№ 3 (49)

Purpose of work is the development of a new method for estimating the quantum resilience of modern blockchain platforms based on the effective solution of cryptanalysis problems for asymmetric encryption schemes (RSA, El-Gamal) and digital signature (DSA, ECDSA or RSA-PSS), based on computationally dif cult problems of factorization and discrete logarithm.Research method is the use of quantum algorithms providing exponential gain (eg Shor's algorithm) and quadratic gain (eg Grover's algorithm). Due to the fact that the class of problems solved by quantum algorithms in polynomial time cannot yet be signi cantly expanded, more attention is paid to cryptanalysis based on the quantum Shor algorithm and other polynomial algorithms.Results of the study include a classi cation of well-known algorithms and software packages for cryptanalysis of asymmetric encryption schemes (RSA, El-Gamal) and digital signature (DSA, ECDSA or RSA-PSS) based on computationally dif cult problems of factorization and discrete logarithm has been built. A promising method for solving problems of cryptanalysis of asymmetric encryption schemes (RSA, ElGamal) and digital signature (DSA, ECDSA or RSA-PSS) of known blockchain platforms in polynomial time in a quantum computing model is proposed. Algorithms for solving problems of quantum cryptanalysis of two-key cryptography schemes of known blockchain platforms in polynomial time are developed, taking into account the security of the discrete algorithm (DLP) and the discrete elliptic curve algorithm (ECDLP).A structural and functional diagram of the software package for quantum cryptanalysis of modern blockchain platforms “Kvant-K”, adapted to work in a hybrid computing environment of the IBM Q quantum computer (20 and 100 qubits) and the IBM BladeCenter (2022) supercomputer, has been designed. A methodology has been developed for using the “Kvant-K” software package to assess the quantum stability of blockchain platforms:InnoChain (Innopolis University), Waves Enterprise (Waves, Vostok), Hyperledger Fabric (Linux, IBM), Corda Enterprise, Bitfury Exonum, Blockchain Industrial Alliance, Exonum (Bitfury CIS), NodesPlus (b41), Masterchain (Sberbank), Microsoft Azure Blockchain, Enterprise Ethereum Alliance, etc.Practical relevance: The developed new solution for computationally dif cult problems of factorization and discrete logarithm, given over nite commutative (and non-commutative) associative algebras, in a quantum model of computing in polynomial time. It is essential that the obtained scienti c results formed the basis for the development of the corresponding software and hardware complex “Kvant-K”, which was tested in a hybrid computing environment (quantum computer IBM Q (20 and 100 qubits) and/or 5th generation supercomputer: IBM BladeCenter (2022), RCS based on FPGA Virtex UltraScale (2020), RFNC-VNIIEF (2022) and SKIF P-0.5 (2021). An appropriate method for estimating the quantum stability of these blockchain platforms based on the author's models, methods and algorithms of quantum cryptanalysis has been developed and tested.
Keywords: blockchain and distributed ledger technologies (DLT), SMART contracts, blockchain security threat
model, quantum security threat, cryptographic attacks, quantum cryptanalysis, quantum and post-quantum cryptography, quantum algorithms Shor, Grover and Simon algorithms, quantum Fourier transform, factorization and discrete logarithm problem, post-quantum cryptography, quantum resilience of blockchain platforms.

1. Bogdanov A.Yu. Quantum algorithms and their impact on the security of modern classical cryptographic systems /A.Yu. Bogdanov, I.S. Kizhvatov//RGGU. -2005.- 18 p.
2. Valiev K.A. Quantum computers and quantum computing / K.A. Valiev.-M.: Institute of Physics and Technology, 2005.- 387 p.
3. Vasilenko O. N. Number-theoretic algorithms in cryptography / O. N. Vasilenko. – M.: MTSNMO, 2003. – 328 p.
4. Gultyaeva T. A. Fundamentals of information theory and cryptography. – Novosibirsk: NGTU Publishing House, 2010. – 88 p. – ISBN 978-5-7782-1425-5.
5. Denisenko D.V., Marshalko G.B., Nikitenkova M.V., Rudskoi V.I., Shishkin V.A. Evaluation of the complexity of the implementation of the Grover algorithm for enumerating the keys of block cipher algorithms GOST R 34.12-2015, Journal of Experimental and Theoretical Physics, Russian Academy of Sciences, Institute of Physical Problems. P.L. Kapitsa RAS (Moscow), 2019, volume 155, no. 4, pp. 645–653, 2019.
6. Kitaev A., Shen A., Vyaly M. Classical and quantum computing / M.: MTsNMO, Izd. CheRo, 1999. – 192 p.
7. Kolmogorov, A.N. Information theory and theory of algorithms. Academy of Sciences of the USSR. – M.: Nauka, 1987.
8. Kotelnikov V. A. Fate that embraced the age. In 2 tons / comp. N. V. Kotelnikova. M.: Fizmatlit, 2011. – 312 p.
9. Korolkov A.V. On some applied aspects of quantum cryptography in the context of the development of quantum computing and the emergence of quantum computers. / A.V. Korolkov // Cybersecurity Issues No. 1(9) – 2015. – M .: Journal «Cybersecurity Issues», 2015. – pp. 6-13.
10. Klyucharev P.G. Abstract of the dissertation for the competition of a candidate of technical sciences. Algorithmic and software for quantum computer simulation. MSTU im. N.E. Bauman, 2009, 18 p.
11. Crandall R., Pomerance K. Prime numbers: Cryptographic and computational aspects / ed. V. N. Chubarikov; per. A. V. Begunts [i dr.]. – M.: URSS: Book house «LIBROKOM», 2011. – 664 p.
12. Manin Yu.I. Computable and non-computable. M.: Soviet radio, 1980. 128 p.
13. Matveev E.A. Dissertation for the Candidate of Physical and Mathematical Sciences. Application of quantum mechanical effects in information security systems. Penza, NTP Cryptosoft, 2019 – 157 p. 5.
14. Moldovyan A.A., Moldovyan N.A. New forms of the hidden problem of discrete logarithm. Proceedings of SPIIRAS 2019. Volume 18 No. 2. Page 504-529.
15. Moldovyan N.A., Introduction to public key cryptosystems/ Moldovyan N.A., Moldovyan A.A./, Ed. BHV-Petersburg, 2005, 286 p. – 2005.
16. Nikolenko S.I. New constructions of cryptographic primitives based on semigroups, groups and linear algebra. Dissertation for the Candidate of Physical and Mathematical Sciences. St. Petersburg, Institution of the Russian Academy of Sciences St. Petersburg Department of the Mathematical Institute. V.A. Steklov RAS, 2008 – 120 p.
17. Nielsen M., Chang I. Quantum Computing and Quantum Information. Per. from English – M: Mir, 2006 – 824 p., ill.
18. Fundamentals of cryptography. Textbook / A.P. Alferov [and others]. – M. : Helios ARV, 2001. – 480 p. — ISBN 5-85438-137-0.
19. Petrenko, A.S., Romanchenko A.M. A promising method of cryptanalysis based on the Shor algorithm // Protection of information. Inside No. 2 2020. – St. Petersburg: Ed. Athena, 2020. – p. 17–23.
20. Pravilshikov P.A. Quantum parallelism and solution of equations in control problems based on a new computational model / P.A. Pravilshikov. – M.: Institute of Management Problems. V.A. Trapeznikova, 2014.- 179 p.
21. Preskill J. Quantum information and quantum computing / D. Preskill.-M.: Izhevsk, 2008. – 464 p.
22. Ruchkin V.N. Natural parallelism of quantum computers and neurocomputers / V.N. Ruchkin, V.A. Romanchuk, V.A. Fulin.- Ryazan: Ryazan State University. S.A. Yesenina, 2013 – 387 p.
23. Sachkov V.N., V.A. Kotelnikov and encrypted communication. Conferences and Symposiums, Vol. 176, No. 7, UFN 2006, p. 775-777
24. Dictionary of cryptographic terms. Edited by B. A. Pogorelov and V. N. Sachkov. Moscow State University M.V. Lomonosov Academy of Cryptography of the Russian Federation. Moscow MTsNMO publishing house. 2006. – 50 p. 
25. Tokareva N.N. On the history of cryptography in Russia, Historical essays on discrete mathematics and its applications, No. 4 (18), Mathematical Institute. S.L. Sobolev SB RAS, Novosibirsk, 2012, – p. 82-107.
26. Holevo A. S. Mathematical foundations of quantum informatics – M.: MIAN, 2018. – 118 p. – (Lec. courses of REC, ISSN 2226-8782; Issue 30). ISBN 978-5-98419-080-7
27. Holevo A. S., Quantum Systems, Channels, Information. Electronic edition. M.: MTSNMO, 2014. – 327 p. ISBN 978-5-4439-2092-4
28. Holevo A. S., Introduction to quantum information theory. MTSNMO, 2002 – 128 p. 10.
29. Cheryomushkin A. V. Cryptographic protocols: basic properties and vulnerabilities // Applied Discrete Mathematics. – 2009. – Nov. – vol. 2. – p. 115-150. – URL: https://cyberleninka. ru / article / n / kriptograficheskie – protokoly-osnovnye-svoystva-i-uyazvimosti.pdf.
30. Shannon K. Works on information theory and cybernetics / ed. R. L. Dobrushina, O. B. Lupanova. – M.: Publishing house of foreign literature, 1963. – 830 p.
31. Schneier B. Applied cryptography: protocols, algorithms, source code in C. Ed. Williams, 2016. 816p.
32. Shor P. Algorithms for quantum computation: discrete logarithms and factoring [Text] / Shor P.// Foundations of Computer Science.—1994.—No. 10. -134p.
33. Deutsch D., Quantum theory, the Church-Turing principle and the universal quantum computer, Proceedings of the Royal Society A. 400 (1818), 97-117 (1985)
34. Deutsch D., Jozsa R., Rapid solution of problems by quantum computation, Proceedings of the Royal Society of London A, 439, (1907), 553-558 (1992)
35. Diffie D, Hellman M. New directions in cryptography, IEEE Transactions on Information Theory, v. 22, Issue 6 (1976)
36. Feynman R, Simulating physics with computers, Internat. J. Theoret. Phys. 21, 467-488 (1982)
37. Grover L.K., A fast quantum mechanical algorithm for database search, In Proceedings of the twenty-eighth, annual ACM symposium on Theory of computing, 212 – 219, ACM (1996)
38. Markov A., Markov G., Tsirlov V. SIMULATION OF SOFTWARE SECURITY TESTS BY SOFT COMPUTATIONAL METHODS: CRITICAL
INFRASTRUCTURES: CONTINGENCY MANAGEMENT, INTELLIGENT, AGENT-BASED, CLOUD COMPUTING AND CYBER SECURITY (IWCI
2019). Proceedings of the VIth International Workshop. Melentiev Energy Systems Institute of Siberian Branch of the Russian Academy of Sciences. 2019. С. 257-261.
39. Dorofeev A.V., Markov A.S., Tsirlov V.L. APPLICATION OF OPEN DATA IN ACCORDANCE WITH INFORMATION SECURITY REQUIREMENTS: CEUR Workshop Proceedings. ISTMC 2019 – Selected Papers of the 4th All-Russian Scientific and Practical Conference with International Participation «Information Systems and Technologies in Modeling and Control». 2019. С. 36-46.
40. Shor, P.W. Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer, SIAM J. Computing 26, 1484 – 1509 (1997).
41. Simon D.R., On the power of quantum computation, SFCS ‹94: Proceedings of the 35th Annual Symposium on Foundations of Computer Science, 116 – 123 (1994).

