9004
2071-8217
Problems of information security. Computer systems
2
2022
1-160
RAR
RUS
9-19
Peter the Great St. Petersburg Polytechnic University
Konoplev
Artem
konoplev_as@spbstu.ru
SOKOLOV
Alexander
sokolov2.as@edu.spbstu.ru
CHERNOV
Andrey
chernov@ibks.spbstu.ru
MITIGATION OF SPECULATIVE EXECUTION ATTACKS BY INTEL DAL TECHNOLOGY APPLICATION
The complexity of neutralization and the lack of a universal mitigation approach of spec ulative execution attacks allows potential malware to have an unauthorized access to data being processed by CPU. To provide the confidentiality of such data it`s processing should be transferred from CPU to a microprocessor operating in a trusted execution environment. Paper describes the approach of using Intel DAL technology, which allows to implement application in Intel ME subsys tem, thus completely mitigate side channel speculative execution attacks.
10.48612/jisp/dmp6-57v4-utpe
004.56
side-channel attacks
speculative execution
Meltdown
Spectre
Intel TEE
Intel ME
Intel DAL
cryptoservices.
https://jisp.spbstu.ru/article/2022.7.1/
2022_2_rus.pdf
RAR
RUS
20-29
0000-0002-0644-4353
Krasnodar Higher Military School named after General of the Army S. M. Shtemenko
Dichenko
Sergei
dichenko.sa@yandex.ru
0000-0001-9665-2174
Krasnodar Higher Military School named after General of the Army S. M. Shtemenko
Samoilenko
Dmitry
19sam@mail.ru
0000-0002-0546-7801
SOPIN
Kirill
sopin.kirill2010@yandex.ru
0000-0002-7578-997X
POVCHUN
Ivan
Powchun2014@yandex.ru
ENSURING DATA INTEGRITY BASED ON NUMBER-THEORETICAL GAUSS TRANSFORMATIONS
The problem of information security in modern conditions of application and function ing of information systems, complicated by the continuous growth of the volume and value of processed information, is considered in the article. A method for ensuring data integrity based on numerical-theoretic Gauss transformations is presented.
10.48612/jisp/5zh4-tu6r-fgk8
519.718
information system
information protection
control and restoration of data integrity
complex numbers.
https://jisp.spbstu.ru/article/2022.7.2/
2022_2_rus.pdf
RAR
RUS
30-34
0000-0002-5785-5160
Omsk State Technical University
Belim
Sergey
sbelim@mail.ru
0000-0002-7839-2345
MUNKO
Sergey
munko_s@mail.ru
ALGORITHM FOR EMBEDDING DIGITAL WATERMARK IN DYNAMIC MEMORY OF EXECUTABLE CODE
The article proposes an algorithm for embedding a digital watermark into the executable
code of the program. Dynamic memory of the program is used as a stegocontainer. The digital
watermark is formed in the memory of the executable program under certain conditions. The embedding
parameters are determined by the executable code and the run time of the program. The
digital watermark is checked by a separate application using key information.
