№ 5 (45)

Content of the 5th issue of magazine «Voprosy kiberbezopasnosti» at 2021:

Title Pages
Kuznetsov, Yu. V. THE INFORMATION SECURITY CERTIFICATION SYSTEM OF THE RUSSIAN MoD IS 25 / Yu. V. Kuznetsov // Cybersecurity issues. – 2021. – № 5(45). – С. 2-4. – DOI: 10.21681/2311-3456-2021-5-2-4.
2-4
Gribunin, V. G. TOWARDS TO INFORMATION SECURITY OF AI-ENHANCED WEAPONS / V. G. Gribunin, S. E. Kondakov // Cybersecurity issues. – 2021. – № 5(45). – С. 5-11. – DOI: 10.21681/2311-3456-2021-5-5-11.

Abstract
Purpose of the article: Analysis of intellectualized weapons using machine learning from the point of view of information security. Development of proposals for the deployment of work in the field of information security in similar products. Research method: System analysis of machine learning systems as objects of protection. Determination on the basis of the analysis of rational priority directions for improving these systems in terms of ensuring information security. Obtained result: New threats to information security arising from the use of weapons and military equipment with elements of artificial intelligence are presented. Machine learning systems are considered by the authors as an object of protection, which made it possible to determine the protected assets of such systems, their vulnerabilities, threats and possible attacks on them. The article analyzes the measures to neutralize the identified threats based on the taxonomy proposed by the US National Institute of Standards and Technology. The insufficiency of the existing regulatory methodological framework in the field of information protection to ensure the security of machine learning systems has been determined. An approach is proposed that should be used in the development and security assessment of systems using machine learning. Proposals for the deployment of work in the field of ensuring the security of intelligent weapons using machine learning technologies are presented.
Keywords: artificial intelligence, machine learning, information security, vulnerabilities, attacks.
References
1. Artificial Intelligence and Autonomy in Russia. — CNA Report. – May, 2021. — Rezhim dostupa: https://www.cna.org/CNA_files/centers/CNA/sppp /fsp/russia-ai/Russia-Artificial-Intelligence-Autonomy-Putin-Military.pdf
2. Guaranteeing AI Robustness Against Deception (GARD). Rezhim dostupa: https://darpa.mil/program/guaranteeing-ai-robustnessagainst-deception.
3. A Taxonomy and Terminology of Adversarial Machine Learning. Draft NISTIR 8269, October 2019. Rezhim dostupa: https://doi.org/10.6028/NIST.IR.8269-draft
4. Adversarial ML Threat Matrix. December 2020. Rezhim dostupa: https://github.com/mitre/advmlthreatmatrix.
5. Gribunin V.G. Bezopasnost` sistem mashinnogo obucheniia. Zashchishchaemy`e aktivy`, uiazvimosti, model` narushitelia i ugroz,
taksonomiia atak. / V.G. Gribunin, V.G., R.L. Grishanenko, A.P. Labaznikov, A.A. Timonov // Izvestiia instituta inzhenernoi` fiziki. — 2021 g., № 3, s.65-71.
6. Vadillo J., Santana R. Universal adversarial examples in speech command classification. — Preprint. – 2021. — Rezhim dostupa: https://arxiv.org/pdf/1911.10182.pdf
7. Chakraborty A. A survey on adversarial attacks and defences. / A.Chakraborty, M.Alam, V.Dey, A.Chattopadhyay, D.Mukhopadhyay // CAAI Transactions on Intelligence Technology. – 2021. — v.6. — P.25-45.
8. Machado G.R. Adversarial Machine Learning in Image Classification: A Survey Towards the Defender’s Perspective. / G. R. Machado, E. Silva, R. R. Goldschmidt // Preprint — September, 2020. Rezhim dostupa: https://arxiv.org/pdf/2009.0372v1.
9. Moosavi-Dezfooli S. DeepFool: a simple and accurate method to fool deep neural networks / S.Moosavi-Dezfooli, A.Fawzi, P.Frossard. // Preprint — July, 2016. Rezhim dostupa: https://arxiv.org/pdf/1511.04599v3.
10. Machado G. Adversarial Machine Learning in Image Classification: A Survey Towards the Defender’s Perspective. / G. Machado, E. Silva, R. Goldschmidt. Preprint — September, 2020. — Rezhim dostupa: https://arxiv.org/pdf/2009.0372v1
11. Kannan H., Kurakin A., Goodfellow I. 2018. Adversarial Logit Pairing. // Preprint. – 2018. – Rezhim dostupa: https://arxiv.org/pdf/1803.06373.
12. Biriukova V.A. Tekhnologiia distilliatcii znanii` dlia obucheniia nei`ronny`kh setei` na primere zadachi binarnoi` classifikatcii. // Intellektual`ny`e sistemy`. Teoriia i prilozheniia. № 24(2) – 2020. S.23-52.
13. Chen J., Meng Z., C. Sun, W. Tang, Y. Zhu. ReabsNet: Detecting and Revising Adversarial Examples. // Preprint. — 2017. — Rezhim dostupa: https://arxiv.org/pdf/1712.08250.
14. Z. Gong, W. Wang, W. Ku. Adversarial and clean data are not twins. // Preprint. — 2017. — Rezhim dostupa: https://arxiv.org/pdf/1704.04960.
15. R. Feinman, R. Curtin, S. Shintre, A. Gardner. Detecting Adversarial Samples from Artifacts. Preprint. — 2017. — Rezhim dostupa: https://arxiv.org/abs/1703.00410.
16. C. Guo, M. Rana, M. Cisse, L. Van Der Maaten. Countering adversarial images using input transformations. – Preprint. — 2017. — Rezhim dostupa: https://arxiv.org/pdf/1711.00117.
17. F. Tramèr, A. Kurakin, N. Papernot, D. Boneh, P. McDaniel. Ensemble Adversarial Training: Attacks and Defenses. – Preprint. — 2017. — Rezhim dostupa: https://arxiv.org/pdf/1705.07204.
18. X. Cao, N. Gong. Mitigating Evasion Attacks to Deep Neural Networks via Region-based Classification. // In Proceedings of the 33rd Annual Computer Security Applications Conference (ACSAC 2017). ACM, New-York, NY, USA, 278–287. Rezhim dostupa: https://doi.org/10.1145/3134600.3134606.
19. https://www.foolbox.readtehedocs.io.
20. https://www.cleverhans.io.
21. https://www.ibm.com/blogs/research/tag/adversarial-robustness-toolbox-art.
22. Garbuk S.V. Zadachi normativno-tekhnicheskogo regulirovaniia intellektual`ny`kh sistem informatcionnoi` bezopasnosti // Voprosy` kiberbezopasnosti. 2021, № 3 (43)- 68-83 s. DOI: 10.21681/2311-3456-2021-3-68-83.
5-11
Kondakov, S. E. MODEL OF THE PROCESS OF CONDUCTING COMPUTER ATTACKS USING SPECIAL INFORMATION INFLUENCES / Kondakov S. E., Rud I. S. // Cybersecurity issues. – 2021. – № 5(45). – С. 12-20. – DOI: 10.21681/2311-3456-2021-5-12-20.

