9004
2071-8217
Problems of information security. Computer systems
2
2023
1-212
RAR
RUS
9-16
0000-0003-2393-9603
Samara State Technical University
SHAKURSKIY
Maxim
vigorsilentium@mail.ru
Povolzhskiy State University of Telecommunications and Informatics
KARAULOVA
Olga
olya4369@yandex.ru
Evaluation of signal masking by a two-component steganographic system in windowed information processing
When considering digital systems for transmitting information in real time, in most cases,
the transmission of information in blocks with a given delay time is implied. In this case, the
delay determines the size of the sampling window. The article deals with the issues of masking an
embedded message into an uncompressed audio signal with a variable size of the sample being
processed.
10.48612/jisp/r5at-29vv-uzbz
621.372.552
steganography
sound
masking of information
two-component steganographic system
real time system
https://jisp.spbstu.ru/article/2023.11.1/
2023_2.pdf
RAR
RUS
17-26
Peter the Great St. Petersburg Polytechnic University
LOGINOV
Zakhar
loginoff.zahar@yandex.ru
Peter the Great St. Petersburg Polytechnic University
Solovey
Roman
0000-0001-9862-1507
Peter the Great St. Petersburg Polytechnic University
Dakhnovich
Andrey
add@ibks.spbstu.ru
Using botnet coordination detection to detect social information campaigns
The features of information campaigns, the principles of dissemination of information
campaigns in social networks are considered. Groups of methods for detecting information
campaigns are analyzed and identified. The problems of existing approaches are highlighted.
A group of methods based on the detection of coordination is considered. The article proposes an
algorithm for detecting influence campaigns implemented by a botnet in a social network using
the algorithm bee colony.
10.48612/jisp/75d2-g6zu-dbvu
004.056
social networks
influence campaign
botnet
https://jisp.spbstu.ru/article/2023.11.2/
2023_2.pdf
RAR
RUS
27-36
0000-0002-7959-3835
St. Petersburg State Maritime Technical University
Karpova
Irina
ik070889@gmail.com
St. Petersburg military order of Zhukov institute of the national guard of the Russian Federation
KURILOV
Alexey
AK1225@rambler.ru
0000-0001-9665-0128
Peter the Great St. Petersburg Polytechnic University
Suprun
Alexander
afs54@inbox.ru
Russia, 195251, St. Petersburg, Polytechnicheskaya str., 29
Peter the Great St. Petersburg Polytechnic University
Ivanova
Lyubov
Accounting for the impact of the human factor in cyber security models
A comprehensive cybersecurity risk assessment is a complex multi-level task involving
technical, software, external and human factors. As part of the development of a predictive model for
assessing cybersecurity risks, characterization of the human factor is necessary to understand how
the actions of information security specialists affect the risk of developing cybersecurity threats. The
article discusses the concept of “reliability” in relation to the human factor in the cybersecurity system.
It has two main components: innate characteristics, which are part of the personality, and situational
characteristics, which are outside the personality. The use of reliability as a Human Factors
parameter in a comprehensive cybersecurity risk assessment will also depend on an understanding of how different mental models and behavioral responses affect the level of trust placed in an information security professional and the biases that affect the ability to provide such trus
10.48612/jisp/e75d-r7xt-rzt2
004.942
information security
cyber security model
information system reliability
human factor
cyber defense
https://jisp.spbstu.ru/article/2023.11.3/
2023_2.pdf
RAR
RUS
37-46
0000-0002-3830-1840
Peter the Great St. Petersburg Polytechnic University
Yugai
Pavel
yugaj_pe@spbstu.ru
0009-0002-7321-7430
Peter the Great St. Petersburg Polytechnic University
Zhukovskii
Evgeniy
bugaev.va@edu.spbstu.ru
Russia, 195251, St. Petersburg, Polytechnicheskaya str., 29
0000-0002-2009-5460
Peter the Great St. Petersburg Polytechnic University
Semenov
Pavel
semenov_po@ibks.spbstu.ru
Aspects of detecting malicious installation files using machine learning algorithms
This work presents the research of using machine learning methods to detect malicious
installation files, specifically trojan droppers and downloaders, and installers with extraneous
functionality. A comparative analysis of some classification methods of machine learning is presented:
the naive bayes classifier, the random forest and the C4.5 algorithms. The classification
was carried out using the Weka software in accordance with the methods under consideration.
