentiality, non-repudiation, session cryptographic key, distributed register, formal
protocol verification.

1. Petrenko A. S., Petrenko S. A. Metod ocenivanija kvantovoj ustojchivosti blokchejn-platform //Voprosy kiberbezopasnosti. – 2022. – №. 3 (49). – S. 2–22. DOI: 10.21681/2311-3456-2022-3-2-22
2. Komarova A. V., Korobejnikov A. G. Analiz osnovnyh sushhestvujushhih post-kvantovyh podhodov i shem jelektronnoj podpisi //Voprosy kiberbezopasnosti. – 2019. – №. 2 (30). – S. 58-68. DOI: 10.21681/2311-3456-2019-2-58-68
3. Makarov V. V., Volchik O. V. Cifrovizacija sistem menedzhmenta kachestva v neftegazovoj otrasli // Jekonomika i kachestvo sistem svjazi. – 2023. – №. 1 (27). – S. 4–13.
4. Kolesnikova D. et al. Features of information support for decision-making in planning production processes //AIP Conference Proceedings. – AIP Publishing LLC, 2021. – T. 2402. – №. 1. – S. 040036. DOI: 10.1063/5.0071707
5. Usova M., Chuprov S., Viksnin I. Informational space and messages interaction models for smart factory concept //2020 IEEE International Workshop on Metrology for Industry 4.0 & IoT. – IEEE, 2020. – S. 617–621. DOI: 10.1109/MetroInd4.0IoT48571.2020.9138292
6. Lje V., Vu L., Komarov I. I. Obespechenie informacionnoj bezopasnosti v sisteme proslezhivaemosti moreproduktov na osnove tehnologii blokchejna // Nauka i biznes: puti razvitija - 2022. - № 5(131). - S. 97–101
7. Kotenko I.V., Saenko I.B., Zaharchenko R.I., Kapustin A.S., Al’-Barri M.H., Upravlenie dostupom k jelektronnoj informacionnoobrazovatel’noj srede vuzov federal’nyh organov ispolnitel’noj vlasti//Voprosy kiberbezopasnosti. 2023. № 2 (54). S. 73-84. DOI: 10.21681/2311-3456-2023-2-73-84
8. Kulikov A. L., Zinin V. M. Trebovanija k informacionnoj bezopasnosti v jelektrojenergetike i ih realizacija v intellektual’nyh ustrojstvah cifrovyh podstancij //Intellektual’naja jelektrotehnika. – 2022. – №. 3 (19). – S. 49–78. DOI 10.46960/2658-6754_2022_3_49
9. Boldyrev I. A. i dr. Koncepcija raspredeljonnoj IIUS na osnove tehnologij promyshlennogo IoT dlja povyshenija otslezhivaemosti, jekonomichnosti i bezopasnosti sistem mikrogrid //Sovremennye problemy teplofiziki i jenergetiki. – 2020. – S. 489–490.
10. Jazov Ju. K., Avsent’ev A. O. Puti postroenija mnogoagentnoj sistemy zashhity informacii ot utechki po tehnicheskim kanalam // Voprosy kiberbezopasnosti. – 2022. – №. 5. – S. 51. DOI: 10.21681/2311-3456-2022-5-2-13
11. Viksnin I. I., Marinenkov E. D., Chuprov S. S. A Game Theory approach for communication security and safety assurance in cyberphysical systems with Reputation and Trust-based mechanisms //Nauchno-tehnicheskij vestnik informacionnyh tehnologij, mehaniki i optiki. – 2022. – T. 22. – №. 1. – S. 47-59. DOI: 10.17586/2226-1494-2022-22-1-47-59
12. Baljuk A. A., Fin’ko O. A. Mnogoagentnaja autentifikacija cifrovyh dvojnikov v kiberfizicheskih sistemah //Voprosy kiberbezopasnosti. – 2022. – №. 5. – S. 51. DOI: 10.21681/2311-3456-2022-5-100-113
13. Yingwen Chen, Linghang Meng, Huan Zhou, Guangtao Xue, “A Blockchain-Based Medical Data Sharing Mechanism with AttributeBased Access Control and Privacy Protection”, Wireless Communications and Mobile Computing, vol. 2021, Article ID 6685762, 12 pages, 2021. https://doi.org/10.1155/2021/6685762
14. Zheng BK, Zhu LH, Shen M et al. Scalable and privacy-preserving data sharing based on blockchain. Journal of computer science and technology 33(3): 557–567 May 2018. DOI 10.1007/s11390-018-1840-5
15. Yuhan Yang, Lijun Wei, Jing Wu, and Chengnian Long. 2020. Block-SMPC: A Blockchain-based Secure Multi-party Computation for Privacy-Protected Data Sharing. In Proceedings of the 2020 The 2nd International Conference on Blockchain Technology (ICBCT’20). Association for Computing Machinery, New York, NY, USA, March 2020 Pages 46–51. https://doi.org/10.1145/3390566.3391664
16. Mironov A. M. Matematicheskaja model’ i metody verifikacii kriptograficheskih protokolov //Intellektual’nye sistemy. – 2022. – T. 26. – №. 2. – S. 85–144.
