№ 6 (64)

Objective: The purpose of the entire work is to help system analysts involved in assessing the quality of information systems (IS) operation during their creation, operation, modernization, development, to form the appearance of a comprehensive probabilistic prediction methodology applicable in the interests of ensuring quality and safety, justifying acceptable risks, identifying significant threats and supporting the adoption of scientifically rational system decisions to proactively counter threats in IS life cycle. The purpose of the 2nd part of the work is to detail, in the interests of probabilistic analysis of the properties characterizing information systems operation quality, the general methodological provisions (summarized in the 1st part of the article), by proposing probabilistic models represented in the form of «black boxes». Research methods include: methods of probability theory, methods of system analysis. Formally, «black box» acts as a modeled system when the initial data for modeling and output results are known, but the internal detail structure of the system is unknown. The obtained results of mathematical modeling are used in the interpretation of the original IS, in the interests of which the corresponding calculations are carried out. Results of the 2nd part are: models presented in the form of «black boxes» are proposed for the probabilistic analysis of the composite properties of the IS quality according to GOST R 59341-2021 «System engineering. Protection of information in system information management process». Scientific novelty: The proposed models are aimed at achieving the general purpose of IS operation in various functional applications - to ensure the reliability and timeliness of providing the necessary information, completeness, validity and security (the purpose is formulated in the 1st part of the article). The use of models makes it possible to carry out assessments on a single probabilistic scale of IS operation quality under consideration and its constituent elements, represented as «black boxes». 
Keywords: probability, model, prediction, risk, system, system analysis, threat.

1. Kostogryzov A. I., Nistratov A. A. Metodicheskie polozhenija po verojatnostnomu prognozirovaniju kachestva funkcionirovanija informacionnyh sistem. Chast' 1. Obshhij podhod // Pravovaja informatika, 2024, №3. S. 13–31.
2. Kostogryzov A. I., Petuhov A. V., Shherbina A. M. Osnovy ocenki, obespechenija i povyshenija kachestva vyhodnoj informacii v ASU organizacionnogo tipa. M.: Izd. «Vooruzhenie. Politika. Konversija», 1994. 278 s.
3. Kostogryzov A. I., Lipaev V. V. Sertifikacija kachestva funkcionirovanija avtomatizirovannyh informacionnyh sistem. – M. Izd. «Vooruzhenie, politika, konversija», 1996. 278 s.
4. Kostogryzov A. I., Nistratov G. A. Standartizacija, matematicheskoe modelirovanie, racional'noe upravlenie i sertifikacija v oblasti sistemnoj i programmnoj inzhenerii. – M. Izd. «Vooruzhenie, politika, konversija», 2004, 2-e izd. 2005. 395 s.
5. Kostogryzov A. I., Stepanov P. V. Innovacionnoe upravlenie kachestvom i riskami v zhiznennom cikle sistem – M.: Izd. «Vooruzhenie, politika, konversija», 2008. – 404 s.
6. A. Kostogryzov, A. Nistratov, G. Nistratov SOME APPLICABLE METHODS TO ANALYZE AND OPTIMIZE SYSTEM PROCESSES IN QUALITY MANAGEMENT («Nekotorye prikladnye metody dlja analiza i optimizacii sistemnyh processov v upravlenii kachestvom») // InTech, 2012, ISBN979-953-307-778-8, 2012, pp. 127–196. http://www.intechopen.com/books/total-quality-management-and-six-sigma/
some-applicable-methods-to-analyze-and-optimize-system-processes-in-quality-management
7. Abrosimov N. V., Aleshin A. V., Mahutov N. A. i dr. /Pod red. Mahutova N. A./ Bezopasnost' Rossii. Pravovye, social'no-jekonomicheskie
i nauchno-tehnicheskie aspekty. Nauchnye osnovy tehnogennoj bezopasnosti. M.: MGOF «Znanie», 2015, 936 s.
8. Abrosimov N. V., Mahutov N. A. i dr. / Pod red. Mahutova N. A./ Bezopasnost' Rossii. Pravovye, social'no-jekonomicheskie i nauchnotehnicheskie aspekty. Tehnogennaja, tehnologicheskaja i tehnosfernaja bezopasnost'. M.: MGOF «Znanie», 2018, 1016 s.
9. Probabilistic modeling in system engineering (Verojatnostnoe modelirovanie v sistemnoj inzhenerii). InTechOpen, Edited by A. Kostogryzov, 2018, 279 p. URL: http://www.intechopen.com/books/probabilistic-modeling-in-system-engineering
10. A. Kostogryzov and V. Korolev, Probabilistic Methods for Cognitive Solving of Some Problems in Artificial Intelligence Systems (Verojatnostnye metody dlja kognitivnogo reshenija nekotoryh zadach v sistemah iskusstvennogo intellekta). Probability, combinatorics and
control./ IntechOpen, 2020, pp. 3-34. URL: https://www.intechopen.com/books/probability-combinatorics-and-control
11. Nistratov A. A. Analiticheskoe prognozirovanie integral'nogo riska narushenija priemlemogo vypolnenija sovokupnosti standartnyh
processov v zhiznennom cikle sistem vysokoj dostupnosti. Chast' 1. Matematicheskie modeli i metody // Sistemy vysokoj dostupnosti.
2021. T. 17 № 3, s. 16–31, Chast' 2. Programmno-tehnologicheskie reshenija. Primery primenenija // Sistemy vysokoj dostupnosti.
2022. T. 18 № 2, s. 42–57
12. Kostogryzov A., Makhutov N., Nistratov A., Reznikov G. Probabilistic predictive modeling for complex system risk assessments (Verojatnostnoe uprezhdajushhee modelirovanie dlja ocenok riskov v slozhnyh sistemah). Time Series Analysis – New Insights. IntechOpen,
2023, pp. 73-105. http://mts.intechopen.com/articles/show/title/probabilistic-predictive-modelling-for-complex-system-risk-assessments 
13. Hinchin A. Ja. Raboty po matematicheskoj teorii massovogo obsluzhivanija. – M.: izd-vo Fiz. mat. lit., 1963.
14. Grigolionis V. O shodimosti summ stupenchatyh processov k puassonovskomu // Teorija verojatnosti i ee primenenija. T. 8, 1963, № 2.
15. Gnedenko B. V., Kovalenko I. N. Vvedenie v teoriju massovogo obsluzhivanija. M.: Nauka. 1987.
16. Matveev V. F., Ushakov V. G. Sistemy massovogo obsluzhivanija. M.: MGU, 1984.
17. Kostogryzov A. I., Nazarov L. V. Paketnaja obrabotka trebovanij v sisteme s otnositel'nym prioritetom // Izv. AN SSSR ser. Tehnicheskaja kibernetika. 1981, №3, S.183–187.
18. Balyberdin V. A. Metody analiza mul'tiprogrammnyh sistem. – M. Radio i svjaz', 1982. – 152 s.
19. Balyberdin V. A. Ocenka i optimizacija harakteristik sistem obrabotki dannyh. – M.: Radio i svjaz', 1987. 176 s.
20. Kostogryzov A. I., Matveev V. F. Analiz primenenija kombinirovannoj discipliny obsluzhivanija v sistemah real'nogo vremeni // Izv. AN SSSR ser. Tehnicheskaja kibernetika. 1986, № 6, S.79–84.
21. Kostogryzov A. I. Paketnaja obrabotka zajavok v rezhime ravnomernogo razdelenija processora s preryvaniem // Izv. AN SSSR ser. Tehnicheskaja kibernetika. 1987, № 4, S.88–93.
22. Kostogryzov A. I. Klass prioritetnyh disciplin s kombinirovaniem principov obsluzhivanija v porjadke prioriteta i paketnoj obrabotki zajavok. Analiz ih svojstv i vozmozhnostej primenenija v ASU// Analiz stohasticheskih sistem metodami issledovanija operacij i teorii nadezhnosti. K.: In-t kibernetiki im. V.M.Glushkova AN USSR, 1987. S. 52–55
23. Bezkorovajnyj M.M., Kostogryzov A.I., L'vov V.M. Instrumental'no-modelirujushhij kompleks dlja ocenki kachestva funkcionirovanija informacionnyh sistem KOK. M.: Izd. «Vooruzhenie. Politika. Konversija», 2002. 304 s.
24. Kostogryzov A., Atakishchev O., Nistratov A., Nistratov G., Klimov S., Grigoriev L. The method of rational dispatching a sequence of heterogeneous repair works // Energetica. 2017. Vol.63, No 4, P. 154–162
25. Gostev I. M., Golosov P. E. Analiz jeffektivnosti oblachnoj vychislitel'noj sistemy, obsluzhivajushhej potok zadanij s direktivnymi srokami vypolnenija pri mnozhestvennyh otkazah serverov // Programmnaja inzhenerija. 2023. Tom 14, № 6. S. 278–284. DOI: 10.17587/ prin.14.278-284.
26. Golosov P. E., Gostev I. M. Analiz jeffektivnosti imitacionnyh modelej oblachnyh vychislenij s ispol'zovaniem jelementov iskusstvennogo intellekta / Radiotehnicheskie i telekommunikacionnye sistemy. M. 2023. № 2. S. 29–39.
27. Golosov P. E., Ronzhin A. F. Approaches to execution of sets of tasks with random processing time in coherent computational systems / Proceedings of the International Conference on Modern stochasticity: theory and applications. Kyiv. 10–14.09.2012. S. 33
28. Lyu, Siwei & Farid, Hany. (2005). How Realistic is Photorealistic?. Signal Processing, IEEE Transactions on. 53. 845–850. 10.1109/TSP.2004.839896.
29. Rahmouni, Nicolas & Nozick, Vincent & Yamagishi, Junichi & Echizen, I.. (2017). Distinguishing computer graphics from natural images using convolution neural networks. 1–6. 10.1109/WIFS.2017.8267647.
30. Golosov P. E., Gostev I. M. Optimization of the Distribution of Hash Calculation Tasks Flow at a Priori Given Complexity / Informacionnye tehnologii. 2021. No 5. P. 242–248.

The purpose of the article is to present to the scientific community the developed author's methodology for detecting/preventing a computer attack of the MITM type. The research method. To achieve this goal, the authors used methods of mathematical modeling, comparative analysis, tabular method, as well as methods of experimental and theoretical level.
Result. The article conducted a comparative analysis of software solutions presented in the form of source code on sites like GITHUB, which provide the implementation of an attack in the middle in both local and global networks, as well as an analysis of some MITM-type attack prevention techniques using artificial intelligence (AI) services. Based on this analysis, various logical implementations of the MITM-type attack are identified, as well as vulnerabilities of information systems to a MITM computer attack are presented. Based on the analysis of existing methods of countering these attacks and the identified weaknesses of these methods, the authors propose an author's method of preventing MITM-type attacks, which includes training AI on data sets, connected libraries of different programming languages and algorithmized heuristic models that respond to changes in the logic of user behavior, or the activity of a personal computer, network equipment. The scientific novelty of the article consists in the developed author's methodology for detecting/preventing a computer attack of the MITM type using "predictive" network technologies based on the use of neural networks trained by machine learning methods.
Keywords: Data sets, MITM, attack prevention techniques, heuristic models, user behavior, predictive network technologies.

