9004 2071-8217 1 2023 1-148

RAR RUS 9-16 0000-0003-1345-1874 Peter the Great St. Petersburg Polytechnic University Pavlenko Evgeny pavlenko_eyu@spbstu.ru ARTIFICIAL IMMUNIZATION OF TECHNICAL SYSTEMS TO ENSURE THEIR CYBERSECURITY The purpose of the study is to formally formulate the problem of artificial immunization of complex technical systems to ensure their security against cyber threats. The work draws an analogy between human immunity and the security functions of modern technical systems. A mathematical model of a technical system that describes how the system’s immunity counteracts various cyberattacks was developed. The immunization problem is formulated to minimize the number of infected objects in the system and maximize the number of cured objects among the infected ones. 10.48612/jisp/xv9m-8nxb-f89k 004.056 immunization innate immunity adaptive immunity cyber-attack https://jisp.spbstu.ru/article/2023.10.1/ 2023_1.pdf

RAR RUS 17-25 Mozhaisky Military Aerospace Academy ILINYKH Vasily Mozhaisky Military Aerospace Academy Desyatykh Alexander alecdes@mail.ru Mozhaisky Military Aerospace Academy Telbuh Vyacheslav telbuh89@yandex.ru Method for detecting false information from social information services using the reality parameter Currently, social information services (SIS) have become one of the important sources of information and allow any user to distribute information without restrictions, which makes it difficult to determine the degree of reliability of information. Revealing unreliable facts from the news using artificial intelligence methods is a difficult problem. To solve this problem, it is necessary to apply several existing models with the calculation of the reality parameter and recognition accuracy, as well as to develop a new algorithm for detecting fake news. The use of effective tools for identifying false information in the SIS and the corresponding algorithm is considered in support and decision-making systems, when determining the degree of information reliability 10.48612/jisp/4ggt-evtf-rdn6 355.404:004.738.52 open sources of information social information services false information reality parameter https://jisp.spbstu.ru/article/2023.10.2/ 2023_1.pdf

RAR RUS 26-36 0000-0002-1399-1822 Peter the Great St. Petersburg Polytechnic University Shenets Nikolay shenets_nn@ibks.spbstu.ru Mobile device user data protection approach based on multi-factor authentication, visual cryptography and steganography This paper presents a new approach for protecting user data of mobile phones. It combines multi-factor authentication, secret sharing, visual cryptography, steganography and uses built-in secure modules of the Android operating system. The proposed protocol ensures privacy of user data even if the mobile phone and its associated storage server are compromised 10.48612/jisp/rm3r-3f2m-a1kp 004.056.53(003.26) authentication and key establishment protocol wireless sensor network key predistribution https://jisp.spbstu.ru/article/2023.10.3/ 2023_1.pdf

RAR RUS 37-45 Peter the Great St. Petersburg Polytechnic University Zagalsky Dmitry dzagalskii@yandex.ru Peter the Great St. Petersburg Polytechnic University Solovey Roman 0000-0001-9862-1507 Peter the Great St. Petersburg Polytechnic University Dakhnovich Andrey add@ibks.spbstu.ru A method for detecting manipulation attacks on recommendation systems with collaborative filtering This article discusses the security of recommendation systems with collaborative filtering from manipulation attacks. The most common types of attacks are analyzed and identified. A modified method for detecting manipulation attacks on recommendation systems with collaborative filtering is proposed. Experimental testing and comparison of the effectiveness of the modified method with other relevant methods were carried out 10.48612/jisp/kf76-kmg6-1azr 004.056 recommendation systems collaborative filtering shilling attack detection. https://jisp.spbstu.ru/article/2023.10.4/ 2023_1.pdf

