Ukrainian Scientific Journal of Information Security https://jrnl.nau.edu.ua/index.php/Infosecurity Ukrainian Scientific Journal of Information Security was established in 1995. National Aviation University is the founder and publisher of the journal. <br />The main aim of the journal is to highlight the results of scientific researches and the dissemination of information on all information security aspects. <br />Journal is published three times (issues) a year in Ukrainian, English &amp; Russian (mixed languages). <br />Categories of audience: students, postgraduate students, doctoral candidates, researchers &amp; experts in information security. en-US yuliiahohlachova@gmail.com (Юлія Євгенівна Хохлачова) olga_fatuch@nau.edu.ua (Fatіch Olga Anatolіїvna) Wed, 24 Apr 2024 00:00:00 +0300 OJS 3.3.0.13 http://blogs.law.harvard.edu/tech/rss 60 SAFETY OF THE CENTER'S TECHNOLOGICAL FUNCTIONS INFORMATION SECURITY FOR HIGHER INVESTMENT https://jrnl.nau.edu.ua/index.php/Infosecurity/article/view/18576 <p><em>In this article, the issue of information support (CIS) of Lviv Polytechnic National University is considered, an approach to the safe functioning of the center in cyberspace and the communication environment is developed on the basis of the creation of security systems of information and communication technologies according to the concept of "object - threat" - protection". A software implementation of information encryption based on the AES algorithm by means of Python was developed in order to ensure the safe functioning of databases in the cyberspace of the Central Intelligence Agency.</em></p> Valerii Dudykevych, Galyna Mykytyn, Zakhar Losev Copyright (c) 2024 https://jrnl.nau.edu.ua/index.php/Infosecurity/article/view/18576 Wed, 15 May 2024 00:00:00 +0300 APPLICATION OF THE INNOVATIVE APPROACH IN THE MODERNIZATION OF HIGHER EDUCATION INSTITUTIONS OF THE SECURITY SERVICE OF UKRAINE https://jrnl.nau.edu.ua/index.php/Infosecurity/article/view/18619 <p><em>The security and defense forces are the main instrument of the state for countering the armed aggression of the Rus-sian Federation and ensuring the defense of Ukraine, protecting the safety of the population and the interests of the state. Taking into account the powers assigned to the Security Service of Ukraine (SSU), in various crisis situa-tions, the domestic special service performs tasks both as part of the security forces and as part of the defense forces, which in modern conditions requires the improvement of the system of training personnel for the SSU. In the condi-tions of the modernization of the educational process in the preparation of standards for the training of specialists, taking into account the experience of training military personnel of NATO member countries, the task of determin-ing the professional competences of graduates of higher education institutions of the SSU, which will allow them to successfully perform operational and combat tasks in practical units, becomes especially appropriate. As a result of the study, the procedure for forming a state order for the training of specialists for the SSU and qualification re-quirements for a future employee was formalized. The modern possibilities of e-education in the formation of innova-tive higher education institutions are outlined. When organizing the educational activities of the SSU institution of higher education, the use of the corporate information and educational system and ways to increase the level of secu-rity of its information resources in the conditions of potential and prospective threats to cyber security are proposed.</em></p> Yevhen Melenti, Serhii Yevseiev, Olha Korol, Stanislav Milevskyi, Vladyslav Khvostenko Copyright (c) 2024 https://jrnl.nau.edu.ua/index.php/Infosecurity/article/view/18619 Wed, 15 May 2024 00:00:00 +0300 ENSURING THE INFORMATION SECURITY OF THE ORGANIZATION WHEN IMPLEMENTING THE BYOD CONCEPT https://jrnl.nau.edu.ua/index.php/Infosecurity/article/view/18574 <p><em>The BYOD concept involves the use of personal electronic devices (laptops, tablets, smartphones) by employees of the organization for official purposes. The idea of such a concept appeared in the mid-2000s, but only recently it gained popularity. The reason for this is the growing dependence of business processes on services located on the Internet, advances in mobile device production, expanding devices' capabilities and increasing productivity, as well as the development of network technologies and cloud storage. Like any concept, BYOD has its advantages and disadvantages. The positive aspects of this approach to the organization of the work process include, in particular, convenience for the user and the possibility of remote work, which allows organizations to use the working time of employees more efficiently, increase the efficiency of solving various tasks and thus achieve an increase in labor productivity. The main problem associated with the implementation of the BYOD concept is ensuring the security of the organization's information system. The more freedom employees using personal devices have to interact with an organization's network, the more potential damage they can cause to it. The article examines information security threats associated with the use of BYOD and gives recommendations on reducing their negative impact on the organization. In particular, it is suggested to use NAC to manage network access; install MDM to manage the security of mobile devices; implement DLP to protect against information leaks; use reliable passwords with regular updates to prevent unauthorized access; install organization-approved anti-virus software on employee-owned devices; perform data encryption; set restrictions on downloading and installing programs; implement a comprehensive IT policy.