2023
Постійне посилання на фонд
Переглянути
Перегляд 2023 за Дата публікації
Зараз показуємо 1 - 20 з 25
Результатів на сторінці
Налаштування сортування
Документ Відкритий доступ Cryptanalysis of the «Vershyna» Digital Signature Algorithm(Igor Sikorsky Kyiv Polytechnic Institute, 2023) Lytvynenko, Yuliia; Fesenko, AndriiThe CRYSTALS-Dilithium digital signature algorithm, which was selected as the prototype of the new «Vershyna» digital signature algorithm, is analyzed in this paper. The characteristics of the National Digital Signature Standard Project and the construction of the «Vershyna» algorithm are also presented. During the analysis of the project, the predicted number of iterations that the algorithm must perform to create the correct signature was calculated. In addition, basic theoretical information about the structure of Fiat-Shamir with aborts and its security in quantum and classical models oracle models is also provided. We obtain our own results on the resistance of the «Vershyna» algorithm to the attack without the use of a message in classical and quantum oracle models. The resistance of the «Vershyna» algorithm to a key recovery attack is based on the assumption of the hardness of the MLWE problem, and the resistance to existential signature forgery is based on the assumption of the hardness of the MSIS problem. In this work, the expected level of hardness of SIS and LWE problems is calculated, to which there are reductions from MSIS and MLWE problems.Документ Відкритий доступ The Development of the Solution Search Method Based on the Improved Bee Colony Algorithm(Igor Sikorsky Kyiv Polytechnic Institute, 2023) Shyshatsky, Andrii; Stasiuk, Tetiana; Kuzmenko, OlegActive digitization of people's daily life leads to the use of the decision making support systems (DMSS). DMSS is actively used in data processing, forecasting the course of various processes, providing informational support for the decision making process by decision makers. However, a number of problems arise while evaluating monitoring objects, namely: a large number of destabilizing factors affecting the efficiency of the processes of information collection, processing and transmission; high dynamism of changes in the state and composition of heterogeneous monitoring objects during the conduct of hostilities (operations); high dynamism of conducting hostilities (operations); the uncertainty of the initial situation and the noise of the initial data. In this article, a method of finding solutions based on an improved bee colony algorithm was developed. The efficiency of information processing is achieved by learning the architecture of artificial neural networks; taking into account the type of uncertainty of the information to be evaluated; the use of an improved algorithm of the bee colony, the use of an unordered linguistic scale of measurements with adjustment coefficients for the degree of awareness and the degree of noise of the initial data. An approbation of the use of the proposed method was carried out on the example of assessing the state of the operational grouping of troops (forces). The method is proposed to be used in the development of software for automated systems of control of troops and weapons, namely, in the modernization of existing and development of new automated systems of control of troops and weapons. The evaluation of the effectiveness of the proposed method showed an increase in the efficiency of the evaluation at the level of 21–28% in terms of the efficiency of information processing.Документ Відкритий доступ The Quantum Distinguishing Attacks on Generalized Feistel Schemes(Igor Sikorsky Kyiv Polytechnic Institute, 2023) Zvychaina, A.; Fesenko, A.It turned out that in addition to problems with classical asymmetric cryptography in the post-quantum period, there are certain doubts about the strength of symmetric cryptographic schemes. This paper demonstrates that on Type III Generalized Feistel Scheme (GFS), by selectively fixing specific parts of the plaintext at the input to the GFS, it is possible to reduce the problem of distinguishing between random text and encrypted output of the same GFS to the Simon problem through different approaches. Our method enables the cracking of the cipher up to d rounds in polynomial time, while a more sophisticated approach based on different formulas from other paths of the cipher can crack d + 1 rounds with the same time complexity in quantum adversary model. These distinct approaches yield varying results in terms of scheme security, indicating the potential to break more rounds in the GFS using the same methodology.Документ Відкритий доступ Proposing of suggestive influence detection and classification method based on fuzzy logic and feature driven analysis(Igor Sikorsky Kyiv Polytechnic Institute, 2023) Nakonechna, YuliiaThis research proposes an approach to the identification and classification of tools used in informational operations aimed at the implementation of suggestive influence, based on existing research on the feature-based informational influence identification. The proposed method combines the theory of fuzzy sets and the methods of fuzzy inference with the approach of analysis based on text features thanks to the author's proposed list of suggestive influence techniques, certain combinations of which are characteristic of various information influence tools. Using this approach, research focuses on identifying and classifying tools such as propaganda, fakes, disinformation, manipulation and artificial narrative. This structure result allows to improve the quality of analysis of similar research cases and to develop optimal countermeasures strategies that will take into account the features of each of the considered information warfare tools in further studies.