Theoretical and Applied Cybersecurity: scientific journal
Постійне посилання на фонд
ISSN 2708-1397 (Online), ISSN 2664-2913 (Print)
Періодичність: 4 рази на рік
Рік заснування: 2018
Тематика: теоретичні та криптографічні проблеми кібернетичної безпеки; математичні методи, моделі та технології дослідження безпечного функціонування кіберпростору; алгоритми та методи запобігання і протидії кібератакам; безпека промислових систем та систем критичної інфраструктури; кібербезпека Інтернету речей; інтелектуальні методи забезпечення кібербезпеки; проблемні питання сервісів анонімізації; дослідження вразливостей програмного коду і розробка безпечних програм; соціальний інжиніринг та методи протидії деструктивним впливам на свідомість у кіберпросторі; державна політика у сфері кібернетичної безпеки.
Офіційний сайт: http://tacs.ipt.kpi.ua/
Рік заснування: 2018
Тематика: теоретичні та криптографічні проблеми кібернетичної безпеки; математичні методи, моделі та технології дослідження безпечного функціонування кіберпростору; алгоритми та методи запобігання і протидії кібератакам; безпека промислових систем та систем критичної інфраструктури; кібербезпека Інтернету речей; інтелектуальні методи забезпечення кібербезпеки; проблемні питання сервісів анонімізації; дослідження вразливостей програмного коду і розробка безпечних програм; соціальний інжиніринг та методи протидії деструктивним впливам на свідомість у кіберпросторі; державна політика у сфері кібернетичної безпеки.
Офіційний сайт: http://tacs.ipt.kpi.ua/
Переглянути
Перегляд Theoretical and Applied Cybersecurity: scientific journal за Назва
Зараз показуємо 1 - 20 з 80
Результатів на сторінці
Налаштування сортування
Документ Відкритий доступ Algebraic immunity of vectorial Boolean functions and Boolean Groebner bases(Igor Sikorsky Kyiv Polytechnic Institute, 2020) Alekseychuk, A. N.Документ Відкритий доступ Analysis of the core research for vendor email compromise filtering model using machine learning(Igor Sikorsky Kyiv Polytechnic Institute, 2023) Zibarov, Dmytro; Kozlenko, OlehVendor email compromise became one of most sophisticated types of social engineering attacks. Strengths of this malicious activity rely on basis of impersonating vendor that company working with. Thus, it is easy for attacker to exploit this trust for doing different type of data exfiltration or ransom. To mitigate risks, that come with these challenges, information security specialist should consider using different types of approaches, including machine learning, to identify anomalies in email, so further damages can be prevented. The purpose of this work lies in the identification of optimal approach for VEC-style attacks detection and optimizing these approaches with least amount of falsepositive (FP) parameters. The object of this research is different methods of text processing algorithms, including machine learning methods for detecting VEC emails. The subject of research in this paper mainly considers impact of mentioned text processing algorithms and its relation with efficiency of VEC email classification, identifying most effective approach and, also, how to improve results of such detections. Results of this paper consists of details for VEC-email attacks detection, challenges that comes with different approaches and proposed solution, that lies in using text processing techniques and agentrelated approach with main sphere of implication – machine-learning systems, that are used for identifying social-engineering attacks through email.Документ Відкритий доступ Aspects of blockchain reliability considering its consensus algorithms(Igor Sikorsky Kyiv Polytechnic Institute, 2020) Gorniak, K. S.; Kudin, A. M.Документ Відкритий доступ Asymptotic Distributions for S-Box Heterogeneous Differential Probabilities(Igor Sikorsky Kyiv Polytechnic Institute, 2019) Yakovliev, S. V.; Bakhtigozin, V. Yu.Документ Відкритий доступ Basic concepts, approaches and fundamentals of cyber threat intelligence(Igor Sikorsky Kyiv Polytechnic Institute, 2022) Makovska, Maryna; Kozlenko, OlehДокумент Відкритий доступ Comparative analysis of machine learning methods for detecting malicious files(Igor Sikorsky Kyiv Polytechnic Institute, 2021) Nafiiev, Alan; Kholodulkin, Hlib; Rodionov, AndriiNowadays, one of the most critical cyber security problems is the fight against malicious software, precisely, the problem of detecting it. Every year, new modern computer viruses are created that are capable of mutation and changing while running. But unfortunately, the developers of antivirus software do not have time to quickly add all types of malicious programs to the signature databases. In this regard, it is sensible to use heuristic detection methods based on algorithms of machine learning. The purpose of this paper is to present several classification methods based on machine learning techniques for detecting zero-day attacks. In particular, the following algorithms were tested: random forest classifier, support vector classifier, greed search in svc, and k-nearest neighbors. The dataset was taken from the Kaggle website. It consists of 19611 executable files of the PE format, 14599 of which are malicious, and 5012 files are benign. This article presents recommended classification and detection methods with advanced analysis of important metrics that allow you to assess and compare machine learning algorithms’ effectiveness and performance for detecting malware.Документ Відкритий доступ Comparative Analysis of the Cybersecurity Indices and Their Applications(Igor Sikorsky Kyiv Polytechnic Institute, 2019) Kravets, V. M.