1. Zharova, A. K. Obespechenie prava na dostup k Internetu i zabvenie v cifrovom prostranstve Rossijskoj Federacii / A. K. Zharova, V. M. Elin // Monitoring pravoprimeneniya. – 2021. – № 2(39). – S. 48–53. – DOI 10.21681/2226-0692-2021-2-48-53. – EDN NEDFXI.
2. Zharova, A. K. Paradigma cifrovogo profilirovaniya deyatel'nosti cheloveka: riski, ugrozy, prestupleniya / A. K. Zharova, V. M. Elin, A. V. Minbaleev. – Moskva: Obshchestvo s ogranichennoj otvetstvennost'yu \«Rusajns»\, 2022. – 240 s. – ISBN 978-5-466-00766-4. – EDN DNKVPR.
3. Zharova, A. The Bayes model for the protection of human interests / A. Zharova, V. Elin, M. Levashov // International Journal of Electrical and Computer Engineering. – 2023. – Vol. 13, No. 6. – P. 6419-6425. – DOI 10.11591/ijece.v13i6.pp6419-6425. – EDN CFNXXA.
4. Karckhiya, A. A. Pravovye gorizonty tekhnologij iskusstvennogo intellekta: nacional'nyj i mezhdunarodnyj aspekt / A. A. Karckhiya, G. I. Makarenko // Voprosy kiberbezopasnosti. – 2024. – № 1(59). – S. 2–14. – DOI 10.21681/2311-3456-2024-1-2-14. – EDN JTGKFM.
5. Dobryshin, M. M. Osobennosti primeneniya informacionno-tekhnicheskogo oruzhiya pri vedenii sovremennyh gibridnyh vojn / M. M. Dobryshin // I-methods. – 2020. – T. 12, № 1. – S. 1–11. – EDN PPGYRU.
6. Yamin M. M., Ullah M., Ullah H., Katt B.Weaponized AI for Cyber Attacks // https://ntnuopen.ntnu.no/ntnu-xmlui/bitstream/ handle/11250/3021130/Weaponized_AI_for_Cyber_Attacks__2_.pdf?sequence=1 (Data obrashcheniya 20.09.2024)
7. Sychev, D. I. Metody mashinnogo i glubokogo obucheniya dlya sistem obnaruzheniya vtorzhenij: obzor i analiz / D. I. Sychev // Mezhdunarodnyj zhurnal informacionnyh tekhnologij i energoeffektivnosti. – 2023. – T. 8, № 4(30). – S. 9–17. – EDN CFCXQS.
8. Talukder, M. A., Islam, M. M., Uddin, M .A. et al. Machine learning-based network intrusion detection for big and imbalanced data using
oversampling, stacking feature embedding and feature extraction. J Big Data 11, 33 (2024). https://doi.org/10.1186/s40537-024-
00886-w
9. Shilovskij, G. V. Vozmozhnost' realizacii pravdopodobnyh algoritmov glubokogo obucheniya na nebol'shih nejronnyh setyah so skrytymi sloyami / G. V. Shilovskij, V. M. Yulkova // Vestnik komp'yuternyh i informacionnyh tekhnologij. – 2020. – T. 17, № 12(198). –
S. 14–19. – DOI 10.14489/vkit.2020.12.pp.014-019. – EDN KJJLTW.
10. Getman A .I., Goryunov M. N., Matskevich A. G., Rybolovlev D. A., Nikolskaya A. G. Deep Learning Applications for Intrusion Detection
in Network Traffic. Trudy ISP RAN/Proc. ISP RAS, vol. 35, issue 4, 2023 pp. 65–92 (in Russian). DOI: 10.15514/ISPRAS-2023-35(4)-3.
11. Avishek Joey Bose and Parham Aarabi. Adversarial attacks on face detectors using neural net based constrained optimization. In 2018
IEEE 20th Interna-tional Workshop on Multimedia Signal Processing (MMSP), pages 1–6. IEEE, 2018. 30
12. Sposoby osushchestvleniya special'nyh programmnyh vozdejstvij na radioelektronnye ob"ekty. Ataki Man-In-The-Middle / I. G. Golovenkin, Yu. Yu. Gromov, Yu. A. Gubskov, O. G. Ivanova // Promyshlennye ASU i kontrollery. – 2018. – № 9. – S. 11–18. – EDN MAAYRV.
13. Samuel G Finlayson, Hyung Won Chung, Isaac S Kohane, and Andrew L Beam. Adversarial attacks against medical deep learning systems. arXiv preprint arXiv:1804.05296, 2018.
14. Christakopoulou K. and Banerjee A. Adversarial attacks on an oblivious recommender. In Proceedings of the 13th ACM Conference on Recommender Systems, pages 322–330, 2019.
15. Yisroel Mirsky, Tom Mahler, Ilan Shelef, and Yuval Elovici. Ct-gan: Malicious tampering of 3d medical imagery using deep learning. arXiv preprint arXiv:1901.03597, 2019.
16. Juncheng B Li, Shuhui Qu, Xinjian Li, J Zico Kolter, and Florian Metze. Adversarial music: Real world audio adversary against wake-word detection system. arXiv preprint arXiv:1911.00126, 2019.
17. Aritran Piplai, Sai Sree Laya Chukkapalli, and Anupam Joshi. Nattack! adversarial attacks to bypass a gan based classifier trained to detect network intrusion. arXiv preprint arXiv:2002.08527, 2020.
18. Eirini Anthi, Lowri Williams, Matilda Rhode, Pete Burnap, Adam Wedgbury. Adversarial attacks on machine learning cybersecurity defences in Industrial Control Systems //Journal of Information Security and Applications 58 (2021) 102717
19. Anthi E., Williams L., Rhode M., Burnap P., Wedgbury A. Adversarial attacks on machine learning cybersecurity defences in Industrial Control Systems //Journal of Information Security and Applications 58 (2021) 102717
20. Fadi Boutros, Naser Damer, Kiran Raja, Raghavendra Ramachandra, Florian Kirchbuchner, and Arjan Kuijper. Iris and periocular biometrics for head mounted displays: Segmentation, recognition, and synthetic data generation. Image and Vision Computing, 104:104007, 2020.
21. Chowdary P., Challa Y., Jitendra M.Identification of MITM Attack by Utilizing Artificial Intelligence Mechanism in Cloud Environments //  International conference on computer vision and machine learning IOP Conf. Series: Journal of Physics: Conf. Series 1228 (2019) 012044 IOP Publishing doi:10.1088/1742-6596/1228/1/012044

The purpose of the study: analysis and systematization of a new type of information security vulnerabilities and attacks, which is Protestware, as well as analysis of existing approaches to counter this threat in order to develop new promising methods for automating the process of detecting Protestware when analyzing program code, taking into account the Secure Software Development Lifecycle (SSDL) methodology. Research methods: system analysis, methods for automating the search for program code vulnerabilities, static code analysis, machine learning using Support Vector Machines and Naive Bayes Classifier. Results obtained: a new type of malicious software, which is Protestware, has been identified and analyzed. Well-known examples and features of such software are analyzed. The risks and problems associated with the spread of Protestware are described. The types and possible sources of Protestware occurrence are identified. The possibilities of using malware detection methods to detect Protestware are considered. Methods are proposed to automate the process of searching for Protestware in relation to large organizations, based on taking into account the principles of SSDL, the use of special static code analyzers and software code inventory technology. An approach to Protestware detection based on the use of machine learning methods has been implemented and experimentally evaluated. Recommendations are given for selecting machine learning models to improve the efficiency of Protestware detection. Scientific novelty: an analysis of works on the topic of Protestware, as well as examples of its manifestation, showed that currently Protestware is a new type of malicious software, for protection against which there are practically no effective means and methods. The results presented in the work summarize known approaches to systematizing Protestware and methods of protection against it. The approach to detecting Protestware implemented in the work differs from the known ones by using machine learning methods using Support Vector Machine models and Naive Bayesian Classifier. The results obtained during the experimental evaluation of the proposed approach make it possible to formulate proposals for the selection of machine learning models that provide the greatest accuracy in Protestware detection. Contribution: Igor Kotenko and Igor Saenko - the general concept of analysis and systematization of Protestware and the sources of its occurrence; Igor Kotenko and Oleg Lauta - formalization of methods for detecting Protestware; Artemy Yuryev and Mikhail Zaprudnov - implementation and experimental evaluation of an approach to Protestware detection based on machine learning; Igor Kotenko and Igor Saenko - discussion of the results of evaluating the proposed approach.
Keywords: : information security, intrusion detection, vulnerability detection, support vector machine, naive bayes classifier.