Документ Відкритий доступ Risk Management of Critical Information Infrastructure: Threats-Vulnerabilities-Consequences(Igor Sikorsky Kyiv Polytechnic Institute, 2023) Zhyvylo, Yevhen; Kuz, VladyslavToday, interaction between people and objects, including industrial ones, has become an integral part of our everyday life. Access to communications, finance, and all forms of information management and permission to use them can be obtained from almost anywhere using compact devices. For example, operators can remotely control individual sectors and control operations in several areas at the same time, surgeons can operate on patients thousands of miles away, and car manufacturers can detect when one of their vehicles has been in an accident within a few seconds after the accident. As a result of the spread of the Internet and wireless data networks, the interconnection of so much data, technology and network equipment and devices has quickly become the basis of modern society. At present, we have become a knowledge-based society that often relies on technology to execute or support almost all tasks and functions of human life. Undoubtedly, this has greatly expanded the range of tasks to be solved, but at the same time, the society became much more vulnerable to threats in information and communication systems. The vulnerability is explained by the fact that at some point most of the production of different directions and industries is supported by the introduction, storage and search of data/information in a interconnected network of hard disks and data servers, locally or remotely located. And at each of these stages there is an opportunity to steal data, bypass protection, manipulate or replace information. But the risks associated with unintentional accidents caused by human errors, system failures, incompatibility or other unexpected problems, as well as “natural disasters,” must also be taken into account. Therefore, the security of computer or cyber systems is a matter of national security. Actually, cyber-threats are so great that more and more security experts are pointing out that protection of cyber systems and data is more of a problem than terrorism. Given the scale of the threat (in terms of cyberattacks) and the actual damage it can be argued, certain systems and structures are at risk [1, 2]. It is proved that hackers can break into government and business websites, steal personal data, change the traffic light scheme, accelerate and slow down travel, and much more. As an example, the implementation of a specially created malware program - Stuxnet. The effects of its use were the self-destruction in 2010 of dozens of centrifuges, which supported Iranʼs nuclear program [3, 4]. Some experts think that Stuxnet was created not by independent attackers and possibly with the support of the government. Thus, as a conclusion, it can be confirmed that hackers operate from anywhere in the world, and the links and boundaries between cyberspace and physical systems are sufficiently leveled. Thus, as a conclusion, it can be confirmed that intruders operate from anywhere in the world, and the links and borders between cyberspace and physical systems are sufficiently leveled. Society is increasingly faced with the fact that a group or even a person armed with a complex computer virus or knowledge about the vulnerability of software or hardware can cause a lot of physical damage to people’s lives or physical destruction, impose significant social or economic damage, and so on. For example, there are facts published by the Financial times on May 8, 2012 (http://on.ft.com/1wviXHW) that an unknown group for many years is trying to penetrate into the systems of managing the networks of gas pipelines of the USA. At the end of 2014, the National Oceanic and Atmospheric Administration of the United States announced that hackers from China successfully broke and destroyed American satellite networks, causing loss of services related to the prediction of various natural cataclysms, air flight corridors, navigation and other industries within a few days (http://wapo.st/1u7N9dJ). As a rule, the critical infrastructure includes power and transport main networks, oil and gas pipelines, sea ports, high-speed and governmental communication channels, systems of life support (water and heat supply) of mega-cities, waste management, emergency services and emergency response services, high-tech enterprises and enterprises of military-industrial complex, as well as central authorities. The government critical information infrastructure is only one of many important systems and networks that create our modern society. Therefore, the state and society are fully dependent on the functioning of different objects and subjects of critical information infrastructure, and the loss of integrity of any of them can lead to various kinds of failures (termination of production and transfer of electricity, temporary and long-term interruptions, improper access to medical care, and much more). Each state is a separate critical information infrastructure, but cooperation between states takes place within the framework of global critical information infrastructure. At the same time, large investments in each sector of critical information infrastructure have led to an increase in economic development rates and improvement in the quality of life.