</em></p> Nataliia Kukharska, Andrii Lagun Copyright (c) 2024 https://jrnl.nau.edu.ua/index.php/Infosecurity/article/view/18574 Wed, 24 Apr 2024 00:00:00 +0300 SECURITY AND DATA ACCESS CONTROL MODEL IN CLOUD SERVICES BASED ON THE IDENTITY AND ACCESS MANAGEMENT MECHANISM https://jrnl.nau.edu.ua/index.php/Infosecurity/article/view/18575 <p><em>Implementation of cloud services has provided the opportunity to utilize powerful resources and ensure data storage in a secure location with fast accessibility. However, it has become a significant source of risk not only from external attackers but also from internal threats. At the same time, the rapid increase in the use of cloud services in organizations has caused an urgent need to develop an effective security model and control access to data stored in the clouds, as new vulnerabilities associated with their use appear.</em> <em>The research focuses on investigating the IAM mechanism, as well as technologies and standards widely used for data access control and monitoring of information security incidents. A security and access control model has been developed, as well as recommendations for improving the system.</em> <em>Developing a security model based on IAM allows you to set strict data access rules, limit user privileges, and provide protection against unauthorized access. Also, the model allows users to be identified, authenticated and authorized, as well as control their access to various resources and functions of the cloud service, reducing the risk of security incidents.</em></p> Andrii Partyka, Yaryna Zakharova Copyright (c) 2024 https://jrnl.nau.edu.ua/index.php/Infosecurity/article/view/18575 Wed, 15 May 2024 00:00:00 +0300 ATTACK SCENARIOS ON VIDEOHOSTING https://jrnl.nau.edu.ua/index.php/Infosecurity/article/view/18617 <p><em>The development of both the violator model and threat model is required for protection of information system from potential harmful influence. Harmful influence can be caused by accident (by its legit users) or intentionally (by violators). Each model is an abstraction and the level of detail of this abstraction is determined by a few factors. One such factor is the object of protection. The most detailed models can be designed for specific systems, more generalized models – for the system type, even more generalized – for the systems of the certain field and the most generalized models are developed without specifying the system at all. In any case attacks, that will be included into the model, are selected from a certain set. The specifics of functioning of videohosting imply processing of large videofiles and substantial amount of misuse of its functions by legit users whereas the availability of given service means that attacks will be present in a form of a sequence of actions that are only prohibited at organizational level and are not blocked by the system itself.</em></p> Oleksandr Kireienko Copyright (c) 2024 https://jrnl.nau.edu.ua/index.php/Infosecurity/article/view/18617 Wed, 15 May 2024 00:00:00 +0300 CONSTRUCTION OF A VERIFIABLE TEST SEQUENCE FOR ASSESSING THE TECHNICAL CONDITION OF OBJECTS WITH EMBEDDED SOFTWARE https://jrnl.nau.edu.ua/index.php/Infosecurity/article/view/18578 <p><em>Modern means of information exchange are mostly built as systems with. The process of functioning of such systems consists in the interaction of software and hardware components. The architecture of such systems corresponds to the Open System Interconnection Basic Reference Model (OSI), which defines certain levels in networks, gives them standard names and indicates what functions each level should perform. Violations of the functioning of such systems can be caused by random failures and defects of the hardware component, errors and failures of the software, or as a result of external influence. The complexity of assessing the technical condition (technical diagnosis) is due to the significant territorial diversity of the system elements, the variety of functional nodes and specifications of the equipment, as well as the use of dual-purpose equipment in the systems. Given the complexity of the selected object, the task of automating control is entrusted to computer-measurement systems.</em> <em>Analysis of the architecture of the selected object of control (availability of formalized - standardized levels) allows to offer solutions to technical diagnostics tasks (or physical integrity control tasks) through step-by-step (step-by-step) testing of individual levels of hardware and technical means. The presented verification technique is based on organizational measures (availability of daily monitoring of functioning) and the use of standardized sets of protocols of each level of the OSI model. At the same time, at each stage of the check, two components of the diagnostic parameter (time and energy) are registered. The availability of mathematical models of the aging processes of the hardware part and the physical data transmission environment made it possible to obtain reference values for the diagnostic parameter at any time of the operation of the control object, or to determine the change of the main parameters when modeling the behavior of the system for a certain time. The set of numerical values of both components of the diagnostic parameter allows to determine the technical condition of not only the hardware part of the control object and the correct functioning of the software part at different levels of the OSI model, but also the presence (or absence) of unauthorized influence (software or hardware) in the system.