RAR RUS 46-53 0000-0002-9451-8980 MASCOM- Techlain LLC Morgunov Vadim v_a_m1998@mail.ru 0000-0002-3139-0748 Origin Security Antonov Roman antonov@originsecurity.ru Analysis of the international standard ISO 27701 and the formation of recommendations for its use Any organization, processing personal data of citizens of the European Union is obliged to comply with the requirements of GDPR (General Data Protection Regulation). However, the regulations do not contain information about how to comply with these requirements in practice. The international standard ISO 27701 solves this problem because it contains specific controls to fulfill requirements specified above. In the course of the research, the standard was analyzed and there were made up recommendations that can be applied to all types and sizes of organizations, including public and private companies, government entities and non-profit organizations that process personal data of citizens of the European Union. 10.48612/jisp/t17a-355v-exe9 004.056 personal data controls requirements GDPR https://jisp.spbstu.ru/article/2023.10.5/ 2023_1.pdf

RAR RUS 54-61 0000-0001-6695-2328 St. Petersburg State Marine Technical University Garkushev Alexander sangark@mail.ru St. Petersburg State Maritime Technical University Lipis Alexey dlipis@smtu.ru 0000-0001-9665-0128 Peter the Great St. Petersburg Polytechnic University Suprun Alexander afs54@inbox.ru

Russia, 195251, St. Petersburg, Polytechnicheskaya str., 29

Peter the Great St. Petersburg Polytechnic University Ivanova Lyubov Forming the culture of digital security of students of higher educational institutions of shipbuilding profile The article is devoted to finding rational ways to improve the culture of digital security among future shipbuilders. An objective methodology for the formation of educational content based on the achievements of the theory of multi-parameter choice and the construction of a tuple of preferences when making complex cybernetic decisions is considered. An example of the choice of digital security training technology for students of shipbuilding profile (Saint Petersburg State Maritime Technical University) was considered 10.48612/jisp/pfap-9f4a-abmt 004.056.5, 629.5.067 digital security distance learning safety culture https://jisp.spbstu.ru/article/2023.10.6/ 2023_1.pdf

RAR RUS 62-71 Peter the Great St. Petersburg Polytechnic University Gribkov Nikita gribkov.na@edu.spbstu.ru 0000-0002-2009-5460 Peter the Great St. Petersburg Polytechnic University Ovasapyan Tigran otd@ibks.spbstu.ru Peter the Great St. Petersburg Polytechnic University Moskvin Dmitry moskvin_da@spbstu.ru Detecting source code fragments similarity with machine learning algorithms The paper proposes a method for detecting source code fragments similarity using attribute abstract syntax trees and machine learning algorithms. The advantages of the method are determined based on a comparative analysis of existing approaches of detecting code clones. For approaches, which use AST, it is possible to increase the efficiency of detecting similar source code fragments by detecting semantic clones with usage of method proposed. 10.48612/jisp/gnad-nf3e-63te 004.56 code clones syntactic similarity semantic similarity open-source software https://jisp.spbstu.ru/article/2023.10.7/ 2023_1.pdf

RAR RUS 72-78 The Bonch-Bruevich Saint Petersburg State University of Telecommunications Kushnir Dmitry dmitry.kushnir@gmail.com The Bonch-Bruevich Saint Petersburg State University of Telecommunications Shemyakin Sergey s4421764@ya.ru Decimation of M-sequences as a way to obtain primitive polynomials One of the approaches to form a cryptographically secure encryption range is the use of linear recurrent feedback registers based on primitive polynomials. The operational possibility of choosing the appropriate polynomial can provide the required degree of stability of the algorithm used. At present, primitive polynomials are known for sufficiently large powers, but usually these are the so-called sparse polynomials. To improve cryptographic strength, it is necessary to be able to quickly form new primitive polynomials of given degrees, which is the subject of this study 10.48612/jisp/7n36-rhgn-4xz5 004.056.55 primitive polynomials m-sequence decimation primitive root https://jisp.spbstu.ru/article/2023.10.8/ 2023_1.pdf

RAR RUS 79-87 Russian State Hydrometeorological University Vekshina Tatiana t.v.vekshina@mail.ru Russian State Hydrometeorological University Bolshakov Vladimir v.a.bolsh@mail.ru 57200960264 0000-0001-6289-3295 Russian State Hydrometeorological University Sikarev Igor sikarev@yandex.ru