Документ Відкритий доступ Analysis of the core research for vendor email compromise filtering model using machine learning(Igor Sikorsky Kyiv Polytechnic Institute, 2023) Zibarov, Dmytro; Kozlenko, OlehVendor email compromise became one of most sophisticated types of social engineering attacks. Strengths of this malicious activity rely on basis of impersonating vendor that company working with. Thus, it is easy for attacker to exploit this trust for doing different type of data exfiltration or ransom. To mitigate risks, that come with these challenges, information security specialist should consider using different types of approaches, including machine learning, to identify anomalies in email, so further damages can be prevented. The purpose of this work lies in the identification of optimal approach for VEC-style attacks detection and optimizing these approaches with least amount of falsepositive (FP) parameters. The object of this research is different methods of text processing algorithms, including machine learning methods for detecting VEC emails. The subject of research in this paper mainly considers impact of mentioned text processing algorithms and its relation with efficiency of VEC email classification, identifying most effective approach and, also, how to improve results of such detections. Results of this paper consists of details for VEC-email attacks detection, challenges that comes with different approaches and proposed solution, that lies in using text processing techniques and agentrelated approach with main sphere of implication – machine-learning systems, that are used for identifying social-engineering attacks through email.Документ Відкритий доступ Extremal graph theory and generation of quadratic multivariate transformations of Algebraic Post-Quantum Cryptography(Igor Sikorsky Kyiv Polytechnic Institute, 2023) Ustymenko, Vasyl; Wróblewska, Aneta; Pustovit, OleksandrWe introduce large groups of quadratic transformations of a vector space over the finite fields defined via symbolic computations with the usage of algebraic constructions of Extremal Graph Theory. They can serve as platforms for the protocols of Noncommutative Cryptography. The modifications of these symbolic computations in the case of large fields of characteristic two allow us to define quadratic bijective multivariate public keys such that the inverses of public maps has a large polynomial degree. We suggest the usage of constructed protocols for the private delivery of quadratic encryption maps instead of the public usage of these transformations.Документ Відкритий доступ Machine Learning Models Stacking in the Malicious Links Detecting(Igor Sikorsky Kyiv Polytechnic Institute, 2023) Khukalenko, Yevhenii; Stopochkina, Iryna; Ilin, MykolaAn analysis of the performance of various classifiers on address and network groups of features was performed. A new classification model is proposed, which is a stacking of 3 models: kNN, XGBoost and Transformer. The best model for stacking was experimentally determined: Logistic Regression, which made it possible to improve the result of the best available model by 3%. The hypothesis that stacking a larger number of worse models has an advantage over stacking a smaller number of more productive models on the used data set was confirmed: regardless of the choice of stacking metaalgorithm, stacking of three models showed better results than stacking two.Документ Відкритий доступ Cybersecurity in AI-Driven Casual Network Formation(Igor Sikorsky Kyiv Polytechnic Institute, 2023) Lande, Dmytro; Feher, Anatolii; Strashnoy, LeonardThe paper describes a methodology for forming thematic causal networks using artificial intelligence and automating the processes of their visualization. The presented methodology is considered on the example of ChatGPT, as an artificial intelligence for analyzing the space of texts and building concepts of causal relationships, and their further visualization is demonstrated on the example of Gephi and CSV2Graph programs. The effectiveness of the disaggregated method in relation to traditional methods for solving such problems is shown by integrating the means of intelligent text analytics and graphical network analysis on the example of the problem of data leakage in information systems and a selection of news clippings on the selected cybersecurity topic.Документ Відкритий доступ On Inverse Protocols of Post Quantum Cryptography Based on Pairs of Noncommutative Multivariate Platforms Used in Tandem(Igor Sikorsky Kyiv Polytechnic Institute, 2023) Ustymenko, VasylNon-commutative cryptography studies cryptographic primitives and systems which are based on algebraic structures like groups, semigroups and noncommutative rings. We continue to investigate inverse protocols of Non-commutative cryptography defined in terms of subsemigroups of Affine Cremona Semigroups over finite fields or arithmetic rings Zm and homomorphic images of these semigroups as possible instruments of Post Quantum Cryptography. This approach allows to construct cryptosystem which are not public keys, when protocol finish correspondents have mutually inverse transformations on affine space K n or variety (K*)n where K is the field or arithmetic ring. The security of such inverse protocol rests on the complexity of word problem to decompose element of Affine Cremona Semigroup given in its standard form into composition of given generators. We discuss the idea of usage combinations of two cryptosystems with cipherspaces(K*)n and K n to form a new cryptosystem with the plainspace(K*)n , ciphertextK n and nonbijective highly nonlinear encryption map.