Information Technology and Security
Постійне посилання на фонд
ISSN 2518-1033 (Online), ISSN 2411-1031 (Print)
Періодичність: 2 рази на рік
Рік заснування: 2012
Тематика: публікація оригінальних і оглядових робіт з основних проблем сучасних інформаційних технологій, інформаційної безпеки, інформаційного протиборства, протидії використанню соціальної інженерії, кібербезпеки та захисту критичних інфраструктур, математичного та комп'ютерного моделювання, захисту інформації в інформаційно-телекомунікаційних системах та мережах (в тому числі з питань захисту персональних даних), менеджменту інформаційної безпеки і ризиків безпеки інформації тощо
Офіційний сайт: https://its.iszzi.kpi.ua/
Рік заснування: 2012
Тематика: публікація оригінальних і оглядових робіт з основних проблем сучасних інформаційних технологій, інформаційної безпеки, інформаційного протиборства, протидії використанню соціальної інженерії, кібербезпеки та захисту критичних інфраструктур, математичного та комп'ютерного моделювання, захисту інформації в інформаційно-телекомунікаційних системах та мережах (в тому числі з питань захисту персональних даних), менеджменту інформаційної безпеки і ризиків безпеки інформації тощо
Офіційний сайт: https://its.iszzi.kpi.ua/
Переглянути
Перегляд Information Technology and Security за Назва
Зараз показуємо 1 - 20 з 270
Результатів на сторінці
Налаштування сортування
Документ Відкритий доступ A comparison enterprise architecture frameworks for critical it infrastructure design(Institute of Special Communication and Information Protection of National Technical University of Ukraine “Igor Sikorsky Kyiv Polytechnic Institute”, 2017) Dorohyi, Yaroslav; Tsurkan, Vasyl; Telenyk, Serhii; Doroha-Ivaniuk, Olena; Дорогий, Ярослав Юрійович; Цуркан, Василь Васильович; Теленик, Сергій Федорович; Дорога-Іванюк, Олена ОлександрівнаДокумент Відкритий доступ A universal transaction delegation method for decentralized decision support systems(Institute of Special Communication and Information Protection of National Technical University of Ukraine “Igor Sikorsky Kyiv Polytechnic Institute”, 2024) Tsyganok, Vitaliy; Savchenko, Mykyta; Tsyhanok, RomanThis study examines methods for decentralizing computation and storage to enhance the security of end systems, focusing on decision support systems as a use case. Common limitations of system decentralization are identified, and a new, universal transaction delegation method is proposed to simplify decentralized system usage. An overview of available transaction delegation methods in self-protected decentralized data platforms is provided, based on well-known projects using the Ethereum platform. Four popular delegation methods in decentralized networks are distinguished, with their advantages and disadvantages demonstrated through common solutions. The research led to the implement of a universal transaction delegation method, independent of the decentralized program’s signature standard. This method is realized as a web application on both the server and client sides and can be applied to any decentralized program or existing system supporting decentralized transaction delegation. The study also describes the architecture of a decision support system using this method, applied specifically to the expert subsystem to ensure decentralization and the integrity of expert input, making it impossible to tamper with once submitted. Additionally, the economic model for the expert subsystem is reviewed, using real data. The findings of this study enable the construction of secure decentralized applications on decentralized data platforms, emphasizing usability and user-friendliness, and demonstrate an innovative application within a decision support system for expert knowledge collection.Документ Відкритий доступ Adaptive AI architecture for implementing privacy-by-design in accordance with GDPR(Institute of Special Communication and Information Protection of National Technical University of Ukraine “Igor Sikorsky Kyiv Polytechnic Institute”, 2025) Shamov, OleksiiThis article addresses one of the key challenges in modern intelligent systems engineering: the practical implementation of the Privacy-by-Design principle, enshrined in the General Data Protection Regulation (GDPR), within artificial intelligence architectures. Existing approaches, such as federated learning, differential privacy, and homomorphic encryption, while effective tools, create a rigid trade-off between the level of personal data protection, model utility (accuracy), and computational efficiency when applied statically. Such a unified “one-size-fits-all” approach is inefficient, as it leads to either excessive protection of non-sensitive data, which unjustifiably degrades performance, or insufficient protection for the most vulnerable categories of information. The objective of this research is to develop a conceptual framework for a novel artificial intelligence architecture that resolves this issue through dynamic, risk-oriented management of privacy mechanisms. The result of this study is a proposed adaptive hybrid architecture. The scientific novelty of this work lies in shifting from a static model of applying Privacy-Enhancing Technologies (PETs) to a flexible, multi-layered system. This system classifies data and model components in real-timebased on their sensitivity level and associated risks. Depending on the risk level, the architecture dynamically applies an optimal set of protection tools: from basic federated learning with light differential privacy guarantees for low-risk data to the application of homomorphic encryption for the most critical computations. At the core of the architecture is an optimization model that aims to maximize model utility while minimizing computational costs, ensuring compliance with predefined privacy thresholds for each data category as required by GDPR. This approach enables the creation of more efficient, secure, and productive intelligent systems that meet modern regulatory demands.