17. Nesterenko A. Ju., Semenov A. M. Metodika ocenki svojstv bezopasnosti kriptograficheskih protokolov //Mezhvuzovskaja nauchnotehnicheskaja konferencija studentov, aspirantov i molodyh specialistov imeni E.V. Armenskogo. – 2021. – S. 249–251.
18. Perevyshina E. A., Babenko L. K. Modelirovanie svojstv bezopasnosti autentifikacii kriptograficheskih protokolov s ispol’zovaniem sredstv formal’noj verifikacii SPIN //Informatizacija i svjaz’. – 2020. – №. 3. – S. 21-25. DOI: 10.34219/2078-8320-2020-11-3-21-25
19. Mihajlova A. A., Umanskij S. A., Shustrova A. N. Kriterii i metody ocenki bezopasnosti protokolov autentifikacii // Cifrovaja nauka. – 2021. – №. 6–1. – S. 4–10.

Purpose: analysis of the current state of confidential computing technologies.
Methods: systematization and analysis of existing and developing solutions implementing confidential computing.
Result: The article evaluates threat models of confidential computing hardware technologies, such as Intel TDX, AMD SEV or ARM CCA, and analyzes their implementation. Their common features are revealed and the features of each of the implementations are considered. The main problems faced by developers of such systems are revealed: difficulties with the reuse of existing security technologies and the need to design technologies taking into account the life cycle of the protected software. Each implementation uses different methods to solve these problems. The main advantage of using confidential computing technologies is the processing of data in protected containers, thereby ensuring the confidentiality and integrity of sensitive information. Therefore, solutions of this type can be considered for implementation at the design stage of the architecture of computing systems in the future, allowing them to increase their performance by increasing the efficiency of using computing resources without compromising confidentiality. Novelty: lies in analysis and systematization of solutions implementing the hardware environment of confidential computing. The main features characterizing modern systems of confidential computing, as well as problems arising in the process of developing such systems, are revealed. Significant advances in this area will increase the efficiency of computing by sharing computing resources without compromising privacy.
Keywords: dcloud computing security, hardware trusted execution environment, remote attestation, security of data, information security. 

1. Arakelov G.G. Voprosy primeneniya prikladnoj gomomorfnoj kriptografii // Voprosy kiberbezopasnosti [Cybersecurity issues]. – 2019. – № 5(33). – pp. 70-74.
2. Khlyupin A. A., Saakyan A. O., Nissenbaum O. V. Analiz effektivnosti algoritmov shifrovaniya dlya bezopasnyh mnogostoronnih vychislenij // Matematicheskoe i informacionnoe modelirovanie [Mathematical and information modeling]. – 2023. – pp. 315-324. 3. Mutlu O., Kim J. S. Rowhammer: A retrospective // IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems. – 2019. – Т. 39. – №. 8. – С. 1555-1571.
4. Acosta G. The Role of Vmtheft and Hyperjacking in Virtualization: dissertation – Utica College, 2018.
5. Gross M. et al. Breaking trustzone memory isolation through malicious hardware on a modern fpga-soc //Proceedings of the 3rd ACM Workshop on Attacks and Solutions in Hardware Security Workshop. – 2019. – С. 3-12.