The research objective is to develop an algorithm for assessing the cyber resilience of the operational dispatch control (ODC) system of electric power system (EPS) during cyberattacks on data collecting, processing, and transmitting systems.The research methods include the probabilistic methods, fuzzy set theory methods, and methods of EPS reliability analysis.Result of the research: the impact of cyberattacks on the functionality of the EPS ODC system is analyzed. The factors ensuring the cyber resilience of the EPS ODC system in the case of materialization of cyber threats are identi ed. A model of cyber resilience of the EPS ODC system is proposed. An algorithm for assessing the cyber resilience of the EPS ODC system is developed factoring in the cybersecurity risks.
Keywords:  data collection, processing and transmission system; cybersecurity risk; control system; functionality;
cyberattacks; fuzzy model.

1. R. V. Yohanandhan, R. M. Elavarasan, P. Manoharan and L. Mihet-Popa. Cyber-Physical Power System (CPPS): A Review on Modeling, Simulation, and Analysis With Cyber Security Applications. IEEE Access. 2020, vol. 8, pp. 151019-151064. DOI: 10.1109/ACCESS.2020.3016826.
2. X. Chu, M. Tang, H. Huang and L. Zhang. A security assessment scheme for interdependent cyber-physical power systems. 2017 8th IEEE International Conference on Software Engineering and Service Science (ICSESS). 2017, pp. 816-819. DOI: 10.1109/ICSESS.2017.8343036.
3. Voropai N. Electric Power System Transformations: A Review of Main Prospects and Challenges. Energies. 2020, vol.13. No.21. DOI: 10.3390/en13215639
4. N. Jacobs, S. Hossain-McKenzie and E. Vugrin. Measurement and Analysis of Cyber Resilience for Control Systems: An Illustrative Example. 2018 Resilience Week (RWS). 2018, pp. 38-46. DOI: 10.1109/RWEEK.2018.8473549.
5. M. Touhiduzzaman, S. N. G. Gourisetti, C. Eppinger and A. Somani. A Review of Cybersecurity Risk and Consequences for Critical Infrastructure. 2019 Resilience Week (RWS). 2019, pp. 7-13. DOI: 10.1109/RWS47064.2019.8971975.
6. I. Zografopoulos, J. Ospina, X. Liu and C. Konstantinou. Cyber-Physical Energy Systems Security: Threat Modeling, Risk Assessment, Resources, Metrics, and Case Studies. IEEE Access. 2021, vol. 9, pp. 29775-29818. DOI: 10.1109/ACCESS.2021.3058403.
7. J. Zuo, Z. Guo, J. Gan and Y. Lu. Enhancing Continuous Service of Information Systems Based on Cyber Resilience. 2021 IEEE Sixth International Conference on Data Science in Cyberspace (DSC). 2021, pp. 535-542. DOI: 10.1109/DSC53577.2021.00085.
8. Shady S. Refaat, Omar Ellabban, Sertac Bayhan, Haitham Abu-Rub, Frede Blaabjerg, Miroslav M. Begovic. Smart Grid Information Security. Smart Grid and Enabling Technologies, IEEE. 2021, pp.229-248. DOI: 10.1002/9781119422464.ch9.
9. E. U. Haq, H. Xu, L. Pan and M. I. Khattak. Smart Grid Security: Threats and Solutions. 2017 13th International Conference on Semantics, Knowledge and Grids (SKG). 2017, pp. 188-193. DOI: 10.1109/SKG.2017.00039.
10. I. Friedberg, K. McLaughlin and P. Smith. A cyber-physical resilience metric for smart grids. 2017 IEEE Power & Energy Society Innovative Smart Grid Technologies Conference (ISGT). 2017, pp. 1-5. DOI: 10.1109/ISGT.2017.8086065.
11. A. S. Musleh, H. M. Khalid, S. M. Muyeen and A. Al-Durra. A Prediction Algorithm to Enhance Grid Resilience Toward Cyber Attacks in WAMCS Applications. IEEE Systems Journal. March 2019, vol. 13, no. 1, pp. 710-719. DOI: 10.1109/JSYST.2017.2741483.
12. S. Hopkins, E. Kalaimannan and C. S. John. Cyber Resilience using State Estimation Updates Based on Cyber Attack Matrix Classification. 2020 IEEE Kansas Power and Energy Conference (KPEC). 2020, pp. 1-6. DOI: 10.1109/KPEC47870.2020.9167652.
13. A. Ashok, M. Govindarasu and J. Wang. Cyber-Physical Attack-Resilient Wide-Area Monitoring, Protection, and Control for the Power Grid. In Proceedings of the IEEE. July 2017, vol. 105, no. 7, pp. 1389-1407. DOI: 10.1109/JPROC.2017.2686394.
14. Kolosok I.N., Gurina L.A. Ocenka riskov upravleniya kiberfizicheskoj EES na osnove teorii nechetkih mnozhestv // Metodicheskie voprosy issledovaniya nadezhnosti bol’shih sistem energetiki [Methodological problems reliability study of large energy systems], v 2-h knigah, 2019, pp. 238-247.
15. M. A. Haque, S. Shetty, B. Krishnappa. ICS-CRAT: A Cyber Resilience Assessment Tool for Industrial Control Systems. 2019 IEEE 5th Intl Conference on Big Data Security on Cloud (BigDataSecurity), IEEE Intl Conference on High Performance and Smart Computing, (HPSC) and IEEE Intl Conference on Intelligent Data and Security (IDS). 2019, pp. 273-281. DOI: 10.1109/BigDataSecurity-HPSCIDS.2019.00058.
16. Kolosok I.N., Gurina L.A. Povyshenie kiberbezopasnosti intellektual’nyh energeticheskih sistem metodami ocenivaniya sostoyaniya // Voprosy kiberbezopasnosti [Cybersecurity issues], 2018, № 3(27), pp. 63-69. DOI: 10.21681/2311-3456-2018-3-63-69.
17. Zhukov A.V., Saczuk E.I., Dubinin D.M., Opalev O.L., Utkin D.N. Voprosy` primeneniya texnologii sinxronizirovanny`x vektorny`x izmerenij dlya zadach monitoringa e`kspluatacionnogo sostoyaniya e`lektrooborudovaniya // E`nergetik [Energetik], 2017. № 9, pp. 3-8.
18. Jia Guo, Yifei Wang, Chuangxin Guo, Shufeng Dong and Baijian Wen. Cyber-Physical Power System (CPPS) reliability assessment considering cyber attacks against monitoring functions. 2016 IEEE Power and Energy Society General Meeting (PESGM). 2016, pp. 1-5. DOI: 10.1109/PESGM.2016.7741899.
19. Diptendu Sinha Roy, Cherukuri Murthy, Dusmanta Kumar Mohanta. Reliability analysis of phasor measurement unit incorporating hardware and software interaction failures. Generation Transmission & Distribution IET. 2015, vol. 9, no. 2, pp. 164-171. DOI: 10.1049/iet-gtd.2014.0115.
20. Uspenskij M.I. Sostavlyayushchie nadezhnosti informacionnoj seti sistemy monitoringa perekhodnyh rezhimov // Metodicheskie
voprosy issledovaniya nadezhnosti bol’shih sistem energetiki [Methodological problems reliability study of large energy systems],
2020, pp. 370-379.
21. Tong, Q., Yang, M., & Zinetullina, A. A Dynamic Bayesian Network-based approach to Resilience Assessment of Engineered Systems.
Journal of Loss Prevention. Process Industries. 2020. 104152. DOI:10.1016/j.jlp.2020.104152.

Purpose of the work is to develop of an approach to determining the attack surface based on the analysis of the difference in code coverage and its application to the analysis of web browsers.Research method is to use an instrumentation compiler to analyze code coverage depending on the input data. The proposed approach makes it possible to evaluate the relationship between the input data processed by the analyzed application and the program code by calculating the coverage difference and excluding from the analysis the modules called regardless of the input data.Results of the research: the existing general approaches to software fuzzing, and the features of approaches to fuzzing web browsers, are considered. In general, software fuzzing is performed using one of three methods: black-box, gray-box, and white-box. The basic criterion for distinguishing these methods is the completeness of information about the source code of the software under test. Web browser fuzzing can be divided into static and dynamic. Approaches to fuzzing complex software can be divided into two groups: analysis of a monolithic application, fuzzing of individual application modules (library interfaces). The difference between these groups is determined by the completeness of the involvement of the functional components of the software under study in the testing process. Each of the levels has its own advantages and disadvantages. Often these shortcomings can be compensated by a combination of fuzzing different fuzzing targets. To correctly determine fuzzing targets, it is necessary to identify the attack surface of the software under study. The authors proposed an approach to assessing the attack surface by calculating the coverage difference; it allows excluding from the analysis modules that are called regardless of the input data.Scientific and practical significance: the results of the article consist in the development of a new approach to determining the attack surface based on the analysis of the difference in coverage of the code of the analyzed application, depending on the data supplied to the input, and allowing to exclude modules from the analysis that are called regardless of the input data.
Keywords:  web browser, JavaScript engine, code coverage, software defects, software vulnerabilities, fuzzing testing.