Документ Відкритий доступ Aggregation of information from diverse networks as the basis for training cyber security specialists on processing ultra large data sets(Institute of Special Communication and Information Protection of National Technical University of Ukraine “Igor Sikorsky Kyiv Polytechnic Institute”, 2021) Lande, Dmytro; Puchkov, Oleksandr; Subach, IhorThe basic principles of training cybersecurity specialists on processing large data sets to solve complex unstructured tasks in the course of their functional responsibilities based on the achievements of Data Science in the field of cybersecurity, by acquiring the necessary competencies and practical application of the latest information technologies based on methods of aggregation of large amounts of data are substantiatedand presented. The most common latest technologiesand tools in the field of cybersecurity, the list of which allows getting a fairly holistic view of what is used today by specialists in the field of Data Science, are considered. The tools you need to have to solve complex problems using big data are analyzed.The subject of the study is the fundamental provisions of the concept of “big data”; appropriate data models; architectural concepts of creating information systems for “big data”; big data analytics, as well as the practical application of big dataprocessing results. The theoretical basis of the training, which includes two sections: “Big Data: theoretical principles”, and “Technological applications for big data”, which, in turn, are logically divided into ten, is considered. As a material and technical basis for the acquisition of practical skills by students, a model based on the system “CyberAggregator” was created and described, which operates and is constantly improved in accordance with the expansion of the list of tasks assigned to it. The CyberAggregator system consists of three main parts: a server for collecting and primary processing of information; an information retrieval server (search engine); an interface server from which the service is provided to users and other systems via the API. The system is based on technological components such as the Elasticsearch information retrieval system, the Kibana utility, the Neo4j database graph management system, JavaScript-based results visualization tools (D3.js) and network information scanningmodules. The system provides the implementation of such functions as the formation of databases from certain information resources; maintaining full-text databases of information; detection of duplicates similar in content to information messages; full-text search; analysis of text messages, determination of tonality, formation of analytical reports; integration with the geographic information system; data analysis and visualization; research of thematic information flows dynamics; forecasting events basedon the analysis of the publications dynamics, etc. The suggested approach allows students to acquire the necessary competencies needed to process effectively large amounts of data from social networks, create systems for monitoring network information on cybersecurity, selection of relevant information from social networks, search engine implementation, analytical research, forecasting.Документ Відкритий доступ AI-based image steganalysis under limited computational resources(Institute of Special Communication and Information Protection of National Technical University of Ukraine “Igor Sikorsky Kyiv Polytechnic Institute”, 2025) Uspenskyi, Oleksandr; Bondarchuk, YuriiThis study addresses the challenges of modern steganalysis, which lies in the dichotomy between highly effective yet computationally expensive State-of-the-Art (SOTA) artificial intelligence models [1],[2] and lightweight architectures that are fast but incapable of independently detecting weak steganographic signals [3],[4]. The hypothesis proposed in this research suggests that combining classical feature engineering techniques –particularly the use of Spatial Rich Model (SRM) filters to enhance residual noise [5],[6] –with a modern self-supervised learning (SSL) approach for regularization and improved generalization capability [7],[8], can endow a lightweight convolutional neural network with the necessary properties for effective performance.To verify this hypothesis, a comprehensive comparative experiment was conducted involving four models: a baseline lightweight architecture [3], a model employing SRM filters [6], a heavy SOTA SRNet (Residual Network) model [1], and the proposed hybrid model [9], [10]. The experiment was carried out on a complex heterogeneous dataset comprising images processed by three distinct steganographic algorithms with two embedding rates [11]. Performance evaluation was conducted on two datasets: a test sample from the same data domain (in-distribution) and a completely new, external dataset to assess generalization capability (out-of-distribution) [11],[12].The experimental results fully confirmed the main hypothesis. The hybrid model achieved the highest detection accuracy among lightweight approaches (AUC –Area Under the ROC Curve of 0.636) and, most importantly, demonstrated the greatest robustness to domain shift (AUC of 0.539 on the external dataset), showing the smallest degradation in performance [10],[13]. The study also revealed a counterintuitive effect: the heavy SOTA SRNet architecture exhibited a significant failure (AUC of 0.348) under heterogeneous data conditions, indicating its tendency to overfit to specific artifacts [1],[2].Документ Відкритий доступ An exploration of public key infrastructure applications across diverse domains: a comparative analysis(National Technical University of Ukraine "Igor Sikorsky Kyiv Polytechnic Institute", 2023) Dulia, Oleksandr; Minochkin, DmytroThis article delves into the vital role of Public Key Infrastructure (PKI) in securing and authenticating communications across a multitude of fields. PKI has evolved from a mere technical concept into a cornerstone of secure digital communications, playing a central role in various domains such as web security, healthcare, finance, the Internet of Things (IoT), and government services. PKI employs cryptographic techniques and digital certificates to establish trust, ensure data integrity, and enable secure communications, thus acting as the backbone of digital security. In the wake of the digital revolution, the demand for reliable and robust security solutions has skyrocketed. The diversity and scale of modern digital platforms necessitate adaptable security solutions, a challengewhich PKI tackles through its flexible implementation. Despite sharing core principles, the implementation of PKI demonstrates divergences influenced by factors such as scale, complexity, resource constraints, regulatory environments, and trust models. This article offers an extensive comparison of PKI's utilization across various domains, highlighting the commonalities and divergences. It explores how PKI is tailored to meet the unique requirements and challenges of each sector and discusses the certificate lifecycle management in varying contexts. Moreover, it provides an analysis of the current state of PKI applications and challenges, offering insights into the evolving landscape of threats and technologies. Not only does the article address the currentstate of PKI, but it also presents a forward-looking perspective on its potential future developments. As the digital landscape continues to evolve and expand, it is crucial to anticipate the emerging challenges and devise strategies for proactive adaptation. This article thus serves as a comprehensive resource for understanding the role and impact of PKI in the contemporary digital infrastructure.Ultimately, the article seeks to underline the importance of PKI and highlight the need for continued research and development in this area. As our reliance on digital communications and transactions continues to grow, the role of PKI in safeguarding these interactions becomes increasingly significant. This comprehensive review serves as a valuable resource for researchers, practitioners, and policymakers in understanding the diverse applications of PKI and its critical role in securing the digital world.Документ Відкритий доступ Analysis of methods of classification of electronic messages based on neural network models(National Technical University of Ukraine "Igor Sikorsky Kyiv Polytechnic Institute", 2023) Onishchenko, Volodymyr; Minochkin, AnatoliiIn the article, the creation of a mechanism for detecting and classifying messages is considered, with an assessment of how effectively different neural networks work and can recognize and classify different types of electronic messages, including phishing attacks, spam, and legitimate messages. A preliminary analysis of incoming messages has been performed, encompassing their headers, text, and other relevant attributes. For instance, in the case of emails, these attributes could be the 'subject' and 'sender' of the message. Methods for data preparation and processing have been reviewed, including text vectorization, noise removal, and normalization, to be utilized in training neural networks. Message tokenization has been performed by transforming them into a numerical format while considering the selection of features. For text messages, it is crucial to execute both tokenization and text vectorization. The model training was performed on the test data with prior splitting into two parts: 80% for training and 20% for testing. The training set is utilized for training the model, while the test set is used to evaluate its effectiveness. The peculiarity of the class structure of the data, namely the uniformity of the distribution of classes, is considered. In this case, spam occurs less frequently than