Theoretical and Applied Cybersecurity: scientific journal, Vol. 6, No. 2
Постійне посилання зібрання
Переглянути
Перегляд Theoretical and Applied Cybersecurity: scientific journal, Vol. 6, No. 2 за Назва
Зараз показуємо 1 - 9 з 9
Результатів на сторінці
Налаштування сортування
Документ Відкритий доступ Application of Ternary Pattern-based Truncated Differential Cryptanalysis to Specific Block Ciphers(Igor Sikorsky Kyiv Polytechnic Institute, 2024) Yakymchuk, Oleksii; Medvedtskyi, KostiantynIn the previous work [1], we proposed a formalized approach to truncated differential cryptanalysisbased on ternary masks which separately consider unchanged, obligatory changed and unknown bitsin differences. A security parameter for S-boxes and encryption mappings that bounds the probabilityof truncated differentials from below was also proposed in the previous paper. The subsequent stepinvolves applying the proposed method to existing real-world ciphers, calculating the defined securityparameter, and assessing the method’s effectiveness and potential applications. Additionally, this paperextends the applicability of the proposed approach by formalizing the𝑋𝑂𝑅operation rules for ternarymasks. This allows us to apply the proposed method to ciphers with a structure of Feistel network.Документ Відкритий доступ Comparison analysis between strict ontologies and fuzzy ontologies(Igor Sikorsky Kyiv Polytechnic Institute, 2024) Kozlenko, OlehOntological modeling has been important in the field of cybersecurity, but with the growing use of artificial intelligence in various processes related to cybersecurity, it has become an increasingly relevant area for research every new year. Ontologies can serve as a primary source of knowledge for artificial intelligence models and as a "sequence of actions" in different processes. Typically, strictontologies were used due to their formalized structure, but they did not fully capture processes that involve fuzzy contexts of actions or results. The aim of this article is to present and analyze different ontologies, both strict and fuzzy, that are used or could be used in the field of cybersecurity and related processes, demonstrating their similarities, differences, and areas of application.Документ Відкритий доступ Differential-Rotational Probabilities of Modular Addition and Its Approximations(Igor Sikorsky Kyiv Polytechnic Institute, 2024) Yakovliev, Serhii; Korzh, NikitaIn this paper, we consider differential-rotational cryptanalysis, or RX-analysis, and its application tocertain classes of ARX-cryptosystems. We provide exact analytical expressions for the RX-differentialprobabilities with arbitrary rotation values for modular addition. These expressions are described interms of differential probabilities, which allows comparison of ordinary and RX-differential behaviour.Furthermore, we consider two operations that approximate modular addition, one of which comesfrom the NORX cipher. For these operations, we also provide exact analytical expressions for theRX-differential probabilities.Документ Відкритий доступ Enhancing Row-Sampling-Based Rowhammer defense methods with Machine Learning approach(Igor Sikorsky Kyiv Polytechnic Institute, 2024) Mazurok, Valentyn; Lutsenko, VolodymyrThis paper investigates the integration of machine learning into the Row-Sampling technique to enhance its effectiveness in mitigating Rowhammer attacks in DRAM systems. A multidimensional multilabel predictor model is employed to dynamically predict and adjust probability thresholds based on real-time memory access patterns, improving the precision of row selection for targeted refresh. The approach demonstrates significant improvements in security, reducing Rowhammer-induced bit flips, while also maintaining energy efficiency and minimizing performance overhead. By leveraging machine learning, this work refines the Row-Sampling method, offering a scalable and adaptive solution to memory vulnerabilities in modern DRAM architectures.Документ Відкритий доступ Forecasting Information Operations with Hybrid Transformer Architecture(Igor Sikorsky Kyiv Polytechnic Institute, 2024) Feher, AnatoliiProactive decision-making in all processes is difficult to imagine without forecasting methods, especially in the field of cybersecurity where the speed and quality of response are often critical. For this reason, we proposed a unique methodology based on a new hybrid architecture Transformer that perfectly captures long-term dependencies and an adaptive algorithm ACWA that quantifies historical patterns. Thus, the described approach considers short-term fluctuations, long-term trends, and seasonal patterns more effectively than traditional forecasting models, as demonstrated by the application of Information Operations and Disinformation occurrences time series forecasting.