Abstract
Purpose of work: development of a model of the process of conducting a computer attack.Research method: theory of complex systems, comparative analysis within the framework of system analysis and synthesis.Result: it is shown that the application of the proposed model of the process of conducting computer attacks allows you to fully describe the process, taking into account its inherent features and characteristics. The use in the model of information from the MITRE ATTACK database of Mitre, which contains a description of the tactics, techniques and methods used by cybercriminals, allows you to reduce the level of abstraction and describe specific scenarios for conducting complex targeted computer attacks with the maximum approximation to practice. The developed model is supposed to be used to form scenarios of computer attacks when assessing the security of information systems.
Keywords: information security price, information system, testing, computer attack scenario, mapping.
References
1. Markov A.S. Tekhnicheskie resheniya po realizacii podsistem GosSOPKA. V knige: Upravlenie informacionnoj bezopasnost’yu v sovremennom obshchestve. Sbornik nauchnyh trudov V Mezhdunarodnoj nauchno-prakticheskoj konferencii. 2017. S. 85-96.
2. Petrenko A.S., Petrenko S.A. Proektirovanie korporativnogo segmenta SOPKA.Zashchita informacii. Insajd. 2016. N 6 (72). S. 28-30.
3. Begaev A.N., Begaev S.N., Fedotov V.A. Testirovanie na proniknovenie. SPb.: Universitet ITMO, 2018. – 45 s.
4. Biryukov D.N., Lomako A.G., Petrenko S.A. Porozhdenie scenariev preduprezhdeniya komp’yuternyh atak.Zashchita informacii. Insajd. 2017. N 4 (76). S. 70-79.
5. Dorofeev A.V., Lemberskaya E.H., Rautkin YU.V. Analiz zashchishchennosti: normativnaya baza, metodologii i instrumenty.Zashchita informacii. Insajd. 2018. N 4 (82). S. 63-69.
6. ZHukov I.YU., Mihajlov D.M., SHeremet I.A. Zashchita avtomatizirovannyh sistem ot informacionno-tekhnologicheskih vozdejstvij. M.: MIFI, 2014. – 176 c.
7. Makarenko S.I. Kriterii i pokazateli ocenki kachestva testirovaniya na proniknovenie.Voprosy kiberbezopasnosti. 2021. N 3 (43). S. 43-57.
8. Dorofeev A. V., Rautkin Y. V. Applied Aspects of Security Testing. In CEUR Workshop Proceedings, 2017, Vol-2081 (Selected Papers of the VIII All- Russian Scientific and Technical Conference on Secure Information Technologies, BIT 2017), pp. 49-53.
9. Makarenko S.I. Audit bezopasnosti kriticheskoj infrastruktury special’nymi informacionnymi vozdejstviyami. Monografiya. – SPb.: Naukoemkie tekhnologii, 2018. – 122 s.
10. Markov A.S. Letopisi kibervojn i velichajshego v istorii pereraspredeleniya bogatstva.Voprosy kiberbezopasnosti. 2016. N 1 (14). S. 68-74.
11. Markov A.S., Fadin A.A. Organizacionno-tekhnicheskie problemy zashchity ot celevyh vredonosnyh programm tipa Stuxnet.Voprosy kiberbezopasnosti. 2013. N 1 (1). S. 28-36.
12. Basan E.S., Basan A.S., Makarevich O.B., Babenko L.K. Issledovanie vliyaniya aktivnyh setevyh atak na gruppu mobil’nyh robotov. Voprosy kiberbezopasnosti. 2019. N 1 (29). S. 35-44.
13. Bojko A.A. Boevaya effektivnost’ kiberatak: analiticheskoe modelirovanie sovremennogo boya.Sistemy upravleniya, svyazi i bezopasnosti. 2020. N 4. S. 101-133.
14. Vasil’ev V.I., Kirillova A.D., Vul’fin A.M. Kognitivnoe modelirovanie vektora kiberatak na osnove metashablonov CAPEC.Voprosy kiberbezopasnosti. 2021. N 2 (42). S. 2-16.
15. Dergunov I.YU., Zima V.M., Glybovskij P.A., Mazhnikov P.V. Model’ processa intellektual’nogo testirovaniya AS na proniknovenie s uchetom vremennyh parametrov.Zashchita informacii. Insajd. 2020. N 5 (95). S. 64-67.
16. Dobryshin M.M., Zakalkin P.V. Model’ komp’yuternoj ataki tipa “phishing” na lokal’nuyu komp’yuternuyu set’.Voprosy kiberbezopasnosti. 2021. N 2 (42). S. 17-25.
17. Drobotun E.B. Teoreticheskie osnovy postroeniya sistem zashchity ot komp’yuternyh atak dlya avtomatizirovannyh sistem upravleniya. Monografiya. – SPb.: Naukoemkie tekhnologii, 2017. – 120 s., il. ISBN 978-5-9909412-2-9.
18. Klimov S.M. Imitacionnye modeli ispytanij kriticheski vazhnyh informacionnyh ob”ektov v usloviyah komp’yuternyh atak..Izvestiya YUFU. Tekhnicheskie nauki. 2016. N 8(181) S. 27-36. DOI 10.18522/2311-3103-2016-8-2736.
19. Kotenko D.I., Kotenko I.V., Saenko I.B. Metody i sredstva modelirovaniya atak v bol’shih komp’yuternyh setyah: sostoyanie problemy, Tr. SPIIRAN, 22 (2012), 5–30.
20. Kocynyak M.A., Lauta O.S., Ivanov D.A. Matematicheskaya model’ targetirovannoj komp’yuternoj ataki.Naukoemkie tekhnologii v kosmicheskih issledovaniyah Zemli. 2019. T. 11. N 2. S. 73–81. DOI: 10.24411/2409-5419-2018-10261.
21. Lauta O.S., Kocynyak M.A., Ivanov D.A., Gudkov M.A. Modelirovanie komp’yuternyh atak na osnove metoda preobrazovaniya stohasticheskih setej.V sbornike: Radiolokaciya, navigaciya, svyaz’. Sbornik trudov XXIV Mezhdunarodnoj nauchno-tekhnicheskoj konferencii. V 5-i tomah. 2018. S. 137-146.
22. CHechulin A.A. Postroenie i analiz derev’ev atak na komp’yuternye seti s uchetom trebovaniya operativnosti. Dissertaciya. - SanktPeterburg, 2013. - 152 s. : il. Metody i sistemy zashchity informacii, informacionnaya bezopasnost’. Hranenie: 61 14-5/933.
23. Dorofeev A.V., Markov A.S., Rautkin Y.V. Ethical Hacking Training.CEUR Workshop Proceedings. - Vol. 2522. P. 47-56.
12-20
Zhidkov, I. V. CHOOSING A RATIONAL MODEL FOR DEVELOPMENT SECURE SORTWARE / I. V. Zhidkov, I. V. Zubarev, I. V. Khabibulin // Cybersecurity issues. – 2021. – № 5(45). – С. 21-29. – DOI: 10.21681/2311-3456-2021-5-21-29.