1. Postnikov N. A. [Principles of secure software development] Принципы безопасной разработки программного обеспечения. Security of information technologies: Proceedings of III All-Russian scientific-technical conference. [Безопасность информационных технологий: сб. науч. ст. по материалам III Всерос. науч.-техн. конф.], 2021; Vol. 1. P. 95–104.
2. Ramirez A., Aiello A., Lincke S. J. A Survey and Comparison of Secure Software Development Standards // 2020 13th CMI Conference on Cybersecurity and Privacy (CMI) – Digital Transformation – Potentials and Challenges(51275). IEEE, New York, NY, USA, 2020. P. 1–6. DOI: 10.1109/CMI51275.2020.9322704.
3. Kotenko I., Izrailov K., Buinevich M., Saenko I., Shorey R. Modeling the Development of Energy Network Software, Taking into Account the Detection and Elimination of Vulnerabilities // Energies. 2023. Vol. 16, No. 13. P. 5111. DOI: 10.3390/en16135111.
4. Putra A. M., Kabetta H. Implementation of DevSecOps by Integrating Static and Dynamic Security Testing in CI/CD Pipelines // 2022 IEEE International Conference of Computer Science and Information Technology (ICOSNIKOM). IEEE, New York, NY, USA, 2022. P. 1–6. DOI: 10.1109/ICOSNIKOM56551.2022.10034883.
5. Kula R. G., Treude C. In war and peace: the impact of world politics on software ecosystems // Proceedings of the 30th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE 2022). ACM, New York, NY, USA, 2022. P. 1600–1604. DOI: 10.1145/3540250.3560882.
6. Lundell B., Butler S., Fischer Th., Gamalielsson J., Brax Ch., Feist J. Effective Strategies for Using Open Source Software and Open Standards in Organizational Contexts: Experiences From the Primary and Secondary Software Sectors // IEEE Software. 2022. Vol. 39, No. 1. P. 84–92. DOI: 10.1109/MS.2021.3059036.
7. Isabekov V. [Protestware: how to protect code?] Protestware: как защитить код? – URL: ttps://dzen.ru/a/Ze7CK2OU7E9Ffcoz (accessed: 05/25/2024).
8. Christian M., Fabian O., Martin P. DValidator: An approach for validating dependencies in build configurations // Journal of Systems and Software. 2024. Vol. 209. P. 111916. DOI: 10.1016/j.jss.2023.111916.
9. Azarycheva M. A., Korsunsky A. S. [Construction and implementation of an incident detection module based on the signature method of event analysis] Построение и реализация модуля выявления инцидентов на основе сигнатурного метода анализа событий. Automation of Control Processes [Автоматизация процессов управления]. 2022. No. 4 (70). P. 41–50. DOI: 10.35752/1991-2927_2022_4_70_41.
10. Anand P., Shankar Singh A. Penetration Testing Security Tools: A Comparison // 2021 10th International Conference on System Modeling & Advancement in Research Trends (SMART). IEEE, New York, NY, USA, 2021. P. 182–184. DOI: 10.1109/SMART52563.2021.9676283.
11. Foo D., Yeo J., Xiao H. The Dynamics of Software Composition Analysis. ArXiv: abs/1909.00973. 2019. DOI: 10.48550/arXiv.1909.00973.
12. Xia B., Bi T., Xing Z., Lu Q., Zhu L. An Empirical Study on Software Bill of Materials: Where We Stand and the Road Ahead // Proceedings of the 45th International Conference on Software Engineering (ICSE '23). 2023. P. 2630–2642. DOI: 10.1109/ICSE48619.2023.00219.
13. Sarker I. H. Machine learning: algorithms, real-world applications and research directions // SN Comput. Sci. 2021. Vol. 2, No. 3. Article No. 160. DOI: 10.1007/s42979-021-00592-x.
14. Koroteev M. V. [Machine learning basics in Python] Основы машинного обучения на Python. М.: LLC «Publishing House «KnoRus», 2024.
15. Zhang Y., Sakhanenko L. The naive Bayes classifier for functional data // Statistics & Probability Letters. 2019. Vol. 152. P. 137–146. DOI: 10.1016/j.spl.2019.04.017. 

The research aims to develop methods for detecting and suppressing the consequences of cyber-attacks in secondary voltage regulation in multi-agent control systems of cyber-physical microgrids. The research relies on the machine learning methods, probabilistic methods. Research result: an isolation forest algorithm for automatic detection of cyber-attacks and an algorithm for data recovery based on the k-nearest neighbors method were developed. The scientific novelty lies in the fact that the proposed method for detecting cyber-attacks and improving information quality creates opportunities for robustness, adaptation and recovery of multi-agent systems in case of cybersecurity breaches.
Keywords: cyber-physical microgrid, multi-agent system, intelligent control, identification of cyber-attacks, detectionmof bad data, improving information quality. 

1. N. Voropai. Electric Power System Transformations: A Review of Main Prospects and Challenges // Energies, 2020, vol. 13(21), 5639. DOI:10.3390/en13215639
2. Ilyushin P. V. Sistemnyj podhod k razvitiyu i vnedreniyu raspredelennoj energetiki i vozobnovlyaemyh istochnikov energii v Rossii // Energetik, 2022, 4, s. 20–27.
3. Nisha T. N., Pramod D. Sequential pattern analysis for event-based intrusion detection // International Journal of Information and Computer Security, 2019, 11(4/5), 476. DOI:10.1504/ijics.2019.101936
4. C. Li, M. Qiu. Reinforcement Learning for Cyber-Physical Systems: with Cybersecurity Case Studies. Chapman and Hall/CRC, 2019. 
5. S. Gaba et al. A Systematic Analysis of Enhancing Cyber Security Using Deep Learning for Cyber Physical Systems // IEEE Access,
2024, vol. 12, pp. 6017–6035. DOI: 10.1109/ACCESS.2023.3349022
6. F. O. Olowononi, D. B. Rawat and C. Liu. Resilient Machine Learning for Networked Cyber Physical Systems: A Survey for Machine
Learning Security to Securing Machine Learning for CPS // in IEEE Communications Surveys & Tutorials, Firstquarter 2021, vol. 23,
no. 1, pp. 524–552. DOI: 10.1109/COMST.2020.3036778
7. Ilyushin P. V., Vol'nyj V. S. Obzor struktur mikrosetej nizkogo napryazheniya s raspredelennymi istochnikami energii // Relejnaya zashchita i avtomatizaciya [Relay protection and automation]. 2023, № 1(50), s. 68–80.
8. Mahela O. P., Khosravy M., Gupta N., et al. Comprehensive Overview of Multi-agent Systems for Controlling Smart Grids // CSEE Journal of Power and Energy Systems, 2022, Vol. 8, No. 1, pp. 115-131. DOI: 10.17775/CSEEJPES.2020.03390
9. Jabbar M. A. M., Tran D. T., Kim K. -H. Decentralized Power Flow Control Strategy Using Transition Operations of DC-Bus Voltage
for Detection of Uncertain DC Microgrid Operations // Sustainability, 2023, Vol. 15, 11635. DOI: 10.3390/su151511635
10. Takayama S., Ishigame A. Volt–Var curve determination method of smart inverters by multi-agent deep reinforcement learning // International Journal of Electrical Power & Energy Systems, 2024, Vol. 157, 109888. DOI: 10.1016/j.ijepes.2024.109888
11. Tomin N., Voropai N., Kurbatsky V., Rehtanz C. Management of Voltage Flexibility from Inverter-Based Distributed Generation Using Multi-Agent Reinforcement Learning // Energies, 2021, 14(24), 8270. DOI: 10.3390/en14248270
12. Gurina L. A. Ocenka riskov kiberbezopasnosti energeticheskogo soobshchestva mikrosetej // Voprosy kiberbezopasnosti [Cybersecurity issues], 2024, 1(59), s. 101–107. DOI: 10.21681/2311-3456-2024-1-101-107
13. H. Zhang, D. Yue, C. Dou and G. P. Hancke/ Resilient Optimal Defensive Strategy of Micro-Grids System via Distributed Deep Reinforcement Learning Approach Against FDI Attack // in IEEE Transactions on Neural Networks and Learning Systems, Jan. 2024, vol. 35, no. 1, pp. 598–608. DOI: 10.1109/TNNLS.2022.3175917
14. I. Tasevski and K. Jakimoski. Overview of SQL Injection Defense Mechanisms // 2020 28th Telecommunications Forum (TELFOR), Belgrade, Serbia, 2020, pp. 1-4. DOI: 10.1109/TELFOR51502.2020.9306676
15. B. Abazi and E. Hajrizi. Practical analysis on the algorithm of the Cross-Site Scripting Attacks // 2022 29th International Conference on Systems, Signals and Image Processing (IWSSIP), Sofia, Bulgaria, 2022, pp. 1-4. DOI: 10.1109/IWSSIP55020.2022.9854491
16. Mode, G. R.; Calyam, P.; Hoque, K. A. False data injection attacks in internet of things and deep learning enabled predictive analytics. arXiv 2019, arXiv:1910.01716.
17. Y. Gao, H. Hasegawa, Y. Yamaguchi and H. Shimada. Malware Detection by Control-Flow Graph Level Representation Learning With Graph Isomorphism Network // in IEEE Access, 2022, vol. 10, pp. 111830-111841. DOI: 10.1109/ACCESS.2022.3215267
18. T. Li, B. Chen, L. Yu and W. -A. Zhang. Active Security Control Approach Against DoS Attacks in Cyber-Physical Systems // in IEEE Transactions on Automatic Control, Sept. 2021, vol. 66, no. 9, pp. 4303-4310. DOI: 10.1109/TAC.2020.3032598
19.	 X. Xie, Y. Liu and B. Xu, Resilient event-triggered control for cyber-physical systems under stochastic-sampling and denial-of-service attacks // 2021 40th Chinese Control Conference (CCC), Shanghai, China, 2021, pp. 4702–4708. DOI: 10.23919/CCC52363.
2021.9549917
20. A. Talati, V. Garg, N. Mishra, P. Tiwari and P. Jena. Cyber-Attack Detection in Smart Grids Using Machine Learning Approach // 20237th International Conference on Computer Applications in Electrical Engineering-Recent Advances (CERA), Roorkee, India, 2023, pp. 1–6. DOI: 10.1109/CERA59325.2023.10455586
21. X. Niu, J. Li, J. Sun and K. Tomsovic. Dynamic Detection of False Data Injection Attack in Smart Grid using Deep Learning // 2019 IEEE Power & Energy Society Innovative Smart Grid Technologies Conference (ISGT), Washington, DC, USA, 2019, pp. 1–6. DOI: 10.1109/ISGT.2019.8791598
22. S. Pusarla, U. Ghugar, T. Özseven, B. K. Dewangan, T. Choudhury and J. C. Patni. A Compressive Study on Detection Accuracy Model for DoS Attack in SDN Using Ensemble Learning Techniques // 2023 7th International Symposium on Innovative Approaches in Smart Technologies (ISAS), Istanbul, Turkiye, 2023, pp. 1–6. DOI: 10.1109/ISAS60782.2023.10391345
23. A. Srivastava, H. S. Sharma, R. Rawat and N. Garg. Detection of Cyber Attack in IoT Based Model Using ANN Model with Genetic Algorithm // 2024 IEEE International Conference on Computing, Power and Communication Technologies (IC2PCT), Greater Noida, India, 2024, pp. 1198–1201. DOI: 10.1109/IC2PCT60090.2024.10486578
24. A. AlBusaidi and F. H. Mohideen. Analysis of Wireless Sensor Network Security Models: A Salient Approach for Deeper Inspection Using Deep Neural Networks // 2023 International Conference on Emerging Techniques in Computational Intelligence (ICETCI), Hyderabad, India, 2023, pp. 276–282. DOI: 10.1109/ICETCI58599.2023.10330927
25. S. Puneeth, S. Lal, M. Pratap Singh and B. S. Raghavendra. RMDNet-Deep Learning Paradigms for Effective Malware Detection and Classification // in IEEE Access, 2024, vol. 12, pp. 82622-82635, 2024. DOI: 10.1109/ACCESS.2024.3403458
26. P. S. Patil, S. L. Deshpande, G. S. Hukkeri, R. H. Goudar and P. Siddarkar. Prediction of DDoS Flooding Attack using Machine Learning Models // 2022 Third International Conference on Smart Technologies in Computing, Electrical and Electronics (ICSTCEE), Bengaluru, India, 2022, pp. 1–6. DOI: 10.1109/ICSTCEE56972.2022.10100083
27. S. Bala and S. M. M. Ahsan. Detecting DDoS attacks in Software Define Networking: A Machine Learning Based Approach // 2023 International Conference on Next-Generation Computing, IoT and Machine Learning (NCIM), Gazipur, Bangladesh, 2023, pp. 1–6. DOI: 10.1109/NCIM59001.2023.10212569
28. Sarker I. H. Machine Learning: Algorithms, Real-World Applications and Research Directions // SN Computer Science, 2021, 2(3). DOI:10.1007/s42979-021-00592-x
29. Ripan Rony, Md. Moinul Islam, Alqahtani Hamed, Sarker Iqbal H. Effectively predicting cyber-attacks through isolation forest learningbased outlier detection // Security and Privacy, 2022, 5(3). DOI:10.1002/spy2.212
30. Gurina L. A., Tomin N. V. Razrabotka kompleksnogo podhoda k obespecheniyu kiberbezopasnosti vzaimosvyazannyh informacionnyh sistem pri intellektual'nom upravlenii soobshchestvom mikrosetej // Voprosy kiberbezopasnosti [Cybersecurity issues], 2023, 4(56), s. 88–97. DOI:10.21681/2311-3456-2023-4-94-104
31. Hariri S., Kind M. C., Brunner R. J. Extended Isolation Forest // IEEE Transactions on Knowledge and Data Engineering, 2021, Vol. 33, No. 4, pp. 1479–1489. DOI: 10.1109/TKDE.2019.2947676
32. Murti D. M. P., Pujianto U., Wibawa A. P., Akbar M. I. K-Nearest Neighbor (K-NN) based Missing Data Imputation // 2019 5th International Conference on Science in Information Technology (ICSITech), Yogyakarta, Indonesia, 2019, pp. 83-88. DOI: 10.1109/ICSITech46713.2019.8987530
33. Staples L., Ring J., Fontana S., et al. Reproducible clustering with non-Euclidean distances: a simulation and case study // International Journal of Data Science and Analytics, 2023. DOI: 10.1007/s41060-023-00429-1
34. Deo T. Y., Sanju A. Data imputation and comparison of custom ensemble models with existing libraries like XGBoost, CATBoost, AdaBoost and Scikit learn for predictive equipment failure // Materials Today: Proceedings, 2023, Volume 72, Part 3, pp. 1596–1604. DOI: 10.1016/j.matpr.2022.09.410
35. Barillaro L. Deep Learning Platforms: PyTorch // Reference Module in Life Sciences, Elsevier, 2024. ISBN 9780128096338. DOI: 10.1016/B978-0-323-95502-7.00093-2.S
36. S. Mo, W. -H. Chen and X. Lu. Distributed hybrid secondary control strategy for DC microgrid group based on multi-agent system // 2021 33rd Chinese Control and Decision Conference (CCDC), Kunming, China, 2021, pp. 109-114. DOI: 10.1109/CCDC52312.2021.9602249