</em></p> Vasyl Kuzavkov, Viacheslav Solodovnyk, Yuliia Bolotiuk Copyright (c) 2024 https://jrnl.nau.edu.ua/index.php/Infosecurity/article/view/18578 Wed, 15 May 2024 00:00:00 +0300 PROTECTING CRITICAL RESOURCES IN CLOUD ENVIRONMENTS THROUGH SECURITY AS CODE APPROACHES: SOLVING THE PROBLEM OF MISCONFIGURATIONS https://jrnl.nau.edu.ua/index.php/Infosecurity/article/view/18579 <p><em>Cloud technologies are becoming increasingly popular among organizations as a means of ensuring scalability, flexibility, and efficiency of IT infrastructure. However, the widespread adoption of cloud solutions also opens up new challenges in the context of information security, particularly those related to improper configurations of critical resources that can lead to unexpected data leaks, service availability breaches, and other security incidents. This article addresses the issue of protecting critical resources in cloud environments, with a special focus on challenges related to improper configurations. The authors offer an effective solution to this problem by using Security as Code (SaC) approaches, which allow security requirements to be integrated directly into the development and deployment processes of cloud resources, thus implementing preventative control and ensuring a "Shift left" approach in cybersecurity. The article thoroughly analyzes typical cases of improper configurations of cloud resources and their potential impact on the security of information systems. Furthermore, based on current research and practical experience, the authors illuminate how the application of SaC can help automate the process of detecting and remedying such vulnerabilities at early stages of the development lifecycle. Particular attention is given to the tools and technologies that can be used for implementing SaC. The article calls for further research in the use of SaC to ensure the security of cloud environments and proposes directions for future developments in this area, including the automation of configuration error detection, the development of universal security policies, and the creation of standards for integrating security into the software development process. To support the research, a broad analysis of literature and articles providing information about methodologies like DevOps, DevSecOps, Shift-left, which serve as the foundation for the Security as Code approach, was conducted.</em></p> Ivan Opirskyy, Oleksandr Vakhula Copyright (c) 2024 https://jrnl.nau.edu.ua/index.php/Infosecurity/article/view/18579 Wed, 15 May 2024 00:00:00 +0300 DEVELOPMENT OF ALGORITHMS FOR OPTIMAL RECEPTION OF SIGNALS WITH HIGH MULTIPLE PHASE DISTRIBUTION MODULATION https://jrnl.nau.edu.ua/index.php/Infosecurity/article/view/18602 <p><em>The Considered incoherent demodulators of signals, which are invariant, that is, completely insensitive to the initial phase of the signal.</em> <em>It is shown that with absolute phase modulation, signal reception is possible only with a precisely known initial phase, which extremely limits the scope of practical use of absolute phase modulation. With phase-difference modulation of PDM-1, it becomes possible to receive phase-modulated signals with an undefined initial phase. With PDM-2, the possibility of receiving phase-modulated signals with an undefined carrier oscillation frequency is added to this.</em> <em>It is noted that signals from PDM-2, as well as signals from PDM-1, can be received using algorithms of coherent, optimal incoherent and autocorrelation reception. In the case of coherent and optimal incoherent methods, the property of invariance to frequency is not realized, since these reception methods reach their potential only with a precisely known frequency of the carrier oscillation, and when the frequency of the signal deviates from the frequency of the reference oscillations, the demodulators quickly lose their performance.</em> <em>When studying signals with phase-difference modulation and methods of receiving these signals, we are not talking about the positionality of the system (not about the multiplicity of modulation), determined by the number of discrete values or the signal of its information parameter in the communication channel, but about the order of phase differences, which are used as an information parameter.</em> <em>The article introduces the concept of the order of signal phase difference. It is shown that the transition to PDM-2 makes it possible to achieve complete insensitivity not only to an arbitrary initial phase, but also to arbitrary frequency shifts.</em> <em>The principles of construction of multi-position phase-modulated signals and signals with combined modulation methods are considered. General algorithms for the formation and processing of signals with phase-difference modulation with corresponding structural schemes have been developed.</em></p> Larisa Dakova, Serhii Dakov, Nazarii Blazhennyi Copyright (c) 2024 https://jrnl.nau.edu.ua/index.php/Infosecurity/article/view/18602 Wed, 15 May 2024 00:00:00 +0300 METHODS OF INFORMATION SECURITY RISK MANAGEMENT: ISO/IEC 27001 AND CIS CRITICAL SECURITY CONTROLS https://jrnl.nau.edu.ua/index.php/Infosecurity/article/view/18620 <p><em>Information security risk management methods based on two key standards, namely CIS Critical Security Controls and ISO/IEC 27001, are an essential part of a modern approach to ensuring the security of information systems. The analysis and study of these standards in the context of minimizing information security risks are crucial stages in the digital environment.</em> <em>During the writing of the article, a theoretical method was used, specifically the analysis of scientific research and publications related to risk management. The use of this methodological approach allowed a comparative analysis of ISO/IEC 27001 and CIS Critical Security Controls.</em> <em>CIS Critical Security Controls define 18 key control measures for the effective protection of information resources, covering aspects such as monitoring, protection against cyber threats, authentication and other security aspects. ISO/IEC 27001 provides a high-level framework for risk management, establishing security policies and audit procedures. CIS Security Controls, on the other hand, focus on specific actions and control points to ensure security. The pros and cons of both standards are analyzed, demonstrating their applicability in different contexts and in the face of modern information security threats.</em> <em>The use of these standards enables effective risk management under the conditions of modern threats and ensures the reliability of information systems. Their widespread use in commercial enterprises and government institutions demonstrates their universality.