Ukrainian Information Security Research Journal

THE PROBLEM OF ENSURING THE SECURITY OF PROFESSIONAL RADIO COMMUNICATION SYSTEMS IN CRITICAL INFRASTRUCTURES

2024-07-13T22:26:09+03:00

This paper reviews the existing and expected scenarios of unauthorized impacts on communication systems in critical information structures. It has been established that the area of increased risk of such impacts is focused on the interfaces between external devices and the SoC chip. Examples are given of grouping a large number of sub-scriber terminals operating under a single program of unauthorized influences, and the level of penetration can be increased many times over. It is noted that such possibilities become more realistic with the introduction of 5G generation systems that provide for M2M operation. The purpose of this review is to determine an approach to modeling the processes of protecting information from leakage through radio channels of communication systems and to develop engineering and technical measures for the design and implementation of appropriate information security systems.

MATHEMATICAL APPARATUS FOR FINDING THE OPTIMAL CONFIGURATION OF A SECURED COMMUNICATION NETWORK WITH A GIVEN NUMBER OF SUBSCRIBERS

2024-07-16T00:35:23+03:00

Information flows in the world are growing very quickly. The exchange of information is growing rapidly. In connection with this fact, the existing mathematical apparatus and its practical application are constantly developing. The scientific-mathematical apparatus is aimed at finding the optimal configuration of the information communication network, solving the problem of building protected channels for the transmission of a large amount of data. A scientific task arises to develop a new and improve the existing mathematical apparatus for finding the optimal configuration of a protected communication network with a given number of subscribers. This scientific work is dedicated to the solution of this urgent task. The paper formulated and proved four Lemmas. The Lemma's formulation made it possible to prove two new theorems that allow solving the task of finding the optimal configuration of a protected communication network with a given number of subscribers. Solutions to both partial and general tasks of the process of optimization and protection of transmission channels of a large amount of data are provided. Thus, the paper proposes a solution to the scientific task of finding the optimal configuration of a protected communication network with a given number of subscribers. The direction of further research may be the development of a software implementation of the given mathematical apparatus.

STUDY OF THE RELATIONSHIP BETWEEN SEMANTIC PARAMETERS FOR THE FIELD OF SECURITY OF ACCESS SYSTEMS

2024-07-16T00:58:58+03:00

Access control systems attract attention due to the priority of contact with the information system and the criticality of failures in its operation. Therefore, it is an important typical subsystem of any information system. The developer of a new information system is always faced with the dilemma of either developing this subsystem from scratch or adapting a ready-made solution. As far as the cost and copyright aspects are excluded, the technical feasibility and complexity of such adaptation is critical to resolving the dilemma. This article explores the potential application of a typical access differentiation subsystem in various subject areas, with an emphasis on the uniqueness of the scope and the definition of the requirements and constraints that arise during the adaptation procedure. It was intuitively understood that the proximity of the subject areas of information systems affects the effectiveness of adaptation, but for a preliminary assessment of the feasibility of its use, a methodology is needed that allows obtaining a qualitative or quantitative result. A possible approach is semantic analysis and expendation based on various mathematical methods, including fuzzy ones. The aim of the article is to study the possibilities and prospects of using the technology of adaptation of access differentiation systems in the expansion of the subject area. The methods make it possible to create more flexible means of evaluation based on semantic analysis. The use of methods allows you to obtain results, both in quantitative and qualitative form.