10.48612/jisp/n32g-48d6-udt6
004.056.5
digital watermark
steganography
dynamic memory
authentication
https://jisp.spbstu.ru/article/2022.7.3/
2022_2_rus.pdf
RAR
RUS
35-50
0000-0003-0733-1294
ETU “LETI”
NEVEROV
Eugeny
datnever@ya.ru
0000-0001-9616-7304
ETU “LETI”
SADREEV
Elnar
elnar.sadreev@gmail.com
0000-0003-1097-336X
BEREZOVSKAYA
berezovskaya.ole@gmail.com
0000-0001-081-8797
ITMO University, “LETI”
CHUPROV
Sergey
chuprov@itmo.ru
REVIEW AND COMPARISON OF AES LIGHTWEIGHT MODIFICATIONS FOR A LOW-POWER DEVICES NETWORK
Nowadays, the development of smart city concepts and cyber-physical systems is impossible
without considering information security issues. In the conditions of limited computational
resources, it is necessary to find a trade-off between the cryptographic strength of the encryption
algorithm and its requirements. As part of the study, lightweight modifications of the AES symmetric
block cipher are compared to identify the most balanced solution for ensuring the confidentiality of
low-power devices communication. The comparison is made both in terms of theoretical indicators
that determine cryptographic strength, and in terms of encryption and decryption time, depending
on the size of the input data. The obtained results demonstrate that the Modified AES is the most
balanced solution in relation to the specified requirements. It outperforms not only other modifications,
but also the standard algorithm, improving the diffusion and confusion values by 5 % and 30 %
respectively, and also reducing the average encryption/decryption time by one and a half times
10.48612/jisp/gp9v‑96dh‑32v1
004.056.55
AES
lightweight modifications
resource-constrained environment
cryptographic protection
smart city
https://jisp.spbstu.ru/article/2022.7.4/
2022_2_rus.pdf
RAR
RUS
51-64
0000-0002-2264-7513
Peter the Great St. Petersburg Polytechnic University
Krundyshev
Vasiliy
krundyshev_vm@spbstu.ru
0000-0002-9732-0099
Peter the Great St. Petersburg Polytechnic University
Kalinin
Maxim
max@ibks.spbstu.ru
Russia, 195251, St. Petersburg, Polytechnicheskaya str., 29
ADAPTIVE CONTROL SYSTEM FOR DETECTING COMPUTER ATTACKS ON OBJECTS OF CRITICAL INFORMATION INFRASTRUCTURE
This paper presents an adaptive control system for detecting computer attacks in critical
information infrastructure based on a neuro-fuzzy analysis of variant cyber-threat spaces and parameters
of the protected object using the automatically reconfigurable ANFIS neuro-fuzzy inference
system and Takagi-Sugeno-Kanga fuzzy basis. The results of experimental studies have shown
that the developed system provides high accuracy and speed of detecting computer attacks in
changing decision-making conditions
10.48612/jisp/gtpz-vrmm-b6v2
004.056
Adaptive Control
Critical Information Infrastructure
Neuro-Fuzzy System
Computer Attack Detection
https://jisp.spbstu.ru/article/2022.7.5/
2022_1.pdf
RAR
RUS
65-72
0000-0003-1345-1874
Peter the Great St. Petersburg Polytechnic University
Pavlenko
Evgeny
pavlenko_eyu@spbstu.ru
Fatin
Aleksander
sasha-fatin@mail.ru
IMMUNIZATION OF COMPLEX NETWORKS: A SYSTEM OF DIFFERENTIAL EQUATIONS AND DYNAMIC VARIATION
This paper discusses new approaches to building models of immunization of modern
computer networks. The greatest attention is paid to the consideration of the P2P static model,
segment model, as well as models of dynamic representation of cyclic and growing graphs. The
main advantages and areas of application of the considered models, the nuances of their use and
the novelty of the considered methods are highlighted
10.48612/jisp/uk4r‑9a44-44kg
004.056
Computer Networks
Immunization
Scale-Free Networks
P2P
Segment Model
Cyberphysical Systems
https://jisp.spbstu.ru/article/2022.7.6/
2022_1.pdf
RAR
RUS
73-81
0000-0002-2264-7513
Peter the Great St. Petersburg Polytechnic University
Krundyshev
Vasiliy
krundyshev_vm@spbstu.ru
MATHEMATICAL MODEL OF SPREAD OF COMPUTER ATTACKS ON CRITICAL INFORMATION INFRASTRUCTURE
This paper presents a mathematical model for the spread of computer attacks on critical
information infrastructure based on the extension of the basic Lotka-Volterra model. Within the
framework of the proposed model, the problem to be solved is formulated, the point of stability
of the system is determined, and a criterion is proposed for the adequacy of the applied methods
for detecting attacks to changing parameters of the critical information infrastructure and existing
cyber threats.