Abstract
Objective: the purpose of the study is to justify approaches to selecting a rational software development model based on the proposed criteria system.Methods: during the research, the methods of decision theory, the method of ranking systems by the set of scalar components, in particular, the method of “hard” ranking, were used.Study result: analysis of the main models of software development was carried out, a system of criteria used to compare different models of software development was considered, proposals for selecting a rational model of software development based on solving the problem of hypervector ranking were developed.
Keywords:  software, software lifecycle, development model, ranking method.
References
1. Fedoretc O.N., Gribkov V.V. Modeli i metody` razrabotki bezopasnogo programmnogo obespecheniia. Monografiia. – M.: Tipografiia «Slavianskaia Poliana», 2009. 187 s.
2. Bui`nevich M.V., Izrailov K.E. Analiticheskoe modelirovanie raboty` programmnogo koda s uiazvimostiami // Voprosy` kiberbezopasnosti. 2020. № 3 (37). S. 2-12. DOI: 10.21681/2311-3456-2021-3-02-12
3. Kazarin O. V., Skiba V. Iu. Realizatciia prakticheski znachimy`kh proaktivno bezopasny`kh komp`iuterny`kh sistem // Zashchita informatcii. Insai`d. 2015. № 5. S. 40-43.
4. Metody` ocenki nesootvetstviia sredstv zashchity` informatcii / A.S.Markov, V.L.Tcirlov, A.V.Barabanov. M.: Radio i sviaz`, 2012. 192 s. 5. Petrenko A.S., Petrenko S.A. Bezopasnaia Agile-razrabotka sistemy` E`DO // Zashchita informatcii. Insai`d. 2018. № 3 (81). S. 30-35.
6. Solov`yov V.S., Iazov Iu.K. Informatcionnoe obespechenie deiatel`nosti po tekhnicheskoi` zashchite informatcii // Voprosy` kiberbezopasnosti. 2021. №1(41). S.69-79. DOI: 10.21681/2311-3456-2021-1-69-79
7. Zabrodin A.A., Makaretc A.B. Preimushchestva i nedostatki ispol`zovaniia gibkikh metodologii` razrabotki programmnogo obespecheniia Microsoft solutions framework (MSF), Rational unified process (RUP) i Extreme programming / V sbornike: Matematika i matematicheskoe modelirovanie. Sbornik materialov XIII Vserossii`skoi` molodezhnoi` nauchno-innovatcionnoi` shkoly`. 2019. S. 335-336.
8. Nikulina A.S., Ty`nianova S.E., Golubeva A.I. Poniatie i osnovny`e printcipy` RUP i UML // Alleia nauki. 2018. T. 2. № 7 (23). S. 707-712.
9. Brown S. Software Architecture for Developers. Category: Computer science Software development technology. Leanpub, 2015. 275 p.
10. Sinitcy`n S.V., Naliutin N.Iu. Verifikatciia programmnogo obespecheniia: uchebnoe posobie. M.: Internet-Universitet Informatcionny`kh tekhnologii`; BINOM. Laboratoriia znanii`, 2008.
11. Fatrell R.T., Shafer D.F., Shafer L.I. Upravlenie programmny`mi proektami: dostizhenie optimal`nogo kachestva pri minimume zatrat. Per. s angl. M.: Izdatel`skii` dom «Vil`iams», 2003.
12. Bakhtizin V.V., Gluhova L.A. Vy`bor modeli zhiznennogo tcicla razrabotki programmny`kh sredstv i sistem na osnove svodnoi` tablitcy` kriteriev classifikatcii proekta // Doclady` belorusskogo gosudarstvennogo universiteta informatiki i radioe`lektroniki. 2005. ianvar` – mart, №1. C. 110-113.
13. Barabanov A.V., Markov A.S., Tcirlov V.L. 28 magicheskikh mer razrabotki bezopasnogo programmnogo obespecheniia // Voprosy` kiberbezopasnosti. 2015. № 5 (13). S. 2-10.
14. Barabanov A., Markov A. Modern trends in the regulatory framework of the information security compliance assessment in Russia based on Common Criteria / V sbornike: ACM International Conference Proceeding Series. Proceedings of the 8th International Conference on Security of Information and Networks, SIN 2015. 2015. S. 2799980
15. Probabilistic Modeling in System Engineering / By ed. A. Kostogryzov — London: IntechOpen, 2018. 278 p. 10.5772/ intechopen.71396. DOI: 10.5772/intechopen.71396
16. Riapolova E.I., Shrei`der M.Iu., Borovskii` A.S. Metod obrabotki informatcii dlia podderzhki priniatiia reshenii` v upravlenii oblachny`m servisom // Voprosy` kiberbezopasnosti. 2018. № 3 (27). S. 39-46. DOI: 10.21681/2311-3456-2018-3-39-46
17. Safronov V.V. Osnovy` sistemnogo analiza: metody` mnogovektornoi` optimizatcii i mnogovektornogo ranzhirovaniia: Monografiia. – Sarahtov: Nauchnaia kniga, 2009. 329 s.
21-29
Gribunin, V. G. ON THE ANALOGY OF THE PROBLEMS OF OPTIMIZING THE CHOICE OF INFORMATION SECURITY CONTROLS WITH SOME PROBLEMS OF COMMUNICATION THEORY / V. G. Gribunin, A. A. Timonov // Cybersecurity issues. – 2021. – № 5(45). – С. 30-35. – DOI: 10.21681/2311-3456-2021-5-30-35.

Abstract
Purpose of the article: optimization of the choice of information security tools in a multi-level automated system, taking into account higher levels, quality indicators of information security tools, as well as the general financial budget. Demonstration of analogies of solving these problems with known problems from communication theory. Research method: optimal choice of information security tools based on risk analysis and the Lagrange multiplier method; Optimal bit budget allocation based on the Waterfilling optimization algorithm. Optimal placement of information security tools in a multilevel automated system based on bisectional search. Obtained result: the article shows analogies between some problems of communication theory and the optimal choice of information security tools. The well-known problem of the optimal choice of information security tools is solved using the rate-distortion theory, the well-known problem of the optimal budget allocation for their purchase is solved by analogy with the problem of distributing the power of transmitters. For the first time, the problem posed for the optimal placement of information security tools in a multilevel automated system was solved by analogy with the problem of distributing the total bit budget between quantizers.
Keywords: problem of choice, rate-distortion function, Lagrange multiplier, tree pruning, optimization, communication theory.
References
1. V.G. Gribunin, V.E. Kostiukov, A.P. Marty`nov, D.B. Nicolaev, V.N. Fomchenko. Sovremenny`e metody` obespecheniia bezopasnosti informatcii v atomnoi` e`nergetike / Gribunin V.G. i dr. Sarov. – Izd-vo RFIATC-VNIIE`F, 2014 g. 636 s.
2. Gribunin V.G., Grishanenko R.L., Timonov A.A., Smirnov Ia.D.. O proektirovanii sistemy` zashchity` informatcii dlia informatizirovanny`kh obraztcov vooruzheniia // Izvestiia instituta inzhenernoi` fiziki, №2(60), 2021 g. – S. 69-74.
3. Parshin N.M. Perspektivy` razvitiia avtomatizirovanny`kh sistem upravleniia raketny`mi voi`skami i artilleriei` VS RF // Voennaia my`sl`, № 12, 2019 g. – S.76-80.
4. Lavrent`ev A.V., Ziazin V.P. O primenenii metodov teorii igr dlia resheniia zadach komp`iuternoi` bezopasnosti // Bezopasnost` informatcionny`kh tekhnologii`, tom 20, №3, 2013 g. – S.19-24.
5. Shcheglov A.Iu. Zashchita informatcii: osnovy` teorii: uchebnik dlia bakalavriata i magistratury` / A.Iu. Shcheglov, K.A. Shcheglov. – Moskva: Izdatel`stvo Iurai`t, 2020. – 309 s.
6. Shcheglov A.Iu. Matematicheskie modeli i metody` formal`nogo proektirovaniia sistem zashchity` informatcionny`kh sistem: uchebnoe posobie / A.Iu. Shcheglov, K.A. Shcheglov. – SPb: Universitet ITMO, 2015. – 93 s.
7. Gorlov A.P. Sposoby` i priemy` vy`bora tekhnicheskikh sredstv zashchity` informatcii s uchetom odnovremennosti realizatcii ugroz. / Diss-ia na soiskanie uchenoi` stepeni kand.tekhn.nauk. – SPb NIU ITMO. — 2016. — 149 s.
8. Osokin A.N. Teoriia informatcii: uchebnoe posobie dlia pricladnogo bakalavriata / A.N. Osokin, A.N. Mal`chukov. – Moskva, Izdatel`stvo Iurai`t, 2019. – 205 s.
9. Y. Blau, T. Michaeli. Rethinking Lossy Compression: The Rate-Distortion-Perception / Tradeoff of the 36th International Conference on Machine Learning, Long Beach, California, PMLR 97, 2019.
10. Mounir Kaaniche, Aurella Fraysse, Beatrice Pesquet-Popescu, Jean-Christophe Pesquet. A convex programming bit allocation method for sparce sources. // Proc. Of the IEEE International Picture Coding Symposium. – 2012. Poland. – P.853-856.
11. Slabnov V.D. Chislenny`e metody`. — M.: Lan`, 2020. — 392 s.
12. B.Scliar. Tcifrovaia sviaz`: teoreticheskie osnovy` i prakticheskoe primenenie / Scliar B., Groza E. [i dr.] (per. s angl.) – 2-e izd. – M.: Vil`iams. – 2016. – 1099 s.
13. Bianchi G., Cuomo F., Garlist D., Tinnirello I. Capture Aware Sequential Waterffilling for LoraWAN Adaptive Data Rate. – IEEE Transactions on Wireless Communications. – V.20. – Issue 3. – March 2021. – P.2019-2033.
30-35
PRACTICAL ASPECTS OF VULNERABILITY DETECTION DURING CERTIFICATION TESTS OF INFORMATION SECURITY SOFTWARE / V. V. Varenitsa, A. S. Markov, V. V. Savchenko, V. L.Tsirlov // Cybersecurity issues. – 2021. – № 5(45). – С. 36-44. – DOI: 10.21681/2311-3456-2021-5-36-44.