Документ Відкритий доступ Comparison of Efficiency of Statistical Models Used for Formation of Feature Vectors by JPEG Images Steganalysis(Igor Sikorsky Kyiv Polytechnic Institute, 2020) Koshkina, NataliyaДокумент Відкритий доступ Comparison of Tools for Web-Application Brute Forcing(Igor Sikorsky Kyiv Polytechnic Institute, 2022) Chalyi, Oleksii; Kolomytsev, MyhailoFor a long time, threat of web-application authentication break remained a problem not only for users but also for business. This threat still exists, since broken authentication provides a blackhat with full access to accounts of users and business data. This article analyzes software tools for breaking authentication as well as it defines time required for breaking-in depending on different conditions. Based on the results of the analysis, the fastest tool was determined. In order to complete this analysis and determine the fastest tool, own web-application was created.Документ Відкритий доступ Compartment model of informational and suggestive influence(Igor Sikorsky Kyiv Polytechnic Institute, 2022) Nakonechna, YuliiaMathematical modeling use in information operations research makes it possible to qualitatively and quantitatively predict information attack object behavior, as well as to determine and implement effective countermeasures. According to the chosen methodology, a compartmental approach based informational and suggestive influence mathematical model was proposed. The model makes it possible to assess information, communication network participant state and estimate suggestive influence in the moment.Документ Відкритий доступ Complexity of The Systems of Linear Restrictions over a Finite Field(Igor Sikorsky Kyiv Polytechnic Institute, 2023) Kurinnyi, OlehThis paper continues the results obtained in [1]. In the previous paper, we formulated the problem of the unknown vector recovering from linear dependencies with this vector, which act as constraints on it. The next step, after finding out some algebraic and combinatorial properties, is to give basic estimates of complexity for the main problem as well as for related problems. Such related problems can be obtained by fixing some parameters of the main problem or applying constraints on the number of restrictions in the system. Such an analysis makes possible to arrange the problem of recovering an unknown vector based on partial information into the general computational complexity framework in order to approach existing theoretical results to its solution. The obtained theoretical results can be used in algebraic cryptanalysis of stream ciphers and cryptosystems based on linear codes.Документ Відкритий доступ Construction of Proactive Monitoring Model using Forecasting Techniques in the SCOM Software Complex(Igor Sikorsky Kyiv Polytechnic Institute, 2022) Soldatova, Kateryna; Nosok, SvitlanaThe majority of companies depend on their information systems, the stability of infrastructure operations and the failover of computing resources. Various monitoring tools are mostly used to automate the benchmarking process of company. The company that has a large distributed infrastructure should pay close attention to this process, as it makes the state of operations difficult to maintain, and increases the probability of the loss of functionality for errors or even shutdown of some servers. The one of solutions is reactive monitoring. Reactive monitoring is a technique where system administrators use monitoring tools to continuously collect data that determine the active and current status of information system environment. Measurements obtained from real-time monitoring tools illustrate the performance data of current information environment. However, if we discuss the main metrics of system resources, such as the level of processor load, RAM or disk usage, their change can be quite fast. And for servers that are responsible for critical functions, the problem of full resource usage is important. This problem can be solved with proactive monitoring. The purpose of this article is to construct the proactive monitoring model with time series forecasting hybrid method for the resources load. The final solution will be used in the management pack of software complex System Center Operations Manager (SCOM). The forecasting methods such as Least squares, SMA and EMA were considered in this work.Документ Відкритий доступ Counteracting destructive information influences based on the game approach(Igor Sikorsky Kyiv Polytechnic Institute, 2021) Tereshchenk, Ivan; Myronets, AlinaThe problem of counteracting destructive influences on the example of ensuring information security of society during the rapid structural changes in the television industry is considered. To solve this problem we propose a nonlinear model that is based on multiple-choice in the context of information counteraction. Based on the study of the election campaign, the simulation of processes affecting security was conducted. A case in which, due to certain circumstances, some TV channels that political parties engage in for the purpose of agitation stop broadcasting has been investigated. The model considered the following objects: the first group of TV channels with common interests, the second group of TV channels - antagonists of the first, the third group - TV channels whose activities are insignificant in terms of impact on the first group, but in the simulation, they are considered to belong to the second group. The dependence of the efficiency of information influence on certain parameters of the model is shown. The conditions that ensure the preservation of the coalition in the conditions of information counteraction have been identified with the help of the game approach.Документ Відкритий доступ Cryptanalysis of the «Vershyna» Digital Signature Algorithm(Igor Sikorsky Kyiv Polytechnic Institute, 2023) Lytvynenko, Yuliia; Fesenko, AndriiThe CRYSTALS-Dilithium digital signature algorithm, which was selected as the prototype of the new «Vershyna» digital signature algorithm, is analyzed in this paper. The characteristics of the National Digital Signature Standard Project and the construction of the «Vershyna» algorithm are also presented. During the analysis of the project, the predicted number of iterations that the algorithm must perform to create the correct signature was calculated. In addition, basic theoretical information about the structure of Fiat-Shamir with aborts and its security in quantum and classical models oracle models is also provided. We obtain our own results on the resistance of the «Vershyna» algorithm to the attack without the use of a message in classical and quantum oracle models. The resistance of the «Vershyna» algorithm to a key recovery attack is based on the assumption of the hardness of the MLWE problem, and the resistance to existential signature forgery is based on the assumption of the hardness of the MSIS problem. In this work, the expected level of hardness of SIS and LWE problems is calculated, to which there are reductions from MSIS and MLWE problems.