The purpose of the research: is the development of a model of binary classification of non-executable file formats, which provides increased efficiency of detection of obfuscated exploits, relative to the models implemented in existing anti-virus protection tools. Research methods are based on the provisions of probability theory and mathematical statistics, set theory, methods of conducting field experiments and processing experimental data.
Result: in the course of the research, on the basis of the mathematical model of the exploit, a set of potential features, which are represented by numerical values, was generated. Informative features were selected from the generated feature space and a binary classification model with the best performance in detecting obfuscated exploits was built. A computer program implementing the obtained model was developed. The effectiveness of the developed model is confirmed in the framework of experimental studies to assess the effectiveness of detecting obfuscated exploits using anti-virus protection tools included in the register of Russian software, and foreign anti-virus protection tools placed in free access, and the author's program. The scientific novelty of the results is determined by a set of author's procedures providing the choice of classifier, its hyperparameters, as well as the formation of an informative feature space, including features developed by the authors, and, allowing to build the most effective model of binary classification, which ensures the validity of the obtained results. The author presents the confirmation of realizability and obtaining the best values of efficiency indicators in detecting obfuscated exploits in relation to the existing means of antivirus protection. Practical significance: the presented model, first of all, is oriented on application in antivirus protection systems, but it can be used for solving other tasks of information security. 
Keywords: cybersecurity, computer attacks, local exploits, malicious code, information protection, anti-virus information protection systems, intrusion detection system. 

1. Seredkin S.P. Osobennosti kiberatak na ob''ekty' kriticheskoj informacionnoj infrastruktury' v sovremenny'x usloviyax // Informacionny'e texnologii i matematicheskoe modelirovanie v upravlenii slozhny'mi sistemami. – 2022. – № 4 (16). – S. 56–66. DOI: 10.26731/2658-3704.2022.4(16).56-66.
2. Laneczkaya A. Yu., Aleksandrova E.N. Sovremenny'e ugrozy' informacionnoj bezopasnosti // Mezhdunarodny'j zhurnal gumanitarny'x i estestvenny'x nauk. – 2022. – Tom 7-2. – № 20. – S. 192–195. DOI:10.24412/2500-1000-2022-7-2-192-195.
3. Pavly'chev A. V., Starodubov M. I., Galimov A. D. Ispol'zovanie algoritma mashinnogo obucheniya Random Forest dlya vy'yavleniya slozhny'x komp'yuterny'x incidentov // Voprosy' kiberbezopasnosti. – 2022. – Tom 51. – № 5. – S. 74–81. DOI:10.21681/2311-3456-2022-5-74-81.
4. Taloverova D. V. Sravnitel'ny'j analiz scenariev realizacii ugroz bezopasnosti informacii metodiki FSTE'K RF i Mitre Att&ck i ix primenenie na praktike // Fundamental'ny'e i prikladny'e aspekty' komp'yuterny'x texnologij i informacionnoj bezopasnosti. Sbornik statej Vserossijskoj nauchno-texnicheskoj konferencii. Taganrog, 2023. – S. 34–37.
5. Arxipov A. N., V. A. Pikov, V. V. Kabakov Poryadok i rezul'taty' e'ksperimental'ny'x issledovanij vliyaniya obfuskacii na kachestvo vy'yavleniya ugroz informacionnoj bezopasnosti, realizuemy'x posredstvom e'ksploitov, v fajlax neispolnyaemy'x formatov // Nauchno-prakticheskij zhurnal «Voprosy' zashhity' informacii» (Doverennaya sreda). – 2023. – S. 32-37.
6. Kamran Saeed, M. Fatih Adak Detection of Unknown Malicious Microsoft Office Documents based on Hidden Feature Extraction by using Machine Learning // Authorea. – 2024.– P. 1–16. DOI: 10.22541/au.170664344.41804021/v1.
7. Salman Abdul Jabbaar Wiharja, Deden Pradeka Wirmanto Suteddy, Designing A Pdf Malware Detection System Using Machine Learning // Jurnal Poli-Teknologi. – 2024. – Vol. 23, No. 1. – P. 40-54. DOI:10.32722/pt.v23i1.6540.
8. Fran Casino, Nikolaos Totosis, Theodoros Apostolopoulos, Nikolaos Lykousas Analysis and Correlation of Visual Evidence in Campaigns of Malicious Office Documents // Digital Threats Research and Practice. – 2022. – Vol. 4, No. 2. – P. 1-19. DOI:10.1145/3513025.
9. Candra Ahmadi, Jiann Chen, Yi-Cheng Lai Enhancing Detection of Malicious VBA Macros in Office Documents: An Integrated Approach Employing P-Code Analysis and XGBoost-based Machine Learning Model // IEEE Access. – 2024. – Vol. 12. – P. 71746–71760. DOI: 10.1109/ACCESS.2024.3402956.
10. V Ravi, S. P. Gururaj, H. K. Vedamurthy, M. B. Nirmala. Analysing corpus of office documents for macro-based attacks using Machine Learning // Siddaganga Institute of Technology. – 2022. – Vol. 8, No. 3. – P. 20–24. DOI:10.1016/j.gltp.2022.04.004.
11. Geet C. Salame, Nirlepa T. Shinde, Prajakta P. Baad, Deepak D. Kshirsagar A. relational rule-based system for PDF malware detection // Journal of Information and Optimization Sciences. – 2024. – Vol. 45, No. 4. – P. 925–934. DOI:10.47974/JIOS-1616.
12. Maheshwaran T., Manideep M., Sai Chaitanya K., Karthik A. Securing pdfs: an innovative lstm algorithm for image-based malware detection // Interantional journal of scientific research in Engineering and Management. – 2024. – Vol. 8, No. 5. – P. 1–5. DOI:10.55041/IJSREM34090.
13. Starovojtov V. V., Golub Yu. I. Sravnitel'ny'j analiz ocenok kachestva binarnoj klassifikacii // Informatika. – 2020. − T. 17, № 1. – S. 87–101. DOI:10.37661/1816-0301-2020-17-1-87-101.
14. Bradley Efron. Bootstrap Methods: Another Look at the Jackknife // Annals of Statistics. – 1979. – Vol. 7, no. 1. – P. 1–26. 
15. Donna L. M., William J. W., Rudolf J. F. Statistical Methods // University of North Florida. – 2021. – Vol. 4. – P. 123–167. DOI:10.1016/C2019-0-02521-6.
16. Kondakov S. E., Arxipov A. N. Matematicheskaya model' e'ksploita, vnedrennogo v fajl neispolnyaemogo formata // Izv. IIF. 2023. T. 69. № 3. S. 93–96.
17. Arxipov A. N., Kondakov S. E. Segmentaciya fajlov neispolnyaemy'x formatov dlya vy'yavleniya ugroz narusheniya informacionnoj bezopasnosti, realizuemy'x v forme e'ksploitov // Programmny'e produkty' i sistemy'. 2024. T. 37. № 2. S. 186–192. DOI: 10.15827/0236-235X.142.186-192. 