legitimate messages, so class balancing techniques such as random deletion of redundant examples, upsampling, and subsampling were applied to ensure adequate model training. Optimization of network parameters was performed, by researching the optimal parameters of neural networks, such as the number and size of layers, activation functions, and optimization of hyperparameters to achieve the best performance. Hyperparameter optimization includes determining optimal settings for neural networks, such as layer size, activation functions, learning rate, and other parameters. The effectiveness was assessed by comparing the results and performance of various classification methods based on neural networks using metrics such as precision and F1-score. It was determined how well the methods can avoid misclassifications where legitimate messages are mistakenly identified as spam, and vice versa. A comparison of the methods' effectiveness in processing a large volume of messages in real time was conducted. An analysis of different architectures of neural network models was performed. Based on the analysis, it was revealed how effectively different neural network models can recognize and classify messages as spam.Документ Відкритий доступ Analysis of stability of the user's keyboard handwriting characteristics in the biometric authentication systems(Institute of Special Communication and Information Protection of National Technical University of Ukraine “Igor Sikorsky Kyiv Polytechnic Institute”, 2018) Yevetskyi, Viktor; Horniichuk, IvanConsideration is given to the use of biometric characteristics in order to increase the efficiency of user authentication. An identifier that uses biometric characteristics is inextricably linked to the user, and it is virtually impossible to use it unauthorized. As a biometric characteristic it is expedient to use a keyboard handwriting. Keyboard handwriting, or rhythm of typing, displays a way of typing on a keyboard that is specific to a particular user. In addition, it is quite simple to implement and does not require additional hardware costs. Moreover, the use of keyboard writing when entering a password eliminates the main disadvantages of classical password systems and systems based on access cards. The focus of the research was on the sustainability of the time characteristics of the keyboard handwriting of a particular user over a long period of time. To implement the admission of the user to the computer system, an algorithm based on the Heming distance is selected. According to the chosen algorithm an algorithm for forming a vector of biometric characteristics of the user is developed, which includes the duration of holding a specific key and the time between pressing the neighboring keys. An algorithm for forming a user's biometric standard is developed. To analyze the use of keyboard handwriting, software applications that implement the user's access based on keyboard handwriting were developed, as well as a program for collecting time characteristics. Both applications use the developed algorithms. To study the constancy of handwriting time characteristics, an empirical study was conducted. For this purpose, a group of individuals is selected, each of which has a computer input at an adequate level. They all entered the proposed phrase within a year. The obtained statistical data, on the basis of which, the average values and values of the average square deviation of the time characteristics of keyboard handwriting at the various time intervals are calculated. Estimated probability of correct user recognition by its frequency in n independent experiments. As a result of the study, the persistence of user keyboard handwriting as a biometric characteristic for use in computer data protection systems, in particular, authentication systems, was analyzed.Документ Відкритий доступ Analytical geometry approach for information security risks analyses(Institute of special communication and information security of National technical university of Ukraine «Kyiv polytechnic institute», 2015) Mokhor, Volodymyr; Bezshtanko, Vitalii; Honchar, Serhii; Kravtsov, Hryhorii; Kotsiuba, Ihor; Kruk, Olha; Makarevych, Oleksander; Maksymenko, Yevhen; Tsurkan, Vasyl; Мохор, Володимир Володимирович; Безштанько, Віталій Михайлович; Гончар, Сергій Феодосійович; Кравцов, Григорій Олексійович; Коцюба, Ігор Васильович; Крук, Ольга Миколаївна; Макаревич, Олександр Євгенович; Максименко, Євген Васильович; Цуркан, Василь ВасильовичДокумент Відкритий доступ Applications containers security model(Institute of Special Communication and Information Protection of National Technical University of Ukraine “Igor Sikorsky Kyiv Polytechnic Institute”, 2020) Misnik, OleksiiIt has been established the purpose of container environments for the development, delivery and operation of various types of the software applications. The web and mobile applications have the most widespread use. This is due to the container media’s emphasis on quick loading and installation. Using this method, you can think of the infrastructure as a code and get the benefits associated with it. First of foremost, accelerate the development of software applications, particularly reducing the time between their conception and launch. This is