METHOD OF DETECTING FALSE INFORMATION BASED ON EXPERT ASSESSMENT

2024-07-16T02:03:13+03:00

The article improves the method of detecting false information based on the method of expert evaluation. Expert methods are used to determine the nomenclature of quality indicators, their weighting coefficients, to measure quality indicators and evaluate them by the organoleptic method. The assessment of quality indicators by measuring, registration, and calculation methods is used to determine complex quality indicators at different levels of the hierarchy. Expert methods are based on making heuristic decisions based on the knowledge and experience accumulated by experts in a specific field in the past. The collective method of expert evaluations was chosen as the basic method for improvement. Because it has undoubted advantages compared to methods based on the usual statistical processing of the results of individual surveys. In contrast to the existing approach, the improved method allows for the selection of experts in a group, and not for correcting the answers of experts in order to obtain the required result. The peculiarity of the proposed method is that the selection of experts is done by averaging the scores. Averaging scores for each expert. Self-assessments of the expert and assessments of the same expert by the working group. This makes it possible to significantly reduce the error of the expert's real assessment. The ability to set a confidence interval for the assessment of false information will allow to obtain results that satisfy the task of detecting false information with appropriate accuracy. But this leads to solving the task of optimizing the evaluation criteria and the time to solve the set task. The scientific novelty consists in substantiating and evaluating the comparative importance of factors that limit the appointment of each individual expert to identify false information using the group expert evaluation method. The direction of further research is the task of optimizing evaluation criteria.

ARITHMETIC OF ASYMMETRIC CRYPTOSYSTEMS IN THE FIELD OF COMPLEX NUMBERS

2024-07-16T04:06:45+03:00

At the current stage of information technology development, there is a need to improve existing and develop new methods and means of increasing the productivity of asymmetric crypto-algorithms. The article develops the theoretical foundations of modular calculations and asymmetric cryptography in the complex numerical domain. The method of determining the complex and real residues based on the complex module is considered. Euclid's algorithm and its consequence for finding an inverse element in a complex numerical domain are considered. A comparison of the complexity of Euclid's algorithm for finding the inverse of the element when finding the smallest positive and absolutely smallest residues was made. An analogue of Euler's function in the complex numerical domain was searched and this function was used to find the inverse of a complex number. The restoration of a complex number using the Chinese remainder theorem is demonstrated. The considered modular calculations in the field of complex numbers can be used in the construction of new approaches to asymmetric encryption.

DEVELOPMENT OF A MODEL FOR THE PROTECTION OF PERSONAL DATA IN SOCIAL NETWORKS

2024-07-16T03:22:48+03:00

Tens of millions of people around the world become victims of identity theft every year. Netizens lose huge amounts of money due to fraudsters who use their data in an illegal way, and absolutely anyone can become a victim. Identity theft is any crime in which an attacker obtains another person's data and uses the victim's identity to commit fraud. According to research, data theft caused $16 billion in losses to 15.4 million consumers in the United States in 2020. In the same year, the British fraud prevention organization Cifas recorded almost 173,000 cases of identity fraud in the UK. This is the largest number of fraud cases in the last 13 years. Therefore, the problem of developing and researching mathematical models of personal data protection is very relevant. The work is devoted to solving the task of developing a model and researching the stability of the personal information protection system. Monitoring the behavior of the dynamic information protection system is an important direction. The paper analyzed the behavior of the information protection system using the methods of the qualitative theory of differential equations, in particular the phase plane method. With the help of this method, the characteristics of special points, isolated closed trajectories and separatrices are found, which in turn allows to evaluate the dynamics of the studied nonlinear dynamic system in a wide range of possible initial conditions. The phase plane illustrates the full variety of possible states of the system, and describes the picture of its dynamics. The paper presents simulation results that prove the adequacy of the developed model. It is confirmed that the developed model of personal data protection is stable, taking into account the attack termination time and the assigned modeling parameters. Using the phase plane method is a new method for researching the stability of the information protection model.

METHODOLOGICAL APPROACH FOR ASSESSING THE CYBER RESILIENCE OF INFORMATION AND TELECOMMUNICATION SYSTEMS OF CRITICAL INFRASTRUCTURE OBJECTS UNDER NATIONAL SECURITY THREATS