1. Kozachok, A. V., Kozachok, V. I., Osipova, N. S., Ponomarev, D. V. A review of studies on the use of machine learning methods to improve the efficiency of fuzzing testing. Vestnik VGU. Series: System Analysis and Information Technologies, 2021 (4), pp. 83-106. DOI: 10.17308/sait.2021.4/3800.
2. Li J., Li J., Zhao B., Zhang C. Fuzzing: a survey // Cybersecurity, 2018, Vol. 1, No 1, p. 6, DOI: 10.1186/s42400-018-0002-y.
3. Gopinath R., Görz P., Groce A. Mutation Analysis: Answering the Fuzzing Challenge // arXiv preprint arXiv:2201.11303, 2022, DOI: /10.48550/arXiv.2201.11303.
4. Bounimova E., Godefroid P., Molnar D. Billions and Billions of Constraints: Whitebox Fuzz Testing in Production // In Proceedings of the International Conference on Software Engineering, pp. 122–131, 2013, DOI: 10.1109/ICSE.2013.6606558.
5. Godefroid, Michael Y. Levin, David Molnar. SAGE: Whitebox Fuzzing for Security Testing // Communications of the acm, 2012 (3), pp. 40-44 doi:10.1145/2093548.2093564.
6. Debnath Mukta, Basak Chowdhury Animesh, Saha Debasri, Sur Kolay Susmita. FuCE: Fuzzing+Concolic Execution guided Trojan Detection in Synthesizable Hardware Designs, 2021, DOI: 10.48550/arXiv.2111.00805.
7. Muhammad Noman Khalid, Muhammad iqbal, Kamran Rasheed, Malik Muneeb Abid. Web Vulnerability Finder (WVF): Automated
Black-Box Web Vulnerability Scanner // I.J. Information Technology and Computer Science, 2020 (4), pp. 38-46, DOI: 10.5815/ijitcs.2020.04.05.
8. Danyang Zhao. Fuzzing Technique in Web Applications and Beyond // Journal of Physics: Conference Series 1678(1), 2020, doi: 10.1088/1742-6596/1678/1/012109.
9. Zimin E.E. Code fuzzing testing technique using AFL // Secure Information Technologies. Proceedings of the Eleventh International Scientific and Technical Conference. 2021 Publisher: MSTU named after N.E. Bauman, 2021, pp. 124-129.
10. Tronov K. A., Belov Yu.S. Optimization of the AFL toolkit for better code coverage when working with specific data // E-Scio. FGBOU VO “MSTU named after N.E. Bauman, 2021, No. 5 (56), pp. 566-571.
11. Pham V. T. et al. Smart greybox fuzzing // IEEE Transactions on Software Engineering, 2019, Т. 47, №. 9, pp. 1980-1997, DOI: 10.1109/TSE.2019.2941681.
12. Ying-Dar Lin, Feng-Ze Liao, Shih-Kun Huang, Yuan-Cheng Lai. Browser Fuzzing by Scheduled Mutation and Generation of Document Object Models // The 49th IEEE International Carnahan Conference on Security Technology, 2020, DOI: 10.1109/CCST.2015.7389677.
13. Sablotny M., Jensen B. S., Johnson C. W. Recurrent neural networks for fuzz testing web browsers // International Conference on Information Security and Cryptology, Springer, Cham, 2018, pp. 354-370, DOI: 10.1007/978-3-030-12146-4_22.
14. Eberlein M. et al. Evolutionary grammar-based fuzzing // International Symposium on Search Based Software Engineering, Springer, Cham, 2020, pp. 105-120, DOI: 10.1007/978-3-030-59762-7_8.
15. Manes V. J. M., Han H., Cha S. K. [et al.] The Art, Science, and Engineering of Fuzzing: A Survey // IEEE Transactions on Software Engineering, 2021, Vol. 47, No 11, pp. 2312-2331, DOI: 10.1109/TSE.2019.2946563.
16. Kostandyan V., Margarov G., Pedrosa T., Juan Rodriguez P.. Fuzzing in cybersecurity (review) // New in the Russian electric power industry, 2020, no. 9, pp. 17-30.
17. Xu W., Park S., Kim T. FREEDOM: Engineering a State-ofthe-Art DOM Fuzzer // Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security, Virtual Event USA: ACM, 2020, pp. 971–986. DOI: 10.1145/3372297.3423340.
18. Chaofan Shou, ˙Ismet Burak Kadron, Qi Su, and Tevfik Bultan. CorbFuzz: Checking Browser Security Policies with Fuzzing // University of California, Santa Barbara, 2021, DOI: 10.48550/arXiv.2109.00398.
19. Guixin Ye, Zhanyong Tang, Shin Hwei Tan, Songfang Huang, Dingyi Fang, Xiaoyang Sun, Lizhong Bian, Haibo Wang, and Zheng Wang. Automated Conformance Testing for JavaScript Engines via Deep Compiler Fuzzing // In Proceedings of the 42nd ACM SIGPLAN International Conference on Programming Language Design and Implementation (PLDI ’21), 2021, Virtual, Canada. ACM, New York, NY, USA, DOI: 10.1145/3453483.3454054.
20. Agrawal V., Rastogi R., Tiwari D. C. Spider monkey optimization: a survey // International Journal of System Assurance Engineering and Management, 2018, Т. 9, №. 4, pp. 929-941, DOI: 10.1007/s13198-017-0685-6.
21. Tian Y., Qin X., Gan S. Research on Fuzzing Technology for JavaScript Engines // The 5th International Conference on Computer Science and Application Engineering, 2021, pp. 1-7, DOI: 10.1145/3487075.3487107.
22. Groß S. Fuzzil: Coverage guided fuzzing for javascript engines // Department of Informatics, Karlsruhe Institute of Technology, 2018. 
23. Sung Ta Dinh, Haehyun Cho, Kyle Martin, Adam Oest, Kyle Zeng, Alexandros Kapravelos , Gail-Joon Ahn, Tiffany Bao, Ruoyu Wang, Adam
Doupe, and Yan Shoshitaishvili. Favocado: Fuzzing the Binding Code of JavaScript Engines Using Semantically Correct Test Cases //
Network and Distributed Systems Security (NDSS) Symposium, 2021, DOI: 10.14722/ndss.2021.24224.
24. Xiaoyu He, Xiaofei Xie, Yuekang Li, Jianwen Sun, Feng Li, Wei Zou, Yang Liu, Lei Yu, Jianhua Zhou, Wenchang Shi, Wei Huo. SoFi:
ReflectionAugmented Fuzzing for JavaScript Engines // In Pro-ceedings of the 2021 ACM SIGSAC Conference on Computer
and Communications Security (CCS ’21), 2021, Virtual Event, Republic of Korea, ACM, New York, NY, USA, 14 pages,. DOI:
10.1145/3460120.3484823.
25. Porkolab Z. Fuzzing C++ class interfaces for generating and running tests with libFuzzer // IEEE International Symposium on Software
Reliability Engineering Workshops (ISSREW), 2020, pp. l-lii, DOI: 10.1109/ISSREW51248.2020.00027.
26. Hsu Chin-Chia, Wu Che-Yu, Hsiao Hsu-Chun, Huang Shih-Kun. INSTRIM: Lightweight Instrumentation for Coverage-guided Fuzzing, 2018, DOI: 10.14722/bar.2018.23014.
27. Hu Jr Z. A Software Package for Generating Code Coverage Reports With Gcov, 2021.
28. Beyer D., Lemberger T. TestCov: Robust test-suite execution and coverage measurement // 34th IEEE/ACM International Conference on Automated Software Engineering (ASE), 2019, pp. 1074-1077, DOI: 10.1109/ASE.2019.00105.
29. Vasiliev I.A., Dovgalyuk P.M., Klimushenkova M.A. Using the identification of threads of execution when solving problems of full-system analysis of binary code // Proceedings of the Institute for System Programming of the RAS (Proceedings of ISP RAS), 2021, 33(6), pp. 51-66, (In Russ.), DOI: 10.15514/ISPRAS-2021-33(6)-4.
30. Klimushenkova M.A., Bakulin M.G., Padaryan V.A., Dovgalyuk P.M., Fursova N.I., Vasiliev I.A. On Some Limitations of Information Flow Tracking in Full-system Emulators // Proceedings of the Institute for System Programming of the RAS (Proceedings of ISP RAS), 2016, 28(6), pp. 11-26, (In Russ.), DOI: 10.15514/ISPRAS-2016-28(6)-1.

Relevance. Security issues of information systems in critical infrastructure objects become important now. However, current tasks of information security audit of critical infrastructure objects are mainly limited to checking them for compliance with requirements of standards and documents. With this approach to the audit, security of these objects from real attacks by hackers remains unclear. Therefore, objects are subjected to a testing procedure, namely, penetration testing, in order to objectively verify their security. For example, there are instructions of the Bank of Russia to carry out such testing when the information security of banking systems are checked. However, there is no formal national standard for conducting penetration testing in Russia. This is the deterrent factor to testing critical infrastructure objects.The goal of the paper is to analysis of the American testing standard - NIST SP 800-115 to estimate the possibility of its used for development of the Russian national penetration testing standard.Research methods. Methods of analysis and decomposition from the theory of system analysis are used in the paper to achieve the research goal.Results. In-depth analysis of the NIST SP 800-115 standard is provided in the paper. The following are considered: types of information security assessment measures; stages of information security assessment; methods of analysis and testing which used in the assessment of information security; types and sequence of penetration esting; tested vulnerabilities; recommended tools for analysis and testing, are presented in NIST SP 800-11. Conclusions about the strengths and weaknesses of the NIST SP 800-115 standard are made. Recommendations about as NIST SP 800-115 is used in the development of the national Russian standard of penetration testing are presented.
Keywords: penetration testing, computer attack, NIST SP 800-115, testing, security testing, social engineering,
software testing, vulnerability, network scanning

