9004
2071-8217
Problems of information security. Computer systems
Спецвыпуск
2024
1-176
RAR
RUS
10-16
0000-0002-8627-4947
Peter the Great St. Petersburg Polytechnic University
Busygin
Alexey
a.busygin@ibks.spbstu.ru
0000-0002-9732-0099
Peter the Great St. Petersburg Polytechnic University
Kalinin
Maxim
max@ibks.spbstu.ru
Russia, 195251, St. Petersburg, Polytechnicheskaya str., 29
A concept of the protected distributed ledger technology for smart city digital environment
This paper analyzes the security of the common distributed consensus algorithms used in smart city distributed ledgers. There is proposed a concept of smart city distributed ledgers protection, which applies a hybrid distributed consensus protocol based on the joint use of the tangle class algorithm and the proof-of-authority class algorithm, protected by trusted computing and remote attestation technologies. The proposed protocol compensates for the weaknesses and vulnerabilities of the conventional distributed consensus algorithms that are inherent in distributed ledger technology and hinder its widespread use in large-scale smart city systems
10.48612/jisp/1tfk-825g-8gp7
004.056
smart city
distributed ledger technology
security
distributed consensus algorithm
https://jisp.spbstu.ru/article/2024.17.1/
2024_spetsvipusk-5-6.pdf
RAR
RUS
17-23
0000-0003-0623-9891
Peter the Great St. Petersburg Polytechnic University
Gololobov
Nikita
gololobov_nv@spbstu.ru
Formal statement of the problem of morphizing executive code during the work of software
This article presents a formal formulation of the problem of modifying executable code during execution based on morphing used in computer animation. In the course of the research, the need for developing a morphing method for software was substantiated, and the basic principles used in computer animation were adapted for the field of cybersecurity, and vectors for further research in this direction were determined. The results obtained during the adaptation should be used in the design and implementation of the morphing method for executable code
10.48612/jisp/kgh3-84nt-b5z2
004.056
cybersecurity
executable file protection
binary morphing
protection against ROP chains
https://jisp.spbstu.ru/article/2024.17.2/
2024_spetsvipusk-5-6.pdf
RAR
RUS
24-30
Peter the Great St. Petersburg Polytechnic University
Goretsky
Ilya
vaasabb@mail.ru
0000-0003-2849-4682
Peter the Great St. Petersburg Polytechnic University
Lavrova
Daria
lavrova_ds@spbstu.ru
Russia, 195251, St. Petersburg, Polytechnicheskaya str., 29
Intelligent recommender system for counteracting network attacks
This paper is devoted to an approach to countering network attacks based on network reconfiguration to exclude the possibility of successful completion of the attack. To implement the approach, it is proposed to use the mechanism of recommender systems that provides both generation of possible network topologies and their ranking. The proposed intelligent recommender system is based on a reinforcement learning algorithm based on the actor - critic model. Experimental studies have confirmed the effectiveness of the developed system
10.48612/jisp/gxt5-d3m3-5ku4
004.056
reinforcement learning
DDoS
network attack
recommender system
https://jisp.spbstu.ru/article/2024.17.3/
2024_spetsvipusk-5-6.pdf
RAR
RUS
31-45
Peter the Great St. Petersburg Polytechnic University
Gribkov
Nikita
gribkov.na@edu.spbstu.ru
Method for binary code searching based on syntactic and semantic features of the query sample
The paper analyzes the syntactic and semantic characteristics used to identify the similarity of binary code fragments, presents the results of analysis on the effectiveness of decompilation techniques and methods for syntactic similarity detection in the context of code clone detection task. Method for searching the code clones is proposed, which includes analyzing both semantic and syntactic features of the binary code snippets. The results of a comparative analysis of the effectiveness of the proposed method are presented
10.48612/jisp/6a2t-ggzk-m5ez
004.056
syntactic similarity
semantic similarity
pseudocode
binary code search
code reusage
https://jisp.spbstu.ru/article/2024.17.4/
2024_spetsvipusk-5-6.pdf
RAR
RUS
46-55
Peter the Great St. Petersburg Polytechnic University
Zavadskii
Evgeniy
zavadskij_ev@spbstu.ru
Peter the Great St. Petersburg Polytechnic University
Bulat
Andrey
Method for searching for clones of program code in binary executable files
The current trend of increasing labor productivity and efficiency of business processes entails optimization of software development processes through the use of generative artificial intelligence models trained on various code bases and manual copying of code fragments. Taking into account the growing number of reported vulnerabilities, methods for detecting clones of program code are needed. In this paper, we propose a method for evaluating the similarity of fragments of the program code of binary executable files, which is based on the representation of the code in the form of an FA-AAST tree and the apparatus of graph neural networks. The results obtained during testing on open and closed source software demonstrate the correctness of the proposed method and higher accuracy in comparison with considered solutions
10.48612/jisp/kxfu-f8dz-7f8n