2024-07-16T04:24:21+03:00

Since the onset of Russia's full-scale invasion in February 2022, we have witnessed several innovations in warfare, where unmanned systems in the air, on land, and at sea have transformed approaches to reconnaissance and tactical and operational combat operations. However, the Russo-Ukrainian war has not evolved into a sci-fi battle between automated robotic systems. Nevertheless, information technologies have transformed the nature of war and continue to do so. Military doctrines and combat rules, previously developed, need to be updated to address current and future challenges. The integration of information technologies with armed conflict has not only changed the arsenal of available weapons but also blurred the lines between the physical and cyber domains. Traditional military arsenals, once dominated by tanks, aircraft, and infantry, are now supplemented by powerful cyber capabilities. Modern cyberattack landscapes allow for penetration into the information systems of both military targets and critical state infrastructure, significantly expanding the scope of influence. The rapid development of the cyber domain requires the development of an effective methodological approach to the cyber protection of critical infrastructure objects (CIOs). To enhance the cybersecurity level of these vital objects, analyze current cyber threats, forecast the likelihood of enemy cyberattacks, and implement protection mechanisms for the information and communication systems of CIOs, it is essential to assess the CIOs' capabilities to maintain functionality under destructive cyber influences and to restore operations after interference with the information and communication systems of CIOs. Developing recommendations for tools to assess cyber resilience will enhance the security and protection level of critical infrastructure under national security threats.

REAL-TIME FALSE INFORMATION DETECTION PREDICTION ACCURACY MODEL

2024-07-16T04:35:07+03:00

State information security is an urgent task for a country conducting military operations. Ensuring the information security of the State is an urgent scientific task for all countries. The problem of information struggle, information war has always occupied a primary place in the general security of the State. With the help of criminal informational influence, it is possible to control society, public mood. Therefore, the development and improvement of the scientific and methodological apparatus, namely the development of a forecast accuracy model for the detection of false information in real time, as a means of introducing information warfare, is an urgent scientific task. This scientific work is devoted to the solution of this scientific task. The paper examines a mathematical apparatus for detecting and blocking false information in real time. The article is devoted to solving the problem of detecting false information. The situation is considered, when the reconstructed signal is generated by the Mandelbrot model, further using the Kohonen self-learning method. Specifying the unknown parameters using the standard Utadrow-Hoff method obtained a model of the accuracy of the prediction of false information detection. Which allows you to detect false information in real time. The direction of further research can be the task of optimizing the criteria for assessing the accuracy of the forecast.

RESEARCH AND ANALYSIS OF PROBLEMS AND CHALLENGES IN ENSURING CYBERSECURITY IN CLOUD COMPUTING

2024-07-17T20:15:50+03:00

Cloud services provide information tools in a virtual environment with the ability to expand the software and hardware resources of a user's computer device. In this case, the information is permanently stored on servers on the Internet and temporarily cached on client devices, such as personal computers, game consoles, laptops, smartphones, etc. To get constant access to remote Internet resources, users use cloud services. They are a key element of modern and rapidly developing technologies, and for many companies, the use of cloud services is a strategic issue. Although the innovative capabilities of cloud services attract the attention of users on the one hand, they can also pose new threats to their information security. That is why the study of cloud computing is important to understand its potential and effectiveness. This study will examine the security aspect of cloud services and compare several different platforms in this context, as the lack of sufficient protection can lead to theft of personal data and other confidential information. The study will also look at the most common threats faced by cloud services, such as DDoS attacks, data leaks, data misuse, etc. In particular, we will analyze the security measures provided by leading cloud platforms such as AWS, GCP and Azure to determine their effectiveness and reliability. Our analysis will be useful both for companies considering moving to the cloud and for ordinary users seeking to keep their personal data safe online. The results of the study will provide a clear picture of the benefits and limitations of using different cloud platforms from a security perspective.

CYBERSECURITY CHALLENGES AND OPPORTUNITIES IN THE INTERNET OF THINGS (IOT): COMBINING ARTIFICIAL INTELLIGENCE, IOT AND CYBERSECURITY

2024-07-17T20:26:08+03:00

The aim of the paper is to explore the challenges and opportunities related to cyber security in the context of the Internet of Things (IoT) and the combination of artificial intelligence (AI) with IoT, known as AIoT. The work examines the evolution of IoT to AIoT, the importance of cybersecurity in AIoT, and the various challenges that arise from the increasing number of networked devices and the growth of data. The study also examines cybersecurity strategies for AIoT, including network communication protection, the use of artificial intelligence in cyber attack detection and prevention systems, access control and identification, and operational monitoring and anomaly detection. The article examines the issue of standardization and regulation in the field of AIoT cybersecurity and future directions of development in this field, in particular, attention is paid to the following areas: the use of blockchain technologies, the expansion of the role of artificial intelligence in AIoT cybersecurity. The final part of the article contains the conclusions of the study, recommendations for further research and improvement of cyber security in AIoT.