</em> <em>This article examines the pros and cons of both approaches. In the context of the increasing number of cyber threats and the importance of information security, both standards prove to be valuable tools, but have their limitations.</em></p> Serhii Horlichenko Copyright (c) 2024 https://jrnl.nau.edu.ua/index.php/Infosecurity/article/view/18620 Wed, 15 May 2024 00:00:00 +0300 SOCIOCYBERPHYSICAL SYSTEM WIRELESS AIR NETWORK TOPOLOGY SYNTHESIS MODEL https://jrnl.nau.edu.ua/index.php/Infosecurity/article/view/18603 <p><em>The subject of study is the process of building a Cyber-Physical System mobile communication network. The goal is to develop recommendations for the construction of a CPS mobile communication network – a system that works effectively in a complex interfering electromagnetic environment. The development is based on the technology of ultra-broadband signals that circulate in control and communication channels with the integration of elements of artificial intelligence into its structure. The task is to ensure stable and safe operation of the CPS wireless mobile communication network. Techniques used: Analytical, Time-Position-Pulse Coding, and Fuzzy Logic Inference techniques for network handover decision making. The following results were obtained. Recommendations for building a wireless mobile communication system have been developed. It is shown that in order to obtain high interference resistance of control and communication channels and to protect information from interception, ultra-broadband communication technology should be used, which allows providing large volumes and speeds of information transmission. Moreover, it is recommended to use the results of data processing in a fuzzy decision-making system during service transfer between mobile network nodes in conditions of interference. Conclusions. The use of channels with an ultra-wide frequency band makes it possible to practically increase the number of control and communication channels in a wireless mobile CPS. Pre-distribution between channels of orthogonal codes realizes the process of control and communication without interception of information and mutual interference. Thus, the use of the method of temporal position-pulse coding prevents the occurrence of intersymbol distortions of encoding ultra-short pulses. At the same time, the level of distortion of information signals, which is caused by its multipath propagation, also decreases, which guarantees the security of information in the system. The use of a fuzzy system during decision-making in the case of service handover between mobile network nodes makes it possible to dynamically change the topology of the CPS network in real time and maintain high quality of service. </em></p> Serhii Yevseiev, Nataliia Dzheniuk, Stanislav Milevskyi, Natalya Voropay, Roman Korolov Copyright (c) 2024 https://jrnl.nau.edu.ua/index.php/Infosecurity/article/view/18603 Wed, 15 May 2024 00:00:00 +0300 CYBERSECURITY CHALLENGES AND SOLUTIONS FOR CRITICAL INFRASTRUCTURE PROTECTION https://jrnl.nau.edu.ua/index.php/Infosecurity/article/view/18604 <p><em>Critical infrastructure can be vulnerable to attack from natural disasters or malicious actors such as hackers or terrorists. If these threats are not addressed quickly, they can lead to significant disruption in service delivery or even complete shutdowns which could have devastating consequences for those relying on them for their day-to-day activities. Therefore, it is important that governments take steps towards protecting critical infrastructure from potential threats by implementing comprehensive security measures both online and offline. Based on a comprehensive analysis of current issues, a decision has been made to ensure the cyber protection of critical infrastructure objects infrastructure. An analysis of cyber threats was carried out in relation to the dynamics of historical retrospective in sectors of critical infrastructure objects. As more and more systems become connected to the internet and vulnerable to cyber-attacks, it is important for organizations to invest in robust cybersecurity defenses to protect their systems from malicious actors. By taking these measures, organizations can help protect their systems from cyber-attacks and ensure the safety of the public. Formulates a model of threats from spills of critical infrastructure objects to cyber-attacks with a breakdown of threats by type. A triad of main actions and approaches for protecting critical infrastructure has been seen. Existing problems in implementing countermeasures and major threats posed to cyberspace actors have been identified. Key factors have been identified to break the cycle of cyber-attacks on critical infrastructure. Based on a comprehensive analysis and formulated concepts, a comprehensive approach to the protection of critical infrastructure objects is proposed in accordance with the management of global trends in the development of threats, threat models, and vulnerabilities of the protection system, a triad of actions and approaches to breaking cycles of cyber-attacks on critical infrastructure.</em></p> Andrii Tkachov, Roman Korolov, Irada Rahimova, Iryna Aksonova, Yelyzaveta Sevriukova Copyright (c) 2024 https://jrnl.nau.edu.ua/index.php/Infosecurity/article/view/18604 Wed, 15 May 2024 00:00:00 +0300 THE PSYCHOLOGICAL INFLUENCE OF ARTIFICIAL ELECTRONIC ACCOUNTS (BOTS) ON SOCIAL NETWORK AGENTS IN THE INTERESTS OF INFORMATION OPERATIONS https://jrnl.nau.edu.ua/index.php/Infosecurity/article/view/18605 <p><em>In the conditions of the information war waged by Russia against Ukraine, artificial electronic accounts (bots) are actively used in social networks to exert psychological influence during information operations. Taking into account the experience of repelling the large-scale armed aggression of the Russian Federation against Ukraine, we can conclude that the psychological impact of bots on real agents of social networks requires detailed research. This article examines the psychological impact of