Документ Відкритий доступ Cyber Security Logical and Probabilistic Model of a Critical Infrastructure Facility in the Electric Energy Industry(Igor Sikorsky Kyiv Polytechnic Institute, 2023) Alekseichuk, Lesia; Novikov, Oleksii; Rodionov, Andrii; Yakobchuk, DmytroIn the work, a cyber security logical and probabilistic model of a critical infrastructure facility in the energy sector was developed and investigated. The cyber security logical and probabilistic model describes the development of adverse events that arise in the Industrial Control System of the electrical network from the realization of possible threats from cyberspace, such as attacks on the protection system through the corporate network, connection through a modem and wireless connection. The resulting model is based on sequentially developed structural, logical and probabilistic models. The field of use of the developed model is automation systems for designing information protection systems or designing trajectories of attacks on these systems. The model was also applied to study the sensitivity of the probability of the development of adverse events to variations in the probability of realization of possible threats to the system.Документ Відкритий доступ Cybersecurity in AI-Driven Casual Network Formation(Igor Sikorsky Kyiv Polytechnic Institute, 2023) Lande, Dmytro; Feher, Anatolii; Strashnoy, LeonardThe paper describes a methodology for forming thematic causal networks using artificial intelligence and automating the processes of their visualization. The presented methodology is considered on the example of ChatGPT, as an artificial intelligence for analyzing the space of texts and building concepts of causal relationships, and their further visualization is demonstrated on the example of Gephi and CSV2Graph programs. The effectiveness of the disaggregated method in relation to traditional methods for solving such problems is shown by integrating the means of intelligent text analytics and graphical network analysis on the example of the problem of data leakage in information systems and a selection of news clippings on the selected cybersecurity topic.Документ Відкритий доступ DeeDP: vulnerability detection and patching based on deep learning(Igor Sikorsky Kyiv Polytechnic Institute, 2020) Savchenko, A.; Fokin, O.; Chernousov, A.; Sinelnikova, O.; Osadchyi, S.Документ Відкритий доступ Deep learning based automatic software defects detection Framework(Igor Sikorsky Kyiv Polytechnic Institute, 2019) Chernousov, A.; Savchenko, A.; Osadchyi, S.; Kubiuk, Y.; Kostenko, Y.; Likhomanov, D.Документ Відкритий доступ Defining of Goals in the Development of Cyber Resilient Systems According to NIST(Igor Sikorsky Kyiv Polytechnic Institute, 2023) Bakalynskyi, Oleksandr; Korobeynikov, FedirThis paper introduces an approach to defining goals in the development of cyber-resilient systems, following the guidelines established in the standards of the National Institute of Standards and Technology (NIST) in the United States. This work aims to provide a roadmap for researchers and practitioners of cyber resilience in creating information systems capable of withstanding and adapting to adverse conditions, malfunctions, and attacks while ensuring the guaranteed execution of all primary cyber-system functions.Документ Відкритий доступ Destruction of stego images formed by adaptive embedding methods with dictionary learning methods(Igor Sikorsky Kyiv Polytechnic Institute, 2022) Progonov, DmytroCounteraction to sensitive information leakage that processed by state and private organizations is topical task today. Of special interest are methods for prevention data leakage by usage of hidden (steganographic) communication channels by attackers. Despite wide range of proposed steganalysis methods for detection of embedded messages, theirs performance highly depends on prior information about used embedding methods. As an example, we may mention modern stegdetectors for digital images, which are based on cover rich models and deep convolutional neural networks. Therefore, the stego image destruction methods are widely applied as preventive action. Modern methods for stego image destruction are based on widespread image denoising methods, like median filter and lossy compression. The limitation of such methods is significant changes of image’s statistical features that may disclosure the steganalysis process to attacker. Therefore, development of stego images processing methods that provide reliable destruction of embedded data, and preserving cover image statistical features is needed. The paper is aimed at performance evaluation of applying the novel methods of spectral analysis, namely dictionary learning, for solving this tasks. The obtained results showed limitation of state-of-the-art methods for destruction of stego image formed by adaptive embedding methods, namely considerable changes of image’s statistical parameters. The proposed method allows preserving both minimal changes of a Cover Image (CI) parameters, and ratio of survived bits of embedded message (less than 7%). This makes proposed solution an attractive candidate for reliable destruction of stego images formed by novel embedding methods. However, practical usage of proposed solution requires further improvement of dictionary learning methods, namely decreasing of computation complexity of dictionary forming procedure.