RESEARCH ON THE EFFICIENCY OF COMBINED EMBEDDINGS FOR FACIAL VERIFICATION

2024-07-17T21:38:34+03:00

In the era of digital authentication, facial verification systems have become a cornerstone of security protocols across various applications. This study explores the performance synergy from concatenated embeddings in enhancing biometric authentication accuracy. By leveraging the Celebrities in Frontal-Profile dataset (CFP), we investigate whether the fusion of embeddings generated by models such as VGG-Face, Facenet, OpenFace, ArcFace, and SFace can result in a more robust authentication process. The approach involves computing the L2 distance between normalized concatenated embeddings of an input face image and an anchor, thereby determining the authenticity of the individual. Experiments are designed to compare the performance of singular model embeddings against concatenated embeddings, employing metrics such as accuracy, False Acceptance Rate (FAR), and False Rejection Rate (FRR). The findings of this research could significantly contribute to the development of more secure and reliable facial verification systems by using multiple existing models without the need for new model research, designing, and training.

MULTIASPECTNESS AND STRATEGIC PLANNING IN DEVELOPING MULTI-OBJECTIVE MODELS FOR SOFTWARE QUALITY ASSESSMENT.

2024-07-17T21:48:05+03:00

In the modern information society, the problem of assessing the quality of software systems (SS) is one of the key issues. The purpose of this article is to thoroughly examine the peculiarities of the process of assessing the quality of SS using the principles of multi-aspectness and strategic planning. To achieve this goal, four main objectives have been identified. Firstly, the article proposes to thoroughly consider the main stages of the multi-aspectness principle in the approach to assessing the quality of SS when creating multi-objective quality models. Secondly, an attempt is made to provide mathematical explanations regarding how multi-aspectness can be represented in the modeling of SS quality. Thirdly, the article examines the main aspectual stages of strategic planning of multi-objective models for SS quality assessment. Finally, it suggests analyzing fundamental formulas that can be used for mathematical expression of various aspects of SS quality within strategic planning and implementation of SS quality assessment mechanisms. The obtained results of the article will contribute to further development in the field of software quality assessment and increase the efficiency of software development and project management. The research has shown that the use of principles of multi-aspectness and strategic planning in assessing the quality of software systems is an effective approach that allows creating complex and adaptive assessment models. A thorough analysis of the main stages of the multi-aspectness principle in the approach to assessing SS quality, as well as consideration of aspects of strategic planning of multi-objective models, emphasized the importance of understanding the diverse needs of users and other stakeholders. Mathematical explanations regarding the representation of multi-aspectness in SS quality modeling have proven useful for developing formulas and assessment mechanisms. The analysis of fundamental formulas has enabled the development of tools for mathematical expression of various aspects of SS quality and their use in strategic planning. Based on the obtained results, it can be concluded that the application of the discussed approaches to SS quality assessment will contribute to increasing the efficiency of project management and software development. Such models will allow for consideration of diverse needs and expectations of various stakeholders, which is crucial for success in the modern software industry.

DEVELOPMENT OF EFFECTIVE WEB SECURITY MEASURES FOR THE NETWORK BY CONDUCTING PENETRATION TESTING USING THE OWASP FRAMEWORK

2024-07-17T22:25:46+03:00

With each step in the development of technology, web security is becoming a more relevant component for ensuring the reliability and protection of network systems. The growing number of cyber threats and potential security breaches emphasizes the need to improve the protection of network systems. To help developers and administrators in this process, there is an important tool - the OWASP (Open Web Application Security Project) framework. It provides a wide range of tools, guidelines, and resources for securing web applications. This framework helps developers check web applications for potential vulnerabilities and find ways to fix them. To better understand, you can imagine that the network is a house and web applications are its doors and windows. If these doors and windows are not tightly closed, attackers can easily get in and cause damage. So, to put it in comparison, just as you check if all the doors and windows in your network are secure, OWASP provides a means to check web applications for vulnerabilities that can be exploited by attackers. Therefore, using the OWASP framework is an important step in developing effective web security measures for your network, helping to ensure that your system is reliable and protected from possible cyberattacks and malicious actions.