10.48612/jisp/pp2h-mkd7-p6bp
004.056
Critical Information Infrastructure
Adequacy Criterion
Mathematical Model
Lotka- Volterra Model
Computer Attack Spread Rate
Stability Point
CII
https://jisp.spbstu.ru/article/2022.7.7/
2022_1.pdf
RAR
RUS
82-97
Admiral Makarov State University of Maritime and Inland Shipping
Ivanyuk
Vladimir
57200960264
0000-0001-6289-3295
Russian State Hydrometeorological University
Sikarev
Igor
sikarev@yandex.ru
Russia, 192007, St. Petersburg, Voronezhskaya str., 79
Admiral S.O. Makarov State University of Marine and River Fleet
Sakharov
Vladimir
saharovvv@gumrf.ru
DIGITALIZATION AND IDENTIFICATION OF ECG SIGNALS USING WAVELET TECHNOLOGIES
A method for identifying signals based on the results of electrocardiogram (ECG) processing
performed based on wavelet technologies is considered. The use of digital technologies for processing
and diagnostics of ECG signals using wavelet analysis can significantly improve the efficiency
and quality of evaluation of pacemaker settings during implantation, as well as in the process of
correction of functional modes, diagnostics, in order to eliminate postoperative complications, etc.
Digital processing of complex cardiac signals at a qualitatively new level is an indispensable condition
for radically improving the processing of the current values of the diagnosed parameters, the
widespread use of digital tools for making informed and effective decisions in the field of medical
care, as well as for information support of identification processes. A method of approximation is
considered and an algorithm for analyzing ECG diagrams obtained during implantation and in the
process of choosing the modes of functioning of pacemakers based on the wavelet, transform is
given. The presence of high–frequency components and short-term pulses in the spectrum of ECG
signals, the evaluation of which is practically impossible by the traditionally used methods of spectral
analysis, determined the choice of a method for digitalizing the decomposition of signals into
basic frequency rhythms for parametric evaluation of QRS complexes. The approximation method
is based on the use of wavelet analysis, which allows deep investigation of such modes. Examples
of the use of wavelet analysis for the approximation of ECG diagrams using cubic splines whose
interpolation nodes are located on an uneven grid are given. Digital technologies are implemented
using the tools of the MATLAB computing environment
10.48612/jisp/b4dd-gma4-epzv
004.056
electrocardiogram
parametric estimation
identification
wavelet technologies
Dobshy wavelets
cubic spline
signal reconstruction levels
wavelet decomposition coefficients
https://jisp.spbstu.ru/article/2022.7.8/
2022_2_rus.pdf
RAR
RUS
98-105
0000-0001-8821-0456
UGATU
ZABIROV
Ildar
Ildar.zabirov.lord@mail.ru
0000-0002-3096-3102
Ufa University of Science and Technology
Mashkina
Irina
profmashkina@mail.ru
APPLYING OF IDENTIFICATION AND ACCESS CONTROL MANAGEMENT SYSTEM IN INDUSTRIAL CONTROL SYSTEM
The possibility of using of Identity and access Management system (IdM/IAM) is considered
in the paper to automate users account and access rights management in Industrial Control
System (ICS). The main feature of IdM/IAM system is that they require an individual approach and
ongoing support when implemented in ICS. The results of the role-based access model development
are presented for its implementation in IdM/IAM. An analysis of ICS safety has been carried
out and the article provides a list of the information assets and information subjects representing
the function, or roles, of industrial network users. A hierarchy of users roles and an access matrix
(with possible rights) have been developed.
10.48612/jisp/z3tz‑82ax-h4zt
004.056.5
Industrial control system
information assets
information subjects
access control
user account and rights management
hierarchy of users roles
https://jisp.spbstu.ru/article/2022.7.9/
2022_2_rus.pdf
RAR
RUS
106-124
0000-0002-6071-8087
Mozhaisky Military Aerospace Academy
Yakunin
Vladimir
Yavi1957@mil.ru
0000-0003-2233-811X
Krasnodar Higher Military School named after S. M. Shtemenko
Sukhov
Alexander
19am87@mail.ru
0000-0003-1404-6125
Krasnodar Higher Military School named after S. M. Shtemenko
Krupenin
Alexander
19am87@mail.ru
THE METHOD OF MODELING THE PROCESS OF FUNCTIONING OF AN AUTOMATED SYSTEM OF SPECIAL PURPOSE IN CONDITIONS OF DESTRUCTIVE INFLUENCES
The article describes a method associated with the construction of mathematical models
of quality indicators for further evaluation of the process of functioning of an automated system for
special purposes, taking into account destructive influences. Methods for calculating the performance
indicators of complex systems are presented. The features of the construction of analytical
and simulation models are disclosed. Algorithms for modeling of the designed automated systems
of special purpose are constructed.