Документ Відкритий доступ Framework for detecting outlier and database intrusions(Igor Sikorsky Kyiv Polytechnic Institute, 2024) Kolomytsev, Mykhailo V.; Nosok, Svitlana O.This paper presents a methodology and framework for detecting anomalies in the actions of relational database users, with a focus on insider threats. The architecture of the framework is described, including the choice of parameters for logging user behavior and the justification of the anomaly detection algorithm. An overview of the existing anomaly-detection solutions is provided. The proposed methodology for the functioning of the framework is outlined with recommendations on the choice of algorithm parameters. The analysis of insider actions in databases provides an original approach to anomaly detection and contributes to the field of information security.Документ Відкритий доступ Fuzzy logic in risk assessment of multi-stage cyber attacks on critical infrastructure networks(Igor Sikorsky Kyiv Polytechnic Institute, 2024) Nakonechna, Yuliia; Savchuk, Bohdan; Kovalova, AnnaIn the current environment, critical infrastructure has become the target of increasingly complex multi-stage cyber attacks characterized by sequential phases of infiltration, privilege escalation, and lateral movement within the target network. Traditional risk assessment methods often rely on assumptions of precise data availability and well-defined probabilities, which limit their applicability in real-world scenarios marked by uncertainty and imprecise information. This paper proposes an approach based on the use of fuzzy logic systems to assess the risks of multi-stage cyber attacks against networked critical infrastructure services. The proposed methodology takes into account the ambiguity and fuzziness of input data, expert judgments, and the dynamic progression of attacks. The result is a more flexible and adaptive risk assessment model that supports informed decision-making to enhance cybersecurity, prioritize countermeasures, and optimize the allocation of defensive resources.Документ Відкритий доступ Methodology of a Swarm of Virtual Experts for Evaluating the Weight of Connections in Networks(Igor Sikorsky Kyiv Polytechnic Institute, 2024) Lande, Dmytro; Alekseichuk, Lesya; Svoboda, Igor; Strashnoy, LeonardThis article proposes a new methodology —the Swarm of Virtual Experts (SVE) —for evaluating the weights of connections in complex networks, based on a holistic approach. Traditional methods relying on expert assessments often face issues of subjectivity and limited resources. This paper introduces the methodology of the Swarm of Virtual Experts. The focus is on integrating large language models (LLMs) into the decision-making process, where each model acts as a virtual expert with specific tasks and functions. The core idea is to combine diverse assessments from different LLMs using mathematical tools, including incidence matrices, weighted averages, and aggregation methods. The methodology addresses the issue of fragmented results caused by the probabilistic nature of LLMs and enhances analytical efficiencythrough role assignment to agents, aggregation mechanisms, and quality evaluation of outcomes. The application of this technique is illustrated with examples, particularly in the field of cybersecurity.Special attention is given to holistic analysis, which provides a comprehensive approach to evaluating the weights of connections between nodes in networks.Документ Відкритий доступ Simulation of UAV networks on the battlefield, taking into account cyber- physical influences that affect availability(Igor Sikorsky Kyiv Polytechnic Institute, 2024) Novikov, Oleksii; Stopochkina, Iryna; Voitsekhovskyi, Andrii; Ilin, Mykola; Ovcharuk, MykolaThe paper considers the types of countering means for unmanned aerial vehicles and the enemy's electronic warfare equipment used during the war in Ukraine. The types of cyber-physical influences that can be used to disrupt the availability of the network of unmanned aerial vehicles are addressed. The problem is also considered from the point of view of cybersecurity, taking into account possible harmful effects on the network of smart devices. Models based on complex networks, cellular automata and Petri nets are proposed, which allow solving the problem of optimizing the location of devices taking into account the set goal and countering cyber-physical attacks on availability and integrity. The proposed models differ from existing ones taking into account the conditions on the battlefield. A computational experiment has been performed that allows us to visualize the disposition of aircraft depending on the surrounding conditions on the battlefield. The results of the work can be used to develop a strategy for implementing operations of various types on the battlefield using UAVs.