ALGORITHM FOR APPLICATION OF BAYES' THEOREM FOR DETECTION OF THREATS IN INFORMATION SECURITY SYSTEMS

2024-07-17T22:32:26+03:00

Information protection is becoming more relevant in today's world. This is due to the growth of technical progress and the transformation of the world into an information world. This became especially noticeable after the worldwide quarantine from the corona virus, humanity generally switched to information communication. Social networks and, in general, information communication through the worldwide network of Internet cyberspace have acquired further development. In connection with this, the scientific task of developing new and improving existing methods of information protection arises. One of the ways to improve information protection is the application of Bayes' theorem. The paper proposes the practical application of Bayes' theorem to increase the effectiveness of danger detection in the information protection and information security system of the State. Mathematical calculations proved the expediency of using Bayes' theorem to detect violations of confidentiality and truthfulness of information. According to the results of calculations using specific assumptions, we received a posteriori evidence in favor of the fact that the spectrum of the signal is the spectrum of the signal of a means of secretly obtaining information is about 33:1, and for determining false information, the a posteriori chance that the information is not false information is 10:1, that is are good results. In this way, it was proved that the use of Bayes' theorem to determine the security of information according to the proposed algorithm is an improvement of the method of assessing information protection and allows solving the scientific task of increasing the effectiveness of information protection and information security of the State.

MATHEMATICAL FUNDAMENTALS OF ALGEBRAIC LATTICIES AND THEIR APPLICATION IN QUANTUM CRYPTOLOGY

2024-07-17T22:57:21+03:00

The ongoing development of quantum computers threatens state-of-the-art public key cryptographic schemes, such as discrete logarithm factorization key generation schemes, digital signatures, and elliptic curve cryptography. It is necessary to develop new cryptographic algorithms capable of resisting the attacks of quantum computers. Post-quantum cryptography (PQC) aims to develop algorithms that can be used without significant modifications to existing networks. The US National Institute of Standards and Technology (NIST) organizes a competition for the selection and standardization of new algorithms. This article provides an overview and analysis of the evaluation and selection process of NIST algorithms based on lattice theory problems. It gives basic definitions, describes the main problems of algebraic lattice theory, and summarizes the advantages of this class of cryptography, including its resistance to quantum computing. The work contributes to the study and comparison of post-quantum cryptographic algorithms, and also provides recommendations for their further use and standardization to ensure their security in the development of quantum computers.

JUSTIFICATION OF THE PROBABILITY OF DETERMINING THE PRESENCE OF SIGNALS IN THE ENVIRONMENT OF THEIR PROPAGATION

2024-07-18T03:19:43+03:00

The substantiation of the impossibility of determining the presence of signals in the media of their distribution was carried out. A discrete-continuous channel was used as a model of the information distribution channel. Information was produced from a discrete source, where each of the information symbols was matched by discontinuous implementations that propagated through a continuous medium with interference. Reception of signals is carried out by means that can be effective. From the point of view of securing information from uncontrolled dissemination and ensuring its security in the distribution environment, as a rule, two factors are used: attenuation of the wave (signal) amplitude during its propagation in the physical environment; the distorting effect of interference that takes place in the medium of signal propagation and destroys its shape. However, the use of these factors, which could ensure complete, almost absolute security of information, is a difficult issue, if not impossible. After all, signals propagating in space, in accordance with the laws of physics, do so in the form of electromagnetic or other waves, or streams of elementary (charged) particles. They can spread over fairly long distances, and theoretically almost to infinity, the effectiveness of their interception is completely determined by the effectiveness of the means of reception. To solve this issue, which is widely used in information security management, there is a risk-oriented approach that does not require absolute security, but allows the possibility of not fulfilling the security requirement with a certain acceptable risk [2]. This risk, as a rule, is determined by the permissible losses that the owner of the assets can incur, and at the same time the effectiveness of production processes will not be disturbed.