Abstract
Purpose: analysis of various techniques and techniques for identifying defects and vulnerabilities during certification tests.Research method: comparative analysis.Result: the conclusion is made about the relevance and priority of the study of open-source web applications. The study is given and the shortcomings of directive methods for identifying vulnerabilities and undeclared capabilities in software products are shown. The author's statistics of the identified vulnerabilities are given with detailing by classes of computer attacks, manufacturers of information security tools, programming environments and methods for identifying vulnerabilities. A comparative analysis of author's methods with known directive testing methods is given. The relevance of the implementation of the concept of developing secure software is shown. Recommendations on improving the security of software tools for information protection are given.
Keywords: vulnerability detection, secure program code, directive methods, program bookmarks, critical vulnerabilities.
References
1. Markov A.S., Shcherbina S.A. Ispy`taniia i kontrol` programmny`kh resursov // Information Security. 2003. N 6. — S.25.
2. Markov A.S., Mironov S.V., Tcirlov V.L. Vy`iavlenie uiazvimostei` v programmnom kode. Otkry`ty`e sistemy`. SUBD. 2005. N 12. S. 64-69.
3. Romashkina N.P., Markov A.S., Stefanovich D.V. Mezhdunarodnaia bezopasnost`, strategicheskaia stabil`nost` i informatcionny`e tekhnologii / otv. red. A.V. Zagorskii`, N.P. Romashkina. — M.: IME`MO RAN, 2020. S. 98. DOI: 10.20542/978-5-9535-0581-9
4. Barabanov A.V., Markov A.S., Fadin A.A. Ocenka vozmozhnosti vy`iavleniia uiazvimostei` programmnogo koda pri otsutstvii ishodny`kh tekstov programm // Informatcionnoe protivodei`stvie ugrozam terrorizma. 2011. N 16. S. 86-89.
5. Belomestny`kh D.A., Pushkin P.Iu. Analiz metodov vy`iavleniia uiazvimostei` veb-prilozhenii` // Informatcionny`e tekhnologii i problemy` matematicheskogo modelirovaniia slozhny`kh sistem. 2017. N 18. S. 5-9.
6. Markov A.S., Mironov S.V., Tcirlov V.L. Vy`iavlenie uiazvimostei` programmnogo obespecheniia v protcesse sertifikatcii // Izvestiia TRTU. 2006. N 7 (62). S. 82-87.
7. Sabirov T.R., Biriukov D.N. Podhod k vy`iavleniiu potentcial`ny`kh uiazvimostei` v spetcifikatciiakh sredstv zashchity` informatcii // Metody` i tekhnicheskie sredstva obespecheniia bezopasnosti informatcii. 2017. N 26. S. 8-10.
8. Serdechny`i` A.L., Gerasimov I.V., Makarov O.Iu., Pasternak Iu.G., Tihomirov N.M. Tekhnologiia vy`iavleniia svedenii` ob uiazvimostiakh storonnikh komponentov programmnogo obespecheniia s otkry`ty`m ishodny`m kodom // Informatciia i bezopasnost`. 2020. T. 23. N 3 (4). S. 347-364.
9. Tavasiev D.A., Komanov P.A., Revazov KH.Iu., Semikov V.S. Analiz metodov vy`iavleniia uiazvimostei` vo vstroennom programmnom obespechenii IoT ustroi`stv // Mezhdunarodny`i` nauchno-issledovatel`skii` zhurnal. 2020. N 1-1 (91). S. 34-37.
10. Markov A.S., Tcirlov V.L., Barabanov A.V. Metody` ocenki nesootvetstviia sredstv zashchity` informatcii. M.: Radio i sviaz`, 2012. 192 s.
11. Grishin M.I., Markov A.S., Tcirlov V.L. Prakticheskie aspekty` realizatcii mer po razrabotke bezopasnogo programmnogo obespecheniia // IT-Standart. 2019. N 2 (19). S. 29-39.
12. Barabanov A., Markov A., Fadin A., Tsirlov V., Shakhalov I. Synthesis of Secure Software Development Controls / In Proceedings of the 8th International Conference on Security of Information and Networks (Sochi, Russian Federation, September 08-10, 2015). SIN ‘15.
ACM New York, NY, USA, 2015, pp. 93-97. DOI = http://dx.doi.org/10.1145/2799979.2799998.
13. Howard M., Lipner S. The Security Development Lifecycle: A Process for Developing Demonstrably More Secure Software. Microsoft Press, 2006. 352 p.
14. Barabanov A.V., Evseev A.N. Primenenie mezhdunarodnogo standarta dlia poiska uiazvimostei`. Bezopasny`e informatcionny`e tekhnologii / Sbornik trudov Piatoi` Vserossii`skoi` nauchno-tekhnicheskoi` konferentcii. M., 2015. S. 50-52.
15. Varenitca V. V., Markov A. S., Savchenko V. V. Recommended Practices for the Analysis of Web Application Vulnerabilities. CEUR Workshop Proceedings. 2019. Volume 2603, pp. 75-78.
16. Barabanov A., Markov A., Fadin A., and Tsirlov V. 2015. A Production Model System for Detecting Vulnerabilities in the Software Source Code / In Proceedings of the 8th International Conference on Security of Information and Networks (SIN ‘15). ACM, New York, NY, USA, 98-99. DOI: http://dx.doi.org/10.1145/2799979.2800019
17. Avetisian A.I., Belevantcev A.A., Chucliaev I.I. Tekhnologii staticheskogo i dinamicheskogo analiza uiazvimostei` programmnogo obespecheniia // Voprosy` kiberbezopasnosti. 2014. N 3 (4). S. 20-28.
18. Markov A., Fadin A., Shvets V., Tsirlov V. The experience of comparison of static security code analyzers // International Journal of Advanced Studies. 2015. V. 5. N 3. S. 55-63.
19. Markov A.S., Fadin A.A. Sistematika uiazvimostei` i defektov bezopasnosti programmny`kh resursov // Zashchita informatcii. Insai`d. 2013. N3. S. 56-61.
20. Begaev A.N., Kashin S.V., Markevich N.A., Marchenko A.A. Vy`iavlenie uiazvimostei` i nedeclarirovanny`kh vozmozhnostei` v programmnom obespechenii — Sankt-Peterburg: Universitet ITMO, 2020. — 38 s.
21. Markov A.S. Tekhnicheskaia zashchita informatcii. M. AISNT. 2020. 234 s.
22. Barabanov A.V., Markov A.S., Fadin A.A., Tcirlov V.L. Statistika vy`iavleniia uiazvimostei` programmnogo obespecheniia pri provedenii sertifikatcionny`kh ispy`tanii` // Voprosy` kiberbezopasnosti. 2017. № 2 (20). S. 2-8. DOI: 10.21681/2311-3456-2017-2-2-8.
36-44
Kondakov, S. E DEVELOPMENT OF A RESEARCH APPARATUS FOR ASSESSING THE EFFECTIVENESS OF MEASURES TO ENSURE THE PROTECTION OF PERSONAL DATA / S. E. Kondakov, K. S. Chudin // Cybersecurity issues. – 2021. – № 5(45). – С. 45-51. – DOI: 10.21681/2311-3456-2021-5-45-51.