Significant attributes of executable files are defined, which give positive results in the classification
of legitimate installers and trojans
10.48612/jisp/f7zd-7gf2-rd39
004.056.5
malware
installation files
trojans
droppers
machine learning
naive bayes classifier
random forest
C4.5 algorithms
https://jisp.spbstu.ru/article/2023.11.4/
2023_2.pdf
RAR
RUS
47-60
Peter the Great St. Petersburg Polytechnic University
Gribkov
Nikita
gribkov.na@edu.spbstu.ru
0000-0002-2009-5460
Peter the Great St. Petersburg Polytechnic University
Ovasapyan
Tigran
otd@ibks.spbstu.ru
Peter the Great St. Petersburg Polytechnic University
Moskvin
Dmitry
moskvin_da@spbstu.ru
Analysis of decompiled program code using abstract syntax trees
The paper proposes a method of preprocessing fragments of binary code for the task of detection their similarity using machine learning algorithms. The method is based on analysis of pseudocode, which is retrieved from decompilation process. The pseudocode is preprocessed with usage of attributed abstract syntax trees. Evaluation of the method indicates its efficiency in binary code similarity detection task due to semantic vectors used for abstract syntax tree modification.
10.48612/jisp/ruar-u6he-kmd4
004.56
code clones
syntactic similarity
semantic similarity
binary code similarity
abstract syntax tree
pseudocode
https://jisp.spbstu.ru/article/2023.11.5/
2023_2.pdf
RAR
RUS
61-72
0000-0001-7282-033X
Saint-Petersburg State University of Aerospace Instrumentation
Kolomoitcev
Vladimir
dekoros@guap.ru
Methods of monitoring the execution of the security pattern in infocommunication systems
The protection of infocommunication systems includes a wide number of information security means. There is a possibility of bypassing some of them by an intruder, thus breaking the assumed security script of the information protection system. The methods of monitoring the correct sequence of the use of information security means in the infocommunication system are proposed. The proposed methods make it possible to grow up the degree of security of infocommunication systems by confirming the fact of the use of all means and ways of information protection proposed by the architect of the information protection system
10.48612/jisp/7kda-4z89-66zf
004.051
information protection
computing systems
information security means
pattern of secure access
information security
methods of monitoring
security pattern
https://jisp.spbstu.ru/article/2023.11.6/
2023_2.pdf
RAR
RUS
73-81
0009-0001-1385-8028
Peter the Great St. Petersburg Polytechnic University
Orel
Eugeniy
orel_em@ibks.spbstu.ru
Peter the Great St. Petersburg Polytechnic University
Moskvin
Dmitry
moskvin_da@spbstu.ru
0009-0002-7009-2265
Peter the Great St. Petersburg Polytechnic University
Anoshkin
Ilya
ilya.anoschkin@outlook.com
Decentralized messaging systems architecture stability analysis
This paper presents the results of the architecture stability analysis of messaging systems with a decentralized node structure Briar and Bridgefy. Developed mathematical models of target systems describe protocols for generating keys, establishing a connection and transferring data between system users. The key features of the architecture of messaging systems with a decentralized nodal structure are highlighted. The main classes of threats to target systems are determined
10.48612/jisp/dvxu-66z9-87ue
004.72
decentralized systems
network degradation
mesh-messengers
Briar
Bridgefy
https://jisp.spbstu.ru/article/2023.11.7/
2023_2.pdf
RAR
RUS
82-91
Peter the Great St. Petersburg Polytechnic University
Semyanov
Pavel
semyanov_pv@spbstu.ru
Peter the Great St. Petersburg Polytechnic University
Grezina
Sofia
Bitcoin Core cryptocurrency wallet cryptographic security analysis