10.48612/jisp/p25a-xtp4-argx
519.718
Mathematical Model
Quality Indicator
Method
Algorithm
Destructive Impact
Automated System of Special Purpose
https://jisp.spbstu.ru/article/2022.7.10/
2022_2_rus.pdf
RAR
RUS
125-134
0000-0001-6753-2181
Saint Petersburg Federal Research Center of Russian Science Academy
Lebedev
Ilya
isl_box@mail.ru
0000-0003-1798-8257
Russian State Hydrometeorological University
Sukhoparov
Mikhail
mail@sukhoparovm.ru
INFLUENCING FACTORS INFORMATION USAGE FOR SPLITTING DATA SAMPLES IN MACHINE LEARNING METHODS TO ASSESS IS STATE
Improving the qualitative indicators of identifying the state of information security of individual
cyber-physical systems segments is associated with the processing of large information
arrays. A method of splitting data samples is proposed to improve the quality of algorithms for classifying
information security states. Classification models are configured on training sets of examples
in which outliers, noisy data, and an imbalance of observed objects may be present, which affects the qualitative indicators of the results. At certain points in time, under the influence of the external environment, the frequency of occurrence of observed events, the ranges of recorded values may
change, which significantly affects the quality indicators. It is shown that a number of events in the
samples occur as a result of the actions of internal and external factors.
10.48612/jisp/mzv1-edk4-v7eb
004.056
information security
machine learning
dataset
influencing factors
the formation of data samples
https://jisp.spbstu.ru/article/2022.7.11/
2022_2_rus.pdf
RAR
RUS
135-147
0000-0003-0623-9891
Peter the Great St. Petersburg Polytechnic University
Gololobov
Nikita
gololobov_nv@spbstu.ru
0000-0003-1345-1874
Peter the Great St. Petersburg Polytechnic University
Pavlenko
Evgeny
pavlenko_eyu@spbstu.ru
COMPARISON OF THE EFFECTIVENESS OF ANOMALY DETECTION BY MACHINE LEARNING ALGORITHMS WITHOUT A TEACHER
The paper proposes the use of recurrent neural networks with the LSTM architecture for
solving problems related to the detection of anomalous instances in data sets and compares the
effectiveness of the proposed method with the traditional technique – the support vector machine
for one class. During the study, an experiment was conducted and criteria for the effectiveness of
implementations were formulated. The results obtained in this way made it possible to draw appropriate
conclusions about the applicability of recurrent neural networks in the tasks of detecting
anomalous instances and put forward proposals for the further development of this direction
10.48612/jisp/hmuz-b8ua-mv2e
004.056
anomaly detection; machine learning; support vector method; recurrent neural networks; LSTM; learning without a teacher; recurrent neural networks
https://jisp.spbstu.ru/article/2022.7.12/
2022_2_rus.pdf
RAR
RUS
148-159
Peter the Great St. Petersburg Polytechnic University
RUDNICKAYA
Ekaterina
0000-0001-9659-1244
Peter the Great St. Petersburg Polytechnic University
Poltavtseva
Maria
potavtseva@ibks.spbstu.ru
PROTECTION AGAINST ATTACKS ON MACHINE LEARNING SYSTEMS ON THE EXAMPLE OF EVADIATION ATTACKS IN MEDICAL IMAGE ANALYSIS
This paper is about the adversarial attacks on machine learning systems that analyze
medical images. The authors review the existing attacks, conducts their systematization and practical
feasibility. The article contains an analysis of existing methods of protection against adversarial
attacks on machine learning systems. It describes the peculiarities of medical images. The
authors solve the problem of protection against adversarial attacks for these images based on several
defensive methods. The authors have determined the most relevant protection methods, their
implementation and testing on practical examples – the analysis of COVID‑19 patient’s images
10.48612/jisp/1rgd-dmhp-rd2k
004.056
attacks on machine learning systems
machine learning system protection
adversarial attacks
medical images
machine learning
https://jisp.spbstu.ru/article/2022.7.13/
2022_2_rus.pdf