Theoretical and Applied Cybersecurity
Постійне посилання на фонд
ISSN 2708-1397 (Online), ISSN 2664-2913 (Print)
Періодичність: 4 рази на рік
Рік заснування: 2018
Тематика: теоретичні та криптографічні проблеми кібернетичної безпеки; математичні методи, моделі та технології дослідження безпечного функціонування кіберпростору; алгоритми та методи запобігання і протидії кібератакам; безпека промислових систем та систем критичної інфраструктури; кібербезпека Інтернету речей; інтелектуальні методи забезпечення кібербезпеки; проблемні питання сервісів анонімізації; дослідження вразливостей програмного коду і розробка безпечних програм; соціальний інжиніринг та методи протидії деструктивним впливам на свідомість у кіберпросторі; державна політика у сфері кібернетичної безпеки.
Офіційний сайт: https://tacs.ipt.kpi.ua/
Рік заснування: 2018
Тематика: теоретичні та криптографічні проблеми кібернетичної безпеки; математичні методи, моделі та технології дослідження безпечного функціонування кіберпростору; алгоритми та методи запобігання і протидії кібератакам; безпека промислових систем та систем критичної інфраструктури; кібербезпека Інтернету речей; інтелектуальні методи забезпечення кібербезпеки; проблемні питання сервісів анонімізації; дослідження вразливостей програмного коду і розробка безпечних програм; соціальний інжиніринг та методи протидії деструктивним впливам на свідомість у кіберпросторі; державна політика у сфері кібернетичної безпеки.
Офіційний сайт: https://tacs.ipt.kpi.ua/
Переглянути
Перегляд Theoretical and Applied Cybersecurity за Назва
Зараз показуємо 1 - 20 з 101
Результатів на сторінці
Налаштування сортування
Документ Відкритий доступ Algebraic immunity of vectorial Boolean functions and Boolean Groebner bases(Igor Sikorsky Kyiv Polytechnic Institute, 2020) Alekseychuk, A. N.Документ Відкритий доступ An Algorithm for Analyzing the Ethereum Network Blockchain to Detect Illegal Activities(Igor Sikorsky Kyiv Polytechnic Institute, 2024) Abdullaieva, Esmira; Galchynsky, LeonidThis work is devoted to the research of the blockchain network, in particular, aimed at detecting illegal activity in the Ethereum network using forensic methods. The paper describes the concepts and basic vulnerabilities related to the Ethereum network and the integration of graph analysis to develop an algorithm that scrutinizes Ethereum's transaction structure for illegal activities, including money laundering. In addition, the study includes an analysis of the very structure of Ethereum and the blockchain, which allows insight into the identification and analysis of various aspects of their functioning. The research results are used for the software implementation of the study and improvement of the security level of the blockchain network, including the creation of advanced software solutions for network analysis and protection of the integrity of the blockchain ecosystem. This integrated methodology aims to protect the integrity of blockchain ecosystems.Документ Відкритий доступ An example of fuzzy ontology usage for risk assessment and attack impact(Igor Sikorsky Kyiv Polytechnic Institute, 2024) Kozlenko, OlehThe article discusses the use of fuzzy ontology for assessing risks and impacts of attacks in the field of information security. Fuzzy ontology, which is a formalized way of representing knowledge, offers effective solutions for processing complex and informal processes. The article substantiates the significance of fuzzy logic in structural analysis and presents an example of how new types of attacks influence the ontology. Key findings include the identification of risks associated with attacks through the application of fuzzy sets and entropy theory. The discussion highlights how these methods can enhance threat response and risk management in information systems.Документ Відкритий доступ Analysis of the core research for vendor email compromise filtering model using machine learning(Igor Sikorsky Kyiv Polytechnic Institute, 2023) Zibarov, Dmytro; Kozlenko, OlehVendor email compromise became one of most sophisticated types of social engineering attacks. Strengths of this malicious activity rely on basis of impersonating vendor that company working with. Thus, it is easy for attacker to exploit this trust for doing different type of data exfiltration or ransom. To mitigate risks, that come with these challenges, information security specialist should consider using different types of approaches, including machine learning, to identify anomalies in email, so further damages can be prevented. The purpose of this work lies in the identification of optimal approach for VEC-style attacks detection and optimizing these approaches with least amount of falsepositive (FP) parameters. The object of this research is different methods of text processing algorithms, including machine learning methods for detecting VEC emails. The subject of research in this paper mainly considers impact of mentioned text processing algorithms and its relation with efficiency of VEC email classification, identifying most effective approach and, also, how to improve results of such detections. Results of this paper consists of details for VEC-email attacks detection, challenges that comes with different approaches and proposed solution, that lies in using text processing techniques and agentrelated approach with main sphere of implication – machine-learning systems, that are used for identifying social-engineering attacks through email.