1. Makarenko S. I. Audit informacionnoj bezopasnosti: osnovnye jetapy, konceptual’nye osnovy, klassifikacija meroprijatij // Sistemy upravlenija, svjazi i bezopasnosti. 2018. № 1. S. 1-29. DOI: 10.24411/2410-9916-2018-10101
2. Makarenko S. I. Audit bezopasnosti kriticheskoj infrastruktury special’nymi informacionnymi vozdejstvijami. Monografija. – SPb.: Naukoemkie tehnologii, 2018. – 122 s.
3. Makarenko S. I., Smirnov G. E. Analiz standartov i metodik testirovanija na proniknovenie // Sistemy upravlenija, svjazi i bezopasnosti. 2020. № 4. S. 44-72. DOI: 10.24411/2410-9916-2020-10402
4. Markov A. S., Cirlov V. L., Barabanov A. V. Metody ocenki nesootvetstvija sredstv zashhity informacii / pod red. A.S. Markova. – M.: Radio i svjaz’, 2012. – 192 s.
5. Barabanov A. V., Markov A. S., Cirlov V. L., Rautkin Ju.V. Issledovanie ujazvimostej programmnogo obespechenija. – M.: Nauchnyj centr pravovoj informacii pri Ministerstve justicii Rossijskoj Federacii, 2018. – 76 s.
6. Barabanov A. V., Markov A. S., Cirlov V. L. Testirovanie mezhsetevyh jekranov po trebovanijam bezopasnosti informacii. – M.: MGTU im. N.Je. Baumana, 2021. – 53 s.
7. Dorofeev A. Testirovanie na proniknovenie: demonstracija odnoj ujazvimosti ili ob#ektivnaja ocenka zashhishhennosti? // Zashhita informacii. Insajd. 2010. № 6 (36). S. 72-73.
8. Dorofeev A. V., Markov A. S., Rautkin Y. V. Ethical hacking training // ISTMC 2019 - Selected Papers of the 4th All-Russian Scientific and Practical Conference with International Participation “Information Systems and Technologies in Modeling and Control”. – CEUR Workshop Proceedings, 2019. – S. 47-56.
9. Klimov S. M. Imitacionnye modeli ispytanij kriticheski vazhnyh informacionnyh ob#ektov v uslovijah komp’juternyh atak // Izvestija JuFU. Tehnicheskie nauki. 2016. № 8 (181). S. 27-36.
10. Klimov S. M., Sychjov M. P. Stendovyj poligon uchebno-trenirovochnyh i ispytatel’nyh sredstv v oblasti obespechenija informacionnoj bezopasnosti // Informacionnoe protivodejstvie ugrozam terrorizma. 2015. № 24. S. 206-213.
11. Bojko A. A., D’jakova A. V. Sposob razrabotki testovyh udalennyh informacionno-tehnicheskih vozdejstvij na prostranstvenno raspredelennye sistemy informacionno-tehnicheskih sredstv // Informacionno-upravljajushhie sistemy. 2014. № 3 (70). S. 84-92.
12. Bojko A. A., Obushhenko E. Ju., Shheglov A. V. Osobennosti sinteza polnogo mnozhestva testovyh sposobov udalennogo informacionnotehnicheskogo vozdejstvija na prostranstvenno raspredelennye sistemy informacionno-tehnicheskih sredstv // Vestnik Voronezhskogo gosudarstvennogo universiteta. Serija: Sistemnyj analiz i informacionnye tehnologii. 2017. № 2. S. 33-45.
13. Bojko A. A. Boevaja jeffektivnost’ kiberatak: analiticheskoe modelirovanie sovremennogo boja // Sistemy upravlenija, svjazi i bezopasnosti. 2020. № 4. S. 101-133. DOI: 10.24411/2410-9916-2020-10404
14. Bojko A. A. Boevaja jeffektivnost’ kiberatak: prakticheskie aspekty // Sistemy upravlenija, svjazi i bezopasnosti. 2020. № 4. S. 134-162. DOI: 10.24411/2410-9916-2020-10405
15. Begaev A. N., Begaev S. N., Fedotov V. A. Testirovanie na proniknovenie. – SPb: Universitet ITMO, 2018. – 45 s.
16. Skabcov N. Audit bezopasnosti informacionnyh sistem. – SPb.: Piter, 2018. – 272 s.
17. Birjukov A. A. Sobiraem ustrojstva dlja testov na proniknovenie. – M.: DMK Press, 2018. – 378 s.
18. NIST Special Publication 800-115: Technical Guide to Information Security Testing and Assessment (NIST SP 800-115). – Computer Security Resource Center, 2008. – 80 p.– URL: http://csrc.nist.gov/publications/nistpubs/800-115/SP800-115.pdf (data dostupa 20.05.2022).
19. Makarenko S. I. Kriterii i pokazateli ocenki kachestva testirovanija na proniknovenie // Voprosy kiberbezopasnosti. 2021. № 3 (43). S. 43-57. DOI: 10.21681/2311-3456-2021-3-43-57
20. Makarenko S. I., Smirnov G. E. Metodika obosnovanija testovyh informacionno-tehnicheskih vozdejstvij, obespechivajushhih racional’nuju polnotu audita zashhishhennosti ob#ekta kriticheskoj informacionnoj infrastruktury // Voprosy kiberbezopasnosti. 2021. № 6 (46). S. 12-25. DOI: 10.21681/2311-3456-2021-6-12-25

Keywords: finite non-commutative algebra; associative algebra; computationally difficult problem; hidden commutative group; digital signature; multivariate cryptography; post-quantum cryptography.