The purpose of this article: To develop a template protection mechanism to ensure the security of a web application in the event of a cross-site scripting threat. Research method: Analysis of the principle of operation of cross-site scripting, in particular stored XSS. Synthesis of a cross-site script using two levels of protection: data encoding at the output and confirmation of input on arrival. Using methods of escaping in Unicode, blocking and applying several encoding levels in the correct order for invalid input of malicious code, operations are proposed to replace dangerous characters with suitable HTML mnemonics performed by full-scale modeling of a Docker-based web application in containerization-enabled environments, its deployment and testing under the threat of cross-site scripting.
Result: The analysis of cloud security of web applications is carried out and the relevance of the problem of developing universal template security mechanisms, called patterns for protecting a web application from XSS attacks, is shown. In particular, the principles of cross-site scripting, types of XSS attacks, and template mechanisms for protecting a web application from XSS attacks are considered pattern to protect the web application from XSS attacks. A pattern has been developed to protect a web application from XSS attacks based on microservices, taking into account a security service that includes protection mechanisms. On a practical example of a real web application, 4 containers (nginx, php, mysql, phpmyadmin) are deployed and interaction between them is configured. A registration form and an authorization form for a standard web application have been implemented. An XSS attack was performed on a web application using JavaScript code without a protection mechanism. The php code implements a security service to protect against XSS attacks using the built-in htmlspecialchars function. The program code of the service in the form of a function is given. The security service code includes an htmlspecialchars function with configuration code and interaction with the containers described above. A second XSS attack was performed, as a result of which the JavaScript code was not executed, the data was safely retrieved from the database. As a result, a line of code is obtained in the database, which is a sign of a diagnostic error of the web application, and can serve as a marker to monitor the XSS blocked attack. Open source software Kubernetes, Prometheus, Grafana, cAdvisor and Node Exporter were used to monitor the XSS attack. Manifests have been created to implement a basic cluster configuration consisting of a single pod with four containers. As a result, an XSS attack monitoring system was deployed and the ability to diagnose spikes in load changes as signs of a blocked XSS attack was shown. Practical value: The practical value of the proposed solution includes a template protection mechanism in the form of a pattern. The pattern can be applied to a wide range of web applications, including transferring the developed solution to any industry: fuel and energy, economic and not only, due to the cross-platform nature of the solution itself.
Keywords: cloud computing, dataset, template, malicious code, security service, container, diagnostic error, marker, manifest, cluster, XSS attack monitoring system. 

1. Shameer Mohammed, S. Nanthini, N. Bala Krishna, Inumarthi V. Srinivas, Manikandan Rajagopal, M. Ashok Kumar, A new lightweight
data security system for data security in the cloud computing, Measurement: Sensors, Volume 29, 2023, 100856.
2. S. Achar, Cloud computing security for multi-cloud service providers: controls and techniques in our modern threat landscape, International Journal of Computer and Systems Engineering, 16(9), 2022, 379–384.
3. Oludare Isaac Abiodun, Moatsum Alawida, Abiodun Esther Omolara, Abdulatif Alabdulatif, Data provenance for cloud forensic investigations, security, challenges, solutions and future perspectives: A survey, Journal of King Saud University – Computer and Information Sciences, Volume 34, Issue 10, Part B, 2022, 10217–10245.
4. Chakraborti, A., Curtmola, R., Katz, J., Nieh, J., Sadeghi, A. R., Sion, R., Zhang, Y., Cloud Computing Security: Foundations and Research Directions. Foundations and Trends in Privacy and Security, 3(2), 2022, 103–213.
5. Ukeje, N., Gutierrez, J., Petrova, K., Information security and privacy challenges of cloud computing for government adoption: a systematic review, International Journal of Information Security, Issue 2/2024, 2024, https://doi.org/10.1007/s10207-023-00797-6.
6. Fatemeh Khoda Parast, Chandni Sindhav, Seema Nikam, Hadiseh Izadi Yekta, Kenneth B. Kent, Saqib Hakak, Cloud computing security: A survey of service-based models, Computers & Security,Volume 114, 2022, 102580.
7. Faizan Younas, Ali Raza, Nisrean Thalji, Laith Abualigah, Raed Abu Zitar, Heming Jia, An efficient artificial intelligence approach for early detection of cross-site scripting attacks, Decision Analytics Journal, Volume 11, 2024, 100466.
8. Wenbo Wang, Peng Yi, Huikai Xu, DoubleR: Effective XSS attacking reality detection, Computer Networks,Volume 251, 2024, 110567. 
9. Abdelhakim Hannousse, Salima Yahiouche, Mohamed Cherif Nait-Hamoud, Twenty-two years since revealing cross-site scripting attacks: A systematic mapping and a comprehensive survey, Computer Science Review, Volume 52, 2024, 100634.
10. Josh Hickling, What is DOM XSS and why should you care?, Computer Fraud & Security, Volume 2021, Issue 4, 2021, 6–10.
11. Diogo Faustino, Nuno Gonçalves, Manuel Portela, António Rito Silva, Stepwise migration of a monolith to a microservice architecture: Performance and migration effort evaluation, Performance Evaluation, Volume 164, 2024, 102411.
12. Hassaan Siddiqui, Ferhat Khendek, Maria Toeroe, Microservices based architectures for IoT systems – State-of-the-art review, Internet of Things, Volume 23, 2023, 100854.
13. Hubin Yang, Ruochen Shao, Yanbo Cheng, Yucong Chen, Rui Zhou, Gang Liu, Guoqi Xie, Qingguo Zhou, REDB: Real-time enhancement of Docker containers via memory bank partitioning in multicore systems, Journal of Systems Architecture, Volume 151, 2024, 103135.
14. Enrico Cambiaso, Luca Caviglione, Marco Zuppelli, DockerChannel: A framework for evaluating information leakages of Docker containers, SoftwareX, Volume 24, 2023, 101576.
15. Gianluca Turin, Andrea Borgarelli, Simone Donetti, Ferruccio Damiani, Einar Broch Johnsen, S. Lizeth Tapia Tarifa, Predicting resource consumption of Kubernetes container systems using resource models, Journal of Systems and Software, Volume 203, 2023, 111750.
16. Vladimir Ciric, Marija Milosevic, Danijel Sokolovic, Ivan Milentijevic, Modular deep learning-based network intrusion detection architecture for real-world cyber-attack simulation, Simulation Modelling Practice and Theory, Volume 133, 2024, 102916.
17. Miguel Correia, Wellington Oliveira, José Cecílio, Monintainer: An orchestration-independent extensible container-based monitoring solution for large clusters, Journal of Systems Architecture, Volume 145, 2023, 103035. 

The purpose of the article is to reveal the problematic issues of information protection from leakage through technical channels arising from side electromagnetic radiation, using promising multi-agent systems and its management, to show the need and ways to quantify the effectiveness of such protection. Research methods: methods of morphological and functional-structural analysis of the processes of distributed information security management against leakage through technical channels, as well as methods of probability theory and Petri-Markov network theory are applied in the interests of modeling and evaluating the effectiveness of centrally decentralized security management processes. The result obtained: the relevance of creating a multi-agent information protection system against leakage through technical channels is shown; the need for protection management in such systems is noted, the features of a centrally decentralized (mixed) control principle in a multi-agent system are revealed by the example of protecting speech information from leakage through technical channels arising from side electromagnetic radiation of radioelectronic equipment in the-the rate of objects of informatization. The problematic issues of building control subsystems as part of multi-agent information protection systems against leakage through technical channels arising from side electromagnetic radiation related to the concept and formation of protection efficiency indicators, the influence of protection management on its effectiveness, and the distribution of control actions among management entities are disclosed. A composite Petri-Markov network modeling the process of leakage of speech information by side electromagnetic radiation and analytical relations for calculating the indicator of the effectiveness of information security management in a multi-agent system are presented. The scientific novelty of the article lies in the fact that for the first time it poses the problem of implementing a mixed principle of managing information protection from leakage through technical channels based on a multi-agent system and considers the priority methodological aspects of quantifying the effectiveness of such protection. 
Keywords: side electromagnetic radiation, protection management, mixed control principle, protection efficiency,
management efficiency, protection measure, private indicator, mathematical model. 

 1. Avsent'ev O. S., Krugov A. G., Shelupanova P. A. Funkcional'nye modeli processov realizacii ugroz utechki informacii za schet pobochnyh jelektromagnitnyh izluchenij ob#ektov informatizacii // Doklady TUSUR. – 2020. – T. 22, № 1. – S. 29–39.
2. Avsentiev O. S., Avsentiev A. O., Krugov A. G., Yazov Yu. K. Simulation of processes for protecting voice information objects against leakage through the spurious electromagnetic radiation channels using the Petri-Markov nets // Journal of Computational and Engineering Mathematics. – 2021. Vol. 8. – № 2. – P. 3–24.
3. Jazov, Ju. K., Avsent'ev A. O. Puti postroenija mnogoagentnoj sistemy zashhity informacii ot utechki po tehnicheskim kanalam // Voprosy kiberbezopasnosti. 2022. № 5(51). S. 2–13. DOI:10.21681/2311-3456-2022-5-2-13
4. Wang, H. Multiagent hierarchical cognition difference policy for multiagent cooperation/ H. Wang., J. Yi., Z. Pu., Z. Liu. – Tekst : jelektronnyj // Algorithms. — 2021. T. 14. № 3. — DOI: 10.3390/a14030098.
5. Wang, L. Distributed continuous-time containment control of heterogeneous multiagent systems with nonconvex control input constraints / Wang L., Li X., Zhang Y. – Tekst : jelektronnyj // Complexity. 2022. T. 2022. S. 7081091. – DOI: 10.1155/2022/7081091 
6. Grusho N. A., Timonina E. E. Sravnenie arhitektur mnogoagentnyh sistem // Informacionnye tehnologii. – Moskva. – 2019. T. 25. № 5. S. 293–299.
7. Koshelev D. A., Korzh T. V. Vozmozhnost' primenenija mnogoagentnoj sistemy dlja obnaruzhenija vnedrenija i atak // Sbornik trudov XXV Mezhdunarodnoj nauchno-tehnicheskoj konferencii, posvjashhennoj 160-letiju so dnja rozhdenija A. S. Popova: Radiolokacija, navigacija, svjaz'. V 6 tomah. 2019. S. 106–113.
8. Jazov Ju. K., Solov'ev S. V. Metodologija ocenki jeffektivnosti zashhity informacii v informacionnyh sistemah ot nesankcionirovannogo dostupa: monografija / Ju. K. Jazov, Sankt-Peterburg: Naukoemkie tehnologii, 2023. – 258s.
9. Jazov Ju. K. Osnovy teorii sostavnyh setej Seti Petri-Markova i ih primenenie dlja modelirovanija processov realizacii ugroz bezopasnosti informacii v informacionnyh sistemah: monografija / Ju. K. Jazov, A. V. Anishhenko, A. S. Suhoverhov. – Sankt - Peterburg: Scientia, 2024. – 196 s.