The article discusses the encryption security of the Bitcoin Core cryptocurrency wallet. Particular attention is paid to aspects of the practical implementation of cryptographic algorithms when encrypting the wallet.dat file with a password. The practical strongness to brute-force attacks using parallel computing on the GPU is also considered. It was found that Bitcoin Core did not implement an encryption key change for private keys. This implementation makes it possible to re-attack the wallet without knowing the new password, if it has already been compromised before. The changes to encryption algorithms that complicate the password brute force attacks on the GPU are also proposed
10.48612/jisp/mrx7-m1rk-2316
004.056.55
Bitcoin Core cryptocurrency wallet
cryptocurrency wallet encryption
encryption key change
Bitcoin Core wallet attack
brute force attack on GPU
https://jisp.spbstu.ru/article/2023.11.8/
2023_2.pdf
RAR
RUS
92-106
Academy of the Russian Federal Guard Service
Vasinev
Dmitry
vda33@academ.msk.rsnet.ru
Academy of the Russian Federal Guard Service
Semenov
Alexey
Analysis of functionality and future options for the application of a new generation firewall to protect critical information infrastructure facilities
An analysis of the requirements of guiding documents for ensuring the security of critical information infrastructure facilities has been carried out. A classification of information security tools of the firewall class with a description of each, their implementation scenario and a generalized network diagram, taking into account the application of these solutions in the field of information security, are presented. A comparative analysis of existing firewalling solutions is made, followed by conclusions about using some of them to protect critical information infrastructure facilities. A solution is offered to develop the functionality of a new generation firewall
10.48612/jisp/7e7b-6rdh-6rb1
004.056.52
threats
firewall
next generation firewall
critical information infrastructure
https://jisp.spbstu.ru/article/2023.11.9/
2023_2.pdf
RAR
RUS
107-122
Peter the Great St. Petersburg Polytechnic University
Zavadskii
Evgeniy
zavadskij_ev@spbstu.ru
0000-0002-9732-0099
Peter the Great St. Petersburg Polytechnic University
Kalinin
Maxim
max@ibks.spbstu.ru
Russia, 195251, St. Petersburg, Polytechnicheskaya str., 29
Cyber resiliency support based on methods of graph analysis and functional network virtualization
An integrated approach to the maintenance of the cyber resiliency of cyber-physical systems represented as a network of functional nodes has been proposed. Based on the analysis of the graph of functional dependencies and the graph of attacks, this approach makes it possible to detect compromised nodes and rebuild the functional network of the system, moving the compromised nodes to an isolated virtual network similar to the one actually attacked, and then adapt the functional sequence of nodes that implement the technological process, thereby preventing the development of a cyber threat. The experimental results have demonstrated the correct operation of the proposed solution and the formation of an adequate counteraction to the intruders
10.48612/jisp/zn9e-pt1u-54ee
004.056
attack graph
cyber resiliency
cyber-physical system
functional dependencies graph
functional infrastructure
virtual isolated network
https://jisp.spbstu.ru/article/2023.11.10/
2023_2.pdf
RAR
RUS
123-139
0009-0000-3249-4103
Peter the Great St. Petersburg Polytechnic University
Bogina
Vasilisa
bogina_vm@spbstu.ru
0000-0003-2849-4682
Peter the Great St. Petersburg Polytechnic University
Lavrova
Daria
lavrova_ds@spbstu.ru
Russia, 195251, St. Petersburg, Polytechnicheskaya str., 29
13103571000
0000-0002-0232-7248
Peter the Great St. Petersburg Polytechnic University
Zegzhda
Dmitry
zegzhda_dp@spbstu.ru
Russia, 195251, St. Petersburg, Polytechnicheskaya str., 29
0000-0003-1345-1874
Peter the Great St. Petersburg Polytechnic University
Pavlenko
Evgeny
pavlenko_eyu@spbstu.ru
A probabilistic approach to assessing the cyber resilience of mobile networks based on their connectivity
This paper proposes an approach to assess the cyber resilience of mobile networks, based on the assessment of the probability that the network remains coherent under conditions of random movement of its nodes. The approach is aimed at countering the mobile network-specific attacks of hijacking and impersonation of one or more nodes, so that the network loses the ability to perform its target function
