Showing total 322 results

51. Conceptual foundations for assessing the level of security of automated systems based on their vulnerability

Author

Aleksey O. Efimov, Ilya I. Livshitz, Tatiana V. Meshcherakova, and Evgeniy A. Rogozin

Subjects

automated system, vulnerability, security assessment, vulnerability criticality, security level, vulnerability assessment methodology., Information technology, T58.5-58.64, Information theory, Q350-390

Abstract

The paper presents the conceptual framework for assessing the level of security of automated systems based on their vulnerability. The analysis of regulatory standards, methodological recommendations and regulatory documents in the field of assessment and classification of vulnerabilities of information systems is carried out. According to the analysis of the draft update of regulatory documents, it was concluded that the terms automated system and information system are equal, which allows applying all the necessary requirements, recommendations, formal descriptions, and other standardized requirements applicable to information systems. The analysis of the process and causes of the detection of vulnerabilities of the automated system, the formation of sets of vulnerabilities, the definition of the basic vulnerability of the automated system, and the current vulnerability of the automated system, as well as the ways to eliminate these vulnerabilities are considered. The method of assessing the criticality of vulnerabilities of the FSTEC of Russia, based on the international CVSS 3.1 methodology, is considered. In order to make it easier to independently calculate the criticality of vulnerability, adaptation is made, and a thorough description of the process of assessing the criticality of vulnerability of the CVSS 3.1 standard is made. A methodology for assessing the level of security is proposed by analyzing the criticality of the vulnerability of an automated system (the totality of the criticality of vulnerabilities of an automated system). Conclusions are drawn about the direction of further research: the construction of a security assessment model based on vulnerability, as well as a vulnerability prediction model.

Published

2023

52. Methodological and implementation aspects of introducing secure software development processes

Author

Sas S. Arustamyan, Vitaly V. Varenitca, and Alexey S. Markov

Subjects

information security, software security, application security, secure software, secure lifecycle, software development processes., Information technology, T58.5-58.64, Information theory, Q350-390

Abstract

The paper presents the results of the study of the state of meeting the requirements for secure software development, as defined by national standards. Objective and subjective reasons for the demand for the integration of secure software development procedures into the life cycle of secure computer products are given. The dependence of the number of software errors and vulnerabilities on the maturity of the software development company is noted. The requirements of national standards in the field of development of secure programs in the context of mandatory and voluntary certification of software products according to information security requirements are considered. The processes of developing secure software that are of priority importance in the activities of the testing (certification) laboratory are highlighted. The features of harmonization of national and international standards for application security are shown. The advantages of national standards relative to foreign good practices and standards are noted. Original conceptual models for choosing procedures for developing secure programs and implementing software development processes are presented. A general methodology for auditing the secure software development management system is presented. The statistics of secure software development procedures implementation in serial production of information security tools are given. The features of the Russian market for the development and production of secure software are noted. Typical organizational mistakes of program developers in the process of implementing information security requirements are noted. Recommendations are formulated to improve the efficiency of implementation of secure software development procedures. The conclusion about the effectiveness and prospects of the development of security management systems for software resources within the framework of quality management systems and information security management systems is made.

Published

2023

53. Information Integrity checking methods for smartphones with Android operating system

Author

Mikhail M. Smotryaev, Ruslan Y. Mudry, Rodion Y. Pantsyr, and Daniil A. Poplavasky

Subjects

android, read-only memory, integrity check, operating system, smartphone, secure boot, device configuration., Information technology, T58.5-58.64, Information theory, Q350-390

Abstract

The tendency of organizations to use unprotected mobile devices with the Android operating system leads to an increase in incidents with the loss of important information. As a result of certain attacks on the system, it is modified and elements that compromise the built-in security of the device can be added to it without authorization. This study suggests methods of protecting the system by controlling the integrity of information. The purpose of the paper is to substantiate the model of information integrity control. The methods for securing system information, including integrity control and partitioning memory are described. The software part includes a mechanism for monitoring the integrity of the system when the device is turned on. The hardware part includes a modified memory drive consisting of non-rewritable sections and sections that allow recording, deleting and editing information. Moreover, the device itself is supposed to be made non-disassembly and without the possibility of replacing unauthorized components: all modules will be cryptographically linked to the motherboard. As a result of this scientific work, recommendations for the design of domestic smartphones have been developed, and the operation of the integrity control tool has been verified as well. The results of this study will make it possible to create an uncompromised corporate device for working with confidential information, eliminating the need to use personal devices for employees. The integrity control tool was tested on a real device with the Android 9.0 Oreo system installed.

Published

2023

54. Approaches to detection of malware using custom network protocols

Author

Alexander I. Mukhamedov

Subjects

malware, network protocols, encryption, detection, neural networks., Information technology, T58.5-58.64, Information theory, Q350-390

Abstract

The majority of malware communicate with their components over the network. The purpose of this interaction can be downloading the necessary modules, transferring stolen information, etc. Often such interaction is based on the most common protocols - HTTP and HTTPS, but there are quite a lot of facts that malware creators implement their own protocols. The purpose of this study is to analyze approaches to implementing custom protocols that exist among malware developers and methods for its detecting in network traffic. Possible reasons that encourage malware creators to do this are described. A brief overview of the variants of such protocols, from primitive to very complex, is given, including examples. The paper also describes some approaches for detection such activity in network traffic: signature analysis, methods based on statistics and machine learning, neural networks. The main advantages and disadvantages of these methods are considered. The result of the analysis of these methods is the conclusion that the most promising approach to this problem is the use of neural networks, but when implementing neural networks in practice, certain difficulties may arise associated with their training and further support, which most likely will need to be overcome on their own.

Published

2023

55. Dose dependence of the spectral characteristics of sigma-delta analog-to-digital converters

Author

Maria O. Kalashnikova, Roman S. Torshin, Georgy S. Sorokoumov, Alexander A. Demidov, and Dmitry V. Boychenko

Subjects

analog-to-digital converter, sigma-delta, histogram method, adc`s static parameters, adc`s dynamic parameters, chip testing, total ionizing dose., Information technology, T58.5-58.64, Information theory, Q350-390

Abstract

This paper presents the results of the study of sigma-delta analog-to-digital converters` main spectral parameters` dependence on the total ionizing dose (TID). Within the framework of this study the main parameters of analog-to-digital converters (ADC) (dynamic, static and electrical) were controlled. The main dynamic characteristics of sigma-delta ADC are signal-to-noise ratio (SNR), spurious-free dynamic range (SFDR), signal-to-noise and distortion ratio (SINAD) and total harmonic distortion (THD). Those have been determined from the spectrum of digitized sine signal using the fast Fourier transform (FFT). Static parameters (integrated nonlinearity (INL), offset and gain errors) were determined using a straight line that linearizes the transfer function, according to the method which is described in the IEEE Standard for Terminology and Test Methods for Analog-to-Digital Converters. National Instruments modular measuring equipment was used for testing ADC`s parameters. Comparative data on the dose dependence of static and dynamic parameters of two sigma-delta ADC and one sigma-delta modulator are obtained. Based on the results, it was concluded that the most sensitive parameters of sigma-delta ADC to TID are its dynamic parameters. Therefore, when assessing the sigma-delta ADC`s radiation hardness, the spectral characteristics of absorbed dose should be kept under control.

Published

2023

56. On the informativeness of the extreme octave bands of the speech frequency range

Author

Sergei B. Kozlachkov, Sergey V. Dvoryankin, Andrew M. Bonch-Bruevich, and Nadezhda V. Vasilevskaya

Subjects

“speech-like” noise, intelligibility of speech, speech signal, information protection, acoustic noise generators., Information technology, T58.5-58.64, Information theory, Q350-390

Abstract

The paper presents a review of the topical issues of acoustic speech information protection in terms of the influence of the speech signal’s temporal envelope on the processes of recognition of an intercepted speech under the conditions of existing information and technical confrontation. It is shown that if an intruder who intercepted acoustic speech signals that are limited by the frequency range of the 1st octave which contribution to the indicator of verbal intelligibility according to the current methodological approach of assessing the security of speech information is extremely small, is able to use an automatic speech recognition systems, it becomes possible to isolate the temporal envelope of the original speech signal, to segment it and increase the efficiency of subsequent recognition procedures. By making calculations and experiments the authors have found out that there is a high degree of correlation between the wave formats of the signals in the isolated 1st octave and the full speech signal, as well as between the mixture of the 1st and 7th octaves and the full speech signal. As a result of the analysis several speech parameters that are not taken into account in the current methodological approach are determined. Such parameters are the wave envelope and the first harmonic of the fundamental frequency. According to the results of the experiment those parameters in addition to formants have a significant impact on speech intelligibility. Also is demonstrated the influence of the speech signal waveform (temporal envelope) on the speech signal segmentation procedures in case of a continuous speech stream.