Purpose of work is increasing the performance of algebraic digital signature algorithms with enhanced signature randomization. Research methods: application of two hidden commutative groups to enhance signature randomization in algebraic digital signature algorithms on finite non-commutative associative algebras (FNAA). Known results on the study of the decomposition of four-dimensional FNAA as finite rings into a set of commutative subrings are used to calculate the parameters of the digital signature algorithm with two hidden commutative groups. Application of a verification equation with two entries of the tuning signature element, which is a vector S, calculated by two commutative elements from different hidden groups. The presence of the exponentiation operation to a power, calculated as the value of the hash function of S. FNAAs specified by sparse multiplication tables of basis vectors are used as an algebraic support of the digital signature algorithm. Results of the study: for the first time, the randomization enhancement mechanism is implemented in the algebraic digital signature algorithm without using the doubling of the verification equation. The developed digital signature algorithm is distinguished by the use of two hidden groups for calculating a random latch vector, by which the randomizing element of the generated signature is calculated. The latter ensures increased randomization not only for the signature values, but also for the value of the fixator vector. Due to this, the potentially achievable level of security is significantly increased. The sufficiency of performing the signature verification using only one verification equation is ensured by the following two techniques: 1) multiple entries of the tuning signature element S in the products that exponentiated to a large power, which appear in the right-hand side of the verification equation and 2) using the value of the hash function, depending on the vector S, as the value of the degree of one of the exponentiation operations performed during the signature authenticity verification procedure. An analysis of security to a direct attack and to signature forgery on the on base of many known signatures is performed. Practical relevance: The scientific and practical significance of the results of the article consists in increasing the performance of algebraic digital signature algorithms with two hidden commutative groups, which, due to the small sizes of the signature and public key, are of interest for the development of practical post-quantum signature standards.
Keywords: finite non-commutative algebra; associative algebra; computationally difficult problem; hidden group; digital signature; signature randomization; post-quantum cryptography. 

1. Post-Quantum Cryptography. 15th International Conference, PQCrypto 2024, Oxford, UK, June 12–14, 2024, Proceedings. Lecture Notes in Computer Science. 2024. V. 14771–14772. Springer, Cham.
2. Post-Quantum Cryptography. 14th International Conference, PQCrypto 2023, College Park, MD, USA, August 16–18, 2023, Proceedings. Lecture Notes in Computer Science. 2023. V. 14154. Springer, Cham.
3. Battarbee C., Kahrobaei D., Perret L., Shahandashti S.F. SPDH-Sign: Towards Efficient, Post-quantum Group-Based Signatures. In: Johansson, T., Smith-Tone, D. (eds) Post-Quantum Cryptography. PQCrypto 2023. Lecture Notes in Computer Science, 2023. V. 14154. P. 113–138. Springer, Cham. https://doi.org/10.1007/978-3-031-40003-2_5
4. Gärtner J. NTWE: A Natural Combination of NTRU and LWE. In: Johansson, T., Smith-Tone, D. (eds) Post-Quantum Cryptography.PQCrypto 2023. Lecture Notes in Computer Science, 2023, vol 14154, pp. 321–353. Springer, Cham. https://doi.org/10.1007/978-3-031-40003-2_12
5. Alamelou Q., Blazy O., Cauchie S., Gaborit Ph. A code-based group signature scheme. Designs, Codes and Cryptography. 2017. V. 82. N. 1–2. P. 469–493.
7. Ding J., Petzoldt A., Schmidt D. S. Multivariate Cryptography. In: Multivariate Public Key Cryptosystems. Advances in Information Security. 2020. V. 80. Springer, New York, NY. https://doi.org/10.1007/978-1-0716-0987-3_2
8. Ding J., Petzoldt A., Schmidt D. S. The Matsumoto-Imai Cryptosystem. In: Multivariate Public Key Cryptosystems. Advances in Information Security. 2020. V. 80. P. 25–60. Springer, New York, NY. https://doi.org/10.1007/978-1-0716-0987-3_3
9. Moldovyan D. N. A practical digital signature scheme based on the hidden logarithm problem. Computer Science Journal of Moldova. 2021. Vol. 29. N.2(86). P. 206–226.
10. Moldovyan D. N. New Form of the Hidden Logarithm Problem and Its Algebraic Support. Bulletin of Academy of Sciences of Moldova. Mathematics. 2020. No. 2 (93). P. 3–10.
11. Ikematsu Y., Nakamura S., Takagi T. Recent progress in the security evaluation of multivariate public-key cryptography. IET Information Security. 2022. P. 1–17. DOI: 10.1049/ise2.12092
12. Ding J., Petzoldt A., Schmidt D. S. Solving Polynomial Systems. In: Multivariate Public Key Cryptosystems. Advances in Information Security. Springer. New York. 2020. V. 80. P. 185–248. https://doi.org/10.1007/978-1-0716-0987-3_8
13. Cartor R., Cartor M., Lewis M., Smith-Tone D. IPRainbow. In: Cheon, J.H., Johansson, T. (eds) Post-Quantum Cryptography. Lecture Notes in Computer Science. 2022. V. 13512. P. 170–184. Springer, Cham. https://doi.org/10.1007/978-3-031-17234-2_9
14. Ding, J., Petzoldt, A., Schmidt, D. S. Oil and Vinegar. In: Multivariate Public Key Cryptosystems. Advances in Information Security. 2020. V. 80. P. 89–151. Springer, New York, NY. https://doi.org/10.1007/978-1-0716-0987-3_5
15. Moldovyan N. A. Finite algebras in the design of multivariate cryptography algorithms. Bulletin of Academy of Sciences of Moldova. Mathematics. 2023. No. 3 (103). P. 80–89. DOI: https://doi.org/10.56415/basm.y2023.i3.p80
16. Moldovyan A. A., Moldovyan N. A. Vector finite fields of characteristic two as algebraic support of multivariate cryptography. Computer Science Journal of Moldova. 2024. V.32. N.1(94). P. 46–60. DOI: 10.56415/csjm.v32.04
17. Moldovyan A. A., Moldovyan D. N. A New Method for Developing Signature Algorithms. Bulletin of Academy of Sciences of Moldova.Mathematics, 2022. No. 1(98), pp. 56–65. DOI: https://doi.org/10.56415/basm.y2022.i1.p56.
18. Moldovyan D. N. Moldovyan A. A. Algebraic signature algorithms based on difficulty of solving systems of equations. Voprosy kiberbezopasnosti [Cibersecurity questtions]. 2022. N. 2(48). P. 7–17. DOI: 10.21681/2311-3456-2022-2-7-17.
19. Moldovyan A. A., Moldovyan N. A. Signature algorithms on finite non-commutative algebras over fields of characteristic two. Voprosy kiberbezopasnosti [Cibersecurity questtions]. 2022. № 3(49). С. 58–68. DOI: 10.21681/2311-3456-2022-3-58-68.
20. Moldovyan D. N. A new type of digital signature algorithms with a hidden group. Computer Science Journal of Moldova. 2023, vol. .31, No.1(91), pp. 111–124. doi:10.56415/csjm.v31.06.
21. Moldovyan A. A., Moldovyan D. N., Kostina A. A. Algebraic signature algorithms with complete signature randomization. Voprosy kiberbezopasnosti [Cibersecurity questtions]. 2024. № 2(60). С. 95–102. DOI: 10.21681/2311-3456-2024-2-95-102.
22. Moldovyan D. N., Kostina A. A. A method for strengthening signature randomization in algebraic signature algorithms on non-commutative algebras. Voprosy kiberbezopasnosti [Cibersecurity questtions]. 2024. № 4(62). С. 71-81. DOI: 10.21681/2311-3456-2024-4-71-81.
23. Moldovyan N. A., Moldovyan A. A. Structure of a 4-dimensional algebra and generating parameters of the hidden logarithm problem. Vestnik of Saint Petersburg University. Applied Mathematics. Computer Science. Control Processes. 2022. Т. 18. Вып. 2. С. 209–217. https//doi.org/10.21638/11701/spbu10.2022.202
24. Moldovyan D. N., Moldovyan A. A., Moldovyan N. A. Structure of a finite non-commutative algebra set by a sparse multiplication table. Quasigroups and Related Systems. 2022, vol. 30, no. 1, pp. 133–140. https://doi.org/10.56415/qrs.v30.11
25. J. Ding, A. Petzoldt. Current State of Multivariate Cryptography. IEEE Security and Privacy Magazine. 2017, vol. 15, no. 4, pp. 28–36.
26. Moldovyan A. A., Moldovyan N. A. Post-quantum signature algorithms with a hidden group and doubled verification equation. Informatsionno-upravliaiushchie sistemy [Information and Control Systems], 2023, no. 3, pp. 59–69. doi:10.31799/1684-8853-2023-3-59-69. 

The goal of the investigation: ensuring the organization's information resources security from threat of unintentional including by increasing instructions «resistant». Research methods: systems analysis, analytical modeling, synthesis, hypothetical experiment, software engineering.
Results: a graphoanalytical model of the unintentional insiding are obtained, a step-by-step method for synthesizing resistant instructions and the architecture of a software package for they modeling are developed. It is assumed that these scientific results currently have no relevant analogues. The theoretical significance of the work consists in translating the activities traditionally described in natural language into an analytical plane. The practical significance is determined by the application of each of the results to improve the protected information resources security in almost any organization related to information technology. The scientific novelty lies in the fact that for the first time, the «instability» of employee regulations is considered as an organization's vulnerability; the employee behaviors deviation is considered as to the security of information resources threat source, as a result of which there is a deviation from the instructions steps.
Keywords: information resources, instructions, unintentional insiding, security threat, counteraction method, modeling. 