Russia, 192007, St. Petersburg, Voronezhskaya str., 79

Russian State Hydrometeorological University Korinets Ekaterina miffi89@mail.ru Current trends in methods of operational automation of data processing The problem of automating the determination of daily water consumption by continuously measured levels and discrete measurements of water flow using flow curves, which are the simplest characteristic of the capacity of the riverbed (and floodplain) and are widely used in river flow accounting and hydraulic calculations, is considered. Conclusions are made about the optimal analytical representation of the flow curve and the possibilities of constructing a universal model of hydrometric flow accounting. 10.48612/jisp/fexb-mznu-89p5 556.536 water flow measured levels flow curves profiles interpolation approximation model https://jisp.spbstu.ru/article/2023.10.9/ 2023_1.pdf

RAR RUS 88-95 Russian State Hydrometeorological University Vekshina Tatiana t.v.vekshina@mail.ru Russian State Hydrometeorological University Bolshakov Vladimir v.a.bolsh@mail.ru 57200960264 0000-0001-6289-3295 Russian State Hydrometeorological University Sikarev Igor sikarev@yandex.ru

Russia, 192007, St. Petersburg, Voronezhskaya str., 79

Russian State Hydrometeorological University Korinets Ekaterina miffi89@mail.ru Actual problems of automation and hydrological provision of waterways in the arctic zone The problems of hydrological support of water transport in the territories of Siberia and the Far East of the Russian Federation are considered. The requirements for operational information on the levels of water bodies, on a sharp change in water content, on channel deformations, on the ice situation and forecasts of these phenomena are analyzed. Attention is drawn to the need to use new modern information technologies 10.48612/jisp/hp5t-8bdu-mvux 656.628:556.536.537 water transport hydrological support riverbed processes hydrological regime information technologies https://jisp.spbstu.ru/article/2023.10.10/ 2023_1.pdf

RAR RUS 96-103 0000-0001-7199-6384 Special Technology Center LLC Kurakin Alexander akurakin@stc-spb.ru An approach to assessing the effectiveness of the functioning of a group of unmanned aerial vehicles in unpredictable situations The article is devoted to a method for evaluating the effectiveness of the use of a group of unmanned aerial vehicles when they perform aerial photography tasks. The approach is based on the principles of a «virtual squad» and assumes decentralized management and adaptive redistribution of roles in unpredictable situations. 10.48612/jisp/u438-a38e-4adv 004.021 group of unmanned aerial vehicles virtual squad unified flight task https://jisp.spbstu.ru/article/2023.10.11/ 2023_1.pdf

RAR RUS 104-110 Peter the Great St. Petersburg Polytechnic University Ivanova Olga ivanova.od@spbstu.ru 0000-0002-9732-0099 Peter the Great St. Petersburg Polytechnic University Kalinin Maxim max@ibks.spbstu.ru

Russia, 195251, St. Petersburg, Polytechnicheskaya str., 29

The hybrid method for evasion attacks detection in the machine learning systems An analysis of existing methods that provide the detection of evasion attacks in the machine learning systems is presented. An experimental comparison of these methods has been performed. The Uncertainty method is the most universal one, but its accuracy in detecting SGM, MS, BA evasion attacks is lower than that of other methods, and it is difficult to determine such values of the uncertainty boundary for adversarial samples that would allow more accurate detection of evasions. A new hybrid method has been proposed and discussed, which is a two-stage verification of input data, supplemented by input data pre-processing. In the proposed method, the threshold of uncertainty for adversarial samples has become distinct and quickly computable. The hybrid method allows detecting OOD attacks with 80 % accuracy, and SGM, MS, BA attacks with 93 % accuracy 10.48612/jisp/nrmx-ah3v-d373 004.056 evasion attacks evasion attack detection hybrid method machine learning adversarial samples ODIN Uncertainty https://jisp.spbstu.ru/article/2023.10.12/ 2023_1.pdf