Published

2023

57. Cryptographic mechanisms for secure interaction of control and measuring devices

Author

Alexey Yu. Nesterenko and Alexander M. Semenov

Subjects

cryptographic protocols, secure communication, security features., Information technology, T58.5-58.64, Information theory, Q350-390

Abstract

The paper describes the key features of the cryptographic protocol providing secure interaction between control and measuring devices. The hierarchical structure underlying this protocol and the relationship between the transport and session levels of the ISO model, to which different stages of message processing are linked are described. The security of the protocol is based on the use of the standardized domestic cryptographic algorithms and mechanisms that ensure the authentication and integrity of transferred data. The protocol supports different options for establishing a connection, depending on used authentication method and technical capabilities of the devices. The protocol was developed in accordance with the recommendations of the national system of standardization of theRussian Federationon the principles of development and modernization of encryption (cryptographic) means of information protection, and is designed as recommendations on standardization in2020. Inthis paper a number of the certain properties of safety identical to tasks which are put by the infringer at attempt of compromise of work of the protocol and necessary for substantiation of cryptographic stability of considered mechanisms are formulated. Feasibility of the considered properties of safety, based on various mechanisms embedded in structural elements and logic of the protocol, and on complexity of compromise of the standardized domestic cryptographic solutions is shown.

Published

2020

58. DIGITAL VIDEO WATERMARKING

Author

V. G. Ivanenko and N. V. Ushakov

Subjects

digital watermarks, video, embedding information, dew, Information technology, T58.5-58.64, Information theory, Q350-390

Abstract

The paper proposes the DEW watermarking algorithm for copyright protection of MPEG streams. The solution to copyright protection of media content is based on embedding digital watermarks. This paper reviews different watermarking methods using discrete cosine transform (DCT). The DEW algorithm embeds label bits by selectively discarding high frequency DCT coefficients in certain image regions. Metrics for which DEW method is most effective are defined. The performance of the proposed watermarking algorithm is evaluated by the robustness of the watermark, the size of the watermark, and the visual degradation the watermark introduces. These performance factors are controlled by three parameters, namely the energy difference, the number of DCT blocks used to embed a single watermark bit, and the lowest DCT coefficient that we permit to be discarded. The watermark was subject to wide range of attacks: re-encoding, cutting, re-labeling, changing of bit-rate. The resulting model can be used for video copyright protection.

Published

2016

59. FPGA and digital SOIC SET’s control under heavy ion and proton irradiation

Author

Georgii Sergeevich Sorokoumov, Dmitrii Vladimirovich Bobrovskiy, Aleksandr Innokent’evich Chumakov, and Aleksandr Aleksandrovich Pechenkin

Subjects

VLSI, FPGA, SOIC, Information technology, T58.5-58.64, Information theory, Q350-390

Abstract

The paper presents discussion about SETs generated in FPGA and SOIC under heavy ions and high energy protons irradiation and SET suppression in electronics. Schematic circuit for FPGA/SOIC SET detection is presented. The schematic circuit is designed for SET investigation both inside FPGA/SOIC and outside at package pin level. SET registration inside FPGA or SOIC is carried out as an event when logical cell is switched. Oscilloscope is used to register SETs at IC pin level. All SETs registered by oscilloscope are recorded and analyzed to collect data about SET amplitude and pulse width. The SET control schematic circuit was carried out at two different facilities: U400M heavy ion accelerator at the Joint Institute for Nuclear Research (JINR, Dubna, Russia) and picosecond PICO-3 laser facility (JSC «ENPO SPELS», Moscow, Russia). SET experimental results are presented and discussed in the paper.

Published

2016

60. Software implementation of protection against unauthorized access

Author

Albina S. Ismagilova and Nikita D. Lushnikov

Subjects

authentication, neural network, information security, information protection., Information technology, T58.5-58.64, Information theory, Q350-390

Abstract

Information security tools are an integral part of system users. The concept of information security implies the development and expansion of the scope of innovative technologies in information processing. To keep the information security system up to date, it is necessary to periodically update and supplement the structure of information protection, information security threat model and hardware and software complex. This paper analyzes the existing methods of information protection and proposes the implementation software system modules for personality recognition by photo and video, voice recognition, deep neural network and the creation of configuration for its weights file. Based on the generated data set, a method for synthesizing the parameters of a mathematical model of a convolutional neural network, presented as an array of real numbers, which are unique identifiers of a personal computer user, has been developed and proposed. This study uses the features of simulation modeling of user authorization systems, as well as the error function when compiling a neural network model. The training model of multi-factor biometric authentication is trained using categorical cross-entropy. The training sample is generated by adding distorted images from the database by changing the receptive fields of the convolutional neural network. The objective of this study is the application of new methods and means of protecting information of workstations from information threats. The result of the study is the developed information security system designed to ensure the information security of users of personal computers and workstations of enterprises.

Published

2023

61. Functionality of the critical information infrastructure cybersecurity network

Author

Viktor S. Gorbatov, Igor Y. Zhukov, Vladislav V. Kravchenko, and Dmitry I. Pravikov

Subjects

cybersecurity, computer attacks, critical information infrastructure, network technologies, technological development, point protection, functionality., Information technology, T58.5-58.64, Information theory, Q350-390

Abstract

The analysis of modern approaches to countering computer attacks on critical information infrastructure (CII), presented in the form of distributed information resources, shows that there is an objective need for technological development of this direction. In this aspect, the most promising solution to this problem seems to be the use of the concept of "Cybersecurity Mesh" (cybersecurity networks), introduced by Gartner without precise instructions on practical implementation and possible technological solutions. This paper presents the results of a study of functional requirements for systems implemented in accordance with the above concept, on the basis of which a new architecture of CII cybersecurity will be set in the future. The features of its application proposed by the authors of the concept are considered in detail, on the basis of which the requirements for the functional structure of possible technological requirements have been developed. It consists of four basic levels that allow you to respond flexibly to emerging integration and security challenges. These levels include: intelligent information security and analytics, distributed identity structure, consolidated policy and state management, consolidated interactive dashboard. To meet the specified functional requirements, a technological model for building a cybersecurity network is proposed in the form of an organic combination of three fairly heterogeneous technologies: 5G mobile communications, Secure Access Edge (SASE - Secure Access Service Edge) and advanced detection and response (XDR) into a consolidated cloud platform. The results of the studies of the functionality of the concept of a cybersecurity network can be considered as a methodology for ensuring the security of CII, implying a transition from building a single secure digital perimeter around all its devices or nodes to point protection of each remote access point. This publication can be useful for experts in the security forces of CII facilities, as well as to employees of educational institutions in the implementation of appropriate training, retraining and advanced training programs for such specialists.

Published

2023

62. Assessment of the possibility of machine learning for electronic equipment quality prediction

Author

Anna S. Kolosova, Anna S. Kameneva, Georgii G. Chukov, and Alexander Y. Nikiforov

Subjects

electronic equipment, machine learning, quality of electronic components, identification., Information technology, T58.5-58.64, Information theory, Q350-390

Abstract

The major algorithms and methods of machine learning are considered. A possibility of machine learning and neural network using for electronic equipment quality prediction is assessed. The paper provides examples of the successful application of these algorithms to improve such quality of electronic components indicators as reliability, resistance to external influencing factors, etc. Before testing electronic components on resistance to external influencing factors it is necessary to identify samples of electronic components by fluoroscopy in order to identify possible heterogeneity in the structure of samples belonging to the same batch. A solution of the electronic components batches uniformity problem using computer vision and clustering algorithms is proposed.