STUDY OF RESISTANCE TO ATTACKS OF REPRODUCING REMOTE CONTROL PROTOCOLS USING THE 433 MHz RADIO CHANNEL

2024-07-18T03:30:30+03:00

This article identifies critical vulnerabilities in the EV1527 protocol that are widely used in remote control systems, particularly home automation systems. Focusing on a detailed analysis of the protocol structure and potential weaknesses, this study assesses the risks of replay attacks that can be carried out by intercepting and retransmitting radio signals. The results of the work demonstrate the significant vulnerability of this protocol to such attacks due to the lack of cryptographic protection of the transmitted data. As part of this work, experimental tests were conducted using the HackRF One software-controlled transceiver, which allowed to reproduction of the attack in controlled laboratory conditions. The experiments confirmed theoretical assumptions about the possibility of implementing such attacks, emphasizing the need to develop more secure communication protocols. HackRF One's application demonstrated how easily attackers can intercept and rebroadcast signals, gaining unauthorized access to remote control systems. This article highlights the importance of transitioning from legacy technologies to modern solutions that include dynamic codes and cryptography to increase security. The use of dynamic codes, such as the HCS301's moving code technology, greatly complicates the possibility of replay attacks because each code transmission is unique. This means that even if the signal is intercepted, an attacker will not be able to repeat it to gain access. The authors recommend the implementation of cryptographic methods, such as the HCS301 moving code technology, which greatly complicates the possibility of repeated attacks. The introduction of such technologies increases the level of security and makes remote control systems more resistant to malicious actions. In addition, the need for constant updating and improvement of security protocols to protect critical infrastructure is emphasized. Given these results, this work indicates an urgent need for updating and improving remote control systems, including the development of new, more attack-resistant protocols, especially in the context of ensuring the security of critical infrastructure facilities. The integration of modern cryptographic methods is a key step to protect against malicious attacks and ensure the reliable operation of remote-control systems.

SECURITY SYMBOLS: INTEGRATING CRYPTOGRAPHY WITH CYBER SECURITY TO PROTECT DIGITAL SYSTEMS

2024-07-18T03:37:39+03:00

Cyber security is a set of procedures aimed at protecting computer systems, networks and data from unauthorized access. In today's digital environment, cyber security has become critical for business, administration and management, as well as for private individuals, as threats from cyber attacks are ever increasing. The modern world is inextricably linked with the latest technologies that permeate all spheres of our lives. However, the growing dependence on digital technologies leads to cyber threats that can affect the security and stability of society. Integrating cryptography with cybersecurity is the answer to these challenges. A strategic approach to ensuring the security of information technology is the integration of cryptography, which is based as security against unauthorized access and to ensure authentication and inaccessibility of data or systems. The merger of cryptography with cyber security allows to create a comprehensive approach to the protection of digital systems, taking into account modern risks and problems. The increase in the number and complexity of threats requires constant improvement of methods that will allow adapting to modern and future attacks, ensuring effective protection of digital systems and the relevance of the problem in today's digital world. Let's consider the importance of the role of the human factor in ensuring cyber security and possible approaches to take this aspect into account when developing and implementing cryptographic solutions. In addition, an analysis of Ukrainian qualified electronic signatures is conducted, which is an improved form of electronic signature, ensuring a high level of protection and authenticity of electronic documents in a technological environment.

MODEL OF THE FACIAL RECOGNITION PROCEDURE MODEL AND THE IRIS OF THE EYE DURING BIOMETRIC AUTHENTICATION OF PERSONNEL OF CRITICAL INFRASTRUCTURE FACILITIES USING NEURAL NETWORK TOOLS.