6. Markettos A. T. et al. Thunderclap: Exploring vulnerabilities in operating system IOMMU protection via DMA from untrustworthy peripherals. – 2019.
7. Won Y. S. et al. Practical cold boot attack on iot device-case study on raspberry pi //2020 IEEE International Symposium on the Physical and Failure Analysis of Integrated Circuits (IPFA). – IEEE, 2020. – С. 1-4.
8. Zimerman I., Nachmani E., Wolf L. Recovering AES Keys with a Deep Cold Boot Attack //International Conference on Machine Learning. – PMLR, 2021. – С. 12955-12966.
9. Sardar M. U., Fetzer C. Confidential computing and related technologies: a critical review //Cybersecurity. – 2023. – Т. 6. – №. 1. – С. 1-7.
10. Vaswani K. et al. Confidential machine learning within graphcore ipus //arXiv preprint arXiv:2205.09005. – 2022.
11. Cheng P. C. et al. Intel TDX Demystified: A Top-Down Approach //arXiv preprint arXiv:2303.15540. – 2023.
12. Li X. et al. Design and verification of the arm confidential compute architecture //16th USENIX Symposium on Operating Systems Design and Implementation (OSDI 22). – 2022. – С. 465-484.
13. Bornträger C. et al. Secure your cloud workloads with IBM Secure Execution for Linux on IBM z15 and LinuxONE III //IBM Journal of Research and Development. – 2020. – Т. 64. – №. 5/6. – С. 2: 1-2: 11.
14. Hunt G. D. H. et al. Confidential computing for OpenPOWER //Proceedings of the Sixteenth European Conference on Computer Systems. – 2021. – С. 294-310.
15. Sahita R. et al. CoVE: Towards Confidential Computing on RISC-V Platforms //Proceedings of the 20th ACM International Conference on Computing Frontiers. – 2023. – С. 315-321.

Purpose: To identify the current opportunities for the use of artificial intelligence in the space industry based and to develop proposals that can expand the potential of using artificial intelligence in the exploration of near space, near-Earth orbit to ensure economic, scientific and technological development and security of Russia. Research method: analysis of open data sources on the use of artificial intelligence in the space industry, synthesis and scientific forecasting, expert assessment, factological analysis within the framework of a systems approach, interdisciplinary approach.
Result: the article presents an analysis of the current space situation and the use of artificial intelligence technologies in the space sector, including in control systems of artificial Earth satellites and multi-satellite constellations. The article presents the key factors that determine the feasibility of using artificial intelligence, as well as the main directions of its use in the space industry. The article identifies promising artificial intelligence technologies in space robotics, deep space exploration, monitoring, diagnostics and management of the technical condition of satellites, management of a multi-satellite constellation, and processing of satellite images. The author poses the problems of the influence of the state of the satellite constellation on the level of strategic stability, national and international security; the importance of artificial intelligence for the development of space technologies; training personnel for the space industry based on an interdisciplinary scientific approach. The article proves that the quantitative and qualitative characteristics of a satellite constellation are today one of the most important indicators of the influence and potential of a state in the world. Practical value: Proposals have been developed to expand the potential of using artificial intelligence in the exploration of near space, near-Earth orbit to ensure the economic, scientific and technological development and security of Russia.
Keywords:  space industry, space situation, artificial Earth satellite (AES), artificial intelligence (AI), orbital
constellation, satellite control system, multi-satellite constellation, Russian space potential, interdisciplinary
scientific approach.

1. Datta A. How many satellites orbit Earth and why space traffic management is crucial, 08.23.2020. // https://www.geospatialworld.
net/blogs/how-many-satellites-orbit-earth-and-why-space-traffic-management-is-crucial/, (accessed 23.08.2023).
2. Artificial Intelligence for satellite management: the HMI challenge / Redazione, 28.03.2023. // https://dblue.it/en/artificialintelligence-for-satellite-management-the-hmi-challenge/, (accessed 15.09.2023).
3. Romashkina N.P. Kosmos kak chast’ global’nogo informacionnogo prostranstva v period voennyh dejstvij // Voprosy kiberbezopasnosti. 2022. № 6 (52). S. 100-111, DOI 10.21681/2311-3456-2022-6-100-111.