10.48612/jisp/m21d-9zr3-gp82
004.056
mobile networks
network connectivity
probability of node movement
hijacking attacks
impersonation attacks
https://jisp.spbstu.ru/article/2023.11.11/
2023_2.pdf
RAR
RUS
140-149
Jet Infosystems
Markov
Georgy
Application of the neocortex model to detect contextual anomalies in network traffic of the industrial Internet of Things
The paper investigates the problem of detecting network anomalies in the processing of data streams in industrial systems. The network anomaly is understood as the malicious signature and the current context: the network environment and topology, routing parameters and node characteristics. As a result of the study, it was proposed to use a neocortex model that supports the memory mechanism to detect network anomalies
10.48612/jisp/b5fk-dug5-3g37
004.056
hierarchical temporary memory
artificial intelligence
contextual anomalies
machine learning
neocortex
industrial internet of thighs
network traffic
HTM
https://jisp.spbstu.ru/article/2023.11.12/
2023_2.pdf
RAR
RUS
150-162
13103571000
0000-0002-0232-7248
Peter the Great St. Petersburg Polytechnic University
Zegzhda
Dmitry
zegzhda_dp@spbstu.ru
Russia, 195251, St. Petersburg, Polytechnicheskaya str., 29
Peter the Great St. Petersburg Polytechnic University
Zubkov
Evgeny
zubkov.e@edu.spbstu.ru
Peter the Great St. Petersburg Polytechnic University
Moskvin
Dmitry
moskvin_da@spbstu.ru
Cybersecurity assessment of cyber-physical system based on analysis of malware signatures
The structure and main properties of a generalized cyber-physical system are investigated. Threats of information security and main approaches to ensure the cybersecurity of these systems are analyzed. The method of assessing the degree of compromise of a generalized cyber-physical system, based on the analysis of indicators of compromise is presented
10.48612/jisp/kfpz-v3xe-v5bz
004.056
indicator of compromise
Industry 4.0
cybersecurity
cyber-physical system
TCP / IP model
graph theory
https://jisp.spbstu.ru/article/2023.11.13/
2023_2.pdf
RAR
RUS
163-172
Jet Infosystems
Markov
Georgy
0000-0002-2264-7513
Peter the Great St. Petersburg Polytechnic University
Krundyshev
Vasiliy
krundyshev_vm@spbstu.ru
0000-0002-9732-0099
Peter the Great St. Petersburg Polytechnic University
Kalinin
Maxim
max@ibks.spbstu.ru
Russia, 195251, St. Petersburg, Polytechnicheskaya str., 29
13103571000
0000-0002-0232-7248
Peter the Great St. Petersburg Polytechnic University
Zegzhda
Dmitry
zegzhda_dp@spbstu.ru
Russia, 195251, St. Petersburg, Polytechnicheskaya str., 29
0000-0002-8627-4947
Peter the Great St. Petersburg Polytechnic University
Busygin
Alexey
a.busygin@ibks.spbstu.ru
Detection of computer attacks in networks of industrial Internet of Things based on the computing model of hierarchical temporary memory
This paper discusses the problem of detecting network anomalies caused by computer attacks in industrial Internet of Things networks. To detect anomalies, a new method has been developed using the technology of hierarchical temporary memory, which is based on the innovative neocortex model. An experimental study of the developed anomaly detection method based on the HTM model demonstrated the superiority of the developed solution over the LSTM-based analogue. The developed prototype of the anomaly detection system provides continuous online unsupervised learning, takes into account the current network context, and also applies the accumulated experience by supporting the memory mechanism
10.48612/jisp/v8z1-3b2n-z84u
004.056
Hierarchical Temporary Memory
Artificial Intelligence
Computer Attacks
Neocortex
Online Learning
Sparse Distributed Representations
Network Traffic
HTM
https://jisp.spbstu.ru/article/2023.11.14/
2023_2.pdf
RAR
RUS
173-182
0000-0002-2141-6780
Peter the Great Saint-Petersburg Polytechnic University
Shtyrkina