1. Yan S.Y. Quantum Computational Number Theory. – Springer International Publishing. 2015. – 252 p. DOI: 10.1007/978-3-319-25823-2.
2. Yan S.Y. Quantum Attacks on Public-Key Cryptosystems . – Springer. 2013. – 207 p. DOI: 10.1007/978-1-4419-7722-9.
3. Kuzmin A.S., Markov V.T., Mikhalev A.A., Mikhalev A.V., Nechaev A.A. Cryptographic Algorithms on Groups and Algebras // Journal of Mathematical Sciences. 2017. V. 223. N. 5. P. 629−641.
4. Moldovyan D.N. Post-quantum public key-agreement scheme based on a new form of the hidden logarithm problem // Computer Science Journal of Moldova. 2019. V.27. No.1(79). P. 56-72.
5. Alamelou Q., Blazy O., Cauchie S., Gaborit Ph. A code-based group signature scheme // Designs, Codes and Cryptography. 2017. V. 82. N. 1-2. P. 469-493. DOI: 10.1007/s10623-016-0276-6.
6. Kosolapov Y.V., Turchenko O.Y. On the construction of a semantically secure modification of the McEliece cryptosystem // Prikladnaja diskretnaja matematika. 2019. № 45. S. 33−43. DOI: 10.17223/20710410/45/4.
7. Hoffstein J., Pipher J., Schanck J.M., Silverman J.H., Whyte W., Zhang Zh. Choosing parameters for NTRU Encrypt. Cryptographers’ Track at the RSA Conference - CTA-RSA 2017 // Lecture Notes in Computer Science. Springer, 2017. V. 10159. P. 3–18.
8. Agibalov G.P. ElGamal cryptosystems on Boolean functions // Prikladnaja diskretnaja matematika. 2018. № 42. S. 57−65. DOI: 10.17223/20710410/42/4.
9. Alagic, G., Alperin-Sheriff, J., Apon, D., Cooper, D., Dang, Q., Miller, C., Moody, D., Peralta, R., Perlner, R., Robinson, A., Smith-Tone, D. and Liu, Y. (2019), Status Report on the First Round of the NIST Post-Quantum Cryptography Standardization Process, NIST Interagency/Internal Report (NISTIR 8240), National Institute of Standards and Technology, Gaithersburg, MD, [online]. https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=927303 (obrashhenie 17 fevralja 2022) https://doi.org/10.6028/NIST.IR.8240/
10. Moody, D., Alagic, G., Apon, D., Cooper, D., Dang, Q., Kelsey, J., Liu, Y., Miller, C., Peralta, R., Perlner, R., Robinson, A., Smith-Tone, D.
and Alperin-Sheriff, J. (2020), Status Report on the Second Round of the NIST Post-Quantum Cryptography Standardization Process, NIST Interagency/Internal Report (NISTIR), National Institute of Standards and Technology, Gaithersburg, MD, [online], https://doi.org/10.6028/NIST.IR.8309 (obrashhenie 17 fevralja 2022)
11. Moody, D. NIST Status Update on the 3rd Round. Available at: https://csrc.nist.gov/CSRC/media/Presentations/status-update-on-the3rd-round/images-media/session-1-moody-nist-round-3-update.pdf (obrashhenie 17 fevralja 2022).
12. Moldovyan D.N. New Form of the Hidden Logarithm Problem and Its Algebraic Support // Bulletin of Academy of Sciences of Moldova. Mathematics. 2020. N. 2(93). P.3-10.
13. Moldovyan D.N. A practical digital signature scheme based on the hidden logarithm problem // Computer Science Journal of Moldova. 2021. V. 29. N. 2(86). P. 206–226.
14. Moldovyan N. A., Moldovyan A.A. Candidate for practical post-quantum signature scheme // Vestnik Sankt-Peterburgskogo universiteta. Prikladnaja matematika. Informatika. Processy upravlenija. 2020. T. 16. Vyp. 4. S. 455–461. DOI: 10.21638/11701/spbu10.2020.410.
15. Moldovyan D.N., Moldovyan A.A., Moldovyan N.A. An enhanced version of the hidden discrete logarithm problem and its algebraic support // Quasigroups and Related Systems. 2020. V. 28. N. 2. P. 269-284.
16. Moldovjan D.N., Moldovjan A.A., Moldovjan N.A. Novaja koncepcija razrabotki postkvantovyh algoritmov cifrovoj podpisi na nekommutativnyh algebrah // Voprosy kiberbezopasnosti. 2022. № 1(47). S. 18–25. DOI: 10.21681/2311-3456-2022-1-18-25.
17. Shuaiting Q., Wenbao H., Yifa Li, Luyao J. Construction of Extended Multivariate Public Key Cryptosystems // International Journal of Network Security. 2016. V. 18. N. 1. P. 60-67.
18. Moldovjan D.N., Moldovjan A.A. Algebraicheskie algoritmy JeCP, osnovannye na trudnosti reshenija sistem uravnenij // Voprosy kiberbezopasnosti. 2022. № 2(48). S. 7–17. DOI: 10.21681/2311-3456-2022-2-7-17.
19. Moldovyan N.A. Signature Schemes on Algebras, Satisfying Enhanced Criterion of Post-quantum Security // Bulletin of Academy of Sciences of Moldova. Mathematics. 2020. N. 2 (93). P. 62-67.
20. Moldovyan D.N. A unified method for setting finite non-commutative associative algebras and their properties // Quasigroups and Related Systems. 2019. V.27. N.2. P. 293-308

Purpose of work is the increase in performance and decrease in the hardware implementation cost of the of post-quantum algebraic signature algorithms based on the computational dif culty of solving systems of many quadratic equations with many unknowns.Research method is i) the development of post-quantum signature algorithms on nite non-commutative associative algebras de ned over nite elds of characteristic two, which have high performance and small sizes of signature and public and secret keys; ii) using the concept of constructing algebraic signature algorithms with a hidden commutative group, characterized by the use of a power-type vector veri cation equation with multiple occurrences of the signature S as a factor; iii) the choice of the degree of extension z of the eld GF(2z) in which the order of the hidden group is divisible only by prime divisors of at least 24 bits.Results of the study are the formulated main provisions for the implementation