Published

2023

63. Evaluation of statistical properties and cryptographic strength of random sequences obtained by an IBM quantum computer

Author

Mikhail A. Orlov, Kirill A. Nechaev, and Sergey A. Reznichenko

Subjects

quantum generator, quantum computer, random sequence, deterministic noise, statistical properties, cryptographic strength., Information technology, T58.5-58.64, Information theory, Q350-390

Abstract

The paper aims to study the possibilities of using quantum generators based on the IBM Quantum Experience system in solving practical problems. The subject of the study is the evaluation of the statistical properties of quantum sequences. Special attention is paid to the application of such solutions in cryptographic algorithms. The relevance of the research is due to the possibility of compromising key information in deterministic algorithms for generating random sequences, as well as progress in the field of quantum computing. In the course of the study, the principles of the formation of quantum circuits were considered based on which software was developed that forms quantum sequences according to specified parameters. Three variants of quantum circuits were studied: a one- and five-qubit circuit for the IBM Quito quantum computer and a 25-qubit circuit for a quantum simulator. With the help of each of the circuits, sequences were formed for which statistical properties were evaluated based on the NIST SP 800-22 standard. In the course of the research, it was found that random sequences obtained on the IBM Quito quantum computer don’t have good statistical properties. Such sequences didn’t pass most statistical tests and also showed a distribution different from the distribution obtained on the simulator. The deterministic external environment is a crucial problem of weak statistical properties, which affects the operation of valves and meters. The degree of its negative impact determines the quality of the entire quantum machine. The study results can be used as a basis for further research of other quantum machines, as well as a basis for the overall improvement of the quality of a quantum computer. A quantum computer can help with incomparable calculations with supercomputers' capabilities. IBM's latest developments in the calibration of qubits and work with quantum errors will bring closer the possibility of their use in cryptography. Therefore, an essential aspect of development in this direction is the potential reduction of the impact of the external environment on quantum computer operation.

Published

2023

64. Methodological approach to the integration of information resources in a distributed information processing system

Author

Anatoliy A. Chuprinov

Subjects

information resources, database, information pooling, data pooling, unified information space, data pooling method, analytical computing, information hypercube, decision support system., Information technology, T58.5-58.64, Information theory, Q350-390

Abstract

The paper discusses a number of issues related to the formation of the initial information array, represented by the content of the combined databases, as a carrier of information. The methodological approach to combining information resources in a distributed information processing system, in contrast to the well-known methods of integrating information resources, is based on the procedure for transferring the technical characteristics data with mismatched attribute values of electronic components described in a series of new national standards. A clarifying action when combining information arrays is the procedure for transferring the technical characteristics data with mismatched values of the CI attribute. This procedure determines a complete set of technical characteristics of the resulting resource, and the method algorithm is a new mechanism compared to the existing and used combining data methods, that described in the national GOST RF standards of the characterics choice for the russian electronic components. Thus, a feature of the developed method is the algorithm for combining industry data and creating a uniform representation of the complete eletronic components data within one form. The article describes and analyzes the process of combining data parts of two information systems. UML activity diagrams and logical conditions for choosing alternative procedures in this algorithm have been developed. Human participation need cases in the process of combining data are given. The use of this approach and the regulatory framework in the form of a series of national GOST R 59988.XX.XX.XX-2022 will allow a standardization of the information resources of the domestic electronic component base and designing the documentation for prototypes of electronic equipment at all stages of the life cycle.

Published

2023

65. The Methods of Information Security Based on Blurring of System

Author

Mikhail Andreevich Styugin

Subjects

information security, protection from research, perfect secrecy, pseudo random number, cipher, Information technology, T58.5-58.64, Information theory, Q350-390

Abstract

The paper present the model of researching system with own known input, output and set of discrete internal states. These theoretical objects like an absolutely protected from research system and an absolutely indiscernible data transfer channel are defined. Generalization of the principle of Shannon Secrecy are made. The method of system blurring is defined. Theoretically cryptographically strong of absolutely indiscernible data transfer channel is proved and its practical unbreakable against unreliable pseudo random number generator is shown. This paper present system with blurring of channel named Pseudo IDTC and shown asymptotic complexity of break this system compare with AES and GOST.

Published

2016

66. Hardware protection of UEFI-firmware and NVRAM of the computer with Resident Security Component

Author

Aleksandr V. Bolodurin and Andrey A. Altuhov

Subjects

uefi, hrsc, uefi firmware, nvram, access control., Information technology, T58.5-58.64, Information theory, Q350-390

Abstract

The issue of protecting the firmware and the memory area for storing variables (NVRAM - Non Volatile Random Access Memory) of the UEFI (Unified Extensible Firmware Interface) system are discussed in the paper. The research methodology is a deduction. The problem of trusted computer loading, in particular, the proprietarity of the UEFI stage, is relevant in the field of computer security. For an introduction to the context and subject field, the components and environment of the UEFI system, attack vectors on the system, the consequences of successful attacks for the user and built-in security tools are briefly described. The advantages and disadvantages of using two memory areas with different access modes as a way to protect critical UEFI system data are considered. As a memory area with a configurable access policy, it is proposed to use the hardware implementation of the resident security component (HRSC). Finally, the functionality of the HRSC and the applicability of this solution for ensuring the security of the UEFI system are considered. As a result, the justification of the applicability of the HRSC as a tool for differentiating access to critical parts of UEFI firmware and NVRAM was obtained. In addition, the advantages of using the HRSC as a memory area with a configurable access policy are identified. In particular those are the ease of implementation, variability of access differentiation and platform independence from the model and architecture of a computer with UEFI.

Published

2022

67. Sustainability of the functioning of critical information infrastructure facilities

Author

Grigory P. Gavdan, Vitaliy G. Ivanenko, Elina P. Rybalko, and Denis P. Rybalko

Subjects

significant object, critical information infrastructure, critical process, threats to information securlty, assessment of the stability of the functioning of the object, the stability of the critical process., Information technology, T58.5-58.64, Information theory, Q350-390

Abstract

The purpose of the paper is to consider the sustainability of the functioning of critical information infrastructure (CII) facilities. The states should ensure proper protection of their significant (if any) CII facilities. Significant negative consequences may arise for the subjects of the CII of Russia, critical sectors of the economy that have hundreds or even thousands of CII objects in their composition. As a result, this may lead to disruption of technological processes at a significant CII object. In order to ensure the stable operation of an object classified as a CII, it is required to perform an assessment of its (sustainable) functioning. Evaluation of the effectiveness of the applied measures to ensure the safety of significant objects (ZO) of the CII requires an assessment of the stability of their functioning, which is inherently determined by the stability of their critical processes. However, currently there is no generally accepted approach to conducting such an assessment and its definition is an urgent task. The objects of the research are the CII objects. The subject of the study is the sustainability of the functioning of data (CII) objects in the conditions of threats to information security (IS). The stability of CII objects are examined. The analysis of regulatory legal acts (NPA) and scientific publications on the research topic is carried out. This analysis of the NPA of the CII showed that there are problems in this area, therefore, the approach to ensuring the safety and stability of the functioning of both the CII and its individual objects should be based on certain principles. The main definitions and problems are discussed, the arguments confirming the importance of the study are provided. The results of the study can be used when considering approaches to assessing the functioning of CII facilities and improving the assessment of its stability.

Published

2022

68. Undocumented x86 instructions to control the CPU at the microarchitecture level in modern INTEL processors

Author

Mark M. Ermolov, Dmitry V. Sklyarov, and Maxim S. Goryachy

Subjects

attack, microcode, undocumented instruction, threat, vulnerability, intel., Information technology, T58.5-58.64, Information theory, Q350-390

Abstract

The purpose of this study was to uncover previously unknown vulnerabilities in Intel CPUs caused by implementation errors or backdoors embedded in system firmware, applications, and hardware. The authors have discovered the Red Unlocked debugging mode which allows microcode to be extracted from Intel Atom processors. Using this debugging mode, the internal microcode structure and the implementation of x86 instructions have been examined, and two undocumented x86 instructions were found. These undocumented x86 instructions, udbgrd and udbgwr, can read and write microarchitectural data. These instructions are assumed to be intended for Intel engineers to debug the CPU microarchitecture. However, their existence poses a cybersecurity threat: there is a working demonstration available in the public domain on how to activate the Red Unlock mode for one of the current Intel platforms. This paper presents the analysis of the udbgrd and udbgwr instructions and explains the conditions under which they can be used on commonly available platforms. This kind of research can be used to develop methods, tools, and solutions to ensure information security of systems and networks by countering threats that arise from newly identified vulnerabilities stemming from implementation defects or backdoors in system firmware, applications, and hardware.