facilitated by the use of download utilities, the deployment of container environments on container virtualization platforms, and the management of software applications. Despite this, the necessity to secure the security of software programs limits the adoption of container systems in practice. This is primarily due to the use of standard approaches based on intrusion detection systems. Features of container environments in relation to real settings were overlooked when they were first introduced. Taking into account the vulnerabilities and dangers of container virtualization platforms, as well as monitoring the processes of container environments given the unique architecture and input load flow, it is important to keep in mind that there are only a few of them. A model for assuring the security of container environments of software programs is proposed to overcome the difficulties of employing intrusion detection systems. It isbased on the idea of using system calls of the host system on the example of the Linux operating system. This is because they allow the software applications to interact with the kernel. As a result, users have been identified as the sources of probable intrusions into container environments. Additionally, there are examples of atypical commands for analysis during the execution of system calls. Based on the obtained results, it has been distinguished the stages of intrusion detection and transitions between them. As a result, the Petri net is used to formalize this process. During the intrusion detection, it has been defined by the numerous sets of stages, transitions between stages, relations between stages, and transitions.As a result of the suggested approach, the security aspects of container environments for software applications are possible to be established.Документ Відкритий доступ Applying mobile devices in biometric user authentication systems(Institute of Special Communication and Information Protection of National Technical University of Ukraine “Igor Sikorsky Kyiv Polytechnic Institute”, 2019) Horniichuk, Ivan; Yevetskyi, Viktor; Kubrak, VolodymyrThe use of biometric characteristics to improve the efficiency of user authentication is considered. An identifier that uses biometric characteristics is inextricably linked to the user and is virtually impossible to use it unauthorized. According to this, it is proposed to use the dynamic biometric characteristics of users. Their advantage is that due to the dynamic component, the likelihood of their being forged by an attacker is very low. As a part of multifactor authentication system, biometrics can significantly reduce the chances of hacking user accounts by eliminating the disadvantages of classic password systems and card-based systems. The handwritten signature is used as the biometric characteristic of the user. The handwritten signature is a publicly and legally recognized biometric characteristic used for human authentication. It has a rather complex structure and high detail, all of which makes the solution of this problem mathematical methods rather complicated and requires a large computational cost. A major drawback is that handwritten signature authentication systems require the installation of additional specialized hardware. Therefore, using such systems as an ordinary authentication tool is very expensive. Nowadays the presence of mobile devices in almost all users has made it possible to form the idea of using them in authentication systems. Thanks to that a scheme for implementing a computer security system against unauthorized access based on handwritten signatures using Android-based mobile devices as signature input devices were proposed. In addition, a connection scheme between a computer and a mobile device was proposed. Its feature is that the connection between the mobile device and the computer is established by scanning the QR code displayed on the computer monitor by mobile device module. The practical value of the results obtained is confirmed by the copyright registration certificate of the software developed during the workДокумент Відкритий доступ Assessing the efficiency of information protection systems in the computer systems and networks(Institute of Special Communication and Information Protection of National Technical University of Ukraine “Igor Sikorsky Kyiv Polytechnic Institute”, 2013) Nachev, A.; Zhelezov, St.The specific features of the information protection systems in the computer systems and networks require the development of non-trivial methods for their analysis and assessment. Attempts for solutions in this area are given in this paper.