of post-quantum signature algorithms with a hidden group, the security of which is based on the computational dif culty of solving systems of many quadratic equations with many unknowns, when using the nite non-commutative algebras given over the GF(2z) elds as algebraic support. The values of the extension degree z are established for which the order of the hidden commutative group is divisible only by prime divisors of a suf ciently large size. A new post-quantum signature algorithm with relatively high performance and small sizes of the signature and public and secret keys have been developed. Using an informal security index in the form of a product of the binary logarithm of the order of the eld and the number of unknowns, the developed and known post-quantum algorithms for a given level of security are compared.Practical relevance. The main provisions for constructing signature algorithms with a hidden group are formulated for the case of using nite non-commutative algebras with computationally ef cient operations of multiplication and exponentiation, providing prerequisites for improving performance and reducing the hardware implementation cost of post-quantum signature algorithms.
Keywords: semi-Markov process, vector optimization, network trap, robustness, Laplace transform, bioinspired algorithm. 

1. Maximov R.V., Sokolovsky S.P., Telenga A.P. Model of client-server information system functioning in the conditions of network reconnaissance. CEUR Workshop Proceeding. 2019. pp. 44-51.
2. Kumari A., Agrawal N., Umesh L. Attack over Email System: Review. International Journal of Scientific Research and Engineering Trends. 2017. vol. 3. pp. 200-206.
3. Schneider M., Shulman H., Sidis A., Sidis R., Waidner M. Diving into Email Bomb Attack. 50th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN). 2020. pp. 286-293. DOI: 10.1109/DSN48063.2020.00045.
4. Castillo D.P., Regidor F.M., Higuera J.B., Higuera J.R., Montalvo J.A. A new mail system for secure data transmission in cyber physical systems. International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems. 2020. vol. 28(2). pp. 23-48. DOI: 10.1142/S0218488520400127.
5. Zobal L., Kolar D., Kroustek J. Exploring current e-mail cyber threats authenticated SMTP honeypot. 17-th International Conference on Security and Cryptography. Paris. 2020. pp.253-262.
6. Douzi S., AlShahwan F.A., Lemoudden M., Ouahidi B. Hybrid email spam detection model using artificial intelligence. International Journal of Machine Learning and Computing. 2020. vol. 10(2). pp. 316-322. DOI: 10.18178/ijmlc.2020.10.2.937.
7. Sokolovskij S. P., Gorbachev A. A. Sposob proaktivnoj zashhity pochtovogo servera ot nezhelatel’nyh soobshhenij jelektronnoj pochty // Voprosy oboronnoj tehniki. Serija 16: Tehnicheskie sredstva protivodejstvija terrorizmu. 2021. № 3-4 (153-154). S. 31-40.
8. Walla S., Rossow C. MALPITY: Automatic identification and Exploitation of Tarpit Vulnerabilities in Malware. 2019 IEEE European Symposium on Security and Privacy (EuroS&P). 2019. pp. 590-605. DOI: 10.1109/EuroSP.2019.00049.
9. Maximov R.V., Sokolovsky S.P., Telenga A.P. Methodology for substantiating the characteristics of false network traffic to simulate information system. CEUR Workshop Proceeding. 2021. pp. 115-124.
10. Maximov R.V., Sokolovsky S.P., Telenga A.P. Honeypots network traffic parameters modelling. CEUR Workshop Proceeding. 2021. pp. 229-239.
11. Petrov M.Ju., Fatkieva R.R. Model’ sinteza raspredelennyh atakujushhih jelementov v komp’juternoj seti // Trudy uchebnyh zavedenij svjazi. 2020. № 2. S. 113-120. DOI:10.31854/ 1813-324X-2020-6-2-113-120.
12. Evnevich E.L., Fatkieva R.R. Modelirovanie informacionnyh processov v uslovijah konfliktov // Voprosy kiberbezopasnosti. 2020. № 2(36). S. 42-49. DOI:10.21681/2311-3456-2020-2-42-49.
13. Budnikov S.A., Butrik E.E., Solov’ev S.V. Modelirovanie APT-atak, jekspluatirujushhih ujazvimost’ ZEROLOGON // Voprosy kiberbezopasnosti. 2021. № 6(46). S. 47-61. DOI:10.21681/2311-3456-2021-6-47-61.
14. Fatkieva R.R. Kompleks modelej dlja ocenivanija setevoj bezopasnosti avtomatizirovannyh sistem upravlenija predprijatiem // Trudy SPIIRAN. 2020. № 3. S. 621-643. DOI: 10.15622/sp.2020.19.3.6.
15. Andreshhev I.A., Budnikov S.A., Gladkov A.V. Polumarkovskaja model’ ocenki konfliktnoj ustojchivosti informacionnoj infrastruktury // Vestnik VGU. Serija: sistemnyj analiz i informacionnye tehnologii. 2017. № 1. S. 10-17.
16. Gorin A.N., Budnikov S.A. Primenenie programmnoj sredy Matlab dlja imitacionnogo modelirovanija slozhnyh sistem voennogo naznachenija // Sistemy upravlenija, svjazi i bezopasnosti. 2019. № 1. S. 221-251. DOI: 1024411/2410-9916-2019-10114.
17. Drovnikova I.G., Parinov M.L., Ovchinnikova E.S. Analiticheskaja model’ ocenki verojatnosti realizacii setevyh atak v dinamike konfliktnogo vzaimodejstvija s sistemoj zashhity informacii v avtomatizirovannyh sistemah organov vnutrennih del // Vestnik Voronezhskogo instituta MVD Rossii. 2021. № 4. S. 43-56.
18. Kolosok I.N., Gurina L.A. Ocenka pokazatelej kiberustojchivosti sistem sbora i obrabotki informacii v JeJeS na osnove polumarkovskih modelej // Voprosy kiberbezopasnosti. 2021. № 6 (46). S. 2-11. DOI:10.21681/2311-3456-2021-6-2-11.
19. Arltova M., Fedorova D. Selection of Unit Root Test on the Basis of Length of the Time Series and Value of AR(1) Parameter. Statistika. 2016. vol. 96(3). pp. 47-64.