Published

2022

69. Review of laser scanning methods for microelectronic semiconductor structures investigation

Author

Roman K. Mozhaev, Alexander A. Pechenkin, Arseniy A. Baluev, Oleg. B. Mavritskii, and Andrey N. Egorov

Subjects

laser scanning microscopy, infrared radiation, femtosecond laser pulses, failure analysis, semiconductor structure visualization., Information technology, T58.5-58.64, Information theory, Q350-390

Abstract

The development and widespread of high-tech microelectronic products impose increased requirements on the quality and reliability of microcircuits. The most effective methods for reliability improvement of electronic systems include diagnostic non-destructive testing (NDT) methods and selective destructive testing in special cases. Studies using visual inspection and electrical testing, consisting of functional and parametric testing, do not provide enough information to detect latent defects (for example, macro-defects in SiO 2 layers in CMOS chips) and to detect fakes and counterfeits. A fake integrated circuit (IC) may contain an undeclared malicious modification of the circuit, called hardware bugs. The common ICs studying tools are systems based on microfocus X-ray sources, scanning acoustic microscopes, optical and scanning electron microscopes, and X-ray fluorescence spectroscopes. Products destruction avoidance is a fundamental point, for example, for the technological process control in crystal manufacturing. Investigation of ICs using a light microscope is one of the most accessible and widespread method of microchip NDT. Semiconductor ICs structure scanning from the side of the device layer is limited by the shielding effect of metallization, since the metal is opaque for light. This limitation can be overcome by an alternative approach to microchip scanning based on irradiating the IC from the side of the substrate with laser sources in the near-IR range. This paper provides a brief overview of the major methods used in laser scanning microscopy to analyze the structures, responses, and features of the operating modes of semiconductor circuits. The main advantages and limitations in the use of optical methods are described, as well as what information about the product can be obtained as a result of laser scanning.

Published

2022

70. Methodological aspects of penetration testing automation for significant objects of critical information infrastructure

Author

Victor S. Gorbatov, Dmitriy A. Dyatlov, and Aleksander N. Ryzhikov

Subjects

security audit, information security, critical information infrastructure, facility, penetration testing, vulnerability., Information technology, T58.5-58.64, Information theory, Q350-390

Abstract

The paper deals with the existing regulatory and methodological framework that determines the importance of the problem of penetration testing as well as the main methods of testing significant objects of critical information infrastructure (CII). Ensuring the security of significant CII facilities for the purpose of their sustainable operation is the high priority task of state regulation in the field of information security of Russia. Currently, a separate direction of organizational and legal support for the safety of CII has been formed on the basis of the corresponding new regulatory framework. Much less attention is paid to the issues of instrumental (technical) support of this direction, since the objects of CII from a technological point of view are traditional means of information technology. Taking into account the current uneasy international situation, timely instrumental detection and identification of numerous vulnerabilities allows improving the security of critical information infrastructure. Existing methods of conducting a security audit, as well as testing the protection of CII objects from penetration threats, have certain drawbacks, such as laboriousness, large time and material costs, as well as an acute shortage of qualified specialists. A fairly obvious, although very complex, way to solve this problem is to automate the penetration testing process as an important part of measures to ensure the safety of significant CII objects. Methodological aspects of creating an automated software complex for penetration testing are the main purpose of the study conducted on the basis of an analytical review of the main approaches and ways to implement the above task. As a result of this study the main methodological aspects of this problem have been determined, including specific features for CII objects. The obtained results can be used to develop similar security software systems for any objects of informatization.

Published

2022

71. Socio-psychological techniques of information warfare

Author

Anatoly A. Malyuk

Subjects

information society, information war, information and psychological impact on the individual and society, demagogic techniques of information warfare., Information technology, T58.5-58.64, Information theory, Q350-390

Abstract

Since the end of the XX century, information technologies have begun to actively penetrate into all spheres of society, which led it to a new stage, so-called "informational". In the new society, information has become the main element of people's existence. For this reason, they very often fall under the influence of persons interested in solving various kinds of political problems in the way they need, which is nothing else than an "information weapon». In the world today one can observe such vivid results of its application as hatred between citizens of different states, the disintegration of society and the creation of the image of an enemy. The successful conduct of an information war in the international arena can provide a huge impact on the opinion of the world community. At its core, the information war has already become a kind of military interstate confrontation. In the development of such conflicts, the most important element is the informational and psychological suppression of the enemy, which consists in frightening and emotionally suppressing the opponent. In these sense, the knowledge of forms and methods of such information warfare will not only weaken and minimize its effect, but also protect people, giving them the opportunity to ensure both general and information security. This paper is devoted to the problem of classifying of various methods of informational and psychological impact on the individual and society and the features of their application for the realization of certain goals of a potential enemy.

Published

2022

72. On the application of the vulnerability analysis method of the technological process of the production facility to ensure the information security of the automated process control system, taking into account the interrelation of components

Author

Alexander S. Mosolov, Andrey E. Krasnov, and Nikolay A. Urban

Subjects

threat, risk, stability, information security policy, technological systems, critical information infrastructure, fuel and energy complex., Information technology, T58.5-58.64, Information theory, Q350-390

Abstract

The purpose of the paper is to analyze the vulnerability of systems that ensure the processes of vital activity of an object of the fuel and energy complex. The application of the shifted ideal method, as well as the method of reduced hierarchy analysis, made it possible to find the most vulnerable elements of technological systems and to identify the dependence of the operability of these elements on the security of information flows in automated process control systems. The need in forming reasonable requirements for the information security policy of the enterprise and focusing on ensuring a sufficient level of protection against threats to the elements of the enterprise information system is demonstrated. The execution of such threats can lead to consequences that cause a huge damage according to the following criteria: the emergency zone, economic damage, the number of victims, the probability of system failure. The analysis of the significance of threats to information systems as well as the analysis of the stability of both individual components and their aggregates are carried out. The nature of the interconnectedness (relationships) of the components of information systems of the enterprise is shown. As part of the consideration of threats to the components of information systems, the hierarchical dependence of the security of complex assets of the information system on the security of the basic components of the lowest level is revealed. A threat model has been developed based on the list of threats approved by the Federal Service for Technical and Export Control in the database of information security threats for information systems. The application of this approach makes it possible to form provisions for the information security policy of the enterprise and to invite information security specialists to develop the software and hardware protection for the enterprise information system.

Published

2022

73. UMPHE: A Library for Effective Computing On Encrypted Data

Author

Philipp Borisovich Burtyka

Subjects

fully homomorphic encryption, unilateral matrix polynomials, software library, Information technology, T58.5-58.64, Information theory, Q350-390

Abstract

The paper describes the design and implementation of a new software library that implements fully homomorphic encryption schemes based on unilateral matrix polynomials. The library is written in C++ using the NTL mathematical library and has multilayer structure. The main focus is on optimizations and batching techniques. The paper presents novel encryption and key generation algorithms for matrix polynomial based cryptosystems and techniques for data movement between the slots of the ciphertext.

Published

2016

74. Using of asynchronous circuits to increase protection against side channels attacks

Author

Igor A. Danilov and Pavel S. Dolotov

Subjects

side-channel attacks, asynchronous circuits, integrated circuits, information systems security., Information technology, T58.5-58.64, Information theory, Q350-390

Abstract

The aim of this study is to analyze the use of asynchronous circuits to improve the security of information systems against side-channels attacks, which are means of obtaining unauthorized access to confidential data and performing unauthorized actions in the system. Side-channels attacks are fundamentally different as compared with a cryptographic analysis and an exploitation of software errors in their focus on the hardware of the system under attack. Integrated circuits unintentionally create electromagnetic signals during their operation and have a number of performance characteristics that can be investigated by an attacker and therefore become the sources of information leakage, i.e., side-channels. The security of modern information systems cannot be fully ensured without increasing resistance to such attacks. One of the methods to counter side-channel attacks is the use of asynchronous circuits, which main distinguishing feature is the refusal from the use of a global clock signal to synchronize individual elements of an integrated circuit in favour of local synchronization provided by the "handshake" mechanism. Integrated circuits designed using asynchronous circuitry have a number of unique benefits that make it possible to effectively resist side-channel attacks, such as timing attacks and attacks with using power consumption analysis. This paper presents a classification of side-channels attacks, describes asynchronous circuits and their properties that increase their resistance to certain types of side-channels attacks, and provides examples that clearly show the increase in the protection of information systems with the asynchronous circuits.

