Vol 52, No 8 (2018)

An approach is presented to the construction of a hierarchical security management system for large-scale dynamic communication networks (MANET, VANET, FANET, WSN, etc.) with the use of software-defined network technologies and supercomputer elastic computations. The results of experiments to evaluate the effectiveness of the proposed approach are presented.

This paper is devoted to solving the problem of developing a case-based decision support system for information security problems. The source data can be described as heterogeneous semistructured objects and formalized as property vectors. An approach to constructing a knowledge base for such problems using a two-level representation (the level of case-objects and the use case structure level) is given. The authors consider a use case modeling method for preparing a basic data set. Methods for assessing the similarity of heterogeneous semistructured objects and higher-level use cases are proposed. Results of experimental approbation of the described solutions and the architecture of the corresponding decision support system are presented.

This paper proposes to use multifractal analysis to detect backbone network traffic anomalies that indicate network failures or attacks. Multifractal spectrum characteristics are used as security metrics. The effectiveness of the proposed approach is confirmed by experimental results on detecting Denial of Service attacks.

This article considers ensuring protection of Vehicular Ad-Hoc Networks (VANET) against malicious nodes. Characteristic performance features of VANETs and threats are analyzed, and current attacks identified. The proposed approach to security provision relies on radial basis neural networks and makes it possible to identify malicious nodes by indicators of behavior.

In this work considered the problem of safety analysis of control mechanisms in modern information systems, including control software systems of cyberphysical and industrial facilities, digital control systems for distributed cyber environments VANET, FANET, MARINET, industrial Internet of things and sensor networks. The representation of security violation as a property of the system described by a complex function is proposed, in which the method of finding violations is described in the form of approximation of that function and the calculation of its values for specific systems. Various approaches to the interpolation of such function are considered in the work, it is shown that the most promising option is the use of deep neural networks.

A technology for preventing a full range of attacks on routing in self-organizing adhoc networks (MANET, VANET/FANET/MARINET, IoT, WSN, mesh networks, M2M networks, etc.) is presented. The new technology develops the Watchdog method and the method of estimating the packet transfer coefficient (P-Secure) by implementing an ant swarm algorithm for constructing a secure route in the network, in which all nodes are agents for analyzing the security of neighboring nodes. An example is given of constructing a safe route in the VANET network using the created ant swarm algorithm.

This paper considers cybersecurity threats for vehicular ad hoc networks and also describes the developed classification of these threats.

In this article, the authors propose an approach to the security analysis of program code using vector representations of machine instructions. The article also proposes a method for constructing multidimensional vector spaces for a set of program code instructions. The construction of semantically expressive vector representations of machine instructions is considered as one of the important tasks in constructing a neural network code classifier for vulnerabilities. The applicability of the principle of transfer learning to machine code is demonstrated experimentally.

This paper investigates the problem of ensuring secure input/output operations in the Intel SGX technology. The problem is extremely urgent, and its solution will make it possible to protect confidential user data from attacks from different malicious software while finding data outside the enclave. The authors present different methods for solving the posed problem developed by them. The complexity of the practical application of these methods as well as their main disadvantages and advantages are analyzed. The most preferred method which ensures secure storage and processing of data outside the enclave is also chosen.

We consider error probabilities in protocols using CRC to detect distortions in transmitted batches. A probability-theory model of an additive long-term noise is constructed as a sequence of independent noise blocks of a prescribed length. We show that there are conditions to be imposed on the form of the k-order polynomial forming the CRC and on block size s such that the error probability \(\alpha \) is close to \({{2}^{{ - k}}}\) and does not depend on s provided that distortion probability \({{P}_{1}}\) is high.

This paper describes the protocol for generating a master key for a system for exchanging fiscal features, generating a fiscal feature key with authentication of the means for generating and verifying fiscal features that are installed on the fiscal drive and in the equipment of fiscal data operators and the authorized body. This protocol is based on the use of known domestic cryptographic transformations and is aimed at ensuring the integrity and authenticity of data transmitted through the communication channel between the means of formation and means of verification of fiscal features. The protocol was developed in accordance with the recommendations of Rosstandart regarding the principles of the development and modernization of encryption (cryptographic) means of information protection and was issued in the form of a draft national standard proposed for public discussion and approval in accordance with the established procedure. The main result of this study is the formulation of certain security properties that are identical to those objectives that the intruder sets for the purpose of compromise. Already at the stage of creating a protocol, taking into account methods of compromise makes it possible to establish such structural features in this protocol that would ensure the fulfillment of specified security properties and the subsequent justification of their sufficiency.

This work considers the possibility of recovering valuable information when an intruder knows the results of information conversion and conversion in the framework of some information technology. The forest-type model of processable information is built. Approaches to protecting valuable information are investigated.

The noise immunity of single noncoherent reception algorithms optimal in communication and monitoring channels of automated information systems with noise and concentrated interference under complex effect of fluctuating, concentrated, and impulse noise is investigated. Equations for error probabilities are obtained. Calculation examples are given.

Properties of using various assembler commands, as well as their combined application, have been investigated in order to prepare a final determination as to whether they belong to a known program. Conclusions on the effect of the ratio used in the creation of unified signatures on result of identifications are presented.

The article studies the architectures of the modern systems of decentralized data storage and processing, applicability of the blockchain technology in these systems, existing security threats in comparison with the decentralized systems, and methods of security assurance allowing avoidance of these threats.

The implementation of mandatory distribution of access in distributed systems taking into account a user hierarchy is considered. The access control is based on the scheme of preliminary key distribution similar to KDP-scheme. The algorithm of building a family of subsets taking into account a user hierarchy was developed.

A modification is presented of the scheme of preliminary Blom’s key distribution taking into account the direction of information flows. The modification makes it necessary to use a function of three variables. The function of forming key materials ceases to be symmetrical. An exponential form of this function was proposed, which does not increase the amount of key materials.

The architecture of the cloud data storage using Intel SGX technology is proposed. The approach offered in the article is provided to protect the user data on the cloud server from the attacks on the part of the provider and on the client personal computer from the malicious software. The developed architecture supports the group access to the data for several users.

When carrying out outsourced cryptographic computations, it is possible not only to have errors in server computations but also to interact with a malicious computing server. In this paper, we propose an undeniable signature protocol adapted for a group of points of elliptic curve. We also present an outsourced algorithm for elliptic curve point multiplication.