9004
2071-8217
Problems of information security. Computer systems
4
2021
1-158
RAR
RUS
9-25
13103571000
0000-0002-0232-7248
Peter the Great St. Petersburg Polytechnic University
Zegzhda
Dmitry
zegzhda_dp@spbstu.ru
Russia, 195251, St. Petersburg, Polytechnicheskaya str., 29
Kiselev
Alexey
0009-0004-1271-709X
Peter the Great St. Petersburg Polytechnic University
Ognev
Roman
ognev_ra@spbstu.ru
0009-0002-7321-7430
Peter the Great St. Petersburg Polytechnic University
Zhukovskii
Evgeniy
bugaev.va@edu.spbstu.ru
Russia, 195251, St. Petersburg, Polytechnicheskaya str., 29
Identification of malicious executable files based on static-dynamic analysis using machine learning
The article is devoted to the study of methods for detecting malicious software (malware) using static-dynamic analysis. A method for detecting malware is proposed, in which the number of parameters of the behavior of executable files is optimized using clustering of insignificant features, and also fuzzy-hashing of own functions is used when constructing a call trace. A prototype of a malware detection system based on the proposed method has been developed. Experimental studies assess the effectiveness of the proposed method. The efficiency of malware detection by the developed prototype is estimated. According to the verification results, the developed prototype was able to improve the detection efficiency of malware.
10.48612/jisp/422m-udhg-dg48
004
information security systems
detection of malicious software
static-dynamic analysis
parameter feature selection
https://jisp.spbstu.ru/article/2021.5.1/
2021_4-5-6.pdf
RAR
RUS
26-38
Peter the Great St. Petersburg Polytechnic University
Zubkov
Evgeny
zubkov.e@edu.spbstu.ru
0009-0002-7321-7430
Peter the Great St. Petersburg Polytechnic University
Zhukovskii
Evgeniy
bugaev.va@edu.spbstu.ru
Russia, 195251, St. Petersburg, Polytechnicheskaya str., 29
Research of information security problems of heterogeneous corporate computer networks
The structure, the functioning principle and the main characteristics of a corporate computer network were investigated. There was analysis of the information security threats which can be used to this type of network, taking into the client-server model of data transmission over communication channels. Finally, there was a comparative analysis of information security audit methods, as well as means of implementing the audit process.
10.48612/jisp/r5a9-vpe1–69db
004
audit
information security
information technologies
corporate computer network
Brutespray
Metasploit
Nmap
OpenVAS
https://jisp.spbstu.ru/article/2021.5.2/
2021_4-5-6.pdf
RAR
RUS
39-50
0000-0003-2849-4682
Peter the Great St. Petersburg Polytechnic University
Lavrova
Daria
lavrova_ds@spbstu.ru
Russia, 195251, St. Petersburg, Polytechnicheskaya str., 29
Strukova
Natalia
Predicting network attacks on IoT systems using regression analysis
The aim of the study is to improve the accuracy of IoT network attack detection by applying feature selection methods based on regression models. An analysis of the security problems of IoT systems is presented. The architecture of an intrusion detection system using the considered methods is developed. A software layout that implements the proposed architecture is developed and its effectiveness is evaluated
10.48612/jisp/8dr8–1gna-v9bx
004.056
Internet of Things
intrusion detection system
network attack detection
prediction
significance assessment
feature selection
https://jisp.spbstu.ru/article/2021.5.3/
2021_4-5-6.pdf
RAR
RUS
51-60
0000-0003-0815-3688
Karachanskaya
Elena
elena_chal@mail.ru
0000-0001-5796-8504
Romanov
Alexey
aron1397@mail.ru
Development of a data hashing method based on cellular automation and its advantages
The purpose of this article is to present a method for depersonalizing personal data based on the use of cellular automata. This method is the construction of a hash function with a secret key that performs transformations on a two-dimensional matrix in accordance with the transition rules for two-dimensional cellular automata. A new kind of transition rules for two-dimensional cellular automata related to the Moore neighborhood and the state of the cell is proposed. Additionally, these rules are based on the initial state of the matrix, which avoids the existence of insignificant bits that can lead to collisions. The proposed hashing method can be classified as universal. A computer program “HFCA-2D” is presented, designed not only to automate the process of hashing data using cellular automata, but also containing tools for testing hashing algorithms for speed and the presence of collisions when processing various types and amounts of data, in comparison with SHA algorithms. 256 and SHA-512. The test results showed that the developed data hashing method provides a high level of security and privacy protection