2024-07-18T03:43:53+03:00

Today's challenges determine the need to improve the means of biometric authentication of personnel of critical infrastructure facilities. Common means of biometric authentication, which are usually based on the use of neural network technologies for facial image analysis, in many cases are not sufficiently adapted to the conditions of recognition during the performance of the personnel's functional duties, which are characterized by the influence of various interferences during video recording and an increase in the probability of attacks using dummies . Another promising direction of improvement is determined by the availability of modern means of video registration, which provide an additional possibility of recognizing a person by the iris of the eye and the possibility of recognizing emotions, which allows assessing the psycho-emotional state of staff representatives. It is shown that the first stage of improving neural network means of biometric authentication is the development of a formalized description of the recognition procedure, which takes into account promising areas of improvement. An appropriate model is proposed that provides a formalized description and criteria for evaluating the effectiveness of each of the operations and the recognition procedure as a whole. At the same time, for the first time, the list of criteria for assessing the quality of pre-processing of images, subject to neural network analysis in the biometric authentication system, has been substantiated, and for the first time, approaches to determining the parameters of interference and recognizing attacks using dummies have been proposed. The approach to determining the parameters of obstacles involves comparing the parameters of obstacles with the location and number of key and control faces that they overlap. Recognition of attacks is proposed to be implemented based on the analysis of the dynamics of basic emotions, the dynamics of eye movement parameters and the environment. The results of this study are important in the context of the development of effective biometric authentication tools, as they provide a formalized description of the requirements for the functionality of the main components of this procedure for recognizing the identity and emotions of personnel of critical infrastructure facilities.

FEATURES OF USING AMAZON INSPECTOR TO IDENTIFY VULNERABILITIES OF CLOUD APPLICATIONS

2024-07-18T03:52:03+03:00

Vulnerability to various cyber-attacks, loss of data confidentiality, increased number of failures and reduced stability of information infrastructure, increased capital costs, new requirements for data independence, problems with scaling business information infrastructure can be the main problems that a business may face. The above-mentioned problems can serve as a basis for migration to cloud technologies, which in turn will ensure a reduction in expenses for infrastructure support, increase the efficiency of information infrastructure management compared to work in a local environment, and increase the flexibility of the organization. The relevance of the research lies in improving information security, ensuring confidentiality, integrity and availability, identifying application and environment vulnerabilities through the use of built-in AWS services. The purpose of this work is to implement the evaluation and improvement of the security of the working environment and the application deployed on the basis of cloud services by automating the scanning and analysis of the AWS workload.

METHOD OF ANALYSIS OF OUTGOING TRAFFIC PACKAGE SIGNATURES

2024-07-18T03:58:52+03:00

To detect outgoing malicious traffic, a method based on fuzzy logical inference has been developed to analyze signatures of outgoing traffic. The study results indicate that continuing activities in this direction are worthwhile to unload network resources during peak loads. The method verifies the signature of the outgoing traffic packet against a set of rules. The key tasks of the method are connection permission, if the packet signature is defined as permitted during classification; blocking the connection, if it is determined that the signature of the package is prohibited; and adding new signatures to existing dictionaries. During the experiment, the method confirmed its effectiveness. Having a method based on fuzzy logic for signature analysis of outgoing traffic packets has several advantages, including the detection of previously unknown attacks, reduction of the total number of cyber-attacks, prevention of overloading of network equipment, and reduction of the probability of compromise. current network.

ANALYSIS OF THE CURRENT STATE OF CYBERATTACKS IN UKRAINE DURING THE WAR

2024-07-18T04:11:14+03:00

The urgency of the cybersecurity problem in Ukraine is extremely high in the context of a full-scale invasion. In recent years, cyberattacks have become an integral part of the hybrid war waged against the country. The study of the current state of cyber aggression in Ukraine is an important task from the point of view of national security. This scientific work aims to carefully analyze the structure, trends, and features of cyberattacks against Ukraine during the military conflict. The study involves the analysis of various forms and methods of cyber aggression, studying their impact on the state, and identifying possible measures to protect critical information infrastructure facilities. The study's results can form the basis for the development and implementation of effective cybersecurity strategies aimed at improving the protection of the country's information security in conditions of war. The relevance of this work lies in its potential to help the Ukrainian government and security agencies effectively respond to the challenges of military conflict in cyberspace. To support the study, a broad analysis of the literature and articles providing information on cyber attacks during the war was conducted. Additionally, empirical data on cyber incidents recorded in Ukraine since the beginning of the conflict were used to comprehensively assess the scope and specifics of the threats. Special attention is paid to the analysis of types of cyberattacks, their tactical and strategic objectives, and the methods used for their implementation. The study also identifies key vulnerabilities exploited by attackers and suggests possible ways to mitigate them. The main types of attacks considered include DDoS attacks, phishing attacks, malware deployment, SQL injections, and others. Moreover, the impact of cyberattacks on various sectors of the economy and social sphere, including government administration, energy, finance, and infrastructure, is examined. The results of the study are practically significant for shaping national cybersecurity policy. They can be used to develop recommendations for enhancing the security of information systems, improving the regulatory framework, and strengthening international cooperation in this field. The study also emphasizes the need to increase cyber hygiene among the population and improve the training of cybersecurity specialists.

