Vol 20, No 4 (2021)
Information security
Intelligent System of Analytical Processing of Digital Network Content for Protection Against Inappropriate Information
Abstract
Currently, the Internet and social networks as a medium for the distribution of digital network content are becoming one of the most important threats to personal, public and state information security. There is a need to protect the individual, society and the state from inappropriate information. In scientific and methodological terms, the problem of protection from inappropriate information has an extremely small number of solutions. This determines the relevance of the results presented in the article, aimed at developing an intelligent system of analytical processing of digital network content to protect against inappropriate information. The article discusses the conceptual foundations of building such a system, revealing the content of the concept of inappropriate information and representing the overall architecture of the system. Models and algorithms for the functioning of the most characteristic components of the system are given, such as a distributed network scanning component, a multidimensional classification component of network information objects, a component for eliminating incompleteness and inconsistency, and a decision-making component. The article presents the results of the implementation and experimental evaluation of system components, which demonstrated the ability of the system to meet the requirements for the completeness and accuracy of detection and counteraction of unwanted information in conditions of its incompleteness and inconsistency.
Informatics and Automation. 2021;20(4):755-792
755-792
Security of Search and Verification Protocol in Multidimensional Blockchain
Abstract
The issue of secure data exchange and performing external transactions between robust distributed ledgers has recently been among the most significant in the sphere of designing and implementing decentralized technologies. Several approaches have been proposed to speed up the process of verifying transactions on adjacent blockchains. The problem of search has not been under research yet. The paper contains security evaluation of data exchange between independent robust distributed ledgers inside multidimensional blockchain. Main principles, basic steps of the protocol and major requirements for it are observed: centralized approach, subset principle and robust SVP. An equivalence of centralized approach and ideal search and verification functionality is proven. The probability of successful verification in case of using fully connected network graph or equivalent approach with fully connected graph between parent and child blockchain is shown. The insecurity of approach with one-to-one links between child and parent ledgers or with a subset principle is proven. A robust search and verification protocol for blocks and transactions based on the features of robust distributed ledgers is presented. The probability of attack on this protocol is mostly defined by the probability of attack on verification and not on search. An approach to protection against an attacker with 50% of nodes in the network is given. It is based on combination of various search and verification techniques.
Informatics and Automation. 2021;20(4):793-819
793-819
Application of Bioinformatics Algorithms for Polymorphic Cyberattacks Detection
Abstract
The functionality of any system can be represented as a set of commands that lead to a change in the state of the system. The intrusion detection problem for signature-based intrusion detection systems is equivalent to matching the sequences of operational commands executed by the protected system to known attack signatures. Various mutations in attack vectors (including replacing commands with equivalent ones, rearranging the commands and their blocks, adding garbage and empty commands into the sequence) reduce the effectiveness and accuracy of the intrusion detection. The article analyzes the existing solutions in the field of bioinformatics and considers their applicability for solving the problem of identifying polymorphic attacks by signature-based intrusion detection systems. A new approach to the detection of polymorphic attacks based on the suffix tree technology applied in the assembly and verification of the similarity of genomic sequences is discussed. The use of bioinformatics technology allows us to achieve high accuracy of intrusion detection at the level of modern intrusion detection systems (more than 0.90), while surpassing them in terms of cost-effectiveness of storage resources, speed and readiness to changes in attack vectors. To improve the accuracy indicators, a number of modifications of the developed algorithm have been carried out, as a result of which the accuracy of detecting attacks increased by up to 0.95 with the level of mutations in the sequence up to 10%. The developed approach can be used for intrusion detection both in conventional computer networks and in modern reconfigurable network infrastructures with limited resources (Internet of Things, networks of cyber-physical objects, wireless sensor networks).
Informatics and Automation. 2021;20(4):820-844
820-844
Cyberattack Detection in Vehicles using Characteristic Functions, Artificial Neural Networks, and Visual Analysis
Abstract
The connectivity of autonomous vehicles induces new attack surfaces and thus the demand for sophisticated cybersecurity management. Thus, it is important to ensure that in-vehicle network monitoring includes the ability to accurately detect intrusive behavior and analyze cyberattacks from vehicle data and vehicle logs in a privacy-friendly manner. For this purpose, we describe and evaluate a method that utilizes characteristic functions and compare it with an approach based on artificial neural networks. Visual analysis of the respective event streams complements the evaluation. Although the characteristic functions method is an order of magnitude faster, the accuracy of the results obtained is at least comparable to those obtained with the artificial neural network. Thus, this method is an interesting option for implementation in in-vehicle embedded systems. An important aspect for the usage of the analysis methods within a cybersecurity framework is the explainability of the detection results.
Informatics and Automation. 2021;20(4):845-868
845-868
Optimization Approach to Selecting Methods of Detecting Anomalies in Homogeneous Text Collections
Abstract
The problem of detecting anomalous documents in text collections is considered. The existing methods for detecting anomalies are not universal and do not show a stable result on different data sets. The accuracy of the results depends on the choice of parameters at each step of the problem solving algorithm process, and for different collections different sets of parameters are optimal. Not all of the existing algorithms for detecting anomalies work effectively with text data, which vector representation is characterized by high dimensionality with strong sparsity. The problem of finding anomalies is considered in the following statement: it is necessary to checking a new document uploaded to an applied intelligent information system for congruence with a homogeneous collection of documents stored in it. In such systems that process legal documents the following limitations are imposed on the anomaly detection methods: high accuracy, computational efficiency, reproducibility of results and explicability of the solution. Methods satisfying these conditions are investigated. The paper examines the possibility of evaluating text documents on the scale of anomaly by deliberately introducing a foreign document into the collection. A strategy for detecting novelty of the document in relation to the collection is proposed, which assumes a reasonable selection of methods and parameters. It is shown how the accuracy of the solution is affected by the choice of vectorization options, tokenization principles, dimensionality reduction methods and parameters of novelty detection algorithms. The experiment was conducted on two homogeneous collections of documents containing technical norms: standards in the field of information technology and railways. The following approaches were used: calculation of the anomaly index as the Hellinger distance between the distributions of the remoteness of documents to the center of the collection and to the foreign document; optimization of the novelty detection algorithms depending on the methods of vectorization and dimensionality reduction. The vector space was constructed using the TF-IDF transformation and ARTM topic modeling. The following algorithms have been tested: Isolation Forest, Local Outlier Factor and One-Class SVM (based on Support Vector Machine). The experiment confirmed the effectiveness of the proposed optimization strategy for determining the appropriate method for detecting anomalies for a given text collection. When searching for an anomaly in the context of topic clustering of legal documents, the Isolating Forest method is proved to be effective. When vectorizing documents using TF-IDF, it is advisable to choose the optimal dictionary parameters and use the One-Class SVM method with the corresponding feature space transformation function.