4. Romashkina N.P. Kosmos kak sfera konfrontacii: sputniki SSHA v novyh realiyah // Informacionnye vojny. 2023. № 2 (66). S. 16-24.
5. Romashkina N.P., Markov A.S., Stefanovich D.V. Information Technologies and International Security : [electronic resource]. – Moscow: IMEMO, 2023. – 111 p. – ISBN 978-5-9535-0613-7. – DOI 10.20542/978-5-9535-0613-7. // https://www.imemo.ru/publications/info/information-technologies-and-international-security.
6. Romashkina N.P. Mezhdunarodno-pravovoj rezhim kontrolya nad kiberoruzhiem v budushchem miroporyadke: ugrozy i perspektivy // Diplomaticheskaya sluzhba. 2023. № 2. S. 150-161. DOI 10.33920/vne-01-2302-07. // https://www.imemo.ru/files/File/ru/publ/2023/DipSluzhba-022023-Romashkina.pdf, (accessed 23.09.2023).
7. Markov A.S., SHeremet I.A. Bezopasnost’ programmnogo obespecheniya v kontekste strategicheskoj stabil’nosti // Vestnik akademii voennyh nauk. 2019. № 2 (67). P. 82–90.
8. Romashkina N. P. Global’nye voenno-politicheskie problemy mezhdunarodnoj informacionnoj bezopasnosti: tendencii, ugrozy, perspektivy // Voprosy kiberbezopasnosti. 2019. №. 1 (29). S. 2–9, DOI: 10.21681/2311–3456-2019-1-2-9.
9. Romashkina N.P., Markov A.S., Stefanovich D.V. Mezhdunarodnaya bezopasnost’, strategicheskaya stabil’nost’ i informacionnye tekhnologii / otv. red. A.V. Zagorskij, N.P. Romashkina. – M.: IMEMO RAN, 2020. – 98 s. DOI: 10.20542/978-5-9535-0581-9. // https://www.imemo.ru/publications/info/romashkina-np-markov-as-stefanovich-dv-mezhdunarodnaya-bezopasnosty-strategicheskayastabilynosty-i-informatsionnie-tehnologii-otv-red-av-zagorskiy-np-romashkina-m-imemo-ran-2020-98-s, (accessed 23.07.2023).
10. Iskusstvennyj intellekt v kosmicheskoj tekhnike: sostoyanie, perspektivy razvitiya // Raketno-kosmicheskoe priborostroenie i informacionnye sistemy, 2019, tom 6, vypusk 1, c. 65–75. DOI 10.30894/issn2409-0239.2019.6.1.65.75.
11. Frąckiewicz M., The Role of Collaborative Robots (Cobots) in Space Exploration, May 15, 2023, https://ts2.space/ru/рольколлаборативных-роботов-кобото-4 (accessed 23.09.2023).
12. Marrero L. M., Merlano-Duncan J. C., Querol J., Kumar S., Krivochiza J., Sharma S. K., Chatzinotas S., Camps A., and Ottersten B. Architectures and Synchronization Techniques for DistributedSatellite Systems: A Survey, IEEE Access, vol. 10, pp. 45 375–45 409,2022.
13. Homssi B. A., Dakic K., Wang K., Alpcan T., Allen B., Kan-deepan S., Al-Hourani A., and Saad W. Artificial Intelligence Tech-niques for Next-Generation Mega Satellite Networks. arXiv preprintarXiv:2207.00414, 2022.
14. Nikolenko S.I., Kadurin A. A., Arhangel’skaya E. O. Glubokoe obuchenie. SPb: Piter, 2018. 480 s.
15. Gorodeckij V. I. Samoorganizuyushchiesya seti agentov — bazovaya model’ gruppovogo i kooperativnogo povedeniya avtonomnyh ob”ektov // Sbornik trudov nauchno-tekhnicheskoj konferencii Minoborony RF «Iskusstvennyj intellekt: problemy i puti resheniya», 14–15 marta 2018. S. 9–15.
16. Lihtenshtejn V. E., Konyavskij V. A., Ross G. V., Los’ V. P. Mul’tiagentnye sistemy. Samoorganizaciya i razvitie. M.: Finansy i statistika, 2018. 264 s.