Документ Відкритий доступ Application of Large Language Models for Assessing Parameters and Possible Scenarios of Cyberattacks on Information and Communication Systems(Igor Sikorsky Kyiv Polytechnic Institute, 2024) Lande, Dmitry; Novikov, Oleksii; Alekseichuk, LesiaThis paper explores the use of large language models (LLMs) to evaluate parameters and identify potential hostile penetration scenarios in corporate networks, considering logical and probabilistic relationships between network nodes. The developed methodology is based on analyzing the network structure, which includes components such as the Firewall, Mail Server, Web Server, administrator and client workstations, application server, and database server. The probabilities of transitions between these nodes during adversarial attacks are determined using a swarm of virtual experts and two sets of prompts aimed at different LLMs. Among the results obtained through the swarm approach are average transition probabilities, which enable modeling the most likely attack paths from both external and internal network origins. Based on logical-probabilistic analysis, penetration scenarios are ranked according to probabilities, execution time, and resource minimization required by attackers. The proposed methodology facilitates rapid response to threats and ensures an adequate level of cybersecurity by focusing on the most probable and dangerous attack scenarios.Документ Відкритий доступ Application of Ternary Pattern-based Truncated Differential Cryptanalysis to Specific Block Ciphers(Igor Sikorsky Kyiv Polytechnic Institute, 2024) Yakymchuk, Oleksii; Medvedtskyi, KostiantynIn the previous work [1], we proposed a formalized approach to truncated differential cryptanalysisbased on ternary masks which separately consider unchanged, obligatory changed and unknown bitsin differences. A security parameter for S-boxes and encryption mappings that bounds the probabilityof truncated differentials from below was also proposed in the previous paper. The subsequent stepinvolves applying the proposed method to existing real-world ciphers, calculating the defined securityparameter, and assessing the method’s effectiveness and potential applications. Additionally, this paperextends the applicability of the proposed approach by formalizing the𝑋𝑂𝑅operation rules for ternarymasks. This allows us to apply the proposed method to ciphers with a structure of Feistel network.Документ Відкритий доступ Aspects of blockchain reliability considering its consensus algorithms(Igor Sikorsky Kyiv Polytechnic Institute, 2020) Gorniak, K. S.; Kudin, A. M.Документ Відкритий доступ Asymptotic Distributions for S-Box Heterogeneous Differential Probabilities(Igor Sikorsky Kyiv Polytechnic Institute, 2019) Yakovliev, S. V.; Bakhtigozin, V. Yu.Документ Відкритий доступ Basic concepts, approaches and fundamentals of cyber threat intelligence(Igor Sikorsky Kyiv Polytechnic Institute, 2022) Makovska, Maryna; Kozlenko, OlehДокумент Відкритий доступ Comparative analysis of machine learning methods for detecting malicious files(Igor Sikorsky Kyiv Polytechnic Institute, 2021) Nafiiev, Alan; Kholodulkin, Hlib; Rodionov, AndriiNowadays, one of the most critical cyber security problems is the fight against malicious software, precisely, the problem of detecting it. Every year, new modern computer viruses are created that are capable of mutation and changing while running. But unfortunately, the developers of antivirus software do not have time to quickly add all types of malicious programs to the signature databases. In this regard, it is sensible to use heuristic detection methods based on algorithms of machine learning. The purpose of this paper is to present several classification methods based on machine learning techniques for detecting zero-day attacks. In particular, the following algorithms were tested: random forest classifier, support vector classifier, greed search in svc, and k-nearest neighbors. The dataset was taken from the Kaggle website. It consists of 19611 executable files of the PE format, 14599 of which are malicious, and 5012 files are benign. This article presents recommended classification and detection methods with advanced analysis of important metrics that allow you to assess and compare machine learning algorithms’ effectiveness and performance for detecting malware.