004.94
code clone
AST
FA-AAST
graph neural network
cybersecurity
https://jisp.spbstu.ru/article/2024.17.5/
2024_spetsvipusk-5-6.pdf
RAR
RUS
56-64
0009-0000-3181-4769
Peter the Great St. Petersburg Polytechnic University
Kostin
Sergey
s8kostin@gmail.com
0000-0002-7485-4848
Peter the Great St. Petersburg Polytechnic University
Aleksandrova
Elena
aleksandrova_eb@spbstu.ru
About masking method in aggregate signature protocol based on isogenies of elliptic curve
The main mathematical mechanism chosen by NIST (National Institute of Standards and Technology) for standardization is the lattice, while the hash function mechanism is an alternative. Unlike isogenies of elliptic curves, these mechanisms use a larger size of both public keys and signatures. Using the example of aggregate signature protocol based on isogenies of elliptic curves, we will show how the masking method can be used to prevent the main attack on this mechanism, while obtaining a smaller signature size. Post-quantum cryptography, aggregate signature, isogenies
10.48612/jisp/2p7f-pp93-8ftg
004.056.53
post-quantum cryptography
multiple signature
isogeny
https://jisp.spbstu.ru/article/2024.17.6/
2025_spetsvipusk-5-6.pdf
RAR
RUS
65-75
0009-0008-4442-5365
Peter the Great St. Petersburg Polytechnic University
Kubrin
Georgiy
kubrin@ibks.spbstu.ru
13103571000
0000-0002-0232-7248
Peter the Great St. Petersburg Polytechnic University
Zegzhda
Dmitry
zegzhda_dp@spbstu.ru
Russia, 195251, St. Petersburg, Polytechnicheskaya str., 29
Vulnerability detection in multicomponent software using a set of generalized code graph representations
The paper presents a survey of existing software security analysis method and their ability to detect vulnerabilities caused by errors in several software components implemented in different programming languages. A set of three generalized code graph representations is proposed for implementation of software security analysis methods with consideration for interaction between components written in different programming languages. A software security analysis system architecture and a prototype of a system that uses proposed generalized code graph representation was developed. The prototype supports analysis of software components written in PHP, C and. NET based programming languages
10.48612/jisp/nb67-m5g8-mpae
004.56
software vulnerabilities detection
logical vulnerabilities
static code analysis
graph theory
multicomponent software analysis
https://jisp.spbstu.ru/article/2024.17.7/
2024_spetsvipusk-5-6.pdf
RAR
RUS
76-91
0000-0003-1345-1874
Peter the Great St. Petersburg Polytechnic University
Pavlenko
Evgeny
pavlenko_eyu@spbstu.ru
Intelligent synthesis of cyber-resilient network structures: methods, experiments and architectural implementation
The paper is devoted to the implementation of intelligent synthesis of cyber-resistant structures. We propose methods that implement the synthesis both at the stage of building a network structure and at the stage of its recovery when an attack or failure occurs. Experimental results confirming the effectiveness of the proposed methods are presented. The architecture of the system for recognizing cyber threats and intelligent synthesis of cyber-resilient network structures is described
10.48612/jisp/8671-tgnf-tpv2
004.056
functional isomorphism
target function
synthesis
critical nodes
https://jisp.spbstu.ru/article/2024.17.8/
2024_spetsvipusk-5-6.pdf
RAR
RUS
92-103
0000-0003-1345-1874
Peter the Great St. Petersburg Polytechnic University
Pavlenko
Evgeny
pavlenko_eyu@spbstu.ru
Criteria for synthesizing cyber resilient network structures
The concept of cyber resilience of complex systems is largely determined by the ability of their network structures to be rebuilt in such a way as to neutralize the impact of an attack already implemented on the system or to make its successful implementation impossible when detected at an early stage. It is proposed to solve the problem of synthesis to ensure cyber resilience of network structures both at the stage of system design (synthesis “from scratch”) and at the stage of their operation (synthesis-restructuring). The paper presents modeling of the impact of massive and targeted attacks on the system, considers the constraints on synthesis, and formulates synthesis criteria in terms of graph theory. The obtained theoretical results are the basis for practical construction of cyber-resistant network structures and their rebuilding under attack
10.48612/jisp/pp8f-ruuh-bnax
004.056
cyber resilience
target function
synthesis
graph stability
graph integrity
https://jisp.spbstu.ru/article/2024.17.9/
2024_spetsvipusk-5-6.pdf
RAR
RUS
104-117
0009-0001-3593-1417
Peter the Great St. Petersburg Polytechnic University
Paguba
Grigoriy
paguba.gyu@edu.spbstu.ru
0009-0008-8784-8720
Peter the Great St. Petersburg Polytechnic University
Sobolev
Nikolay
sobolev.nv@edu.spbstu.ru
0009-0001-5299-1884
Peter the Great St. Petersburg Polytechnic University
Permyakov
Danil
permyakov.dn@edu.spbstu.ru
Analysis of methods and instruments of information security using hardware virtualization technology of arm architecture