1. Buinevich M., Izrailov K., Kotenko I., Ushakov I., Vlasov D. Approach to combining different methods for detecting insiders // The proceedings of 4th International Conference on Future Networks and Distributed Sys-tems (New York, USA, 2020). Iss. 26. PP. 1–6. DOI: 10.1145/3440749.3442619.
2. Vlasov D. S. K voprosu o motivatsii insaydera organizatsii i sposobakh yego klassifikatsii // Elek-tronnyy setevoy politematicheskiy zhurnal «Nauchnyye trudy KubGTU». 2022. № 1. S. 128–147.
3. Vlasov D. S. Mul'tikriterial'naya model' sistematizatsii sposobov obnaruzheniya insaydera // Vo-prosy kiberbezopasnosti. 2024. № 2 (60). S. 66–73. DOI: 10.21681/2311-3456-2024-2-66-73.
4. Buynevich M. V., Vlasov D. S., Moiseyenko G. YU. Kombinirovaniye sposobov vyyavleniya insayderov bol'shikh informatsionnykh sistem // Voprosy kiberbezopasnosti. 2024. № 3 (61). S. 2–13. DOI: 10.21681/2311-3456-2024-3-2-13.
5. Analiz i sistematizatsiya insayderskikh ugroz v informatsionnykh sistemakh // Aktual'nyye problemy infotelekommunikatsiy v nauke i obrazovanii (APINO 2021): sbornik nauchnykh statey (Sankt-Peterburg, 24–25 fevralya 2021 goda). T. 4. 2021. S. 399–403.
6. Buynevich M. V., Vlasov D. S. Sravnitel'nyy obzor sposobov vyyavleniya insayderov v informatsi-onnykh sistemakh // Informatizatsiya i svyaz'. 2019. № 2. S. 83–91. DOI: 10.34219/2078-8320-2019-10-2-83-91.
7. Vasil'yev M. V., Fedorova A. V. Nesootvetstviye dolzhnostnykh instruktsiy sotrudnikov bankovskoy sfery novym ugrozam informatsionnoy bezopasnosti // Pokoleniye budushchego: Vzglyad molodykh uchenykh- 2019: sbornik nauchnykh statey 8-y Mezhdunarodnoy molodezhnoy nauchnoy konferentsii (Kursk, 13–14 noyabrya 2019 goda). 2019. S. 253–255.
8. Nashivochnikov N. V. Vyyavleniye otkloneniy v povedencheskikh patternakh pol'zovateley korporativ-nykh informatsionnykh resursov s ispol'zovaniyem topologicheskikh priznakov // Voprosy kiberbezopasnosti. 2023. № 4 (56). S. 12-22. DOI: 10.21681/2311-3456-2023-4-12-22.
9. Polyanichko M. A. Metodika obnaruzheniya anomal'nogo vzaimodeystviya pol'zovateley s informatsi-onnymi aktivami dlya vyyavleniya insayderskoy deyatel'nosti // Trudy uchebnykh zavedeniy svyazi. 2020. T. 6. № 1. S. 94-98. DOI: 10.31854/1813-324X-2020-6-1-94-98.
10. Astakhova L. V. Model' nulevogo doveriya kak faktor vliyaniya na informatsionnoye povedeniye sotrud-nikov organizatsii // Nauchnotekhnicheskaya informatsiya. Seriya 1: Organizatsiya i metodika informatsionnoy raboty. 2022. № 3. S. 13-17. DOI: 10.36535/0548-0019-2022-03-2

Purpose: Improving the efficiency of detecting botnet network attacks through the use of federated transfer learning. This makes it possible to accumulate knowledge about network attacks on various client corporate information infrastructures within the framework of a hybrid neural network model, ensuring the confidentiality of client network traffic.

Methods: Machine learning methods were used for operational processing and analysis of network traffic. Methods for constructing embedding models and autoencoders for feature extraction, methods for constructing binary classifiers based on deep neural networks, including convolutional neural networks and fully connected feedforward networks, are applied. Federated transfer learning methods were used. Research results: A prototype of an intelligent system for detecting network attacks and intrusions based on federated transfer learning was developed. The architecture of the system as part of the information security monitoring center is proposed. The structural diagram of the server and client components of the system is given. The components allow solving the problems of collecting and preprocessing network session data and managing the life cycle of analysis models. The results of a comparative assessment of the effectiveness of detecting specialized network attacks are presented using the example of botnet control traffic. Binary classifiers based on fully connected deep feedforward neural networks, convolutional neural networks with a one-dimensional input layer, ensemble models based on decision trees, hybrid autoencoders with an embedding layer and a convolutional classifier are compared in centralized and federated learning scenarios. The hybrid neural network model in the federated learning mode demonstrates the best performance (F1-measure = 0.91) due to the effective feature representation scheme, but its training time increases significantly (by 1.5-2 times). The scientific novelty: A hybrid neural network model for classifying network sessions is proposed, based on neural network embedding models and neural network convolutional autoencoder models. The neural network model is distinguished by an algorithm for encoding sparse categorical and continuous features without using a labeled training sample and by the use of federated transfer learning. This ensures the confidentiality of local client data and the ability to transfer training, as well as increases the speed and reliability of detecting malicious network traffic by specialists at information security monitoring centers. Authors' contributions: Vasilyev V. I. - planning research in the field of building attack detection systems using machine learning methods, conducting a comparative analysis of modeling results, preparing an analytical review. Vulfin A. M. - conducting an experimental study based on the developed software. Kartak V. M. - preparation of analytical review, experimental planning, software design. Bashmakov N. M. - preparation of data for modeling, interpretation of research results; generalization of research results; formulation of conclusions. Kirillova A. D. - software development, article manuscript design; work with graphic material. 
Keywords: deep learning, botnet control traffic, convolutional neural network classifiers, autoencoders, neural network models of embeddings.

1. Wagle S. et al. Embedding alignment for unsupervised federated learning via smart data exchange // GLOBECOM 2022-2022 IEEE Global Communications Conference. IEEE, 2022, pp. 492–497.
2. McMaham H. B. et al. Communication-Efficient Learning of Deep Networks from Decentralized Data // arXiv preprint arXiv: 1602.05629 [cs.LG]. 2023. DOI: 10.48550/arXiv.1602.05629.
3. Wen J. et al. A Survey on Federated Learning: challenges and applications // International Journal of Machine Learning and Cybernetics. 2023, vol. 14, pp. 513–535.
4. Yang Q. et al. Federated Machine Learning: concept and applications // ACM Transactions on Intelligent Systems and Technology (TIST). 2019, vol. 10, no. 2, pp. 1–19. DOI: 10.1145/3298981.
5. Novikova E. S. et al. Federated Learning Based Intrusion Detection: System Architecture and Experiments // Voprosy kiberbezopasnosti. 2023, no. 6 (58), pp. 50–66. DOI: 10.21681/2311-3456-2023-6-50-66.
6. Novikova E. S. et al. Analytical review of intelligent intrusion detection systems based on federated learning: advantages and open challenges // Informatics and Automation. 2023, vol. 22, no. 5, pp. 1034–1082. DOI: 10.15622/ia.22.5.4.
7. Hernandez-Ramos J. L. et al. Intrusion Detection based on Federated Learning: a systematic review // arXiv preprint arXiv:2308.09522. 2023. DOI: 10.48550/arXiv.2308.09522.
8. Liu Y. et al. A secure federated transfer learning framework // IEEE Intelligent Systems. 2020 vol. 35, no. 4, pp. 70–82. DOI: 10.1109/MIS.2020.2988525.
9. Guo W. et al. A Comprehensive Survey of Federated Thansfer Learning: Challenges, Methods and Applications // arXiv preprint arXiv:2403.01387. 2024. DOI: 10.48550/arXiv.2403.01387.
10. Kholod I. et al. Open-Source Federated Learning Frameworks for IoT: A Comparative Review and Analysis // Sensors. 2020, no. 21, pp. 167. DOI: 10.3390/521010167.
11. Efremov M. A., Kholod I. I., Developing universal framework design for federated learning // Software & systems. 2022, vol. 35, no. 2,
pp. 263–273. DOI: 10.15827/0236-235X.138.263-272.
12. Otoum K., Yadlappali S. K., Nayk A. FTLIoT: A Federated Thansfer Learning Framework for Securing IoT // GLOBECOM 2022-2022 IEEE Global Communications Conference. IEEE, 2022, pp. 1146–1151. DOI: 10.1109/GLOBECOM48099.2022.10001461.
13. Otoum K., Chamola V., Nayak A. Federated and Transfer Learning – Empowered Intrusion Detection for IoT Applications // IEEE Internet of Things Magazine. 2022, vol. 5, no. 3, pp. 50–54. DOI: 10.1109/IOTM.001.2200048.
14. Fan Y. et al. IoTDefender: A Federated Transfer Learning Intrusion Detection Framework for 5G IoT // 2020 IEEE 14th International Conference on Big Data Science and Engineering (BigDataSE). IEEE, 2020, pp. 88–95. DOI:10.1109/BigDataSE50710.2020.00020.
15. Rajesh L. T. et al. Give and Take: Federated Transfer Learning for Industrial IoT Network Intrusion Detection // 2023 IEEE 22nd International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). IEEE, 2023, pp. 2365–2371. DOI: 10.1109/TrustCom60117.2023.00333.
16. Cheng Y. et al. Federated Transfer Learning with Client Selection for Intrusion Detection in Mobile Edge Computing // IEEE Communications Letters. 2022, vol. 26, no. 3, pp. 552–556. DOI: 10.1109/LCOMM.2022.3140273.
17. Wang K., Li J., Wu W. An efficient intrusion detection method based on federated transfer learning and an extreme learning machine with privacy preservation // Security and Communication Networks. 2022, vol. 2022, no. 1, pp. 2913293. DOI: 10.1155/2022/291329.
18. Guo W. et al. Federated transfer learning for auxiliary classifier generative adversarial networks: framework and industrial application // Journal of intelligent manufacturing. 2024, vol. 35, no. 4, pp. 1439–1454.
19. Metwaly A. A., Elhenawy I. Protecting IoT Devices from BotNet threats: a federated machine learning solution // Sustainable Machine Intelligence Journal. 2023, vol. 2, pp. 1–12. DOI: 10.61185/SMIJ.2023.22105.
20. Azizjon M., Jumabek A., Kim W. 1D CNN based network intrusion detection with normalization on imbalanced data // 2020 international conference on artificial intelligence in information and communication (ICAIIC). IEEE, 2020, pp. 218–224. DOI: 10.1109/ICAIIC48513.2020.9064976.
21. Novikova E. S., Chen Ya., Meleshko A. V. Methods for Assessing the Level of Data Heterogeneity in Federated Learning // XXVII International Conference on Soft Computing and Measurements (SCM’2024) (Saint Petersburg, May 22–24, 2024). 2024, pp. 446–450.
22. Yang Z. et al. A systematic literature review of methods and datasets for anomaly-based network intrusion detection // Computers & Security. 2022, vol. 116, pp. 102675. DOI: 10.1016/j.cose.2022.102675.
23. Lee G. et al. Network Intrusion Detection with Improved Feature Representation // 2021 Asia-Pacific Signal and Information Processing Association Annual Summit and Conference (APSIPA ASC). IEEE, 2021, pp. 2049–2054.
24. He Y., Yan D., Chen F. Hierarchical federated learning with local model embedding // Engineering Applications of Artificial Intelligence. 2023, vol. 123, pp. 106148. DOI: 10.1016/j.engappai.2023.106148.
25. Sivasubramanian A., Devisetty M., Bhavukam P. Feature Extraction and Anomaly Detection Using Different Autoencoders for Modeling Intrusion Detection Systems // Arabian Journal for Science and Engineering. 2024, pp. 1–13.
26. Wang Z. X. et al. Network traffic classification based on federated semi-supervised learning // Journal of Systems Architecture. 2024, vol. 149, pp. 103091. DOI: 10.1016/j.sysarc.2024.103091.