The purpose of the article: development of software-implemented ways to increase the security of information from leakage through spurious electromagnetic radiation of a DVI video system.Research method: search for brightness gradations of RGB primary colors that form similar levels of spurious electromagnetic radiation by enumeration of experimental data obtained from fragments of the reconstructed image.Results: the rst part of the article provides a review and analysis of the literature on the features of the functioning of the video interface of the DVI standard. The main characteristics of the TMDS coding algorithm, which can affect the parameters of spurious electromagnetic radiation of the video interface of modern computer technology, are considered. The second part of the article presents an experimental setup for analyzing the relationship between the visual contrast of an image and changes in the intensity of electromagnetic spurious emissions from a DVI video system. On the basis of an experimental comparison of the intensity values of side electromagnetic radiation for different color shades speci ed by RGB combinations, the possibility of using such pairs of color tone combinations that, on the one hand, are acceptable for the perception of information by the operator, and, on the other hand, have practically indistinguishable levels of side effects, is shown. electromagnetic radiation. The third part of the article (this is for the existing one) presents a method developed by the authors to increase the security of information from leakage through spurious electromagnetic radiation of a DVI video system. The possibility of implementing the proposed method for reducing the information content of spurious electromagnetic radiation of a video system when displaying two-color images is shown.
Keywords: software-defined radio, TMDS coding algorithm, technical information leakage channel, DVI interface,
software-implemented information security measures, RGB color tint combination, video system.

1. Chabanov I.D., Poljanskij D.A. Sravnenie opasnosti perehvata obrabatyvaemoj informacii pri ispol’zovanii videointerfejsov VGA, DVI i HDMI / Pod redakciej A.V. Efimova, T.I. Monastyrskoj, I.V. Balaban. – Novosibirsk: Sibirskij gosudarstvennyj universitet telekommunikacij i informatiki, 2021. – S.13-16
2. Antjasov I.S., Asjaev G.D., Ufimcev M.S. Issledovanie pobochnyh jelektromagnitnyh izluchenij monitora s pomoshh’ju RTL-SDR priemnika // Vestnik UrFO. Bezopasnost’ v informacionnoj sfere. 2019. № 4(34). S. 15-21. DOI 10.14529/secur190402.
3. Horev A.A., Feizov S.A. Jeksperimental’nye issledovanija vozmozhnosti perehvata tekstovyh izobrazhenij, vyvodimyh na jekran monitora // Radiojelektronnye ustrojstva i sistemy dlja infokommunikacionnyh tehnologij - RJeUS-2020, Moskva, 27–29 maja 2020 goda. S. 259-264.
4. Bajushkin C.C. Issledovanie vozmozhnosti perehvata pobochnyh jelektromagnitnyh izluchenij s#jomnyh nositelej personal’nyh komp’juterov USB 2.0 // Vestnik sovremennyh issledovanij. 2018. № 8.3(23). S. 207-212.
5. Parshin D.A., Jares’ko A.P., Ostapenko A.P. Zashhita USB-flash-nositelej ot utechek informacii po kanalu pobochnyh jelektromagnitnyh izluchenij / Bezopasnost’ informacionnogo prostranstva - 2017.S. 113-116.
6. Kazancev I.S. O vozmozhnom podhode k autentifikacii pol’zovatelja po klaviaturnomu pocherku na osnove PJeMI klaviatury / Bezopasnye informacionnye tehnologii: Sbornik trudov Odinnadcatoj mezhdunarodnoj nauchno-tehnicheskoj konferencii, Moskva, 06–07 aprelja 2021 g. 2021. S. 130-134.
7. Persichkin A.A., Persichkina N.V., Shpilevaja N.V. Osobennosti obrazovanija PJeMIN v klaviature komp’jutera s tochki zrenija obespechenija informacionnoj bezopasnosti // Vestnik Baltijskogo federal’nogo universiteta im. I. Kanta. Serija: Fiziko-matematicheskie i tehnicheskie nauki. 2021. № 1. S. 31-37.
8. Subbotin S.D., Porshnev S.V., Ponomareva O.A. Issledovanie povedenija informativnyh signalov ot nakopitelja na zhestkih magnitnyh diskah pri obrabotke informacii v raznyh oblastjah diska // Vestnik UrFO. Bezopasnost’ v informacionnoj sfere. 2020. № 1(35). S. 5-11. DOI 10.14529/secur200101.
9. Mil’ko D.S. Sovremennoe sostojanie issledovanij, svjazannyh s utechkoj informacii po kanalam pobochnyh jelektromagnitnyh izluchenij i navodok // Informacionnye tehnologii i matematicheskoe modelirovanie v upravlenii slozhnymi sistemami. 2020. № 1(6). S. 52-63. DOI 10.26731/2658-3704.2020.1(6).52-63.
10. Bunevich M.A., Majorov A.I., Marmuzevich M.A., Vrublevskij I.A. Pobochnye jelektromagnitnye izluchenija ot sredstv vychislitel’noj tehniki kak ugroza utechki informacii // redkollegija: V.A. Bogush. – Minsk: Belorusskij gosudarstvennyj universitet informatiki i radiojelektroniki, 2020. S. 318-319.
11. Ivanov A.V., Ognev I.A., Nikitina E.E., Merkulov L.V. Primenenie tehnologii SDR (Software Defined Radio) dlja vosstanovlenija signalov pobochnyh jelektromagnitnyh izluchenij videotrakta // Bezopasnost’ cifrovyh tehnologij. 2021. № 4(103). S. 72-90. DOI 10.17212/2782-2230-2021-4-72-90.
12. Parshutkin A.V., Sirotin I.N., Fomin A.V, Kopalov Ju.N. Analiz struktury signalov pobochnyh jelektromagnitnyh izluchenij videosistemy standarta DVI metodom programmnogo priema // Vestnik komp’juternyh i informacionnyh tehnologij. 2018. № 5 (167). S. 35-41. DOI: 10.14489/vkit.2018.05.pp.035-041.
13. Ratnikov K.A., Persikov E.A. Analiz jekranirovanija jelektromagnitnogo polja v apparature special’nogo naznachenija / Penzenskij gosudarstvennyj universitet. 2021. S. 70-76.
14. Gushharin E.A., Oborin S.A, Fominyh Ju.S. Analiz generatorov shuma dlja zashhity informacii po kanalu PJeMI // Innovacionnye tehnologii: teorija, instrumenty, praktika. 2017. T. 1. S. 235-241.
15. Parshutkin A.V., Levin D.V., Zajcev S.A., Egin A.V. Primenenie strukturnyh pomeh dlja zashhity informacii ot utechki po kanalu pobochnyh jelektromagnitnyh izluchenij // Trudy SPIIRAN. 2018. № 3(58). S. 160-181. DOI 10.15622/sp.58.7.
16. Kuznecov I.V., Filatov P.E. Aspekty postroenija gruppovogo kodeka s differencial’noj impul’sno-kodovoj moduljaciej signalov dlja mnogokanal’nyh sistem svjazi // T-Comm: Telekommunikacii i transport. 2016. T. 10. № 2. S. 34-39.

