Theoretical and Applied Cybersecurity: scientific journal, Vol. 7, No. 2

Постійне посилання зібрання

https://ela.kpi.ua/handle/123456789/79040

Переглянути

Перегляд Theoretical and Applied Cybersecurity: scientific journal, Vol. 7, No. 2 за Ключові слова "004.89"

Зараз показуємо 1 - 4 з 4
  • Ескіз
    ДокументВідкритий доступ
    A Formal Model for Constructing Sensitive Data Graphs from Cyber Reports using Large Language Models
    (Igor Sikorsky Kyiv Polytechnic Institute, 2025) Turskyi, Viktor
    Unstructured cyber threat intelligence (CTI) reports present major challenges for systematic analysis, particularly when accuracy and reliability are critical. This paper introduces a formal, four-stage mathematical model for constructing canonical knowledge graphs from sensitive textual data. The model integrates the advanced extraction and reasoning capabilities of GPT-5 with deterministic rule-based inference and network analysis to bridge the “formalization gap” between probabilistic large language model (LLM) outputs and verifiable analytical structures. Using a corpus of 204 official CERT-UA incident reports as a test case, the methodology successfully normalized thousands of raw entities, identified central threat actors and high-value targets, and revealed distinct operational ecosystems within Ukraine’s cyber threat landscape. Theoretically, the study contributes a replicable and mathematically defined framework for integrating next-generation LLMs into formalized knowledge graph pipelines. Practically, it provides a scalable and reliable tool for analysts in cybersecurity, national security, and related fields, enabling the transformation of unstructured reports into actionable intelligence
  • Ескіз
    ДокументВідкритий доступ
    An Iterative Algorithm for Interdependent Estimation of Node and Link Weights in Corporate Networks for Cyber Risk Analysis
    (Igor Sikorsky Kyiv Polytechnic Institute, 2025) Alekseichuk, Lesia; Lande, Dmytro
    The paper proposes a new iterative algorithm MRRW-PageRank (Mutually-Reinforced Risk-Weighted PageRank) for assessing cyber risks in corporate information systems based only on network topology. The algorithm solves the problem of determining link weights, which remains insufficiently solved in existing approaches to centrality analysis. Unlike traditional methods, where link weights are given or assumed to be the same, MRRW-PageRank establishes an interdependence between the importance of nodes and the probability of using paths to them, which models the nature of malicious paths. Node weights are updated according to the modified PageRank based on weighted links, and link weights are recalculated as a function of the importance of the target node and its input degree. The process is repeated iteratively until convergence. The algorithm is implemented as a codeless prompt based on a minimal logical framework, which provides the ability to execute in no-code environments and integrate with LLM agents. A simulation on a model network with 12 objects is presented, demonstrating the effectiveness of the method in prioritizing critical resources and identifying vulnerable penetration paths. The proposed approach is especially relevant at the stages of system design, topology audit, or initial security assessment, when there is no empirical data on vulnerabilities or behavior.
  • Ескіз
    ДокументВідкритий доступ
    Automating Cybersecurity Decision‑Making with AI and the Analytic Hierarchy Process
    (Igor Sikorsky Kyiv Polytechnic Institute, 2025) Svoboda, Igor
    Cybersecurity decisions in large organizations routinely require the integration of heterogeneous qualitative and quantitative considerations. The Analytic Hierarchy Process (AHP) offers a principled framework for such multi-criteria settings, yet reliance on human expert panels constrains scalability and cadence. This study examines whether large language model (LLM) agents can substitute for human panels within AHP without compromising methodological discipline. Seven GPT-4 personas are instantiated as virtual experts and coordinated by an AHP guide to structure and evaluate defenses against social-engineering attacks on a corporate data center. The agents elicit criteria and sub-criteria, construct pairwise comparison matrices, and synthesize priorities under standard AHP procedures. Aggregated judgments exhibit strong internal coherence (top-level consistency ratio CR = 0.016; λ_max = 7.13), yielding a stable ranking of alternatives: comprehensive employee training (0.2774), advanced intrusion detection (0.2240), cloud-based data backup (0.1938), targeted refresher training for security staff (0.1795), and physical barrier enhancements (0.1254). The results indicate that GPT-4 agents can emulate expert judgment for multi-criteria cybersecurity decisions at materially lower cost than human panels, while preserving the methodological rigor of AHP.
  • Ескіз
    ДокументВідкритий доступ
    Cybersecurity of Intellectual Information Aggregation Processes into Digital Archives
    (Igor Sikorsky Kyiv Polytechnic Institute, 2025) Tsyrulnev, Yuriy
    The article addresses the problem of cybersecurity in intellectual information aggregation (IIA) processes within digital archives, which arise during the automated collection, structuring, semantic enrichment, and analysis of heterogeneous data using artificial intelligence (AI), machine learning (ML), and large language models (LLMs). The study focuses on identifying vulnerabilities of IIA processes and their mathematical formalization across stages such as digitization, image processing, optical character recognition (OCR), classification, indexing, and archival system creation. Particular attention is given to formalizing cyber threats, including unauthorized access, integrity violations, metadata forgery, adversarial attacks on AI/ML models, data manipulation, prompt injection, data exfiltration, and digital signature forgery. For each threat category, mathematically grounded countermeasures are proposed, including encryption, multi‑factor authentication, monitoring, anomaly detection, access control, metadata protection, and adversarial training. The paper emphasizes the emergent properties of combined defenses, highlighting the resilience of digital archives against cyber threats that arise from the interaction of individual safeguards. The proposed models can be applied to the assessment and strengthening of information system security in the context of state and societal digital transformation.Practical aspects of implementing digital archive creation processes have been validated through patented solutions for converting large collections of paper documents into digital information resources [15]. To support the functioning of intellectual information aggregation processes, specialized software packages are employed, themodules of Digital Docs®Technology, registered as a copyrighted work [16]. Practical deployment of the proposed solutions is carried out within the activitiesof DIGITAL DOCS®,registered as a trademark [17].