Anna
anna_sh@ibks.spbstu.ru
Method of cyberphysical system topology reconfiguration based on graph artificial neural network
The paper proposed approach to estimation the resilience of cyber-physical systems, as well as a method for their reconfiguration to neutralize the negative effects of structural attacks. The proposed method is applied to systems modeled by graphs, each vertex of which is associated with attributes - types of devices. The functioning of such systems is determined by the path on the graph, passing through the vertices of a given type. The reconfiguration method based on the graph artificial neural network (ANN) aims at increasing the number of working paths without the need to add new edges. The ANN model was trained on a synthetic dataset composed of random graphs whose vertex types were specified according to the betweenness centrality metric
10.48612/jisp/6ma2-16a5-3bg4
004.056
cyber-physical systems
graph theory
graph artificial neural network
https://jisp.spbstu.ru/article/2023.11.15/
2023_2.pdf
RAR
RUS
183-190
0000-0003-2233-811X
Krasnodar Higher Military School named after S. M. Shtemenko
Sukhov
Alexander
19am87@mail.ru
Approaches to solving the problem of synthesis of an effective process of functioning of military-technical systems
Approaches related to solving the inverse problem of investigating the effectiveness of purposeful technical systems are considered. The classification of the tasks of the study of the effectiveness of the operation conducted by the military-technical system is given. A formal and informal approach to solving the task is outlined. The criteria of suitability for evaluating the effectiveness of the operation carried out by a purposeful technical system are formulated. Three statements of the problem of synthesis of the object under study are formulated
10.48612/jisp/h86u-pdbn-4kpp
519.718
synthesis
functioning process
efficiency
military-technical system
https://jisp.spbstu.ru/article/2023.11.16/
2023_2.pdf
RAR
RUS
191-201
St. Petersburg branch of JSC KB NAVIS
Milyakov
Denis
denis@inwin.ru
57200960264
0000-0001-6289-3295
Russian State Hydrometeorological University
Sikarev
Igor
sikarev@yandex.ru
Russia, 192007, St. Petersburg, Voronezhskaya str., 79
Russian Geographical Society
Travin
Sergey
Artificial neural networks in the navigation safety system of autonomous unmanned vessels
The article reviews the use of artificial neural networks to ensure the navigational safety of navigation of an autonomous unmanned vessel
10.48612/jisp/4efx-dtmm-g1a9
004.032.26:004.93’11:656.62
unmanned vessel
navigation
neural networks
information theory
modeling
e-navigation
navigation safety
geoinformation
https://jisp.spbstu.ru/article/2023.11.17/
2023_2.pdf
RAR
RUS
202-211
0000-0002-9732-0099
Peter the Great St. Petersburg Polytechnic University
Kalinin
Maxim
max@ibks.spbstu.ru
Russia, 195251, St. Petersburg, Polytechnicheskaya str., 29
Peter the Great St. Petersburg Polytechnic University
Tkacheva
Ekaterina
tkacheva.ki@yandex.ru
Decentralized approach to intrusion detection in dynamic networks of the Internet of Things basing on multi-agent reinforcement learning and inter-agent communication
The paper proposes a multi-agent reinforcement learning technology for intrusion detection in the Internet of Things. Three models of a multi-agent intrusion detection system have been implemented - a decentralized system, a system with the transmission of forecasts, a system with the transmission of observations. The obtained experimental results have been compared with the open intrusion detection system Suricata. It has been demonstrated that the proposed architectures of multi-agent systems are free from the weaknesses found in the usual solutions
10.48612/jisp/npx5-z2hr-h5ux
004.056
agent
decentralized system
internet of things
greedy algorithm
cybersecurity
machine learning
multi-agent reinforcement learning
intrusion detection
observation data transferring
prediction data transferring
DQN
https://jisp.spbstu.ru/article/2023.11.18/
2023_2.pdf