Документ Відкритий доступ Assessment of insider attack with learning statistics methods(Institute of special communication and information security of National technical university of Ukraine «Kyiv polytechnic institute», 2015) Mokhor, Volodymyr; Kravtsov, Hryhorii; Kotsiuba, Ihor; Мохор, Володимир Володимирович; Кравцов, Григорій Олексійович; Коцюба, Ігор ВасильовичДокумент Відкритий доступ BKW-атака на шифросистеми NTRUCIPHER та NTRUCIPHER+(Institute of Special Communication and Information Protection of National Technical University of Ukraine “Igor Sikorsky Kyiv Polytechnic Institute”, 2020) Матійко, Александра АндріївнаУ зв’язку з появою квантових комп’ютерів, що суттєво зменшить час вирішення певних задач, безпека багатьох стандартизованих криптосистем знаходиться під загрозою. Це стимулювало NISTу 2016 році запустити відкритий конкурс на створення нових постквантових стандартів. Улітку 2020 року алгоритм NTRU–один із найшвидших постквантових алгоритмів, побудований на основі решіток в евклідовому просторі (1996 р.) –увійшов у сімку фіналістів цього конкурсу. Проте лише в 2017 році запропоновано аналог цієї шифросистеми –симетрична шифросистема NTRUCipher. Проведені попередні дослідження цієї шифросистеми, проте не проаналізовано її стійкість відносно природної атаки з підібраним відкритим текстом, яка полягає у складанні системи лінійних рівнянь зі спотвореними правими частинами (над певним скінченним полем простого порядку) та її розв’язанні за допомогою узагальненого алгоритму BKW. В даній статті вперше запропонована шифросистема NTRUCipher+. Її головною відмінністю є використання додаткового випадкового полінома при зашифруванні. Досліджено стійкість шифросистем NTRUCipherта її модифікації NTRUCipher+ відносно BKW-атаки. Подібна атака є можливою саме для симетричних NTRU-подібних шифросистем, проте вона не була розглянута раніше. Отримано аналітичні (верхні та нижні) оцінкискладності BKW-атаки на NTRUCipherі NTRUCipher+. Проведено порівняння цих шифросистем за довжиною шифрованих повідомлень відносно BKW-атаки при певних однакових фіксованих параметрах. Показано, що підвищення стійкості шифросистеми NTRUCipherвідносно BKW-атаки завдяки використанню додаткового доданку при зашифруванні, майже повністю нівелюється збільшенням верхньої межі ймовірності помилки розшифрування. Проведені дослідження дозволили порівняти ці шифросистеми за стійкістю та практичністю, а такожзробити висновок про недоцільність використовувати NTRUCipher+ для підвищення стійкості шифросистеми NTRUCipherвідносно BKW-атаки. Надаліпланується розробити методи побудови симетричних аналогів криптосистеми NTRUна основі інших загальних конструкцій, що базуються на решітках.Документ Відкритий доступ Computer assisted language learning(Institute of Special Communication and Information Protection of National Technical University of Ukraine “Igor Sikorsky Kyiv Polytechnic Institute”, 2012) Zhytska, S. A.The article considers the main advantages and disadvantages of computer-assisted language learning, exercises to develop students’ communicative competence are suggested. Also the possibilities of the Internet to develop foreign language skills are determined and the necessity to apply modern methods and technologies in the foreign language teaching is highlighted.Документ Відкритий доступ Cтатистична атака на комбінувальні генератори гами з нерівномірним рухом(Institute of Special Communication and Information Protection of National Technical University of Ukraine “Igor Sikorsky Kyiv Polytechnic Institute”, 2025) Матійко, Александра Андріївна; Олексійчук, Антон МиколайовичКомбінувальнігенератори гами з нерівномірним рухом є основою для побудови низки потокових шифрів, найвідомішими з яких є шифри сім’ї 5Aта Alpha1. Кожен такий генератор складається з декількох двійкових лінійних регістрів зсуву, булевої комбінувальної функції та блоку управління рухом регістрів, який визначає правила, за якими останні зсуваються в процесі вироблення шифрувальної гами. Незважаючи на певні слабкості відомих потокових шифрів, побудованих на базі комбінувальних генераторів гами з нерівномірним рухом, такі генератори досі викликають теоретичний та прикладний інтерес внаслідок простоти їхньої будови та потенційної здатності забезпечувати стійкість до широкого класу атак за умови належного вибору їхніх компонент. У статті досліджуються комбінувальні генератори гами, кожен регістр яких або зсувається на один крок, або простоює в кожному такті, причому один з регістрів рухається рівномірно. Раніше авторами статті показано, що зазначеним генераторам притаманна слабкість, яка полягає у статистичній залежності між кожними сусідніми знаками їхніх вихідних послідовностей. Основним результатом цієї статті є статистична атака, яка базується на зазначеній слабкості. Запропонована атака спрямована на відновлення початкового стану регістру, що рухається рівномірно, за відомою вихідною послідовністю генератора або декількома такими послідовностями, які виробляються генератором в режимі реініціалізації початкового стану. Показано, що в останньому випадку складність атаки залежитьлінійно від довжини зазначеного регістру. Отримано аналітичну оцінку обсягу матеріалу, потрібного для реалізації запропонованої атаки з потрібною достовірністю. Зокрема, показано, що для шифру Alpha1 відповідний обсяг матеріалу становить приблизно 300 відрізків гами поряд з відповідними їм векторами ініціалізації. Сформульовано умови, які послаблюють стійкість генераторів з нерівномірним рухом відносно запропонованої атаки. Вони полягають в тому, що коефіцієнти Уолша-Адамара комбінувальної функції приймають нульові значення на всіх векторах ваги 0 і 1 та ненульові значення на певних векторах ваги 2. Показано, що ці умови виконуються для генератора гами шифру Alpha1. При цьому середній обсяг матеріалу, потрібного для відновлення початкового стану довільного генератора гами, який задовольняє наведені умови, є за порядком таким самим, що і для шифру Alpha1.