Abstract
The purpose of the article: to investigate the prerequisites for the development of a methodological apparatus for ensuring the protection of personal data in the activities of the personnel body of the state secret protection service.Research method. system analysis, synergetics.The result: the procedure for the formation of the appropriate research environment is formulated, the stages of formation of the concept of building a research apparatus for assessing the effectiveness of measures to ensure the protection of personal data in the activities of the personnel body of the state secret protection service are given. The concept of building a research apparatus for assessing the characteristics of measures to ensure the protection of personal data in the activities of the personnel body of the state secret protection service is proposed, which allows forming an environment for an adequate assessment of the effectiveness of such measures, as well as determining a set of hypotheses and analogies necessary for setting and solving the problem of increasing the adequacy of assessing the effectiveness of measures to ensure the protection of personal data in the activities of the personnel body of the state secret protection service as a task of developing mathematical models of the characteristics of threats to the security of personal data and the processes of their protection.
Keywords: personnel bodies, methodology, evaluation metric, concept of protection measures, mathematical model.
References
1. Gribunin V.G., Grishanenko R.L., Labaznikov A.P., Timonov A.A. Bezopasnost` sistem mashinnogo obucheniia. zashchishchaemy`e aktivy`, uiazvimosti, model` narushitelia i ugroz, taksonomiia atak // Izvestiia Instituta inzhenernoi` fiziki. 2021. № 3 (61). S. 65-71.
2. Kondakov S.E., Meshcheriakova T.V., Skry`l` S.V., Stadnik A.N., Suvorov A.A. Veroiatnostnoe predstavlenie uslovii` svoevremennogo reagirovaniia na ugrozy` komp`iuterny`kh atak // Voprosy` kiberbezopasnosti. 2019. № 6 (34). S. 59-68. DOI: 10.21681/2311-3456-2019-6-59-68
3. Pokusov V.V. Ocenka e`ffektivnosti sistemy` obespecheniia IB. Chast` 1. Pokazateli i modeli predstavleniia // Zashchita informatcii. Insai`d. 2019. № 2 (86). S. 54-60.
4. Iazov Iu.K., Avsent`ev O.S., Rubtcova I.O. K voprosu ob ocenke e`ffektivnosti zashchity` informatcii v sistemakh e`lektronnogo dokumentooborota // Voprosy` kiberbezopasnosti. 2019. № 1 (29). S. 25-34. DOI: 10.21681/2311-3456-2019-1-25-34
5. Funktcional kachestva dlia vy`bora varianta APK AIS s pokazateliami razlichnoi` prirody`, razmernosti i vektora poleznosti. / S.E. Kondakov, G.N. Rassohin // Nauchno-tekhnicheskii` sbornik № 3, Iubilei`ny`i`: 4 TCNII MO RF, 2014. S. 6-11.
6. Leevshitc I.I. Ocenka stepeni vliianiia General Data Protection Regulation na bezopasnost` predpriiatii` v Rossii`skoi` Federatcii // Voprosy` kiberbezopasnosti. 2020. № 4 (38). S. 66-75. DOI: 10.21681/2311-3456-2020-4-66-75
7. Maksimova E.A., Kuznetcova M.A., Topilin Ia.N., Fedoniuk N.I., Petrishcheva T.S. Vnutrennii` kontrol` sootvetstviia obrabotki PDn trebovaniiam k ikh zashchite // Zashchita informatcii. Insai`d. 2019. № 6 (90). S. 5-9.
8. Terent`eva L.V. Kriterii` “napravlennoi` deiatel`nosti” primenitel`no k otnosheniiam, sviazanny`m s zashchitoi` personal`ny`kh danny`kh // Pravovaia informatika. 2021. № 1. S. 61-69. DOI: 10.21681/1994-1404-2021-1-61-69
9. Sravnenie ocenok kachestva resheniia po vy`boru varianta sistemy` zashchity` kompleksa sredstv avtomatizatcii, poluchenny`kh pri primenenii e`ntropii`nogo i poleznostnogo podhodov. / S.E. Kondakov // Bezopasny`e informatcionny`e tekhnologii. M.: NTb. NII RL MGTU im. N.E`.Baumana. 2014. S. 8-11.
10. Probabilistic Modeling in System Engineering / By ed. A. Kostogryzov — London: IntechOpen, 2018. 278 p. 10.5772/ intechopen.71396. DOI: 10.5772/intechopen.71396
11. Buldakova T.I., Mikov D.A. Obespechenie soglasovannosti i adekvatnosti ocenki faktorov riska informatcionnoi` bezopasnosti // Voprosy` kiberbezopasnosti. 2017. № 3 (21). S. 8-15. DOI: 10.21681/2311-3456-2017-3-08-15
12. Markov A.S. Modeli ocenki i planirovaniia ispy`tanii` programmny`kh sredstv po trebovaniiam bezopasnosti informatcii // Vestneyk Moskovskogo gosudarstvennogo tekhnicheskogo universiteta im. N.E`. Baumana. Seriia Priborostroenie. 2011. №S1. S. 90 103.
13. Dorofeeva L.I. Modelirovanie i optimizatciia razdelitel`ny`kh protcessov. / Tomsk: Izd-vo Tomskogo politekhnicheskogo universiteta, 2008. 128 s.
14. Funktcional`noe modelirovanie kak metodologiia issledovaniia konfidentcial`nosti informatcionnoi` deiatel`nosti / S.V. Skry`l`, A.A. Maly`shev, S.N. Volkova A.A. Gerasimov // Intellektual`ny`e sistemy`: Trudy` Deviatogo mezhdunarodnogo simpoziuma. M.: RUSAKI, 2010. S. 590 – 593.
15. Aktual`ny`e voprosy` problematiki ocenki ugroz komp`iuterny`kh atak na informatcionny`e resursy` znachimy`kh ob``ektov kriticheskoi` informatcionnoi` infrastruktury`. / S.V. Skry`l`, V.V. Guyfulin, V.M. Sy`chev, Iu.V. Gracheva [i dr.] // Bezopasnost` informatcionny`kh tekhnologii`. M.: MIFI, 2021. № 1. S. 24 – 33.
16. Obosnovanie pokazatelia dlia ocenki e`ffektivnosti mer obespecheniia zashchity` personal`ny`kh danny`kh v deiatel`nosti kadrovogo organa sluzhby` zashchity` gosudarstvennoi` tai`ny` / S.V. Skry`l`, S.E. Kondakov, K.S. Chudin // Informatcionnaia bezopasnost` – aktual`naia problema sovremennosti. Sovershenstvovanie obrazovatel`ny`kh tekhnologii` podgotovki spetcialistov v oblasti informatcionnoi` bezopasnosti: materialy` XXI Vserossii`skoi` mezhvedomstvennoi` nauchno-tekhnicheskoi` konferentcii, Tom 1. Krasnodar, KVVU, 2020. S. 19 – 24.
17. Postanovka zadachi obosnovaniia varianta sistemy` zashchity` informatcii kompleksa sredstv avtomatizatcii informatcionnoraschetnoi` sistemy` raketny`kh voi`sk strategicheskogo naznacheniia. / S.E. Kondakov, S.V. Skry`l` // Nauchno-tekhnicheskii` sbornik OAO «Kontcern «Sistemprom». 2014. № 1(5), S. 17-22.
45-51
Lebedkina, T. V. MODEL OF SECURE FILE EXCHANGE INFORMATION TECHNOLOGY OPERATION / T. V. Lebedkina, S. P. Sokolovsky // Cybersecurity issues. – 2021. – № 5(45). – С. 52-62. – DOI: 10.21681/2311-3456-2021-5-52-62.

