Ukrainian Scientific Journal of Information Security

METHOD TO DETECT SUSPICIOUS INDIVIDUALS THROUGH MOBILE DEVICE DATA

Taras Fedynyshyn, Olha Mykhaylova, Ivan Opirskyy — Mon, 25 Dec 2023 00:00:00 +0200

In today's technologically advanced era, the ubiquitous use of smart mobile devices has become a significant aspect of daily life, thereby presenting a valuable opportunity for investigative purposes. These devices, when equipped with the right tools and subjected to thorough inspection methodologies, can yield a treasure trove of concealed information, which can be crucial in various investigative scenarios. Among these devices, the Apple iPhone stands out due to its widespread popularity and adoption across a diverse global user base. Its advanced features and user-friendly characteristics have made it a preferred choice for a wide array of individuals, ranging from students and teachers to business professionals and individuals from various other fields. This widespread usage underscores the importance of understanding the nuances of iPhone data in investigative contexts. This article delves into the intricate concept of identifying a potentially dangerous person by leveraging the data available on these smart devices. It meticulously discusses the importance of context in categorizing an individual as potentially dangerous and sheds light on the various factors that play a pivotal role in this classification process. To aid in this endeavor, the article introduces a comprehensive diagram that outlines the step-by-step procedure for assessing the potential danger posed by an individual. Furthermore, the article explores the fundamental techniques of mobile device forensics, particularly focusing on devices operating on the iOS platform. It presents the findings from practical research, offering insights into the type of data that can be extracted during a forensic investigation of these devices. A novel approach is proposed for classifying individuals as potentially dangerous based on the analysis of Bluetooth data obtained from their mobile devices. This method is elucidated through the presentation of pseudocode, which details the algorithmic steps involved in this classification process. To enhance the effectiveness of this method, the article suggests incorporating additional data sources. These include information pertaining to saved Wi-Fi networks that the device has connected to and GPS coordinates that have been logged during the operation of various system applications inherent to the iOS operating system. Finally, the article emphasizes the critical need for the practical implementation and rigorous testing of this proposed method. It underscores the importance of validating and refining the approach to ensure its effectiveness and reliability in identifying potentially dangerous individuals through the forensic analysis of mobile device data. This comprehensive approach not only broadens the scope of mobile device forensics but also contributes significantly to the field of security and investigative research.

MODERN POSSIBILITIES OF USE BLOCKCHAIN TECHNOLOGY IN THE EDUCATION SYSTEM

Ivan Opirskyy, Valeriia Balatska, Vasyl Poberezhnyk — Mon, 25 Dec 2023 00:00:00 +0200

Blockchain technology has traditionally attracted attention due to its potential to revolutionize various industries, primarily finance and supply chain management. Education is rarely talked about in this context, but there is something to transform in it, for example, certification, issuing diplomas, certificates. At the same time, blockchain in certification is not just a confirmation of knowledge and academic purity, but a new approach through the creation of a system for storing and distributing information about learning results. This article explores the potential applications of blockchain technology in the education sector, with a focus on unique use cases related to courses, payments, exams and qualifications. Smart contracts are self-sustaining contracts with predefined terms. These contracts run on the blockchain network, eliminating the need for intermediaries and providing trust, transparency and automation. In the education sector, smart contracts can streamline administrative processes, increase security, and ensure a consistent record of achievement. They empower both learners and educational institutions by providing a decentralized platform for learning, assessment and certification. The purpose of the article is to study the possibilities and prospects of using blockchain technology and smart contracts in science and education.

RRESEARCH ON CLASSIFICATION ISSUES AND SECURE DATA STORAGE

Oleg Deineka, Oleh Harasymchuk — Mon, 25 Dec 2023 00:00:00 +0200

In the modern world, the storage of large volumes of data has become an extremely relevant issue. Consumers and organizations continuously generate large amounts of information, and this trend is increasing. To ensure effective and secure storage of this data, it is important to consider the challenges and strategies used in this field. A global trend in data storage is expanding access to information. However, the risk of data loss through various factors remains very high. International information security standards recommend ways to balance confidentiality with accessibility for different types of data, which can help make informed decisions. Auditing for accuracy and reliability is also suggested by these standards. The volume of information will continue to grow, and with it, the importance of ensuring the security and transparency of its storage. Developing new strategies and technologies to achieve this will be a significant task for the data storage industry in the future.

THE METHOD OF PHASIFICATION OF INTERVALS FOR SOLVING CYBERSECURITY ASSESSMENT TASKS AT CRITICAL INFRASTRUCTURE FACILITIES

Mon, 25 Dec 2023 00:00:00 +0200

One of the new and promising approaches to solving the problem of cybersecurity assessment at critical infrastructure facilities is the use of fuzzy sets theory, for example, to assess information security risks. In practice, there are situations when the calculation of the final results is significantly affected by inconsistencies in opinions or errors of experts. Therefore, to minimize such errors, we propose methods for phasing intervals by converting them into fuzzy numbers (FNs). The method allows for the flexibility and efficiency of such a process of transforming intervals and minimizes the influence of the human factor. There are known methods for converting intervals into triangular and trapezoidal fuzzy numbers, but they do not always give an acceptable result. Therefore, a new method of fuzzification is proposed, which, by implementing procedures for determining the coefficient of convergence and forming the medians of intervals, determining the shift parameter and stretching coefficient, as well as the procedure for forming standards, allows for the flexibility of the conversion process to obtain triangular and trapezoidal FNs that reflect the values of the original intervals. The developed method can be effectively used to solve cybersecurity assessment problems at critical infrastructure facilities.