Published

2022

75. Indirect signs method for detecting hardware threats of technical means

Author

Anatoliy A. Chuprinov and Dmitry O. Smirnov

Subjects

electronic component base, verification, information security, information security, signature, database, software., Information technology, T58.5-58.64, Information theory, Q350-390

Abstract

The use of foreign computer-aided design (CAD) systems and debugging of IP-blocks in the development of ultra-large integrated circuits (VLSI) are associated with the risks of the appearance of "Trojans", not declared by developers of software and finished product. "Trojans" are relatively easy to embed, so that they will not be detected by tests and test sequences, generated by the same CAD system, when checking the finished product. The identification of "Trojans" allows increasing the level of information security of electronic equipment, which uses VLSI of foreign production. Procedures for detecting "Trojans" should also be subjected to domestic VLSI, developed and manufactured using CAD systems and the elements. Four classes of elements were selected as objects of threats to reduce information security: - hardware, without embedded software; - hardware, that do not have built-in software, changing the implemented functions depending on external influences; - software and hardware, containing a computer program and data that cannot be changed by the users; - software and hardware, containing a computer program and data that can be changed by the users. In general, the threat to information security is considered as a function that is not characteristic of the component, which implementation damages the user of the electronic equipment. The task of creating a methodological apparatus for identifying information Trojans in VLSI is considered in the paper. In order to solve the problem a method of indirect signs is proposed, which allows identifying the presence or probability of an information threat in the VLSI or electronic equipment, using this VLSI. The essence of the method consists in the application of signature analysis, based on the use of test sequences that help to establish an unambiguous correspondence between the input effects and the responses of the tested VLSI, depending on its internal parameters only.The developed mathematical apparatus can be used as the basis for hardware and software control of information security of the dual-use electronic equipment.

Published

2022

76. Improving functional reliability of biometric identification systems by introducing redundancy

Author

Vitaliy G. Ivanenko, Nina D. Ivanova, and Aleksey G. Sabanov

Subjects

Information technology, T58.5-58.64, Information theory, Q350-390

Abstract

The paper demonstrates a need to study the functional reliability of identification systems and the applicability of methods for ensuring the functional reliability of information systems for biometric identification systems. Methods of ensuring functional reliability of biometric identification systems via providing indicators of reliability of identification devices and introducing redundancy are considered. The applicability of the methods for biometric identification systems is investigated, its advantages and disadvantages are evaluated. Triple modular redundancy scheme has been developed for the program redundancy using N-version programming. An appropriate reliability scheme based on the principles of dual programming has been developed to implement the identification system with one additional redundant element. Based on the NIST statistics of face recognition algorithms for the developed reliability schemes the reliability indicators were evaluated and its advantages over a system consisting of a single non-redundant element have been shown. The proposed reliability schemes are consistent with the practice of ensuring the functional reliability of information systems and can be integrated into biometric identification systems that use biometric data as the main access identifier.

Published

2022

77. Specifics of Development and Implementation of Information Security Policies for Computer Networks

Author

Dmitry Sergeevich Chernyavskiy

Subjects

information security policy, network security systems, formal language, Information technology, T58.5-58.64, Information theory, Q350-390

Abstract

The paper considers basic features and requirements for information security policies and issues of their implementation in network security systems. In order to enhance efficiency of development and implementation of policies the paper describes possibility to utilize a formal language that allows to specify policies in a unified way and requirements for it.

Published

2013

78. Privacy-preserving machine learning based on secure three-party computations

Author

Sergey V. Zapechnikov

Subjects

privacy-preserving machine learning, secure multi-party computations, secret sharing scheme, homomorphic encryption., Information technology, T58.5-58.64, Information theory, Q350-390

Abstract

The paper is devoted to the analysis of privacy-preserving machine learning systems based on the concept of secure three-party computations. After general information about the purposes of secure multi-party computations and privacy-preserving machine learning, an overview of existing privacy-preserving machine learning systems and perspectives for their development is offered. An analysis of the work of leading foreign research teams allows to identify several criteria essential for evaluating privacy-preserving machine learning systems based on multi-party secure computations. A comparative analysis of privacy-preserving machine learning systems is carried out according to a dedicated system of criteria. The further subject of consideration is only systems based on three-party secure computations. The main attention is paid to the algorithmic aspects of the organization of such systems, the methods and protocols of information security implemented in them. Systems secure to various types of adversary are considered, both based on universal modules of secure two-party computations, and specialized ones designed to ensure the privacy of specific machine learning methods, such as neural networks. Examples of prototypes of such systems are considered in detail. Based on the results of the analysis, conclusions are made about the prospects for developing privacy-preserving machine learning systems, and the tasks of future research are described.

Published

2022

79. On the sustainability of logistics structures based on smart contracts

Author

Victor S. Gorbatov, Dmitriy A. Dyatlov, and Roman V. Natalichev

Subjects

audit, information security, it systems, logistics processes, security assessment, risk assessment, distributed ledger, smart contract, sustainability., Information technology, T58.5-58.64, Information theory, Q350-390

Abstract

One of the most promising solutions for optimizing logistics processes is the creation of automated supply management systems based on distributed registry technology, in particular a smart contract. However, in addition to the well-known economic advantages of such a technology, the expediency of its practical application will largely be determined by the stability of the functioning of these control systems in modern conditions of the threat of destabilizing influences. Currently, the solution to the security issues of smart contracts as programs are reduced to checking the source code of applications. Obviously, this is clearly not enough to ensure the reliability of logistics management, the stability of which can be determined on the basis of known methods for assessing the complex security of the corresponding IT system. This study adapts existing methods for auditing and assessing information security risks for an IT system using a smart contract, and the subject is to substantiate the applicability of such an approach to assessing the security of logistics processes, considering the features of smart contracts. The paper considers the features of the use of smart contracts in logistics processes, outlines appropriate approaches to audit and risk assessment of the functioning of the logistics management system based on smart contracts. Recommendations have been developed for the practical implementation of specific methods for assessing the security of an IT system using a smart contract, which is set by the authors as the goal of further work. The results of the study can be useful to specialists in the field of optimization of logistics processes and information security when developing new logistics schemes based on smart contracts.

Published

2022

80. Algorithms of network data analysis in the disclosure of a tax crime scheme

Author

Sergey V. Duga, Viktoriya V. Efimova, and Andrey I. Trufanov

Subjects

mathematical modeling network analysis, tax crimes, tax crime scheme, network analysis algorithms, crime investigation., Information technology, T58.5-58.64, Information theory, Q350-390

Abstract

The paper considers the possibility of using network (graph) analysis tools in the disclosure of a tax crime scheme and the formation of a strategy for its investigation. A data model is proposed that allows building a network topology of a crime based both on direct material about a crime event and on additional information obtained by accessing the databases of law enforcement and control agencies. The algorithms of network analysis that contribute to the identification of new information about the criminal scheme are also considered. These network algorithms make it possible to detect hidden and non-obvious connections between the defendants in the case, to identify the hierarchical structure of their relationships, which helps to identify the key participants in the criminal scheme. Using the examples of various criminal cases of tax crimes, it is shown that the use of the considered variants of network data analysis allows forming a crime scheme, providing the correct criminalistic characterization of the crime, determining the range of its subjects, offering the investigator a forensic methodology for investigating this type of crime (investigation algorithm) and standard investigative versions, that all together contribute to the proper organization of the investigation.