10.48612/jisp/b8rm-kxbd‑3u67
004.056
hashing method
hash function
cellular automaton
pseudonymisation and anonymization of data
https://jisp.spbstu.ru/article/2021.5.4/
2021_4-5-6.pdf
RAR
RUS
61-71
0000-0002-1399-1822
Peter the Great St. Petersburg Polytechnic University
Shenets
Nikolay
shenets_nn@ibks.spbstu.ru
Authentication and key establishment in WSN based on key pre-distribution
In this work a new authentication and key establishment method in WSN is presented. It is based on the modification of Blundo et. al. key distribution protocol
10.48612/jisp/5m4v‑94zg-hr83
004.056.53 (003.26)
authentication and key establishment protocol
Wireless Sensor Network
key pre-distribution
https://jisp.spbstu.ru/article/2021.5.5/
2021_4-5-6.pdf
RAR
RUS
72-78
0000-0003-2393-9603
Samara State Technical University
SHAKURSKIY
Maxim
vigorsilentium@mail.ru
Two-component real-time steganographic system of information embedding in the least significant bits of audio signal
The paper discusses steganographic system of embedding two-component container in audio signal in real time. Steganographic system based on two-component container using samples of cover audio object as a source of first steganographic component. This allows obtaining new properties of a steganographic system
10.48612/jisp/g1v4-up35–1trg
621.372.552
two-component steganographic system
invariance to masking signal
steganographic container
key coefficient
https://jisp.spbstu.ru/article/2021.5.6/
2021_4-5-6.pdf
RAR
RUS
79-90
Glukharev
Mikhail
Kryukov
Alexander
0000-0003-4866-217X
Gryzunov
Vitaly
7006566675
0000-0002-6076-7241
Emperor Alexander I St. Petersburg State Transport University
Kornienko
Anatoliy
kaa.pgups@yandex.ru
Russia, 190031, St. Petersburg, Moskovsky ave., 9
Selection of trust models when integrating distributed information systems of critical application
Distributed information systems of critical application are integrated with each other, which means that it is necessary to manage the distribution of trust. The article analyzes the features of trust models based on the use of electronic signatures for their applicability in information systems of critical application. The necessary conditions for the existence of a public key infrastructure are formulated and proven. Examples of threats to necessary conditions are given, trust models are selected that are suitable for the integration of information systems of critical application
10.48612/jisp/ev3e-fmtu-x25h
004.27+004.056
information systems of critical application
information security
public key infrastructure
https://jisp.spbstu.ru/article/2021.5.7/
2021_4-5-6.pdf
RAR
RUS
91-100
Vasileva
Ksenia
0000-0003-2849-4682
Peter the Great St. Petersburg Polytechnic University
Lavrova
Daria
lavrova_ds@spbstu.ru
Russia, 195251, St. Petersburg, Polytechnicheskaya str., 29
0000-0003-1345-1874
Peter the Great St. Petersburg Polytechnic University
Pavlenko
Evgeny
pavlenko_eyu@spbstu.ru
Development of a mechanism to control message integrity on the local network of vehicles
The work focuses on creating a message integrity control method with the ability to authenticate the source of control flow data in a local vehicular network. The implementation of the integrity control mechanism is based on a role-based security model that governs the allocation of subject rights to use authentication modules, and a data authentication scheme that prevents replay and impersonation attacks
10.48612/jisp/xk5n-pzeb-xrr8
004.056
vehicles
integrity control
role model
transport technology cyber security
https://jisp.spbstu.ru/article/2021.5.8/
2021_4-5-6.pdf
RAR
RUS
101-111
13103571000
0000-0002-0232-7248
Peter the Great St. Petersburg Polytechnic University
Zegzhda
Dmitry
zegzhda_dp@spbstu.ru
Russia, 195251, St. Petersburg, Polytechnicheskaya str., 29
0000-0003-1345-1874
Peter the Great St. Petersburg Polytechnic University
Pavlenko
Evgeny
pavlenko_eyu@spbstu.ru
Artificial immunization in cybersecurity duties
This article proposes an immune-like approach to information security of modern complex systems. This approach is based on the use of immune-like methods to protect critical system nodes from a predetermined set of attacks, and to minimize the success of an attack on the system. The methodological approach is to systematize immunization tasks, tools, and modes to describe how modern systems can resist the proliferation of computer attacks. The main conclusions and recommendations are that using the immunization approach will not only improve the security of systems, but also define principles for building systems that are resistant to cyber attacks