Informatics and Automation. 2021;20(4):869-904
869-904
Artificial intelligence, knowledge and data engineering
Performative Framework and Case Study for Technology-Enhanced Learning Communities
Abstract
This paper employs the overarching concept of communities to express the social contexts within which human creativity is exercised and learning happens. With the advent of digital technologies, these social contexts, the communities we engage in, change radically. The new landscape brought about by digital technologies is characterized by new qualities, new opportunities for action, new community affordances. The term onlife is adopted from the Onlife Manifesto and used to distinguish the new kind of communities brought about by the modern digital technologies, the onlife communities. Design principles are presented to foster such communities and support their members. These principles constitute a framework that emphasizes the concept of performativity, i.e. knowledge is based on human performance and actions done within certain social contexts, rather than development of conceptual representations. To demonstrate the use of the framework and the corresponding principles, the paper presents how they can be used to analyze, evaluate and reframe a concrete system addressing creativity and learning in the field of cultural heritage (history teaching and learning). One of the most significant results is the adoption of principles that facilitate students’ engagement in rich learning experiences moving from the role of end-user towards the role of expert-user with the support of so called maieuta-designers. The result of this process is the use of the studied software not only to consume ready-made content but the creation of new, student generated content, offering new learning opportunities to the students. As the evaluation shows, these new learning opportunities enable students to develop a deeper understanding of the topics studied.
Informatics and Automation. 2021;20(4):905-939
905-939
Extracting Semantic Information from Graphic Schemes
Abstract
The problem of extracting semantic information from an electronic document specified in the vector graphics format and containing a graphic model (diagram) built using a graphic editor is considered. The problem is to program retrieving certain structural properties and parametric circuit and entering them into a database for later use. Based on the analysis of the capabilities of graphic editors, a conclusion has made about the relevance of this task for universal editors that are not tied to specific graphic notations and use open graphic document formats, which allows program processing. The proposed approach considers graphic documents at three levels of abstraction: conceptual (semantic properties of a schema), logical (presentation of semantic properties at the internal level of the document) and physical (internal organization of a graphic document). The solution to the problem is based on the construction of a conceptual-logical mapping, i.e., mapping a conceptual model of a circuit to a logical model of a graphic document, according to its physical model. Within the framework of the approach, an algorithm for constructing the indicated mapping is developed, presented in the form of an object-oriented pseudocode. The study of internal markup in open graphic formats made it possible to build models for identifying circuit elements and their connections to each other, which is necessary for a specific application of the algorithm. Expressions for addressing schema elements and accessing their properties are obtained. The proposed approach is implemented on the base of a situation-oriented paradigm, within which the extraction process is driven by a hierarchical situational model. The processed data is specified in the situational model in the form of virtual documents displayed on heterogeneous external data sources. For the problem being solved, we consider the mapping to two variants of vector graphics formats: to a "flat" markup file and to a set of such files in an electronic archive. The practical use of the results is illustrated by the example of extracting semantic information from graphical models developed at various stages of database design.
Informatics and Automation. 2021;20(4):940-970
940-970
Implementation of the LAMMPS Package on the T-System with Open Architecture
Abstract
Supercomputer applications are usually implemented in the C, C++, and Fortran programming languages using different versions of the Message Passing Interface library. The "T-system" project (OpenTS) studies the issues of automatic dynamic parallelization of programs. In practical terms, the implementation of applications in a mixed (hybrid) style is relevant, when one part of the application is written in the paradigm of automatic dynamic parallelization of programs and does not use any primitives of the MPI library, and the other part of it is written using the Message Passing Interface library. In this case, the library is used, which is a part of the T-system and is called DMPI (Dynamic Message Passing Interface). In this way, it is necessary to evaluate the effectiveness of the MPI implementation available in the T-system. The purpose of this work is to examine the effectiveness of DMPI implementation in the T-system. In a classic MPI application, 0% of the code is implemented using automatic dynamic parallelization of programs and 100% of the code is implemented in the form of a regular Message Passing Interface program. For comparative analysis, at the beginning the code is executed on the standard Message Passing Interface, for which it was originally written, and then it is executed using the DMPI library taken from the developed T-system. Сomparing the effectiveness of the approaches, the performance losses and the prospects for using a hybrid programming style are evaluated. As a result of the conducted experimental studies for different types of computational problems, it was possible to make sure that the efficiency losses are negligible. This allowed to formulate the direction of further work on the T-system and the most promising options for building hybrid applications. Thus, this article presents the results of the comparative tests of LAMMPS application using OpenMPI and using OpenTS DMPI. The test results confirm the effectiveness of the DMPI implementation in the OpenTS parallel programming environment.
Informatics and Automation. 2021;20(4):971-999
971-999