Published

2022

81. Analysis of the components of the DisplayPort interface architecture that affect the side electromagnetic radiation

Author

Egor A. Simakhin, Anatoly P. Durakovskiy, Grigory P. Gavdan, and Leonid N. Kessarinskiy

Subjects

information security, side electromagnetic radiation, displayport, anechoic chamber, laboratory tests., Information technology, T58.5-58.64, Information theory, Q350-390

Abstract

The present paper aims to determine possible approaches to the analysis of side electromagnetic radiation (EMR) of the monitor video subsystem with the DisplayPort interface within the framework of the investigation of computer processed information (CPI) security. An automated workplace with a single monitor and, accordingly, a specification for a single-threaded video signal transmission mode is considered as the CPI under study. In order to achieve this aim, the components of the DisplayPort interface architecture, the characteristics of the signal propagation medium from the source to the receiver and algorithm for forming transport units have been studied. The correlation between the number of active data transmission lines, the clock frequency per line and the characteristics of the transmitted data are described. The conducted experiment has shown that the power of the EMR depends on the shielding actions used in the cable design. When studying the interface architecture components that affect the EMR energy spectrum, it was found that the interference immunity of the main channel lines depends on the settings of the DisplayPort - DPCD. This dependence makes possible to change the configuration (for example, scrambling, data encryption and the use of frequency modulation with an extended spectrum) by software tools and thus significantly affect the quality of laboratory testing. Based on the results of the present study, a procedure for analyzing the necessary information for the application of approaches is proposed and the procedure for applying instrumental actions in preparation for laboratory studies is developed. This will allow obtaining more accurate values of the power of the useful signal when monitoring the processed information security of the CPI with the DisplayPort interface. Further research will be aimed at laboratory tests of the described approaches under operating conditions.

Published

2022

82. Soft tempest technology as an object of functional modeling

Author

Sergey V. Skryl, Ekaterina V. Vaitc, Sergey S. Nikulin, Roman A. Tsoy, and Varvara A. Antonova

Subjects

soft tempest technology, information leakage, interception of informative signals of сomputers technique (ct) via the st-channel, software-controlled transient electromagnetic pulse emanation., Information technology, T58.5-58.64, Information theory, Q350-390

Abstract

The present study introduces the software-controlled transient electromagnetic pulse emanation technology (Soft Tempest (ST) technology) and the ST-channel information leakage counteraction in terms of functional model. The paper describes the basic formalization of the actions of the intruder to prepare targeted interception of informative signals of сomputers technique (CT) via the ST-channel. This study also profiles the malware implementation in the working environment of CT and the initiation of a transient electromagnetic pulse emanation (TEMPE) from electronic equipment of CT. The detection of a TEMPE and interception of the informative signals of the TEMPE from electronic equipment of CT and processing these signals are observed. The basic formalization of processes of changing the configuration of the electronic equipment of the CT, its instrumental verification and technical control of the effectiveness of information protection from leakage through a ST-channel are desribed. The study presents a general mechanism for the decomposition of target functions «Intruder interception of informative signals of CE via ST-channel» and «Counteracting information leakage via the ST-channel». The classification basis for the three-level detailing of these target functions is substantiated. The results of detailing the actions of the intruder into certain stages, the ongoing activities to counteract information leakage, the processes taken by the intruder, taken countermeasures and the functions corresponding to these processes and countermeasures are provided. The obtained results are a prerequisite for the formalized representation of the processes described in terms of Markov processes and the development of mathematical models of the related temporal and stochastic characteristics to quantitatively measure the ability of the intruder to realize the threats of interception of a TEMPE from the electronic equipment of CT, caused by malware.

Published

2022

83. Network Security Centers as the GosSOPKA Forses

Author

Yakob Y. Mesengiser, Mark A. Malakhov, and Natalia G. Miloslavskaya

Subjects

network security centers, gossopka, critical information infrastructure of russian federation, computer attack, information security., Information technology, T58.5-58.64, Information theory, Q350-390

Abstract

The paper addresses the need to create a Network Security Center (NSC), and the functions of the NSC and infrastructure requirements on the basis of security requirements imposed by the subjects of the critical information infrastructure (CII) of the Russian Federation (RF) to ensure the safety of CII objects of the RF. The current work describes the NSC as the forces of the State System for Detecting, Preventing and Eliminating the Consequences of Computer Attacks Aimed at the Information Resources of the RF (GosSOPKA). As part of the work, the following tasks are solved: a list of regulatory bodies regulating the processes and security measures presented to the subjects of the CII of the RF to ensure security of objects of the CII of the Russian Federation as well as these processes and measures themselves are determined; Security Operations Centers (SOCs) and NSCs as the GosSOPKA forces are described. It is possible to use the results obtained in the framework of the processes of organizing cooperation with GosSOPKA, and the creation of a NSC dealing with computer attacks, detecting and responding to incidents around the clock; and a training course dedicated to the CII security.

Published

2022

84. Assessment of the state of protection of information systems against malware

Author

Sergey N. Goryachev and Nikolai S. Kobyakov

Subjects

information system, malware, structural and functional analysis, protection of an information system., Information technology, T58.5-58.64, Information theory, Q350-390

Abstract

This paper discusses the main types of malware and their destructive effects on information systems. The current work develops a mathematical model for assessing the state of security of information systems based on structural and functional analysis. To achieve the goal of this work, we analyzed existing mathematical models of adaptive information security management, and built a probability graph of system states and transitions. We define the concept of system states and their dependence on the necessary and sufficient conditions for the emergence and duration of the process of destruction by malware. The dependence of information system states on various deterministic and stochastic events has been studied. A model of a system for protecting an information system from malicious programs has been developed, and the permissible values of dangerous factors of malicious programs have been determined. The result of this work is a mathematical model for assessing the state of protection of an information system from malware. This model can be used by specialists in the field of information security to assess the security of both the operating information systems and those under development.

Published

2022

85. Comparative Analysis of Intrusion Detection Methods

Author

E. A. Novikov and A. A. Krasnopevtsev

Subjects

intrusion detection and prevention systems and methods, neural networks, Information technology, T58.5-58.64, Information theory, Q350-390

Abstract

This paper tells about existing methods of intrusion detection. The paper contains comprehensive com parative analysis of these methods. In this paper advantages and disadvantages of methods are identified. The preferred method to ensure the protection of distributed data processing systems is estimated.

Published

2012

86. Analysis of the Growth and Development of Acquiring Operations in Russia

Author

Valery Konstantinovich Ablekov, Anton Andreevich Krasnopevtsev, and Alexey Albertovich Modestov

Subjects

payment cards, acquiring, repayment of goods and services, Information technology, T58.5-58.64, Information theory, Q350-390

Abstract

The number of bank accounts and payment cards, the number and volume of transactions, the number of payment terminals are analyzed based on statistical data which provided by the Central Bank of Russia. The paper discusses the development trends of the banking industry, the main of which is the growth of Internet technologies. A number of factors affecting the development of the banking industry as a whole and for acquiring operations are analyzed, such as security, convenience and opportunity, the legal framework, the stability in the country. The basic advantages and disadvantages of acquiring and internet acquiring are shown in this paper.

Published

2015

87. The Method for creating a trusted hardware-software platform for its application in special purpose information systems

Author

Alexey Y. Borovikov, Oleg A. Maslov, Stepan A. Mordvinov, and Andrey A. Esafiev

Subjects

Information technology, T58.5-58.64, Information theory, Q350-390

Abstract

The paper presents a method to increase trust levels of foreign and domestic-made hardware-software platforms, designed to build specialised devices and computing facilities, which are meeting safety requirements and protected from BIOS vulnerabilities, to work with classified information. The purpose of the study is to investigate the ability of designing trusted foreign and domestic-made hardware-software platforms, protected from exploiting BIOS vulnerabilities. Research methods: in order to choose PC module that will be used for designing trusted hardware-software platform an analysis of Russian industrial-grade PC modules was made. In addition an analysis of known BIOS vulnerabilities was made. Proprietary BIOS replacement in a form of domestic-made Horizon bootloader, which includes unauthorised access to information protection measures was made as well as a possibility of practical use of trusted hardware-software platform with Horizon bootloader was overviewed. Obtained result: PC module for trusted hardware-software platform was selected, proprietary BIOS replacement in a form of domestic-made Horizon bootloader, which includes unauthorized access to information protection measures, was made; an increase in the level of trust levels of foreign and domestic-made hardware-software platforms, which are used to create specialized devices and computing facilities while meeting safety requirements and protected from BIOS vulnerabilities to work with classified information has been ensured; an approach to create trusted hardware-software platform design requirements and conditions was proposed; needs to exclude potentially dangerous Intel Management Engine controller's functionality were justified and proposal to use trusted hardware-software platform with Horizon bootloader was justified.