artificial electronic accounts (bots) supplemented by neural networks on agents of social networks using information technologies in the context of conducting information operations. In modern conditions, social networks are used for direct and indirect psychological influence on the consciousness, subconsciousness and emotional state of the enemy's target audience. With the development of modern technologies, agents of social networks systematically, using neural networks, create posts, stories, online broadcasts, distribute video and audio materials. The research aims to determine the peculiarity of psychological influence with the help of bots on the formation of opinions of real agents of social networks. The work considers the use of bots for the distribution of manipulative, special information, as well as the formation of an echo chamber and filtered information. Peculiarities of using neural network tools and natural language processing techniques by bots for psychological influence during information operations. To study the peculiarities and regularities of the psychological influence of bots on the structure and dynamics of changes in the behavior of real agents of social networks, it is necessary to conduct an analysis of mathematical models of random graphs and information transmission. Taking into account the results of the analysis, a classification of the consequences of psychological influence on agents of social networks was carried out in the form of a scheme, which is shown in the figure.</em></p> Serhii Bazarnyi, Nataliia Mykytiuk, Oleksandr Ternovyi Copyright (c) 2024 https://jrnl.nau.edu.ua/index.php/Infosecurity/article/view/18605 Wed, 15 May 2024 00:00:00 +0300 NIST CSF 2.0: NEW CYBERSECURITY FRAMEWORK FROM THE NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY OF THE UNITED STATES https://jrnl.nau.edu.ua/index.php/Infosecurity/article/view/18606 <p><em>This article provides an in-depth analysis of the Cybersecurity Framework version 2.0, introduced by the National Institute of Standards and Technology (NIST) in early 2024. CSF 2.0 is designed to facilitate effective management and mitigation of cybersecurity risks for diverse organizations, regardless of their size and industry. The article explores key components of the framework, such as the Core (CSF Core), Organizational Profiles (CSF Organizational Profiles), Security Tiers (CSF Tiers), and provides insights into their utilization for enhancing organizational cybersecurity practices. Emphasis is placed on the flexibility of the framework, allowing organizations to adapt their approaches to cybersecurity management according to their unique risks and needs. CSF 2.0 is considered a crucial tool aimed at promoting cybersecurity improvement across all organizational levels, irrespective of their technical maturity. The article also offers a comprehensive overview of the potential uses of CSF resources for enhancing cybersecurity practices and underscores the importance of continuously refining cybersecurity management strategies to effectively counter growing cyber threats. </em></p> Artem Zhylin, Vladyslav Beliavsky, Oleksandr Bakalynsky Copyright (c) 2024 https://jrnl.nau.edu.ua/index.php/Infosecurity/article/view/18606 Wed, 15 May 2024 00:00:00 +0300 PROVISION OF INFORMATION SECURITY IN CYBERSPACE https://jrnl.nau.edu.ua/index.php/Infosecurity/article/view/18607 <p><em>On the basis of the analysis of the problem of ensuring information security in cyberspace, the sources of cyber threats have been determined, which can be international criminal groups of hackers, individual criminals trained in the field of information technologies, foreign state bodies, terrorists and extremist groups, transnational corporations and financial and industrial groups. It was concluded that ensuring cyber security requires a coordinated, comprehensive approach led by the state, but in close cooperation with the private sector and civil society, without which it is impossible to solve this issue. It has been established that the choice of methods for analyzing the state of ensuring information security depends on the specific level and scope of the organization of protection. Depending on the threats, the task of differentiating both different levels and types of threats and different levels and types of protection becomes possible. However, threat and danger are attribute components of the cyber security system, therefore, their existence and implementation, as well as negative consequences, are natural components of the information security system. It is threats and danger that make it possible to see the shortcomings in the cyber security management system, and at the same time serve as an impetus for improvement, that is, for development. Therefore, an important method of ensuring information security is the development method.</em></p> Volodymyr Khoroshko, Mykhailo Shelest, Yuliia Tkach, Ihor Diuba Copyright (c) 2024 https://jrnl.nau.edu.ua/index.php/Infosecurity/article/view/18607 Wed, 15 May 2024 00:00:00 +0300 TEST CONFIGURATION OF THE OBJECT OF INFORMATION ACTIVITY FOR PRACTICING SKILLS IN FINDING TECHNICAL CHANNELS OF INFORMATION LEAKAGE https://jrnl.nau.edu.ua/index.php/Infosecurity/article/view/18608 <p><em>The research topic is of utmost relevance due to the rapid development of digital technologies and the increase in threats to data privacy. The growing number of cybercrimes and the proliferation of large amounts of information highlight the need to train future cybersecurity professionals to identify technical channels of information leakage (TKVI). In the context of dynamic cyberspace, where attackers are constantly improving technical methods of attack, the problem statement lies in the need for future specialists to be ready to detect and effectively counteract TKVI. Their skills become key to maintaining the confidentiality, integrity, and availability of information in the digital environment. The analysis of recent studies indicates the importance of considering devices for searching channels of information leakage and complexes of technical protection of information.