RESEARCHING VULNERABILITIES IN CHATBOTS WITH LLM (LARGE LANGUAGE MODEL)

Andriyan Piskozub, Daniil Zhuravchak, Anastasia Tolkachova — Mon, 25 Dec 2023 00:00:00 +0200

In today's world, artificial intelligence, especially in the field of large language models, is becoming increasingly important, particularly in the form of chatbots. However, along with the rapid development of this technology, the number of potential vulnerabilities is also growing. In this research article, the authors thoroughly investigate the possible vulnerabilities of such chatbots, paying special attention to security aspects, including specific functions, parameters, and interaction with external resources. In addition, the article emphasizes the shortcomings of current testing methods for these applications, which mainly focus on attack scenarios of a potential attacker without considering the full picture of possible threats. Suggestions for improving testing include detailed vulnerability scanning, systematic validation of input data, control of interaction with external resources, and formulation of constructive recommendations for addressing identified vulnerabilities. Given the approaching era of increasingly widespread use of AI, these suggestions are particularly relevant for maintaining a high level of security in chatbots that use large language models and further developing secure practices in this area.

DEVELOPMENT OF THREAT CLASSIFIER IN SOCIO-CYBER-PHYSICAL SYSTEMS

Stanislav Milevsky — Mon, 25 Dec 2023 00:00:00 +0200

The article presents a new approach to forming a classifier of threats in socio-cyber-physical systems, which, as a rule, refer to complex systems based on the synthesis of cyber-physical systems with smart technologies and social networks. In addition, such systems belong to objects of critical infrastructure, which requires a new approach to the formation of multi-contour security systems. The proposed classifier allows for the formation of an expert approach at the first stage for the formation of weighting factors for the impact of threats (anomalies, deviations from normal operation, computer incidents). On the second stage, the properties of the influence of threats on the platforms of socio-cyber-physical systems, as well as their influence on the external and internal contours of the system, are formed. And also, the influence of social engineering methods, which allows criminals to significantly increase the level of threat implementation probability, and to form several channels of threat implementation – mixed (targeted) attacks. Based on the proposed threat classification approach, a technique for assessing the actual state of the security (protection) level of socio-cyber-physical systems is proposed, as well as the ability to determine the critical points of the system infrastructure, the possibility of countermeasures, and the ability of the mechanisms of multi-loop security systems to ensure infrastructure protection.

METHOD OF ENCRYPTION BASED ON THE FUNCTIONAL FIELD OF THE HERMITIAN GROUP ENHANCED BY HOMOMORPHIC TRANSFORMATION

Yevgen Kotukh, Hennadii Khalimov — Mon, 25 Dec 2023 00:00:00 +0200

The challenge of implementing a commercial model for a powerful quantum computer is poised to compromise existing cryptographic primitives within asymmetric cryptography. Shor's quantum algorithm, capable of solving integer factorization and discrete logarithms, threatens the security of cryptosystems like RSA and ECC. Globally, national and international competitions are underway to develop new post-quantum standards for asymmetric encryption systems, digital signature schemes, and key distribution methods. A promising direction in developing cryptosystems resistant to quantum attacks involves utilizing problems that are highly complex to solve in certain groups. This article explores the method of directional encryption, enhanced by homomorphic transformation, within a cryptographic system based on an unsolved word problem. This system employs a special type of factorization known as logarithmic signatures within the Hermitian group. We substantiate that this implementation offers enhanced secrecy and demonstrate the feasibility of creating a secure cryptosystem using group computations in a small finite field. Furthermore, the application of homomorphic encryption to random coverages in a logarithmic signature provides protection against known attacks targeting logarithmic signature implementations.

DECOMPOSITION OF COMPUTER NETWORK TECHNOLOGY IN THEIR DESIGN

Volodymyr Khoroshko, Yuliia Khokhlachova, Nataliya Vyshnevska — Mon, 25 Dec 2023 00:00:00 +0200

This article discusses the issue of security and topology in computer networks, where practical methods of protecting information do not have a sufficient theoretical basis. The importance of considering the network topology in ensuring security is emphasized. The problems with system approaches to system analysis and integration, as well as the lack of effective mechanisms for assessing the quality of systems are highlighted. It is proposed to use decomposition methods to optimally design the topology of computer networks and minimize computing resources. We also note that the success of the method depends on the nature of the specific system topology and information flows. By emphasizing a discrete approach to system optimization, decomposition techniques can be useful for finding simplifications for complex systems. This article emphasizes the importance of the theoretical justification of information protection methods in computer networks. It challenges the traditional practical approach to data protection and emphasizes the non-workability of an integrated approach to network security. The influence of topology on the level of protection is analyzed in detail and the advantages of decomposition methods for solving this problem are highlighted. It is shown that the diversity of systems requires an individual approach and that the study of decomposition methods can become a step towards to effectively ensure security in complex information systems.