Published

2021

88. The use of polar harmonic transformations in the development of methods for robust image watermarking

Author

Alexey N. Shniperov and Valeriy A. Melnikov

Subjects

steganography, digital watermark, polar harmonic transformations, intellectual property protection, image watermarking., Information technology, T58.5-58.64, Information theory, Q350-390

Abstract

The need for developing a robust image watermarking method remains relevant. This is caused by the fact that existing watermarking methods are either not robust enough to various types of attacks on images, or computationally complex, or they are subject to the so-called numerical instability, i.e., accumulation of errors. This paper proposes the use of polar harmonic transformations as the basis of the method for image watermarking, including algorithms for embedding and extracting a watermark, and methods for multiple marking are proposed: multiple embedding and extracting by majority rule, multiple embedding and extracting according to the rule of greater similarity, embedding and extracting fragments of a watermark. The performance characteristics, such as robustness to various attacks, embedding and extraction time for a fixed area size, and maximum size of watermark, are measured using attacks implemented in StirMark BenchMark 4. The proposed method has been proven to be robust to many types of geometric attacks, JPEG-compression and other attacks, to have a high embedding and extraction rate, and to be numerically stable. The proposed method can be used to watermark JPEG images for copyright protection.

Published

2021

89. Development of a related key function in ARX stochastic data transformation algorithms

Author

Alexander A. Kozlov

Subjects

related keys, arx, stochastic algorithms, lightweight algorithms., Information technology, T58.5-58.64, Information theory, Q350-390

Abstract

In this paper an analysis of ARX stochastic algorithms based on related keys is considered. Analysis based on this approach is carried out using the selected open text and the keys linked by some function. A special case of using related keys is the analysis of an algorithm consisting only of the operations of modular addition modulo 2n, modulo 2, and cyclic shift. Such algorithms are so-called ARX stochastic algorithms. The common method of analysing the algorithms based on related keys is the rotation analysis method. This method allows formulating requirements only for the number of addition operations modulo 2n. The considered properties of the rotation analysis method demonstrated the need to develop requirements for ARX algorithms in terms of the number of cyclic shift operations. Based on the properties of the mathematical operations used in the ARX stochastic algorithms, a non-cyclic related key function was proposed. Among ARX operations, only the cyclic shift function affects the probability of such relation. The complexity of the analysis based on non-cyclic related key function has been estimated. It is proved that the complexity of relation key analysis of ARX algorithms is determined by the minimum of two numbers: the number of addition operations modulo 2n and cyclic shift operations in the algorithm.

Published

2021

90. Topical issues of creating a mass education system for information security culture

Author

Anatoly A. Malyuk and Zoya P. Malyuk

Subjects

information society, information security, information culture, continuing education, mass education, formation of a culture of personal information security., Information technology, T58.5-58.64, Information theory, Q350-390

Abstract

The rapidly developing processes of the information society formation in Russia put on the agenda the problem of improving the information culture of society and, above all, such a part of it as the culture of information security. The practice demonstrates a need in organising an effective "universal education" in the field of information protection for modern technical means of its collection, processing, transmission and storage. The Information Security Doctrine of the Russian Federation, approved by the President of the country in December 2016, repeatedly notes the importance of the problem of forming a culture of personal information security of citizens who are, in particular, active users of the Internet and other modern information and communication systems. In this regard, the article deals with topical issues of the formation of a system of continuous training of members of the information society in the field of the basics of information security, starting from the earliest years (from school or even from kindergarten). The paper describes the policy of forming a culture of information security, formulates approaches to the organisation of mass education systems, and suggests specific measures for their implementation. As an example of the progress in this direction, an innovative educational cluster created by a joint decision of the Ministry of Digital Development, Communications and Mass Media of the Russian Federation and the Department of Education and Science of Moscow is described.

Published

2021

91. Сonvolutional neural networks in the diagnosis of skin neoplasms

Author

Valentin G. Nikitaev, Alexander N. Pronichev, Olga B. Tamrazova, Vasily Yu. Sergeev, Yuri Yu. Sergeev, Dmitry V. Gurov, Sergei M. Zaitsev, Mikhail Solomatin Solomatin, Tamara P. Zanegina, and Vladimir S. Vladimir S. Kozlov

Subjects

artificial intelligence, convolutional neural networks, image recognition, melanoma diagnostics, telemedicine technologies, information security., Information technology, T58.5-58.64, Information theory, Q350-390

Abstract

The problem of using artificial intelligence technologies in the diagnosis of skin neoplasms is considered. Dermatoscopic images for 8 nosologies were considered as the object of research. The melanoma was one of them. Melanoma is responsible for the most deaths of all skin cancers. The aim of the study was to evaluate the effectiveness of the use of pre-trained convolutional neural networks for the classification of skin neoplasms. A classification algorithm for an ensemble of convolutional networks was proposed. Pre-trained neural networks have been studied to form the ensemble. Neural network samples were selected from a set of neural networks that have proven themselves in the ImageNet Large Scale Visual Recognition Challenge. According to the results of the experiment the best three of the eight convolutional neural networks were selected for inclusion in the ensemble – MobileNet_v2, ResNet_152, ResNeXt_101_32x8d. The experiment was conducted on a sample of 10015 images representing 8 nosologies. The average classification accuracy for all nosologies was 79%. The paper highlights the features of ensuring information security when using telemedicine diagnostic technologies using the proposed approach in the recognition of images of skin neoplasms. The results of the work can be used in the design of medical decision support systems for the diagnosis of malignant skin neoplasms (including melanoma).

Published

2021

92. Developing Scalable Information Security Systems

Author

Valery Konstantinovich Ablekov, Anton Andreevich Krasnopevtsev, and Alexey Albertovich Modestov

Subjects

information security systems, physical security, Information technology, T58.5-58.64, Information theory, Q350-390

Abstract

Existing physical security systems has wide range of lacks, including: high cost, a large number of vulnerabilities, problems of modification and support system. This paper covers an actual problem of developing systems without this list of drawbacks. The paper presents the architecture of the information security system, which operates through the network protocol TCP/IP, including the ability to connect different types of devices and integration with existing security systems. The main advantage is a significant increase in system reliability, scalability, both vertically and horizontally, with minimal cost of both financial and time resources.

Published

2013

93. Combined Side Channel Attacks: breaking COMP128

Author

Alla Borisovna Levina and Mikhail Georgievich Korovkin

Subjects

side channel attacks, cryptography, COMP128, Information technology, T58.5-58.64, Information theory, Q350-390

Abstract

Different variants of combined side channel attacks (SCA) on authentication protocol COMP128 are analyzed in the article, paper. Main attack presented in the paper is partitioning attack. In the result, combined SCA increasing breaking of cipher are shown in the research.

Published

2014

94. Attack Graph Construction for Security Events Analysis

Author

Andrey Alexeevich Chechulin and Igor Vitalievich Kotenko

Subjects

attack modeling, intrusion detection, security events processing, attack graphs, Information technology, T58.5-58.64, Information theory, Q350-390

Abstract

The paper is devoted to investigation of the attack graphs construction and analysis task for a network security evaluation and real-time security event processing. Main object of this research is the attack modeling process. The paper contains the description of attack graphs building, modifying and analysis technique as well as overview of implemented prototype for network security analysis based on attack graph approach.