</em></p> Michael Shelest, Taras Petrenko, Serhii Semendyay, Vladyslad Norokha Copyright (c) 2024 https://jrnl.nau.edu.ua/index.php/Infosecurity/article/view/18608 Wed, 15 May 2024 00:00:00 +0300 ENHANCING THE LEVEL OF PROTECTION AND VIABILITY OF UNMANNED AVIATION DEVICES https://jrnl.nau.edu.ua/index.php/Infosecurity/article/view/18609 <p><em>With the modern development of information technology, remote control devices are becoming increasingly widespread. Their proliferation is primarily due to their main advantage - the ability to conduct observations or perform certain operations in places that are dangerous or completely unsuitable for human presence. One such application is the use of unmanned devices during military operations, which allows the operator to be in relative safety. Such use of unmanned systems, in turn, encourages the creation and development of methods to counter these systems, disabling communication and control channels, or detecting and locating the operator’s location. For this, there is a wide range of electronic intelligence tools, electronic warfare, direction finding stations, etc. The object of this study is the task of increasing the level of protection of unmanned devices and complexes against enemy electronic warfare means and the task of restoring communication and functionality of the device in case of failures in its operation due to accidental obstacles or actions of the attacker. The article contains a brief overview of modern methods and means used to ensure the protection of radio transmissions and analyzes the possibility of their application in small unmanned aviation systems, which are now most used by the military at the current stage of confrontation with the enemy. Based on this, a method of implementing communication protection measures to restore the functionality of the unmanned device was proposed, the principle of its operation is described. The main relevant problem underlying the study is the insufficient protection of communication and navigation systems in civilian solutions and electronic devices that are now actively used to build unmanned vehicles used in military and reconnaissance operations. The obtained results will allow to increase the protection of unmanned systems by applying frequency retuning means to improve the stability and reliability of communication in UAV control systems.</em></p> Roman Kuten, Alina Akhmedova Copyright (c) 2024 https://jrnl.nau.edu.ua/index.php/Infosecurity/article/view/18609 Wed, 15 May 2024 00:00:00 +0300 ASSESSMENT SYSTEM FOR ENHANCING CYBERSECURITY POSTURE OF CRITICAL INFRASTRUCTURE INSPECTION OBJECTS OF THE STATE https://jrnl.nau.edu.ua/index.php/Infosecurity/article/view/18610 <p><em>In the modern digital world, where a significant portion of our daily activities takes place online, cybersecurity becomes an integral component of national security for every state. Particularly crucial is the protection of critical infrastructure, which ensures the functioning of the economy, communications, and society as a whole. Consequently, the development and implementation of a system for assessing the improvement of cybersecurity posture for critical infrastructure inspection objects become an extremely pressing task for governments and organizations. The proposed structural model of the system for assessing the enhancement of cybersecurity posture for critical infrastructure inspection objects of a state, which utilizes a database of cybersecurity measures, rules and standards, as well as modules for generating current values, phase formation, and formation of LV, formation of inspection characteristics, and proximity parameters, will enable the evaluation of the improvement in the level of cybersecurity posture of critical infrastructure objects in a loosely formalized fuzzy environment. In this context, its implementation becomes a critically important step in ensuring the security of the state's critical infrastructure in the face of constantly increasing cyber threats. It contributes to enhancing readiness and resilience to potential cyber-attacks, which is an indispensable component of national security strategy.</em></p> Oleksandr Korchenko, Eugenia Ivanchenko Copyright (c) 2024 https://jrnl.nau.edu.ua/index.php/Infosecurity/article/view/18610 Wed, 15 May 2024 00:00:00 +0300 BUILDING A COMPREHENSIVE MULTI-LEVEL SECURITY MODEL FOR THE CYBER-PHYSICAL INTELLIGENT TRANSPORT SYSTEM https://jrnl.nau.edu.ua/index.php/Infosecurity/article/view/18611 <p><em>The generalized architecture of the Intelligent Transport System (ITS) based on a multi-level cyber-physical system (CPS) has been considered: physical space sensors, wireless communication technologies, automated information processing system (AIPS) of the cyber space. A comprehensive security model for ITS in the "multi-level CPS - multi-level security" space is proposed. Comprehensive security systems (CSS) have been built: for the physical and cyber spaces of the cyber-physical ITS based on the STRIDE threat model at the external level; for the communication environment based on the OSI network model at the internal level. A software implementation of symmetric block message encryption based on the "Kalina" algorithm has been developed using the C# programming language in the communication environment of the ITS.