The paper presents a review of software tools for information security that use hardware virtualization technology on the ARM architecture. For each tool considered, a brief description is provided, along with its advantages and disadvantages. The results of a comparative analysis of the reviewed tools are presented, highlighting the research directions in the field that require the most attention
10.48612/jisp/grre-vhfd-9vn3
004.056
information security
software
virtualization
hypervisor
ARM
https://jisp.spbstu.ru/article/2024.17.10/
2024_spetsvipusk-5-6.pdf
RAR
RUS
118-128
0009-0006-6856-2108
Peter the Great St. Petersburg Polytechnic University
Pahomov
Maksim
pahomov_ma@spbstu.ru
Protection of ad-hoc networks against distributed scanning from the Internet
The features of ad-hoc network scanning have been studied and methods for its detection have been analyzed. A modification of the hybrid method for detecting scanning from the Internet has been proposed, along with methods for identifying decoy scanning and creating blacklists of subnets to prevent further scanning. The proposed protection methods have been compared with existing counterparts
10.48612/jisp/pdh9-5588-k2gv
004.056
information security
ad-hoc networks
network scanning
IP address spoofing
subnetwork blacklists
https://jisp.spbstu.ru/article/2024.17.11/
2024_spetsvipusk-5-6.pdf
RAR
RUS
129-145
0000-0003-1511-9971
Peter the Great St. Petersburg Polytechnic University
Polosukhin
Nikita
polosukhin.ibks@spbstu.ru
Assessment of the descriptive ability of modern data sources for analyzing cyber security threats
This article proposes a classification of attributes of cybersecurity threats. A statistical study of the descriptive power of an open and closed threat dataset is presented. An expert study of an advanced persistent threat was also conducted using open reports as an example. The completeness of the threat description, as well as the ability of modern tools and protocols to describe such a threat, are assessed. The main conclusion is that current approaches to describing cybersecurity threats have shortcomings that prevent the most effective use of such information in operational activities
10.48612/jisp/1nen-rerv-vr94
004.056
cybersecurity threats
“pyramid of pain”
tactics
techniques and procedures
threat description protocols
https://jisp.spbstu.ru/article/2024.17.12/
2024_spetsvipusk-5-6.pdf
RAR
RUS
146-156
0000-0001-9659-1244
Peter the Great St. Petersburg Polytechnic University
Poltavtseva
Maria
potavtseva@ibks.spbstu.ru
0009-0004-8915-7545
Peter the Great St. Petersburg Polytechnic University
Podorov
Andrey
podorov.aa@edu.spbstu.ru
Verification of access control in big data systems using temporal logics
Ensuring consistent access control is one of the key security challenges in heterogeneous Big Data systems. The problem is presented by the large number of data processing tools, information sources and users; heterogeneity of security models; complexity of granular access rules. Analyzing the time factor in this case will improve the consistency and reliability of access differentiation. The aim of the work is to select a methodology and tools for the implementation of temporal logic in the verification processes of access control of Big Data systems. The paper analyzes types of temporal logic and verification methods based on TLA (temporal logic of actions). We propose the use of TLA+ to solve this problem and give an example of the corresponding specification
10.48612/jisp/frzb-mgge-6d24
004.056.5
information security
Big Data
heterogeneous data processing systems
access control
verification
temporal logic
TLA+
https://jisp.spbstu.ru/article/2024.17.13/
2024_spetsvipusk-5-6.pdf
RAR
RUS
157-164
0009-0007-4911-8471
Research Institute «Kvant»
Samarin
Nikolay
samarin_nik@mail.ru
Methodology for finding errors and nondeclared features in software
The paper proposes a methodology of searching for errors and undeclared capabilities in software, which is based on: a graph model of software operation, a method of estimating the achievability of basic software blocks, a mechanism of general simulations and a method of point fuzzing which is using this mechanism
10.48612/jisp/p4m6-3pz2-1pdt
004.056
information security
software
error detection
methodology
symbolic execution
fuzzing
https://jisp.spbstu.ru/article/2024.17.14/
2024_spetsvipusk-5-6.pdf
RAR
RUS
165-175
0009-0008-0568-7223
Peter the Great St. Petersburg Polytechnic University
Tsurkan
Ivan
tsurkan.is@edu.spbstu.ru
Peter the Great St. Petersburg Polytechnic University
Malyshev
Egor
malyshev@ibks.spbstu.ru
Peter the Great St. Petersburg Polytechnic University
Zubkov
Evgeny
zubkov.e@edu.spbstu.ru
Peter the Great St. Petersburg Polytechnic University
Moskvin
Dmitry
moskvin_da@spbstu.ru
Using adversarial attacks to protect against automatic text recognition in CAPTCHA services
The paper proposes a method of CAPTCHA generation using adversarial attacks with respect to the image recognition model. The advantages of this method are determined based on comparative analysis of statistical data obtained as a result of the study. The developed method allows increasing the efficiency of counteraction against automatic bypassing of CAPTCHA services due to the use of insecurity of neural network models from malicious influence
10.48612/jisp/hd61-2rx5-fd6r
004.056
adversarial attacks
text recognition
denial of service
CAPTCHA services
machine learning
Python
https://jisp.spbstu.ru/article/2024.17.15/
2024_spetsvipusk-5-6.pdf