Published

2014

95. Evolution and paradoxes of the regulatory framework for ensuring the security of critical information infrastructure facilities

Author

Roman V. Natalichev, Viktor S. Gorbatov, Grigory P. Gavdan, and Anatoly P. Durakovskiy

Subjects

information security, critical information infrastructure, significant object, significant consequences, significance indicator, regulatory legal acts, system analysis, threats to security, training of specialists., Information technology, T58.5-58.64, Information theory, Q350-390

Abstract

Today in Russia the active work is going on the implementation of a relatively new mechanism of state regulation in the field of information security, which is legally defined as ensuring the security of significant objects of critical information infrastructure (CII). The subjects of this legislation have carried out a fairly large amount of organizational measures supported by scientific research of domestic and foreign specialists. The paper is devoted to the study of the issues of ensuring the safety of significant CII objects based on a critical system analysis of the regulatory framework and indicating the ambiguity of interpretation and possible options for the practical implementation of the requirements related to a specific field. The high level of tension of discussions in this area at various forums demonstrates that the formation of a new system at the level of individual subjects causes many difficulties and even sometimes leads to rejection of some aspects of regulatory requirements. As a rule, this always happens at the initial stages of the formation of any new system due to ambiguity of the wordings and the presence of significant internal contradictions in certain regulatory acts. One of the significant problems, in our opinion, is a certain misunderstanding, especially in the real sector of the economy, of the need to introduce and the role of a new security mechanism within the overall set of information security measures that have already been implemented in Russia for more than a quarter of a century. Conducting a system analysis of such a problematic situation is especially relevant for the educational community that has already started implementing new training programs of various levels of training, retraining and advanced training of specialists in the field of information security. Based on the description of the evolution of domestic legislation in the field of information security, for the need for a new mechanism of state regulation is justified. Examples of ambiguity and internal contradictions (paradoxes) of some provisions of regulatory legal acts on the safety of CII facilities are given, showing the urgent need for their improvement as well as for additional efforts to interpret the main provisions, based on the principle of a creative approach to explaining complex issues.

Published

2021

96. Method for identifying network covert channels

Author

Konstantin G. Kogos, Mihail A. Finoshin, and Sergey V. Airapetyan

Subjects

covert channel, identification method, shared resource, attribute, information flow., Information technology, T58.5-58.64, Information theory, Q350-390

Abstract

The aim of this paper is to describe the created method for identifying network covert channels. Traditionally, the scheme for countering information leakage through covert channels is divided into several stages. The first stage is the covert channels identification, that is, the identification of potentially possible covert channels in the system. To identify covert channels, methods based on a shared resources matrix, a tree of covert information flows and a graph of covert information flows are used. Thus, it becomes necessary to concretize the formal description of the stages of the above identification methods in the case of network covert channels. The article describes the created method for identifying network storage covert channels, as well as the results of testing the software implementation of this method for covert channel based on changing the TTL field of the IP packet header. The results can be extended for other network storage covert channels in IP networks, based on the packet header fields changes.

Published

2021

97. Implementation of a nonlinear transformation of a substitution in the form of elements of a numbering system of a number of factorial sets

Author

Alexander P. Martynov, Dmitry B. Nikolaev, and Kirill D. Ermakov

Subjects

cryptographic primitives, nonlinear substitution transformation, number system of a number of factorial sets., Information technology, T58.5-58.64, Information theory, Q350-390

Abstract

The paper investigates a nonlinear substitution transformation, presented as an element of the number system of factorial sets. This approach takes into account the characteristic features of substitutions and al-lows you to minimize the amount of memory for storing. Based on the unambiguous numbering approach for substitutions, three methods of storing in memory are considered: in the form of a vector, in the form of values of cyclic shifts of elements of an identical substitution, and in the form of a decimal substitution number. The results of the analysis of the amount of data required for storing the nonlinear substitution transformation for cryptographic primitives are presented. The complexity of translating the transformed substitutions into the standard form of storage by a vector is determined. The obtained results can be ap-plied in software solutions for ensuring information security using cryptographic primitives containing a nonlinear substitution transformation. The proposed approach to writing in the form of substitution trans-formations is recommended for implementation in complexes with a limited amount of memory.

Published

2021

98. A formalized model of an organization information security audit for compliance with the requirements of standards

Author

Alexei A. Sirotskiy and Sergei A. Reznichenko

Subjects

audit, information security, standard, model, control, indicators, methodology, formalization., Information technology, T58.5-58.64, Information theory, Q350-390

Abstract

In general the overall task of an information security audit is to verify that the security system of an object meets the set of criteria that determine the requirements for the security level. In this regard, it is necessary to define and to establish a set of criteria reflecting the security level of the facility and to identify indicators for which objective verification procedures can be carried out. Information security audits can be conducted to ensure compliance with all information security standards. Due to the lack of instructional methodologies for auditing activities to assess the compliance of organization information security with the requirements of systemically important generally applicable documents and standards, studies were carried out on the content and formalizability of requirements using the example of the GOST R ISO/IEC 17799-2005 standard in terms of the building an instructional methodology for auditing IS possibility for compliance with this standard. The purpose of the study is to form a formalized audit methodology when conducting an audit of information security for compliance with standards and regulatory requirements for information security in the absence of developed and generally accepted methods. In the following a formalized model for auditing the organization's information security for compliance with the requirements of standards is developed. The model is based on the principles of maximum independence and objectivity of audit activities. The authors of the paper suggest an approach, which is based on a system of objective indicators comparable to protection functions, and consists in the formation of check lists with appropriate criteria for the correlation of indicators and methods of proving the facts revealed as a result of an audit. On the basis of the proposed model and methodology, it is possible to develop the check lists for any descriptive standard for which an audit is required.

Published

2021

99. Justification of network attacks time distribution in automated systems of internal affairs bodies based on a full-scale experiment

Author

Irina G. Drovnikova and Elena S. Ovchinnikova

Subjects

network attack, information protection system against unauthorized access, information conflict, full-scale experiment, law of time distribution., Information technology, T58.5-58.64, Information theory, Q350-390

Abstract

The goal of the paper is to substantiate the laws of time distribution at various stages of the implementation of network attacks in protected automated systems of internal affairs bodies. To achieve this goal, a full-scale experiment to study the dynamics of the "Network attack-protection system" information conflict was carried on taking into account the differences in the initial and potential capabilities of the conflicting parties on the basis of the developed generalized graph model. The results of the full-scale experiment are presented in the form of quantitative values of the start and implementation times of typical network attack affecting information resources and elements of a protected automated system of internal affairs bodies, the times of loading and functioning of the information protection system. The number of iterations of experiments with a network attack and security system sufficient for an adequate justification of the laws of time distribution at various stages of conflict interaction is calculated. To justify the normal law of time distribution at the initial stage of the information conflict, the -criterion of K. Pearson was used, while to justify the exponential law at its subsequent stage the -criterion of A.N. Kolmogorov was used. The results of the empirical distribution of the values of the time of the implementation of a network attack and the functioning of the protection system are presented in tabular form and graphically displayed. Knowledge of the distribution laws will allow us to develop an analytical model of the"Network attack-protection system" information conflict based on a graph of the dynamics of the implementation of a typical network attack and a generalized graph of the dynamics of the conflict. The prospects of using the developed analytical model are associated with the calculation of probabilistic-temporal characteristics and an accurate quantitative assessment of the danger of implementing network attacks in automated systems operated in a protected version at the informatization objects in internal affairs bodies.

Published

2021

100. Medical information system based web technologies for the diagnosis of acute lymphoblastic leukemia and minimal residual disease

Author

Valentina V. Dmitrieva, Nikolai N. Tupitsyn, Evgeniy V. Polyakov, Elena M. Nosova, Alexandera D. Palladin, Vyacheslav I. Tsyplyak, and Kirill A. Liberis

Subjects

medical information system, web application, diagnosis of acute leukemia, classification of bone marrow and blood cells, minimal residual disease., Information technology, T58.5-58.64, Information theory, Q350-390

Abstract

The paper considers the implementation of a medical information system (MIS) prototype for the diagnosis of acute leukemia (OL) and minimal residual disease (MRD). The main goal is the integration of intelli-gent computer microscopy and laser flow cytofluorimetry systems – an integrated method for the diagnosis of hemoblastosis using artificial intelligence technologies. The proposed information website provides re-mote access to thematic content for the diagnosis of acute lymphoblastic leukemia (ALL) and the control of minimal residual disease through a specialized cross-platform web application that simulates the opera-tion of various subsystems during research. One of the problems in the development of MIS is to ensure information security both in relation to personal data about the health of patients and the course of the medical and diagnostic process, and information that characterizes the implemented MIS functionality: computer and network equipment, software modules and databases. A special feature of medical infor-mation is its confidentiality. Data security is ensured by user authentication. Protection of information resources from unauthorized access is provided by separation and verification of access privileges for the administrator, doctors and patients. The level of security against external threats is provided via the admin-istration of the web server.

Published

2021