</em></p> Valerii Dudykevych, Galyna Mykytyn, Dmytro Sydoryk Copyright (c) 2024 https://jrnl.nau.edu.ua/index.php/Infosecurity/article/view/18611 Wed, 15 May 2024 00:00:00 +0300 METHODOLOGICAL APPROACHES TO THE RESEARCH OF THE PROBLEMS OF IMPLEMENTING STRATEGIC COMMUNICATIONS OF THE MINISTRY OF DEFENSE AND ARMED FORCES OF UKRAINE USING SOCIAL NETWORKS https://jrnl.nau.edu.ua/index.php/Infosecurity/article/view/18612 <p><em>Ensuring national stability largely depends on the developed and effectively implemented strategic communications system of the Ministry of Defense and the Armed Forces of Ukraine. This system, being of a national scale, plays a key role in maintaining national security at all levels — from the national to the individual. The basis of its effectiveness is extensive interdepartmental interaction and cooperation, as well as the active use of social networks as a tool for achieving strategic goals. The article focuses on the study of methodological approaches to the study of strategic communications of the Ministry of Defense and the Armed Forces of Ukraine through the use of social networks. The purpose of the article is to research the methods and means of building a system of strategic communications of the Ministry of Defense and the Armed Forces of Ukraine using social networks. Using complex methodological approaches, including content analysis, cluster analysis (taxonomy) and assessment of the impact of information campaigns on public opinion, criteria and indicators of the effectiveness of social media use are determined. The results of the study include the development of a methodology for evaluating strategic communications, the identification of effective communication strategies in social networks, and proposals for optimizing interaction with target audiences. Special attention is paid to the application of cluster analysis (taxonomy) to evaluate the data of hostile content in social networks, which is a novelty in the field of strategic communications research. This method allows not only to detect and analyze hostile information campaigns, but also to develop effective countermeasures. The theoretical and practical significance of the research lies in the in-depth understanding of the mechanisms of influence of strategic communications through social networks and the development of methodological recommendations to ensure information security. The conclusions of the article can be used to improve the strategic communications of the Ministry of Defense and the Armed Forces of Ukraine, with the aim of effectively resisting information threats and influencing public opinion in the conditions of the modern information space.</em></p> Oleksandr Voytko, Kyrylo Petrenko, Roman Pylypenko, Tetyana Voytko Copyright (c) 2024 https://jrnl.nau.edu.ua/index.php/Infosecurity/article/view/18612 Wed, 15 May 2024 00:00:00 +0300 METHODS OF CHOOSING A RANDOM NUMBER GENERATOR FOR MODELING STOCHASTIC PROCESSES https://jrnl.nau.edu.ua/index.php/Infosecurity/article/view/18613 <p><em>Modern computer modeling is an important stage in the design of control systems for the distribution of information flows in computer networks and in modern control systems for complex technological processes. The core of any computer model is a source of randomness, which should generate a uniformly distributed stream of random integers or real numbers. In addition to the uniformity of distribution, such a source must meet the requirements of economic use of computing system resources. An analysis of simple arithmetic generators is given and, based on it, it is shown that generators such as the Fibonacci sequence generator with a delay and the Xorshift generator proposed by J. Marsaglia are suitable as a generator for the needs of modeling stochastic processes, which are an alternative to the random number generators built into existing programming environment. On the basis of the conducted research, it was concluded that any unevenness of the numbers at the output of the generator chosen as a source of randomness significantly affects the quality of the process to be modeled, and because of this, the numerical flows from such generators should be additionally processed by methods extraction of that part of them that provides maximum randomness. The method of performing such extraction by "slicing" the input stream, the criteria used in this, and the results of its experimental research for the Xorshift128 generator are presented. A conclusion is made about the advantages of using simple and economical generators in a heap with post-processing procedures performed at the level of integers or real numbers. The results of the evaluation of the Xorshift generator, taking into account the methods described in the work, are given, and a conclusion is made about the feasibility of its use for the needs of modeling stochastic processes.</em></p> Yurii Shcherbina, Nadiia Kazakova, Oleksii Fraze-Frazenko, Oleh Domaskin Copyright (c) 2024 https://jrnl.nau.edu.ua/index.php/Infosecurity/article/view/18613 Wed, 15 May 2024 00:00:00 +0300 RATIONALE FOR IMPROVING AUTHENTICATION PROTOCOLS IN THE CONDITIONS OF POST-QUANTUM CRYPTOGRAPHY https://jrnl.nau.edu.ua/index.php/Infosecurity/article/view/18614 <p><em>The paper studies the relevance of the issues of encrypting confidential data for their transmission over unsecured channels of information and communication networks. An analysis of encrypted information exchange on the Internet based on the Google service was carried out in terms of the volume of encrypted web traffic. It is concluded that the difference in traffic volumes between countries is due to the popularity of the types of devices used, the geographic access infrastructure, as well as the availability of software that provides modern types of encryptions. The role of the HTTPS protocol in ensuring the security of working with resources on the Internet is substantiated. The NIST security requirements for modern information and communication systems in the post-quantum period are analyzed. It is determined that within a short period of time the power of computing devices increases exponentially, which entails an increase in the implementation of both already known and new attacks on cryptographic algorithms that ensure the strength of security services in networks. Based on the results of this study, the results of a comparative analysis of the complexity of classical and quantum algorithms were demonstrated. The classification of special attacks was considered according to the signs of influence on computing processes, according to access to systems and means, as well as according to the