Abstract
The purpose of this work: to develop a model that allows to assess the security of the information system of file exchange, to ensure the efficiency of servicing the maximum number of requests of authorized customers with a simultaneous decrease in the quality of service of requests from the attacker's means. Methods used: formalization of service processes in the form of Markov random processes, as well as numerical methods.The result of the study: a criterion evaluation base for the effectiveness of the functioning of the information system of file exchange has been developed. The problem of dynamic management of the resource capabilities of the information system of file exchange by managing the parameters of data transmission has been solved. An assessment of the asymptotic stability and robustness of the model relative to the perturbations of the values of the initial parameters is solved in order to increase the adequacy of the model when choosing control modes for the data transmission process. Probabilistic and temporal characteristics and the process of functioning of the information system of file exchange in the conditions of unauthorized influences in various situations of interaction of the parties to the conflict, as well as in the managementand computational and time resource of the means of network intelligence of the attacker are obtained. The optimal modes of functioning of information systemsand file exchange, ensuring its compliance withthe established security requirements of critical information infrastructure objects, aresubstantiated.
Keywords: network intelligence, network connections, Markov random process, asymptotic stability, robustness.
References
1. Maksimov R.V., Sokolovsky S.P., Sharifullin S.R., Chernoles V.P. Innovacionny`e informacionny`e texnologii v kontekste obespecheniya nacional`noj bezopasnosti gosudarstva // Innovacii. 2018. № 3 (233). S. 28-35.
2. Ivanov I.I., Maksimov R.V. Etyudy tekhnologii maskirovaniya funkcional’no-logicheskoj struktury informacionnyh sistem / I.I. Ivanov, R.V. Maksimov // Innovacionnaya deyatel’nost’ v Vooruzhennyh Silah Rossijskoj Federacii : sb. tr. uchastnikov vsearmejskoj nauchnoprakticheskoj konferencii. – Sankt-Peterburg, 2017. S. 147-154.
3. Maksimov R.V., Orexov D.N., Sokolovskij S.P. Model` i algoritm funkcionirovaniya klient-servernoj informacionnoj sistemy` v usloviyax setevoj razvedki // Sistemy` upravleniya, svyazi i bezopasnosti. 2019. № 4. C. 50-99.
4. Voronchixin I.S., Ivanov I.I., Maksimov R.V., Sokolovskij S.P. Maskirovanie struktury` raspredelyonny`x informacionny`x sistem v kiberprostranstve // Voprosy` kiberbezopasnosti. 2019. № 6 (34). C. 92-101.
5. Markov A.S. Tekhnicheskaya zashchita informacii. Moscow. AISNT. 2020. 234 p.
6. Sposob vybora bezopasnogo marshruta v seti svyazi (varianty). Pat. 2331158 Ros. Federaciya, MPK G06F / Kozhevnikov D.A., Maksimov R.V., Pavlovskij A.V., Yur’ev D.Yu.; zayavitel’ i patentoobladatel’ Voennaya akademiya svyazi (RU). – № 2007103774; zayavl. 31.01.2007; opubl 10.08.2008. Byul. № 22.
7. Maksimov R.V., Savinov E.A. Ocenka zhivuchesti raspredelennyh integrirovannyh informacionnyh sistem / R.V. Maksimov, E.A. Savinov // Informacionnye tekhnologii i nanotekhnologii (ITNT-2016) : sb. tr. uchastnikov Mezhdunarodnoj konferencii i molodyozhnoj shkoly. Samarskij gosudarstvennyj aerokosmicheskij universitet imeni akademika S.P. Korolyova (nacional’nyj issledovatel’skij universitet)»; Institut sistem obrabotki izobrazhenij RAN. – Samara, 2016. S. 431-438.
8. Ustrojstvo poiska informacii Pat. 2219577 Ros. Federaciya, MPK G06F / Ksyonz E.S., Lipatnikov V.A., Maksimov R.V., Starodubcev Yu.I., Fedyakov E.G., Hlybov D.L.; zayavitel’ i patentoobladatel’ Voennaya akademiya svyazi (RU). – № 2002111059; zayavl. 24.04.2002; opubl 20.12.2003. Byul. № 12.
9. Maksimov R.V. Model’ sluchajnyh pomekh integrirovannym sistemam vedomstvennoj svyazi / R.V. Maksimov // Nauchno-tekhnicheskie vedomosti Sankt-Peterburgskogo gosudarstvennogo politekhnicheskogo universiteta. Informatika. Telekommunikacii. Upravlenie. 2008. № 3 (60). S. 151-155.
10. Gorbachev A. A., Sokolovsky S. P., Usatikov S. V. Model` funkcionirovaniya i algoritm proaktivnoj zashhity` servisa e`lektronnoj pochty` ot setevoj razvedki // Sistemy` upravleniya, svyazi i bezopasnosti. 2021. № 3. S. 60-109. DOI: 10.24412/2410-9916-2021-3-60-109.
11. Varenitca V. V., Markov A. S., Savchenko V. V. Recommended Practices for the Analysis of Web Application Vulnerabilities. 10th Anniversary International Scientific and Technical Conference on Secure Information Technologies, BIT 2019 CEUR Workshop Proceedings. Volume 2603. Moscow, 2019, pp. 75-78.
12. Chee Keong NG, Lei Pan, Dr. Yang Xiang. Honeypot Frameworks and Their Applications: A New Framework. In SpringerBriefs on Cyber Security Systems and Networks. Springer, Singapore. 2018. DOI: 10.1007/978-981-10-7739-5.
13. Wang, Y., Guo, Y., Zhang, L. et al. SWIM: An Effective Method to Perceive Cyberspace Situation from Honeynet. Arabian Journal for Science and Engineering. 2018. Vol. 43. P. 6863. DOI: 10.1007/s13369-017-2904-5.
14. Iskolnyy B.B., Maximov R.V., Sharifullin S.R. Survivability Assessment of Distributed Information and Telecommunication Networks // Selected Papers of the VIII All-Russian Conference with International Participation «Secure Information Technologies» (BIT 2017). Bauman Moscow Technical University. December 6-7, 2017, Moscow, Russia. P. 59-65.
15. Bilinski M., Gabrys R., Mauger J. Optimal Placement of Honeypots for Network Defense. In: Bushnell L., Poovendran R., Başar T. (eds) Decision and Game Theory for Security. GameSec 2018. Lecture Notes in Computer Science, vol 11199. Springer, Cham. 2018. DOI: https://doi.org/10.1007/978-3-030-01554-1_7.
16. Maximov R.V., Ivanov I.I., Sharifullin S.R. Network Topology Masking in Distributed Information Systems // Selected Papers of the VIII All-Russian Conference with International Participation «Secure Information Technologies» (BIT 2017). Bauman Moscow Technical University. December 6-7, 2017, Moscow, Russia. P. 83-87.
17. Sposob zashchity vychislitel’nyh setej. Pat. 2680038 Ros. Federaciya, MPK G06F / Maksimov R.V., Orekhov D.N., Sokolovskij S.P., Gavrilov A.L. i dr.; zayavitel’ i patentoobladatel’ Krasnodarskoe vysshee voennoe uchilishche (RU). – № 2696330; zayavl. 31.07.2018; opubl. 01.08.2019, Byul. № 22.
52-62
Ivanov, A. E. FEATURES OF LICENSING THE ACTIVITIES OF ENTERPRISES AND ORGANIZATIONS IN THE INTERESTS OF THE MINISTRIES OF DEFENSE OF THE RUSSIAN FEDERATION / A. E. Ivanov, I. A. Sprogis, I. Yu. Shahalov // Cybersecurity issues. – 2021. – № 5(45). – С. 63-74. – DOI: 10.21681/2311-3456-2021-5-63-74.