Документ Відкритий доступ Comparative Analysis of the Cybersecurity Indices and Their Applications(Igor Sikorsky Kyiv Polytechnic Institute, 2019) Kravets, V. M.Документ Відкритий доступ Comparison analysis between strict ontologies and fuzzy ontologies(Igor Sikorsky Kyiv Polytechnic Institute, 2024) Kozlenko, OlehOntological modeling has been important in the field of cybersecurity, but with the growing use of artificial intelligence in various processes related to cybersecurity, it has become an increasingly relevant area for research every new year. Ontologies can serve as a primary source of knowledge for artificial intelligence models and as a "sequence of actions" in different processes. Typically, strictontologies were used due to their formalized structure, but they did not fully capture processes that involve fuzzy contexts of actions or results. The aim of this article is to present and analyze different ontologies, both strict and fuzzy, that are used or could be used in the field of cybersecurity and related processes, demonstrating their similarities, differences, and areas of application.Документ Відкритий доступ Comparison of Efficiency of Statistical Models Used for Formation of Feature Vectors by JPEG Images Steganalysis(Igor Sikorsky Kyiv Polytechnic Institute, 2020) Koshkina, NataliyaДокумент Відкритий доступ Comparison of Tools for Web-Application Brute Forcing(Igor Sikorsky Kyiv Polytechnic Institute, 2022) Chalyi, Oleksii; Kolomytsev, MyhailoFor a long time, threat of web-application authentication break remained a problem not only for users but also for business. This threat still exists, since broken authentication provides a blackhat with full access to accounts of users and business data. This article analyzes software tools for breaking authentication as well as it defines time required for breaking-in depending on different conditions. Based on the results of the analysis, the fastest tool was determined. In order to complete this analysis and determine the fastest tool, own web-application was created.Документ Відкритий доступ Compartment model of informational and suggestive influence(Igor Sikorsky Kyiv Polytechnic Institute, 2022) Nakonechna, YuliiaMathematical modeling use in information operations research makes it possible to qualitatively and quantitatively predict information attack object behavior, as well as to determine and implement effective countermeasures. According to the chosen methodology, a compartmental approach based informational and suggestive influence mathematical model was proposed. The model makes it possible to assess information, communication network participant state and estimate suggestive influence in the moment.Документ Відкритий доступ Complexity of The Systems of Linear Restrictions over a Finite Field(Igor Sikorsky Kyiv Polytechnic Institute, 2023) Kurinnyi, OlehThis paper continues the results obtained in [1]. In the previous paper, we formulated the problem of the unknown vector recovering from linear dependencies with this vector, which act as constraints on it. The next step, after finding out some algebraic and combinatorial properties, is to give basic estimates of complexity for the main problem as well as for related problems. Such related problems can be obtained by fixing some parameters of the main problem or applying constraints on the number of restrictions in the system. Such an analysis makes possible to arrange the problem of recovering an unknown vector based on partial information into the general computational complexity framework in order to approach existing theoretical results to its solution. The obtained theoretical results can be used in algebraic cryptanalysis of stream ciphers and cryptosystems based on linear codes.Документ Відкритий доступ Construction of Proactive Monitoring Model using Forecasting Techniques in the SCOM Software Complex(Igor Sikorsky Kyiv Polytechnic Institute, 2022) Soldatova, Kateryna; Nosok, SvitlanaThe majority of companies depend on their information systems, the stability of infrastructure operations and the failover of computing resources. Various monitoring tools are mostly used to automate the benchmarking process of company. The company that has a large distributed infrastructure should pay close attention to this process, as it makes the state of operations difficult to maintain, and increases the probability of the loss of functionality for errors or even shutdown of some servers. The one of solutions is reactive monitoring. Reactive monitoring is a technique where system administrators use monitoring