specifics of the attacks themselves. Solutions submitted for participation in the NIST competition for the definition of security standards through electronic digital signature mechanisms, encryption algorithms and key encapsulation are analyzed. The results of the analysis are presented in the form of a scheme of security and stability of the proposed protocols and algorithms. It is recommended to use TLS protocols to ensure the integrity and authenticity of users when establishing communication sessions with websites. A scheme of the process of authenticated encryption and authentication of an encrypted message transmitted over a TLS connection has been developed. A process scheme has been developed for authentication encryption and decryption of information when establishing a communication session in TLS protocols. A comparative analysis of the characteristics of the TLS 1.3 and TLS 1.2 protocols was carried out. </em></p> Alla Gavrilova, Iryna Aksonova, Yuliia Khokhlachova, Tetiana Milevska, Sergii Dunaiev Copyright (c) 2024 https://jrnl.nau.edu.ua/index.php/Infosecurity/article/view/18614 Wed, 15 May 2024 00:00:00 +0300 SYSTEMATIZATION OF SIGNS OF UNAUTHORIZED ACCESS TO CORPORATE INFORMATION BASED ON APPLICATION OF CRYPTOGRAPHIC PROTECTION METHODS https://jrnl.nau.edu.ua/index.php/Infosecurity/article/view/18615 <p><em>Recently, an increase in incidents of unauthorized access to corporate information has been detected. The article considers an approach aimed at solving the issue of developing a method whose main purpose is to propose a scheme for protecting corporate information from any unauthorized access using a cryptographic algorithm. The reliability of the algorithm is achieved by combining a cryptographic algorithm with a secret key. The implementation of a binary template as a secret key, which is integrated into the process of generating a hash value using the MD5 hashing algorithm, is characterized by a relatively high degree of stability and reliability. The subsequent comparison of the obtained hash value with the stored one is carried out in order to effectively manage access to corporate information. The use of a hidden key in the hashing algorithm means that the data is used as an additional input to a one-way function that hashes the password. Thus, the method of the chosen cryptographic scheme demonstrates effectiveness in ensuring the confidentiality, integrity and availability of corporate information.</em></p> Olena Kryvoruchko, Yuliia Kostiuk, Alyona Desyatko Copyright (c) 2024 https://jrnl.nau.edu.ua/index.php/Infosecurity/article/view/18615 Wed, 15 May 2024 00:00:00 +0300 SSL/TLS PROTOCOL ON POST-QUANTUM ALGORITHMS https://jrnl.nau.edu.ua/index.php/Infosecurity/article/view/18616 <p><em>The development of mobile technologies and their integration with Internet of Things and smart technologies form both cyber-physical and socio-cyber-physical systems. In such systems, as a rule, wireless communication channels are used, in which SSL/TLS protocols are used to provide security services (confidentiality, integrity and authenticity). However, this protocol is not only vulnerable to "Meeting in the Middle", POODLE, BEAST, CRIME, BREACH attacks, but with the advent of a full-scale quantum computer, it can be broken. The article proposes a protocol based on quantum algorithms – crypto-code constructions, which will ensure not only resistance to current attacks, but also stability in the post-quantum period. To ensure the "hybridity" of services, it is proposed to use McEliece and Niederreiter crypto-code constructions and the improved UMAC algorithm based on McEliece crypto-code design. The use of crypto-code constructions provides not only resistance to attacks, but also simplifies the formation of a connection – the parameters of elliptic curves are used for the transmission of the common key. This approach significantly reduces the time of connecting mobile gadgets and simplifies the procedure of agreement before data transfer. </em></p> Stanislav Milevskyi, Natalya Voropay, Olha Korol, Serhii Yevseiev, Iryna Aksonova Copyright (c) 2024 https://jrnl.nau.edu.ua/index.php/Infosecurity/article/view/18616 Wed, 15 May 2024 00:00:00 +0300 STRATEGIES AND INNOVATIVE APPROACHES TO DATABASE PROTECTION IN THE AGE OF GROWING CYBER THREATS https://jrnl.nau.edu.ua/index.php/Infosecurity/article/view/18618 <p><em>In today's digital environment, where databases play a critical role in storing and processing important information for various spheres of human activity, protection against cyber threats becomes an extremely urgent task. This accordingly places new demands and responsibilities on organizations. Modern technologies not only facilitate access to data, but also threaten its confidentiality and integrity. The rapid and ever-growing challenges of cyber security require the development of effective strategies and innovative approaches to database protection that ensure the reliability and resilience of databases in the face of ever-increasing cyber-attacks and security breaches.</em> <em>The work deals in detail with the organization of effective protection of information stored in databases. The main methods of information protection in databases are analyzed, in particular data encryption, mechanisms of authentication, access control and monitoring of user activity. Their advantages and disadvantages are defined, as well as the possible consequences for data in case of non-compliance with these protection methods. The article highlights the importance of constant monitoring and analysis of user activity for timely detection and response to possible data security threats in the database system. The importance of a comprehensive approach to protection, which takes into account the specifics of a specific organization and allows to ensure an effective level of data security, is emphasized.</em></p> Oleh Harasymchuk, Oksana Buzhovych Copyright (c) 2024 https://jrnl.nau.edu.ua/index.php/Infosecurity/article/view/18618 Wed, 15 May 2024 00:00:00 +0300