Purpose: to analyze existing machine learning models that allow identifying suspicious addresses of the Bitcoin network, to develop a modern effective scoring model for identifying suspicious addresses.Methods: collecting and analyzing data on addresses and transactions of the Bitcoin network, identi cation of patterns of illicit activity of addresses, developing and experimental veri cation of machine learning models aimed at identifying suspicious addresses of the Bitcoin network using related transactions.Practical relevance: the analysis of common data sets and machine learning models related to the identi cation of suspicious Bitcoin network addresses was carried out, data on transactions related to a representative set of addresses was collected. Machine learning models have been built to identify suspicious addresses based on the collected information. Experimental approbation of the models was carried out. It is established that the best result is obtained by a model using gradient boosting. This model demonstrates more ef cient operation compared to existing analogues.
Keywords: distributed ledger, blockchain, transaction, scoring, machine learning, cryptocurrency, illicit activity

1. Wang R., Lin Z., Luo H. Blockchain, bank credit and SME financing //Quality & Quantity. 2019. T. 53. №. 3. S. 1127-1140.
2. Arvanitis S. P2P lending review, analysis and overview of Lendoit blockchain platform //International Journal of Open Information Technologies. 2019. T. 7. №. 2. S. 94-98.
3. Black M., Liu T., Cai T. Atomic loans: Cryptocurrency debt instruments //arXiv preprint arXiv:1901.05117. 2019. 1-13.
4. Federal Bureau of Investigation. Bitcoin Virtual Currency: Unique Features Present Distinct Challenges for Deterring Illicit Activity. 2012. Available at: http://www.wired.com/images_blogs/threatlevel/2012/05/Bitcoin-FBI.pdf. Data obrashhenija 27.05.2022
5. Berg A. The identity, fungibility and anonymity of money //Economic Papers: A journal of applied economics and policy. 2020. T. 39. №. 2. S. 104-117.
6. Michalski R., Dziubałtowska D., Macek P. Revealing the character of nodes in a blockchain with supervised learning //Ieee Access. 2020. T. 8. S. 109639-109647.
7. Nakamoto, Satoshi. Bitcoin: A peer-to-peer electronic cash system. Manubot, 2019.
8. Zheng B., Zhu, L., Shen M., Du, X., Guizani, M. Identifying the vulnerabilities of bitcoin anonymous mechanism based on address clustering //Science China Information Sciences. – 2020. – T. 63. – №. 3. – S. 1-15.
9. Alkadri S. Defining and regulating cryptocurrency: fake internet money or legitimate medium of exchange //Duke L. & Tech. Rev. – 2018. – T. 17. – S. 71-98.
10. Belle R. V., Mitrović S., Weerdt J. D. Representation learning in graphs for credit card fraud detection //Workshop on Mining Data for Financial Applications. – Springer, Cham, 2019. – S. 32-46.
11. Böhm F., Menges F., Pernul G. Graph-based visual analytics for cyber threat intelligence //Cybersecurity. – 2018. – T. 1. – №. 1. – S. 1-19.
12. Akhtar N., Ahamad M. V. Graph tools for social network analysis //Research Anthology on Digital Transformation, Organizational Change, and the Impact of Remote Work. – IGI Global, 2021. – S. 485-500.
13. Global Economic Crime Survey 2016. PwC 2016. C. 1-56 – URL: https://www.pwc.com/gx/en/economic-crime-survey/pdf/
GlobalEconomicCrimeSurvey2016.pdf Poslednee obrashhenie 27.05.2022.
14. Marcin S. I. Bitcoin Live: scalable system for detecting bitcoin network behaviors in real time / ACADEMIA. 2015. S. 1-12 
15. ShenTu Q. C., Yu J. P. Research on Anonymization and De-anonymization in the Bitcoin System // arXiv preprint arXiv:1510.07782. – 2015. C.1-14.
16. Bolton R. J., Hand D. J. Statistical fraud detection: A review //Quality control and applied statistics. – 2004. – T. 49. – №. 3. – S. 313-314.
17. Meiklejohn S., Pomarole M., Jordan G., Levchenko K., McCoy D., Voelker G. M., Savage S. A fistful of bitcoins: characterizing payments among men with no names // Proceedings of the 2013 conference on Internet measurement conference. – 2013. – S. 127-140.
18. Federal Bureau of Investigation. Bitcoin Virtual Currency: Unique Features Present Distinct Challenges for Deterring Illicit Activity. 2012.
Available at: http://www.wired.com/images_blogs/threatlevel/2012/05/Bitcoin-FBI.pdf. (Accessed 27.05.2022)
19. Wang M., Ichijo H., Xiao B. Cryptocurrency address clustering and labeling //arXiv preprint arXiv:2003.13399. – 2020. C.1-7.
20. Weber M., Domeniconi, G., Chen, J., Weidele, D. K. I., Bellei, C., Robinson, T., & Leiserson, C. E. Anti-money laundering in bitcoin: Experimenting with graph convolutional networks for financial forensics //arXiv preprint arXiv:1908.02591. – 2019. C.1-7.
21. Fel’dman E.V., Ruchaj A.N., Matveeva V.K., Samsonova V.D. Model’ vyjavlenija anomal’nyh tranzakcij bitkoinov na osnove mashinnogo obuchenija // Cheljabinskij fiziko-matematicheskij zhurnal. 2021. №1. S. 119-132.
22. Vassallo D., Vella V., Ellul J. Application of gradient boosting algorithms for anti-money laundering in cryptocurrencies //SN Computer Science. – 2021. – T. 2. – №. 3. – S. 1-15.
23. Lorenz J., Silva M. I., Aparício D., Ascensão J. T., Bizarro P. Machine learning methods to detect money laundering in the Bitcoin blockchain in the presence of label scarcity //Proceedings of the First ACM International Conference on AI in Finance. – 2020. – S. 1-8.
24. Michalski R., Dziubałtowska D., Macek P. Revealing the character of nodes in a blockchain with supervised learning //IEEE Access. 2020. T. 8. S. 109639-109647.