Abstract
The purpose of the article: the best of the existing procedure for assessing the conformity of organizations, industrial enterprises and institutions - developers of software and hardware complexes used in weapons and military equipment.Research methods: system analysis, development of methods.Result: draft methods for checking the archive during special examinations of enterprises and organizations - applicants for a license of the Ministry of Defense of Russia for activities to create information security tools and verify the compliance of software development processes with the requirements of GOST R 56939-2016 during a special examination of licensees of the Ministry of Defense of Russia in the field of creating information security tools have been developed.
Keywords: conformity assessment, information security, information protection, certification, certification tests, special examinations, information security tools, licensing system, development of secure software, archival storage.
References
1. Trofimov V.V. Kak stat` razrabotchikom sredstv zashchity` informatcii dlia Ministerstva oborony` Rossii`skoi` Federatcii // Information Security, 2005, № 3. S. 27-28.
2. Al`terman A.D., Lushnikov N.D. Informatcionnaia bezopasnost` cherez licenzirovanie i sertifikatciiu // Alleia nauki. 2018. T. 3. №6 (22). S. 897-900.
3. Borisova E.A., Popov K.G. Leecenzirovanie kak metod obespecheniia informatcionnoi` bezopasnosti // Simvol nauki: mezhdunarodny`i` nauchny`i` zhurnal. 2016. № 7-2 (19). S. 36-38.
4. Dolgov D.S. Leecenzirovanie kak administrativno-pravovoe sredstvo obespecheniia informatcionnoi` bezopasnosti v rossii`skoi` federatcii // Vestneyk Sarahtovskoi` gosudarstvennoi` akademii prava. 2008. № 4 (62). S. 196-197.
5. Zhogal` A.V. Sovremenny`e problemy` obespecheniia informatcionnoi` bezopasnosti v Rossii // Kontekst i refleksiia: filosofiia o mire i cheloveke. 2017. № 1A, Tom 6. - S. 178-185.
6. Katarzhnov A.D. Leecenzirovanie deiatel`nosti po tekhnicheskoi` zashchite konfidentcial`noi` informatcii // Zashchita informatcii. Insai`d. 2012. № 2 (44). S. 16-20.
7. Nagorny`i` S. I., Cliomfas Iu. V. Iskushenie zakonom // Zashchita informatcii. Insai`d. 2011. № 3. S. 26-29.
8. Skripnik D.A. Obshchie voprosy` tekhnicheskoi` zashchity` informatcii. M.: Natcional`ny`i` Otkry`ty`i` Universitet «INTUIT», 2016. 425 s.
9. Shaposhnikov V.I. Nekotory`e problemy` pravovogo regulirovaniia otnoshenii` po licenzirovaniiu v oblasti zashchity` informatcii // Aktual`ny`e problemy` rossii`skogo prava. 2007. № 2. S. 77-81.
10. Shahalov I.Iu. Leecenziia kak produkt osoznannoi` neobhodimosti licenzirovanie deiatel`nosti operatorov personal`ny`kh danny`kh // Zashchita informatcii. Insai`d. 2010. № 2 (32). S. 53-55.
11. Zakonodatel`no-pravovoe i organizatcionno-tekhnicheskoe obespechenie ... avtomatizirovanny`kh sistem i informatcionnovy`chislitel`ny`kh setei` / Kotenko I.V., Kotuhov M.M., Markov A.S. i dr. - SPb: VUS, 2000. 190 s.
12. Markov A.S. Tekhnicheskaia zashchita informatcii. Kurs lektcii`. M. AISNT. 2020. 234 s.
13. Shahalov I.Iu. Leecenzirovanie deiatel`nosti po tekhnicheskoi` zashchite konfidentcial`noi` informatcii // Voprosy` kiberbezopasnosti. 2013. № 1 (1). S. 49-54.
14. Shahalov I.Iu. Pravovoe obosnovanie sertifikatcii sredstv zashchity` informatcii // Monitoring pravoprimeneniia. 2015. № 3 (16). S. 64-68.
15. Markov A.S., Tcirlov V.L., Barabanov A.V. Metody` ocenki nesootvetstviia sredstv zashchity` informatcii. M.: Radio i sviaz`. 2012. 192 s.
16. Maksimov E.E., Burs K.V., Zhereb L.A. Aktual`nost` i problemy` e`lektronny`kh arhivov sovremenny`kh rossii`skikh predpriiatii` // Aktual`ny`e problemy` aviatcii i kosmonavtiki. 2012. T. 2. № 8. S. 184-185.
17. Samantcov A. P. Tcifrovy`e arhivy` predpriiatii`: problemy` khraneniia danny`kh // Vestneyk Iuridicheskogo instituta MIIT. 2021. № 2 (34). S. 143-148.
18. Grishin M.I., Markov A.S., Tcirlov V.L. Prakticheskie aspekty` realizatcii mer po razrabotke bezopasnogo programmnogo obespecheniia // IT-Standart. 2019. № 2 (19). S. 29-39.
19. Devianin P.N., My`litcy`n R.N., Telezhnikov V.Iu. Tekhnologii bezopasnoi` razrabotki i obespecheniia doveriia k OSSN Astra Linux Special Edition. V sbornike: Sostoianie i perspektivy` razvitiia sovremennoi` nauki po napravleniiu «Informatcionnaia bezopasnost`». Sbornik statei` III Vserossii`skoi` nauchno-tekhnicheskoi` konferentcii. Anapa, 2021. S. 13-23.
20. Barabanov A., Markov A., Fadin A., Tsirlov V., Shakhalov I. Synthesis of Secure Software Development Controls. In Proceedings of the 8th International Conference on Security of Information and Networks (Sochi, Russian Federation, September 08-10, 2015). SIN ‘15.
ACM New York, NY, USA, 2015, pp. 93-97. DOI: 10.1145/2799979.2799998
21. Barabanov A.V. Markov A.S., Tcirlov V.L. O sistematike informatcionnoi` bezopasnosti tcepei` postavki programmnogo obespecheniia. // Bezopasnost` informatcionny`kh tekhnologii`. 2019. T. 26. № 3. S. 68-79.
22. Barabanov A.V., Markov A.S., Tcirlov V.L. Ocenka sootvetstviia sredstv zashchity` informatcii «Obshchim kriteriiam» // Informatcionny`e tekhnologii. 2015. T. 21. № 4. S. 264-270.
23. Dorofeev A.V., Markov A.S., Rautkin Y.V. Ethical Hacking Training // CEUR Workshop Proceedings, 2019, Vol-2522, pp. 47-56.
63-74
Horev, A. A. RESEARCH OF THE PASSIVE INFORMATION PROTECTION DEVICE IN THE ACOUSTOELECTRIC LEAKAGE CHANNELS USING MATLAB ENVIRONMENT / A. A. Horev, O. R. Lukmanova, D. B. Surovenkov // Cybersecurity issues. – 2021. – № 5(45). – С. 75-86. – DOI: 10.21681/2311-3456-2021-5-75-86.

Abstract
Purpose: design of the passive device of the speech information protection from acoustoelectric leakage channels and study of the characteristics of protection device using a virtual laboratory bench developed in the Matlab environment.Methods: mathematical modeling using Matlab environment.Practical relevance: designed in the Matlab modeling environment: an equivalent circuit of the telephone set, which makes it possible to simulate acoustoelectric information leakage channels, schematic diagrams of passive protection devices for telephone sets that implement protection methods: limiting low-amplitude signals, filtering high-frequency injection signals and disabling acoustoelectric transducers, a virtual laboratory stand for research of the characteristics of protective device. Using a virtual laboratory stand, the main characteristics of the developed protection devices were studied and their performance was assessed when connected to the telephone network.
Keywords: mathematical modeling, telephone set, acoustoelectric leakage channel of the speech information,
technical leakage channel of the information, information protection device from acoustoelectric leakage channel,
information security methods, virtual laboratory bench.
References
1. Trilisskiy V. O. Tekhnicheskiye kanaly utechki rechevoy informatsii // Inzhiniring i tekhnologii. 2019. T. 4. N 1. S. 40-42.
2. Lukmanova O. R. Modelirovaniye kontrolya podverzhennosti telefonnogo apparata passivnym akustoelektricheskim preobrazovaniyam pri razlichnykh tipovykh integral’nykh urovnyakh rechi // Radioelektronnyye ustroystva i sistemy dlya infokommunikatsionnykh tekhnologiy - REUS-2019. 2019. S. 297-302.
3. Bogatikov V.N., Bochkareva T.O., Murashev P.M., Sanayeva G.N. Analiz akustoelektricheskikh preobrazovateley v sostave vspomogatel’nykh tekhnicheskikh sredstv i sistem // Vestnik Mezhdunarodnoy akademii sistemnykh issledovaniy. Informatika, ekologiya, ekonomika. 2020. T. 22. S. 86-93.
4. Karaush A. S. Obzor i analiz metodov povysheniya razborchivosti rechi v akustoelektricheskikh kanalakh utechki informatsii //Sbornik nauchnykh trudov Novosibirskogo gosudarstvennogo tekhnicheskogo universiteta. 2019. N 1. S. 100-113.
5. Lukmanova O.R. Research of the Acoustoelectric Speech Information Leakage Channel Based on Acoustic Transducers // 2021 IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering (ElConRus). IEEE. 2021. Pp. 2377-2380. DOI: 10.1109/ElConRus51938.2021.9396632
6. Lukmanova O.R., Khorev A.A. Issledovaniye akustoelektricheskogo effekta v telefonnom apparate v srede modelirovaniya COMSOL // Sovremennyye problemy radioelektroniki i telekommunikatsiy. 2020. N 3. S. 216.
7. Khorev A.A., Lukmanova O.R. Issledovaniye kharakteristik aktivnogo sredstva zashchity telefonnogo apparata // Zashchita informatsii. Insayd – 2020. N 3. S. 82-88
8. Khorev A.A., Lukmanova O.R. Issledovaniye kharakteristik passivnykh sredstv zashchity telefonnogo apparata // Zashchita informatsii. Insayd – 2021. N 1. S. 8-14
9. Lukmanova O.R., Horev A.A. Modelling the Acoustoelectric Leakage Channel of Speech Information in a Telephone Set // 2017 IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering (EIConRus). 2017. Pp. 493-495. DOI: 10.1109/EIConRus.2017.7910599
10. Lukmanova O.R., Horev A.A. Simulation of the «High Frequency Injection» Method in a Telephone Set // 2018 IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering (EIConRus). 2018. Pp. 1542-1544. DOI: 10.1109/EIConRus.2018.8317392
11. 11. Lukmanova O.R., Horev A.A. Research of the Telephone Set Protective from Acoustic Information Leakage Channels // 2019 IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering (EIConRus). 2019. Pp. 1786-1789. DOI: 10.1109/EIConRus.2019.8657091
12. Lukmanova O.R. et al. Research of the Analog and Digital Noise Generators Characteristics for Protection Device // 2020 IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering (EIConRus). 2020. Pp. 2093-2096 DOI: 10.1109/EIConRus49466.2020.9039193
13. Lukmanova O.R. Modelirovaniye kontrolya podverzhennosti p’yezoelementa zvonka akustoelektricheskim preobrazovaniyam // Radioelektronnyye ustroystva i sistemy dlya infokommunikatsionnykh tekhnologiy – RUES-2021. 2021. S. 329-333
14. Lukmanova O.R., Horev A.A. Modeling the Acoustoelectric Effect in a Telephone Using COMSOL Multiphysics // Futuristic Trends in Network and Communication Technologies. Springer. 2021. Pp. 81-90. DOI: https://doi.org/10.1007/978-981-16-1483-5_8
15. Khorev A.A., Lukmanova O.R. Matematicheskoye modelirovaniye passivnogo akustoelektricheskogo kanala utechki akusticheskoy rechevoy informatsii v telefonnom apparate // Spetsial’naya tekhnika. 2016. N 6. S. 56-63.
16. Lukmanova O.R. et al. Simulation of the Passive Protection Device in the Acoustoelectric Leakage Channel // 2021 IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering (ElConRus). 2021. Pp. 2381-2384 DOI: 10.1109/ElConRus51938.2021.9396169
75-86
Vashchenko, A. P. DEVELOPMENT OF A PROTOTYPE OF A HARDWARE AND SORFWARE DEVICE FOR PANORAMIC VIEWING FOR SECURITY SYSTEMS AND SITUATIONAL AWARENESS OF AN UNMANNED VEHICLE / A. P. Vashchenko, D. A. Gavrilov, A. G. Lapushkin // Cybersecurity issues. – 2021. – № 5(45). – С. 87-95. – DOI: 10.21681/2311-3456-2021-5-87-95.