Документ Відкритий доступ Detection of vulnerabilities of the computer systems and networks using social engineering techniques(Institute of Special Communication and Information Protection of National Technical University of Ukraine “Igor Sikorsky Kyiv Polytechnic Institute”, 2018) Tsurkan, Oksana; Herasymov, RostyslavInformation protection in computer systems and networks is focused on preserving its confidentiality properties of, integrity and availability from various inherently adverse impacts. Potentially possible adverse effects are interpreted as a threat. To prevent or complicate the possibility of realizing threats and reducing potential losses, a system of information protection measures is created and maintained in a healthy state. Such a system includes a computing system, physical environment, staff, and information. One of the most vulnerable elements of such system is staff. Within the framework of the socio-engineering approach, staff vulnerability is interpreted as its weaknesses, needs, mania (passions), hobbies. Manipulating them allows one to gain unauthorized access to information without destroying and distorting its main system-forming qualities. This is reflected in such forms as fraud, deception, scam, intrigue, hoax, provocation. The use of each of these manipulation forms is preceded by the determination of its content by careful planning, organization, and control. These actions are the basis of social engineering methods. Their use is aimed at imitating the actions of the information security violator, which are aimed at staff. This allows to assess the level of staff skills in the information security field and, as a result, to identify information vulnerabilities in computer systems and networks. The methods of social engineering used for this are divided into two groups, in particular, remote social engineering and personal contact. Methods of remote social engineering are implemented by means of modern telecommunications. In addition, the second group of methods involves the establishment of personal contact with the object of influence. In the end, it becomes possible not only to identify, neutralize, but also to prevent information vulnerabilities in computer systems and networks with the introduction of social engineering methods. Therefore, firstly, its protection is ensured taking into account the requirements of the information security policy; secondly, the rules of conduct of the staff are established, regulated by the job descriptions; thirdly, training is held to increase the persistence of employees stereotypes of the organization.Документ Відкритий доступ Determination of components of route hijack risk by internet connectionstopology analysis(Institute of Special Communication and Information Protection of National Technical University of Ukraine “Igor Sikorsky Kyiv Polytechnic Institute”, 2020) Zubok, VitaliiThe possibility of dynamic routes change between nodes that are not physically connected is a key feature of the Internet routing. The exterior gateway protocol BGP-4 has been developed to deliver this feature, along with policies and procedures of inter-domain routing. Developed for the network of hundreds nodes that rely on information from each other, after decades BGP-4 is still the same with tens thousands nodes and its crucial lack of routing data integrity. One of the most significant problems deriving from its weaknesses is route leaks and route hijacks. None of the proposed and partially implemented upgrades and add-ons like MANRS and RPKI can not deliver reliable defense against those types of attacks. In this paper, the approach of risk assessment via internetworking links analysis is developed. Although modern information security is based on risk management, in this paper it is proposed to mitigate route hijack risks byenhancing links topology. Estimating the risks of route hijack requires quantitative measurement of the impact of an attack on the routing distortion, and therefore, the loss of information security breach. For this assessment, this paper proposes to use knowledge of the features of the Internet topology at the layer of global routing, which is determined by the interaction of autonomous systems -groups of subnets under common control -according to the routing protocol BGP-4. Based on our formal representation of IP routing, the relationship between topology and the risk of route hijack is shown. A new approach to quantifying information risk using a new risk-oriented model of global routing, which will reflect the properties of Internet nodes in terms ofthe risk of routes hijack.Документ Відкритий доступ High performance encryption tools of visual information based on cellular automata(Institute of special communication and information security of National technical university of Ukraine «Kyiv polytechnic institute», 2016) Bilan, Stepan; Demash, Andrii; Білан, Степан; Демаш, АндрійДокумент Відкритий доступ Implementation of information security management system in organization(Institute of special communication and information security of National technical university of Ukraine «Kyiv polytechnic institute», 2016) Bezshtanko, Vitalii; Makarevych, Oleksandr; Безштанько, Віталій; Макаревич, Олександр