tools to continuously collect data that determine the active and current status of information system environment. Measurements obtained from real-time monitoring tools illustrate the performance data of current information environment. However, if we discuss the main metrics of system resources, such as the level of processor load, RAM or disk usage, their change can be quite fast. And for servers that are responsible for critical functions, the problem of full resource usage is important. This problem can be solved with proactive monitoring. The purpose of this article is to construct the proactive monitoring model with time series forecasting hybrid method for the resources load. The final solution will be used in the management pack of software complex System Center Operations Manager (SCOM). The forecasting methods such as Least squares, SMA and EMA were considered in this work.Документ Відкритий доступ Counteracting destructive information influences based on the game approach(Igor Sikorsky Kyiv Polytechnic Institute, 2021) Tereshchenk, Ivan; Myronets, AlinaThe problem of counteracting destructive influences on the example of ensuring information security of society during the rapid structural changes in the television industry is considered. To solve this problem we propose a nonlinear model that is based on multiple-choice in the context of information counteraction. Based on the study of the election campaign, the simulation of processes affecting security was conducted. A case in which, due to certain circumstances, some TV channels that political parties engage in for the purpose of agitation stop broadcasting has been investigated. The model considered the following objects: the first group of TV channels with common interests, the second group of TV channels - antagonists of the first, the third group - TV channels whose activities are insignificant in terms of impact on the first group, but in the simulation, they are considered to belong to the second group. The dependence of the efficiency of information influence on certain parameters of the model is shown. The conditions that ensure the preservation of the coalition in the conditions of information counteraction have been identified with the help of the game approach.Документ Відкритий доступ Cryptanalysis of the «Vershyna» Digital Signature Algorithm(Igor Sikorsky Kyiv Polytechnic Institute, 2023) Lytvynenko, Yuliia; Fesenko, AndriiThe CRYSTALS-Dilithium digital signature algorithm, which was selected as the prototype of the new «Vershyna» digital signature algorithm, is analyzed in this paper. The characteristics of the National Digital Signature Standard Project and the construction of the «Vershyna» algorithm are also presented. During the analysis of the project, the predicted number of iterations that the algorithm must perform to create the correct signature was calculated. In addition, basic theoretical information about the structure of Fiat-Shamir with aborts and its security in quantum and classical models oracle models is also provided. We obtain our own results on the resistance of the «Vershyna» algorithm to the attack without the use of a message in classical and quantum oracle models. The resistance of the «Vershyna» algorithm to a key recovery attack is based on the assumption of the hardness of the MLWE problem, and the resistance to existential signature forgery is based on the assumption of the hardness of the MSIS problem. In this work, the expected level of hardness of SIS and LWE problems is calculated, to which there are reductions from MSIS and MLWE problems.Документ Відкритий доступ Cyber Security Logical and Probabilistic Model of a Critical Infrastructure Facility in the Electric Energy Industry(Igor Sikorsky Kyiv Polytechnic Institute, 2023) Alekseichuk, Lesia; Novikov, Oleksii; Rodionov, Andrii; Yakobchuk, DmytroIn the work, a cyber security logical and probabilistic model of a critical infrastructure facility in the energy sector was developed and investigated. The cyber security logical and probabilistic model describes the development of adverse events that arise in the Industrial Control System of the electrical network from the realization of possible threats from cyberspace, such as attacks on the protection system through the corporate network, connection through a modem and wireless connection. The resulting model is based on sequentially developed structural, logical and probabilistic models. The field of use of the developed model is automation systems for designing information protection systems or designing trajectories of attacks on these systems. The model was also applied to study the sensitivity of the probability of the development of adverse events to variations in the probability of realization of possible threats to the system.