Документ Відкритий доступ Vulnerability Classification Using Q-analysis(Igor Sikorsky Kyiv Polytechnic Institute, 2023) Polutsyganova, ViktoriiaToday, vulnerability analysis is of great importance in assessing system security. This approach is especially important in cyber systems. The complex relationship between vulnerabilities is dictated by the threats that potentially arise from their presence. The work provides a methodology and an example of building, analyzing and classifying vulnerabilities depending on the threats that they generate. This approach will allow a better understanding of the connections between vulnerabilities, as well as the degree of impact of each of them.Документ Відкритий доступ System construction of cybersecurity vulnerabilities with Q-analysis(Igor Sikorsky Kyiv Polytechnic Institute, 2023) Polutsyganova, V. I.Today, in order to assess potential cyber threats, it is necessary to conduct a comprehensive assessment of the vulnerabilities of the investigated system. To do this, it is necessary to describe the identified vulnerabilities and consider potential vulnerabilities. In addition, the relationship between system vulnerabilities must be properly assessed. The most common assumption is that all vulnerabilities are independent and are implemented either by random events or by malicious intent. The paper proposes a method that allows modeling the vulnerabilities of complex systems as a whole, taking into account their hidden connections. Q-analysis [2] was used to study the structure of the system of interconnected vulnerabilities that arise in the process of project implementation. An example of the application of Q-analysis methods is presented and an explanation of the nature and impact of some potential threats and their combinations is offered.Документ Відкритий доступ Frequency Analysis of Russian Propaganda Telegram Channels(Igor Sikorsky Kyiv Polytechnic Institute, 2023) Kiforchuk, KyryloOn 24 February 2022 Russia launched a full-scale invasion of Ukraine. In addition to large-scale military operations against Ukraine, many information attacks were organized. These attacks began before the invasion: for several months, Russia has been actively paving the way for the war by launching different types of information operations in cyberspace. As an example, Russian propaganda media were promoting the idea of “Russian world”, which calls into a question the existence of Ukraine as an independent state and justifies Russian military aggression. In this work, Russian propaganda Telegram channels were analyzed using term frequency analysis with bag-of-words technique. For this analysis, text data from Telegram propaganda channels was collected and processed. The obtained results revealed different patterns in Russian propaganda against Ukraine via Telegram channels.Документ Відкритий доступ Detection of Unauthorized Actions in Networks Using Wavelet Analysis(Igor Sikorsky Kyiv Polytechnic Institute, 2023) Hrynchenko, PavloSignal processing techniques are used to analyze and detect network anomalies because of their ability to detect new and unknown intrusions. The paper proposes a method of modeling network signals for the detection of network anomalies, which combines wavelet approximation and the theory of system identification. To characterize the behavior of network traffic, fifteen functions are provided, which are used as input signals within the system. At the same time, it is assumed that security violations within the network can be detected by checking abnormal patterns of system functioning according to audit data. Despite the fact that machine learning methods have achieved significant results in detecting network anomalies, they still face the difficulty of using the implemented algorithms, in the presence of differences in the behavior of the training data and test data, which in turn leads to inefficient performance of the algorithms. This effect is exacerbated by the limitation of algorithms to detect previously unknown types of attacks due to the large number of false positives. The paper develops a new method of modeling network signals for detecting anomalies in networks using wavelet analysis. In particular, the general architecture of the approach consists of three components: feature analysis, modeling of normal network traffic based on wavelet approximation and prediction using ARX model, intrusion or non-intrusion decision making The result is evaluated using the DARPA intrusion detection dataset, which performs a comprehensive analysis of the intrusions in the dataset. Evaluation results show that this approach provides a high level of detection of both instances and types of attacks.Документ Відкритий доступ Method of Security Improvement for MST3 Cryptosystem Based on Automorphism Group of Ree Function Field(Igor Sikorsky Kyiv Polytechnic Institute, 2023) Kotukh, Yevgen; Khalimov, Gennady; Korobchinskiy, MaximThis article is a part of a research endeavor focused on creating a quantum-resistant cryptosystem for secure encryption and decryption. Our approach employs a challenging word problem while emphasizing cost-effective implementation. Previous research has involved the development of encryption schemes based on high-order groups, offering potential security enhancements. The choice of the non-abelian group is a critical factor in shaping the encryption algorithms, feasibility of implementation, and system parameters. Our central objective is to design a cryptosystem that effectively thwarts quantum cryptanalysis. To achieve this, we employ a logarithmic signature along with a random cover across an entire finite non-abelian group. Our unique contribution lies in optimizing finite group selection, parameters, and circuit solutions for the logarithmic signature to meet specific security and implementation criteria. Within this paper, we introduce an encryption scheme utilizing automorphisms of the Ree functional field and propose a method for enhancing resistance to cryptanalysis through the binding of session keys.