10.48612/jisp/k229-ud9f‑34k5
004.056
cybersecurity
immunisation
targeted immunisation
cyberthreat
honeypot
https://jisp.spbstu.ru/article/2021.5.9/
2021_4-5-6.pdf
RAR
RUS
112-122
0000-0003-0374-4649
Peter the Great St. Petersburg Polytechnic University
Sergadeeva
Anastasia
nsspbpoly@gmail.com
0000-0003-2849-4682
Peter the Great St. Petersburg Polytechnic University
Lavrova
Daria
lavrova_ds@spbstu.ru
Russia, 195251, St. Petersburg, Polytechnicheskaya str., 29
Banking fraud detection using graph neural networks
This paper proposes the application of graph neural networks to detect bank fraud. Financial transactions are represented in the form of a graph, and the use of graph neural networks allows the detection of transactions characteristic of fraudulent schemes. Experimental results demonstrate the promise of the proposed approach
10.48612/jisp/reag-mhhb-n41d
004.056
graph neural networks
bank fraud
anomaly detection
convolutional neural networks
information security
financial data analysis
https://jisp.spbstu.ru/article/2021.5.10/
2021_4-5-6.pdf
RAR
RUS
123-136
0000-0001-6581-3473
Rostova
Olga
0000-0001-5555-8114
Shmeleva
Anastasia
0000-0001-6873-3006
Suloeva
Svetlana
Use of agile management tools in projects of information security systems implementation
The article discusses the features of project management for the implementation of information security systems, as well as the feasibility of using agile management tools in such projects, in particular, the cyclic implementation model. The requirements for the implemented information security system are developed and justified, specifically: requirements for the organization of the network infrastructure, requirements for the configuration of information infrastructure components, requirements for the documentation being developed, technological and technical-economic requirements. The process of information security system implementation management is described: processes of content, terms, risks and human resources management of the project
10.48612/jisp/5zkx‑22b9–8kam
004
project management
information security systems
agile management tools
cyclic implementation model
risk management
https://jisp.spbstu.ru/article/2021.5.11/
2021_4-5-6.pdf
RAR
RUS
137-143
Zabezhailo
Mihail
0000-0002-6493-3622
Timonina
Elena
Lomonosov Moscow State University
Grusho
Alexander
grusho@yandex.ru
Russia, 119991, Moscow, Leninskie Gory, 1
0000-0002-5005-2744
Grusho
Nikolaj
info@itake.ru
The problems of trust assessment in Big Data analysis
The paper examines the problem of evaluation of trust to the results of complex computer analysis of data. The approach of constructing empirical dependencies based on similarity of precedents in the training sample, which has already become classical, is used. The trust approximation is based on simulating training data by random sampling from an unknown distribution. This approach implements approximate causal analysis and have advantages and disadvantages
10.48612/jisp/r6zg‑4umu-nv12
004.896
information security
artificial intelligence
causal relationships
contradictions in data
https://jisp.spbstu.ru/article/2021.5.12/
2021_4-5-6.pdf
RAR
RUS
144-156
0000-0001-9659-1244
Peter the Great St. Petersburg Polytechnic University
Poltavtseva
Maria
potavtseva@ibks.spbstu.ru
0000-0002-3710-1652
Torgov
Vladislav
Distributed ledger technologies application to audit and investigate incidents in big data processing systems
The paper considers the problem of providing auditing of granular transformations in heterogeneous Big Data processing systems. The use of distributed ledger technologies for tracking data fragment transformations is proposed. The authors make a comparison of technologies applicable to solve this problem, provide an analytical and experimental evaluation, recommendations for the application of the study results. In contrast to other similar works, the authors consider the application of various distributed ledger technologies and include the multiplatform requirement for the framework. The proposed framework is universal and can be used in heterogeneous multiplatform big data processing systems
10.48612/jisp/r3x6-ea4a-aaxn
004.896
information security
Big Data
audit
incident investigation
Blockchain
distributed ledger
https://jisp.spbstu.ru/article/2021.5.13/
2021_4-5-6.pdf