Abstract
Purpose of the article: development and creation of a prototype of a panoramic viewing device for an unmanned vehicle that allows recording the surrounding stop as close as possible to the capabilities of human vision, as well as the development of a set of measures to ensure situational awareness of autonomous devices.Method used: The development of the basic basic form was carried out using the SolidWorks software package. The software part of the prototype is made in the form of a desktop application deployed on a computer running Ubuntu 18.04. Mathematical formalization and calculation of distortion parameters are performed.Results: A conceptual study of the design of the “super camera” was carried out, the calculation of distortion compensation, including tangential and radial distortions, was carried out, the physical implementation of the prototype of the panoramic viewing device was presented. 
Keywords: situational awareness, unmanned vehicle, radial distortions, tangential distortions, on-board camera,
panoramic image, controlled filter, hardware implementation.
References
1. Pun’ A.B., Gavrilov D.A., Shchelkunov N.N., Fortunatov A.A. Nejrosetevoj algoritm avtomaticheskogo obnaruzheniya i soprovozhdeniya ob”ekta interesa v videosignale // Tr. 16-j Nac. konf. po iskusstvennomu intellektu (24 – 27 sentyabrya 2018 g.) V 2-h tomah/ FIC IU RAN. –T.2 –M. RKP, 2018. – S.188 – 190.
2. Gavrilov D.A. Normativno-tekhnicheskie voprosy razrabotki bezopasnyh avtomatizirovannyh intellektual’nyh sistem // Voprosy kiberbezopasnosti. – 2020. – t.40, №6. – S. 63 – 71.
3. Gavrilov D.A., Shchelkunov N.N. Vozmozhnosti primeneniya avtomatizirovannoj optiko-elektronnoj sistemy nazemno-vozdushnogo monitoringa v deyaetel’nosti OVD // Sb. st. mezhd. nauchno-praktich.konf. «Iskusstvennyj intellekt (bol’shie dannye na sluzhbe policii) (28 noyabrya 2019, Moskva). –M. Akademiya upravleniya MVD RF, 2019. – S. 59–64.
4. Begaliev E.N. O perspektivah primeneniya bespilotnyh letatel’nyh apparatov v hode proizvodstva otdel’nyh sledstvennyh dejstvij // Vestnik Vostochno-Sibirskogo instituta MVD Rossii. – 2019. – №2 (89). – URL: https://cyberleninka.ru/article/n/o-perspektivahprimeneniya-bes.
5. Lovcov D.A., Gavrilov D.A., Makarenko G.I. Zashchishchennaya pererabotka vizual’noj informacii v AOES NKM // Tr. 10-j Mezhdunar. nauch.-tekhn. konf. «Bezopasnye informacionnye tekhnologii» (3 – 4 dekabrya 2019 g.) / MGTU im. N.E. Baumana. – M. MGTU im. N.E. Baumana, 2019. – S. 254 – 260.
6. Evdokimenkov V. N., Krasil’shchikov M. N., Sebryakov G.G. Raspredelennaya intellektual’naya sistema upravleniya gruppoj bespilotnyh letatel’nyh apparatov: arhitektura i Programmno-matematicheskoe obespechenie // Izvestiya YUFU. Tekhnicheskie nauki.– 2016.– №1 (174).– URL: https://cyberleninka.ru/article/n/raspredelennaya.
7. Lohin V. M., Man’ko S. V., Romanov M. P., Garceev I. B., Evstigneev D. V., Kolyadin K.S. Intellektual’naya sistema upravleniya avtonomnym bespilotnym letatel’nym apparatom // Izvestiya YUFU. Tekhnicheskie nauki. – 2006. – №3. – URL: https://cyberleninka.ru/article/n/intellektualnaya-sistema-upravleniya-avtonomnym-bespilotnym-letatelnym-apparatom.
8. Ohotnikov A.L. Situacionnoe bespilotnoe upravlenie // ITNOU: informacionnye tekhnologii v nauke, obrazovanii i upravlenii.– 2019.– №3 (13).– URL: https://cyberleninka.ru/article/n/situatsionnoe-bespilotnoe-upravlenie.
9. Krapchatova T.V., Filippov M.V. Metod vosstanovleniya smazannyh izobrazhenij po dvum kadram// Inzhenernyj zhurnal: nauka i innovacii. – 2013. – vyp. 6. – URL: http://engjournal.ru/catalog/it/hidden/767.html.
10. Krapchatova T.V., Filippov M.V. Analiz effektivnosti algoritmov bilateral’noj fil’tracii // Elektronnyj zhurnal “Nauka i obrazovanie”. – 2012. – T. 2. – S. 45 – 56.
11. Gavrilov D.A. Semanticheskaya segmentaciya i klassifikaciya izobrazhenij s pomoshch’yu nejrosetej // Informatika, vychislitel’naya tekhnika i upravlenie Sb. nauch. tr. – Vyp. 9 / Pod red. A. V. Knyazeva, D. A. Lovcova. – M. ITMiVT RAN, 2018. – S. 57 – 66. Inv. 2698.
12. Yang Q., Tan K.-H., Ahuja N. Real-time O(1) bilateral filtering // Proc. IEEE Conf. Comput. Vis. Pattern Recognition. – 2009. – P. 557 – 564.
13. Pun’ A.B., Gavrilov D.A., SHCHelkunov N.N., Fortunatov A.A. Algoritm adaptivnoj binarizacii ob”ektov v videoposledovatel’nosti v rezhime real’nogo vremeni // Uspekhi sovremennoj radioelektroniki. – 2018. – №8. –S. 40 – 48.
14. He K., Sun J., Tang X. Guided Image Filtering BT // Link.Springer.Com. – 2010. – Vol. 6311, № 1. – P. 1 – 14.
87-95

Be the first to comment

Leave a Reply

Your email address will not be published.


*


This site uses Akismet to reduce spam. Learn how your comment data is processed.