Документ Відкритий доступ OSINT Time Series Forecasting Methods Analysis(Igor Sikorsky Kyiv Polytechnic Institute, 2023) Feher, A.; Lande, D.Time series forecasting is an important niche in the modern decision-making and tactics selection process, and in the context of OSINT technology, this approach can help predict events and allow for an effective response to them. For this purpose, LSTM, ARIMA, LPPL (JLS), N-gram were selected as time series forecasting methods, and their simple forms were implemented based on the time series of quantitative mentions of nato, himars, starlink and cyber threats statings obtained and generated using OSINT technology. Based on this, their overall effectiveness and the possibility of using them in combination with OSINT technology to form a forecast of the future were investigated.Документ Відкритий доступ Malware Detection System Based on Static and Dynamic Analysis Using Machine Learning(Igor Sikorsky Kyiv Polytechnic Institute, 2023) Nafiiev, Alan; Rodionov, AndriiCyber wars and cyber attacks are an urgent problem in the global digital environment. Based on existing popular detection methods, malware authors are creating ever more advanced and sophisticated malware. Therefore, this study aims to create a malware analysis system that uses both dynamic and static analysis. Our system is based on a machine learning method - support vector machine. The set of data used was collected from various Internet sources. It consists of 257 executable files in .exe format, 178 of which are malicious and 79 are benign. We use 5 different types of data representation: binary information, trace instructions, control flow graph, information obtained from the dynamic operation of the file, and file metadata. Then, using multiple kernel learning, we combine all data views and create one summative machine learning model.Документ Відкритий доступ Cyber Security Logical and Probabilistic Model of a Critical Infrastructure Facility in the Electric Energy Industry(Igor Sikorsky Kyiv Polytechnic Institute, 2023) Alekseichuk, Lesia; Novikov, Oleksii; Rodionov, Andrii; Yakobchuk, DmytroIn the work, a cyber security logical and probabilistic model of a critical infrastructure facility in the energy sector was developed and investigated. The cyber security logical and probabilistic model describes the development of adverse events that arise in the Industrial Control System of the electrical network from the realization of possible threats from cyberspace, such as attacks on the protection system through the corporate network, connection through a modem and wireless connection. The resulting model is based on sequentially developed structural, logical and probabilistic models. The field of use of the developed model is automation systems for designing information protection systems or designing trajectories of attacks on these systems. The model was also applied to study the sensitivity of the probability of the development of adverse events to variations in the probability of realization of possible threats to the system.Документ Відкритий доступ The Forgery Attack on the Post-Quantum AJPS-2 Cryptosystem and Modification of the AJPS-2 Cryptosystem by Changing the Class of Numbers Used as a Module(Igor Sikorsky Kyiv Polytechnic Institute, 2023) Yadukha, DariyaIn recent years, post-quantum (quantum-resistant) cryptography has been actively researched, in particular, due to the National Institute of Standards and Technology’s (NIST) Post-Quantum Cryptography Competition (PQC), which has been running since 2017. One of the participants in the first round of the competition is the Mersenne-756839 key encapsulation mechanism based on the AJPS-2 encryption scheme. The arithmetic modulo Mersenne number is used to construct the cryptoprimitives of the AJPS family. In this paper, we propose a forgery attack on the AJPS-2 cryptosystem using an active eavesdropper, and two modifications of the post-quantum AJPS-2 cryptosystem, namely, the modification of AJPS-2 using the arithmetic modulo generalized Mersenne number and Crandall number. Moreover, new algebraic problems are defined, on the complexity of which the security of the created modifications is based. The advantages of these modifications are the extension of the number class used as a module in the cryptosystem and the security against the forgery attack with the active eavesdropper, which was successful in the original AJPS-2.Документ Відкритий доступ The Best Scenario of Cyber Attack Selecting on the Information and Communication System Based on the Logical and Probabilistic Method(Igor Sikorsky Kyiv Polytechnic Institute, 2023) Alekseichuk, Lesia; Novikov, Oleksii; Rodionov, Andrii; Yakobchuk, DmytroThe task of analyzing and selecting the best scenario of a cyberattack on information and communication system is considered as a component of the task of analyzing systems security. A method and corresponding algorithm for finding the best scenario of an attack on information and communication system using a logical and probabilistic model is proposed. The model describes the development of adverse events that arise in the information and communication system from the implementation of possible attacks on the security system from cyberspace. Analysis of cyber attack scenarios allows predicting the development of possible adverse cyber security events from the implementation of multiple threats to the system. The developed method and corresponding algorithm for analyzing attack scenarios can be used to analyze the security of information and communication systems, as well as in automation systems for designing information security systems or designing attacks on such systems.