RAR RUS 111-118 0000-0003-0374-4649 Peter the Great St. Petersburg Polytechnic University Sergadeeva Anastasia nsspbpoly@gmail.com 0000-0003-2849-4682 Peter the Great St. Petersburg Polytechnic University Lavrova Daria lavrova_ds@spbstu.ru

Russia, 195251, St. Petersburg, Polytechnicheskaya str., 29

DDoS attacks detection based on a modular neural network The paper proposes an approach to detection of Distributed Denial of Service (DDoS) attacks using a modular neural network, which is a series of connected neural networks that solve the problem step by step. The task of DDoS attack detection is decomposed into three interrelated subtasks: detection of anomalous network traffic, detection of DDoS attack traffic and identification of the type of realized DDoS attack, which is especially important due to the tendency of implementing multi-vector DDoS attacks. The results of experimental studies on the quality of performance of the constructed modular neural network confirmed the effectiveness of the proposed approach. 10.48612/jisp/65d1-nu8m-8euv 004.056 DDoS attacks modular neural network decomposition machine learning https://jisp.spbstu.ru/article/2023.10.13/ 2023_1.pdf

RAR RUS 119-127 St. Petersburg State Electrotechnical University “LETI” named after V. I. Ulyanov (Lenin) Grigorjeva Natalya 0000-0002-9899-2778 Peter the Great St. Petersburg Polytechnic University Platonov Vladimir plato@ibks.spbstu.ru Protection against adversarial attacks on image recognition systems using an autoencoder Considered adversarial attacks on systems of artificial neural networks for image recognition. To increase the security of image recognition systems from adversarial attacks (avoidance attacks), the use of auto-encoders is proposed. Various attacks are considered and software prototypes of autoencoders of fully connected and convolutional architectures are developed as a means of protection against evasion attacks. The possibility of using the developed prototypes as a basis for designing autoencoders for more complex architectures is substantiated 10.48612/jisp/8dd2-gfk4-aebe 004.032.26 image recognition system adversarial attack evasion attack autoencoder. https://jisp.spbstu.ru/article/2023.10.14/ 2023_1.pdf

RAR RUS 128-138 0000-0003-2824-6590 Saint-Petersburg State University of Aerospace Instrumentation Almuhamedov Alexsey aleksei.alm@gmail.com 0000-0001-7282-033X Saint-Petersburg State University of Aerospace Instrumentation Kolomoitcev Vladimir dekoros@guap.ru Application of machine learning methods in the problem of searching area of interest for biometric identification based on the pattern of palm veins The article deals with the problem of finding a region of interest for biometric identification based on the pattern of palm veins. An image segmentation method based on the use of convolutional neural networks to search for an area of interest is proposed. The work of this method is compared with methods that use the features of a binarized image, in particular, with the method of searching for local minimums and searching for the minimum threshold value. 10.48612/jisp/1416-12ar-74be 612.087.1:57.087.1 biometrics vein pattern area of interest segmentation neural network https://jisp.spbstu.ru/article/2023.10.15/ 2023_1.pdf

RAR RUS 139-147 0000-0003-2233-811X Krasnodar Higher Military School named after S. M. Shtemenko Sukhov Alexander 19am87@mail.ru 0000-0003-1404-6125 Krasnodar Higher Military School named after S. M. Shtemenko Krupenin Alexander 19am87@mail.ru 0000-0002-6071-8087 Mozhaisky Military Aerospace Academy Yakunin Vladimir Yavi1957@mil.ru Criteria used to assess the quality of information security systems The criteria related to the construction of mathematical models of quality indicators for further investigation of the effectiveness of the functioning of information security systems, taking into account destructive influences, are considered. Geometric interpretations of the criteria of three classes are presented. The distinctive features of the concepts «quality indicator» and «quality assessment criterion» are revealed. A mathematical description of each of the criteria under consideration is given. 10.48612/jisp/tnh1-52z5-ttkb 519.718 quality assessment criterion quality indicator efficiency information security system https://jisp.spbstu.ru/article/2023.10.16/ 2023_1.pdf