NETWORK WARS – MODERN WARS

2024-07-18T04:25:37+03:00

The article examines the theory of network-centric warfare and its impact on the present. It was developed in the second half of the twentieth century and is widely used in the wars of the twenty-first century. The essence of the concept of network-centric warfare can be redefined as follows: it is a war of the "blind" against the "sighted". The physical strength of the "blind man" is the combat strength of classical armed forces that do not take advantage of network-centric approaches, which does not guarantee an advantage in modern combat. This is a losing situation. Network-centric warfare consists of 3 lattice subsystems: information, sensor (i.e., intelligence) and combat. But its basis is the information subsystem, the goals of which, according to the concept, are the so-called Warden rings. Using the theory of network-centric warfare and hybrid warfare tactics, Russia seized Crimea and occupied Donbas. And on 24 February 2024, Russia launched a war against Ukraine, repeating its actions during the aggression against Georgia in 2008. That is, it started with cyberattacks on government agencies and government control centres. But the Russian Federation, using elements of network-centric warfare, is fighting as it did in World War II. Ukraine is making a transition from managing troops and weapons to managing armed struggle. Russia's war against Ukraine shows that in modern warfare, the winner is the one who is quicker to perceive new technologies and implement them, adopts and implements new military doctrines and concepts that are in line with the spirit of the times and enable not only the use of new technologies and ideas, but also knows well which ones to use and when. High technologies are now turning into a systemic factor in modern armed struggle. They make it possible to reach that new stage in the development of military art - the transition from command and control of troops in the course of armed struggle to conflict management in general.

HARNESSING BLOCKCHAIN AND EBPF FOR IMMUTABLE AUDIT OF SYSTEM EVENTS: A TECHNOLOGICAL CONVERGENCE APPROACH

2024-07-18T04:36:16+03:00

The importance of secure and reliable system event auditing has grown significantly in today's complex IT environments, where data integrity and security are paramount. Traditional auditing methods, which rely on centralized systems and are vulnerable to tampering and performance bottlenecks, are no longer sufficient. This article addresses these challenges by proposing a novel framework that combines blockchain and eBPF technologies to create an immutable, transparent, and efficient system for event auditing. The proposed solution leverages eBPF's real-time monitoring capabilities and blockchain's tamper-proof ledger to ensure the integrity and verifiability of audit logs. Through a detailed exploration of the conceptual framework and an analysis of potential challenges and solutions, this approach has proven to be effective in enhancing the reliability and security of system event auditing. The results of this study provide a foundation for future implementations, research and robust solutioning for organizations seeking to improve their auditing processes.

SECURE DATA STORAGE USING THE ETHEREUM BLOCKCHAIN TECHNOLOGY

2024-07-18T04:41:10+03:00

The constant increase in the amount of data creates problems related to the choice of effective methods and means of storage and ensuring the protection of this data from unauthorized access. The article details the critical topic of preserving and protecting the importance of information in the context of growing data volumes and the number of cyberattacks. The impossibility of reliable data storage and protection is increasing, especially in the context of the increased threat from attackers. It highlights how blockchain technologies, especially based on the Ethereum platform, can solve the problems of reliable storage and data security. Ethereum offers an alternative to the traditional client-server model by decentralizing data storage through a distributed network of nodes. This technology significantly improves security, making unauthorized access to information difficult, and preventing the hacking of the private key, which requires significant computing resources. Smart contracts on Ethereum allow the creation of applications that execute precisely according to predetermined conditions, without the possibility of third-party intervention. This is especially important for messengers, where data privacy and availability are of fundamental importance. Although high, the cost of transactions in the blockchain is compensated by the high reliability and security of data storage. The applied methodology confirms that public (decentralized) data storage is safe since it is practically impossible to break the private key of Ethereum.