The purpose of the study: to study models of random graphs and genetic algorithms for solving the problem of synthesizing a false structure to mask the topological properties of computer networks when generating false network traffic and using false network information objects, taking into account the degree of similarity of the topological properties of real computer networks with false ones, as well as taking into account the security index of computer networks. Methods used: genetic optimization algorithm, linear convolution method, Erdos-Renyi, Barbashi, Harari model. The result of the study: the synthesis of a false structure of a computer network based on random graph models and evolutionary optimization algorithms makes it possible to increase the effectiveness of protecting a computer network by reducing the ability of an attacker to identify its critical nodes through network traffic analysis. The Jacquard coefficient between the sets of edges of true and false computer networks acts as an indicator of the proximity of the topological characteristics of computer networks, and the average shortest distance acts as an approximation of the distance between true and false critical nodes. Genetic algorithms make it possible to solve the problem of optimal parameterization of random graph models from the point of view of the selected fitness function, as well as with explicit combinatorial optimization of a false topology. The exponential growth of the bulkhead space does not allow solving the problem of combinatorial optimization of the adjacency matrix of a graph characterizing the topology of a large computer network, which leads to the need to use dimensionality reduction methods and parametric models when masking the topological properties of composite computer networks. Scientific novelty: it consists in solving the problem of synthesizing the topological properties of a false computer network using genetic algorithms and random graph models parameterized taking into account the scalar fitness objective function, which includes an indicator of the proximity of the false and true topological structure of the computer network, as well as approximating the distance between true and false critical nodes of the computer network. 
Keywords:  network traffic analysis, proactive protection, honeypots, evolutionary optimization algorithms, critical nodes. 

1. Zegzhda D. P., Aleksandrova E. B., Kalinin M. O., Markov A. S. i dr. Kiberbezopasnost' cifrovoj industrii. Teoriya i praktika funkcional'noj ustojchivosti k kiberatakam / Pod red. professora RAN, doktora texn. nauk D. P. Zegzhdy'. − M.: Goryachaya liniya – Telekom, 2019. – 560 p.
2. Stefan Marksteiner, Bernhard Jandl-Scherf and Harald Lernbeiß. Automatically Determining a Network Reconnaissance Scope Using Passive Scanning Techniques. Fourth International Congress on Information and Communication Technology. London. 2020. vol. 2. p. 117–127.
3. Dorofeev A. V., Markov A. S. Monitoring sobytij informacionnoj bezopasnosti: tekhnologii i metody kontrolya effektivnosti // Vestnik voennogo innovacionnogo tekhnopolisa «ERA». 2022. T.3. № 4. pp. 392–400.
4. Tao Hou, Tao Wang, Zhou Lu, Yao Liu. Combating Advarsarial Network Topology Inference by Proactive Topology Obfuscation. IEEE INFOCOM 2020. 2020. pp. 1–14.
5. Jinwoo Kim, Eduard Marin, Mauro Conti, Seungwon Shin. EqualNet: A Secure and Practical Defense for Long-term Network Topology Obfuscation. Network and Distributed Systems Security (NDSS) Symposium. 2022. pp. 1–18.
6. Rawski M. Network Topology Mutation as Moving Target Defense for Corporate Networks // INTL Journal Of Electronics And Telecommunications. 2019. Vol. 65, No. 4, pp. 571–577.
7. Hou T. et al. Proto: Proactive topology obfuscation against adversarial network topology inference // IEEE INFOCOM 2020-IEEE Conference on Computer Communications. – IEEE, 2020. pp. 1598–1607.
8. Kuchurov V. V., Maksimov R. V., Sherstobitov R. S. Model' i metodika maskirovaniya adresacii korrespondentov v kiberprostranstve // Voprosy kiberbezopasnosti. 2020. № 6(40). pp. 2–13.
9. Telen'ga A. P. Maskirovanie metastruktur informacionnyh sistem v kiberprostranstve // Voprosy kiberbezopasnosti. 2024. № 5(57). pp. 50–59.
10. Zegzhda D. P. Intellektual'ny'e metody' samoregulyacii raspredelenny'x setevy'x struktur v usloviyax kiberatak // XIV Vserossijskaya mul'tikonferenciya po problemam upravleniya MKPU-2021. 2021. pp. 16–19.
11. Lavrova D. S., Zegzhda D. P., Zajceva E. A. Modelirovanie setevoj infrastruktury' slozhny'x ob'ektov dlya resheniya zadachi protivodejstviya kiberatakam // Voprosy` kiberbezopasnosti. 2019. №2(30). pp. 13–20.
12. Virsanski E. Geneticheskie algoritmy na Python / per. s angl. A. A. Slinkina. – M.: DMK Press, 2020. – 286 p.: ISBN 978-5-97060-857-9.

The purpose of the research is to formulate the conditions for the existence of a cyber range as an organizational and technical system that is guaranteed to solve the tasks. Research methods: the proposed model is based on the FIST model, methods of the theory of adaptive control.
Results: 1) it is shown that the cyber range of the Ministry of Emergency Situations of Russia has several tracks according to the areas of the tasks to be solved, is geographically distributed, integrates with the information infrastructure of the Ministry of Emergency Situations, operates with spatial data, functions in an environment of all possible types and manifests itself in the form of a set of performance levels of the supporting level, the level of personnel, the level of hardware and the level of software; 2) the limitations under which it is possible to synthesize a cyber range as an adaptive control system with a changing architecture are formulated: on the stability of a set of control actions, on the average time of stable existence of a cyber range; 3) the operator equation describing the cyber range as an organizational and technical system maintained by personnel and characterizing the condition for the guaranteed solution of the tasks facing the cyber range has been formalized; 4) the introduction of new elements into the structure of the cyber range is substantiated: an observation unit and a control unit taking into account feedback. Scientific novelty: the author provides a model of a cyber range, which is distinguished by the formalization of the conditions for the existence of a cyber range as an organizational and technical system at all levels (support, personnel, hardware, software). Discussion: A specific kind of operator equation formalized in the paper can be found using the iSOFT method.
Keywords: information security management models, synthesis of organizational and technical systems, training of information security specialists, information security solutions.

1. Ukwandu, E. et al. A review of cyber-ranges and test-beds: Current and future trends // Sensors. – 2020. – v. 20(24). – №. 24. – P. 7148. DOI:10.3390/s20247148.
2. Grimaldi, A. et al. Toward Next-Generation Cyber Range: A Comparative Study of Training Platforms / In book: Computer Security. ESORICS 2023 International Workshops. Pp.271–290. DOI:10.1007/978-3-031-54129-2_16.
3. Stamatopoulos, D. et al. Exploring the Architectural Composition of Cyber Ranges: A Systematic Review // Future Internet, 16(7), June 2024. – R.16. DOI:10.3390/fi16070231.
4. Yamin, M., Katt, B., Gkioulos, V. Cyber Ranges and Security Testbeds: Scenarios, Functions, Tools and Architecture // Computers & Security. – October 2019. – v. 88. – P. 101636. DOI:10.1016/j.cose.2019.101636.
5. Macák, M., Oslejsek, R., Buhnova, B. Applying process discovery to cybersecurity training: an experience report //2022 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW). – IEEE, 2022. – Pp. 394–402. DOI:10.1109/EuroSPW55150.2022.00047.
6. Sineshhuk M. Ju. Tehnicheskie reshenija po sozdaniju vedomstvennyh organizacionno-tehnicheskih sistem klassa «kiberpoligon» kak sredstva obespechenija informacionnoj bezopasnosti vedomstvennogo naznachenija // Nauchno-analiticheskij zhurnal «Vestnik Sankt-Peterburgskogo universiteta GPS MChS Rossii». 2024. №.1. S. 179–200. DOI: https://doi.org/10.61260/2218-
130X-2024-1-179-20.
7. Matveev A. V., Sineshhuk M. Ju., Shestakov A. V., Gavkaljuk B. V. Metodika tehniko-jekonomicheskoj ocenki variantov postroenija organizacionno-tehnicheskoj sistemy klassa «kiberpoligon» // Inzhenernyj vestnik Dona. – 2023. – №. 6 (102). – S. 187–200.
8. Gerster, D. et al. How Enterprises Adopt Agile Forms of Organizational Design: A Multiple-Case Study //ACM SIGMIS Database: the DATABASE for Advances in Information Systems. – 2020. – v. 51. – №. 1. – Pp. 84–103. DOI:10.1145/3380799.3380807.
9. Gryzunov V. V. Model' geoinformacionnoj sistemy FIST, ispol'zujushhej tumannye vychislenija v uslovijah destabilizacii // Vestnik Dagestanskogo gosudarstvennogo tehnicheskogo universiteta. Tehnicheskie nauki. 2021. T. 48. №. 1. S. 76–89. DOI: 10.21822/2073-6185-2021-48-1-76-89.
10. Naseir, M. A. B. National cybersecurity capacity building framework for counties in a transitional phase : Doctoral Thesis (Doctoral). – Bournemouth University. 2020.
11. Pfaller, T. et al. Towards Customized Cyber Exercises using a Process-based Lifecycle Model // EICC '24: Proceedings of the 2024 European Interdisciplinary Cybersecurity Conference: Association for Computing Machinery (ACM), New York, pp. 37–45.
12. Smyrlis, M. et al. CYRA: A Model-Driven CYber Range Assurance Platform //Applied Sciences. – 2021. – v. 11. – №. 11. – P. 5165. DOI:10.3390/app11115165/.
13. Selifanov V. V., Meshherjakov R. V. Metodika formirovanija dopustimyh variantov organizacionnogo sostava i struktury avtomatizirovannoj sistemy upravlenija informacionnoj bezopasnost'ju //Modelirovanie, optimizacija i informacionnye tehnologii. – 2020. – T. 8. – №. 1. – S. 39-40. DOI: 10.26102/2310-6018/2020.28.1.001.
14. Gryzunov V. V. Formirovanie uslovija garantirovannogo dostizhenija celi dejatel'nosti informacionnoj sistemoj na baze operatornogo uravnenija // Informatizacija i svjaz'. – 2022. – № 4. – S. 67–74. – DOI 10.34219/2078-8320-2022-13-4-67-74.
15. Burlov, V. G., Gryzunov, V. V., Tatarnikova, T. M. Threats of information security in the application of GIS in the interests of the digital economy // Journal of Physics: Conference Series : 23 (St. Petersburg, 27–29.05.2020). – St. Petersburg : IOP Publishing Ltd, 2020. – P. 012023. – DOI: 10.1088/1742-6596/1703/1/012023.
16. Gryzunov, V. V. Konceptual'naja model' adaptivnogo upravlenija geoinformacionnoj sistemoj v uslovijah destabilizacii / V. V. Gryzunov // Problemy informacionnoj bezopasnosti. Komp'juternye sistemy. – 2021. – № 1. – S. 102–108. – EDN GVCRHF