Cybersecurity: Education, Science, Technique

Journal Information
EISSN : 26634023
Current Publisher: Borys Grinchenko Kyiv University (10.28925)
Total articles ≅ 48
Current Coverage

Latest articles in this journal

Cybersecurity: Education, Science, Technique; doi:10.28925/2663-4023

Yelyzaveta Meleshko, Vitaliy Khokh, Oleksandr Ulichev
Cybersecurity: Education, Science, Technique, Volume 1, pp 95-104; doi:10.28925/2663-4023.2019.5.95104

Abstract:In this article research to the robustness of recommendation systems with collaborative filtering to information attacks, which are aimed at raising or lowering the ratings of target objects in a system. The vulnerabilities of collaborative filtering methods to information attacks, as well as the main types of attacks on recommendation systems - profile-injection attacks are explored. Ways to evaluate the robustness of recommendation systems to profile-injection attacks using metrics such as rating deviation from mean agreement and hit ratio are researched. The general method of testing the robustness of recommendation systems is described. The classification of collaborative filtration methods and comparisons of their robustness to information attacks are presented. Collaborative filtering model-based methods have been found to be more robust than memorybased methods, and item-based methods more resistant to attack than user-based methods. Methods of identifying information attacks on recommendation systems based on the classification of user-profiles are explored. Metrics for identify both individual bot profiles in a system and a group of bots are researched. Ways to evaluate the quality of user profile classifiers, including calculating metrics such as precision, recall, negative predictive value, and specificity are described. The method of increasing the robustness of recommendation systems by entering the user reputation parameter as well as methods for obtaining the numerical value of the user reputation parameter is considered. The results of these researches will in the future be directed to the development of a program model of a recommendation system for testing the robustness of various algorithms for collaborative filtering to known information attacks.
Yurii Borsukovskyi
Cybersecurity: Education, Science, Technique, Volume 1, pp 61-72; doi:10.28925/2663-4023.2019.5.6172

Abstract:Current article provides the analysis of recent trends in realization of cyber threats and collects the basic requirements for development of information security concept in hybrid threats conditions. It covers the key tendencies of realization at cyber space of principles of hybrid war. Envisages that preconditions for occurrence of such hybrid wars constitute the interest of governmental agencies in information that might be used by opposing parties in world`s competition and political battles, as well the possibility of effective monetization of harmful impact at information and automated systems of companies. The article defines the necessity in adaptive development of directions in application of preventive actions at information and cyber security. It underlines the absence, at most cases, of strategy to ensure security of the key information systems considering the existing risks. Article emphasize that the information security concept in hybrid threats conditions shall consider the possibility of complete compromising of systems of information and cyber security in case of targeted attack at information resources of structural units of state, banking and private organizations. It considers the model structure of information security concept in hybrid threats conditions to ensure the effectiveness of functioning of information and automated systems of information and cyber security in conditions of limited financing. It provides structure and content of the concept of information security in hybrid threats conditions. Article defines that the information security concept at hybrid threats conditions shall cover the main tasks and objectives, and the general strategy for development of IT and system for managing of information security within the company. It formulates the requirements and basic approaches to its implementation. The article defines that the possible way to optimize the financial resources assigned for IT systems and information and cyber security systems according to the risks defined, might be the use of the best world practices, as well the strict coordination of requirements to ensure the informatization and digital transformation from business and development of coordinated regulatory requirements to the certain businesses from information and cyber security perspective.
Svitlana Shevchenko, Yulia Zhdanovа, Svitlana Spasiteleva, Olena Negodenko, Nataliia Mazur, Kateryna Kravchuk
Cybersecurity: Education, Science, Technique, Volume 1, pp 31-39; doi:10.28925/2663-4023.2019.5.3139

Abstract:The article deals with the application of modern mathematical apparatus in information and cyber security namely fractal analysis. The choice of fractal modeling for the protection of information in the process of its digital processing is grounded. Based on scientific sources, the basic definitions of the research are analyzed: fractal, its dimension and basic properties used in the process of information protection. The basic types of fractals (geometric, algebraic, statistical) are presented and the most famous of them are described. The historical perspective of the development of fractal theory is conducted. Different approaches to the application of fractal theory in information and cyber security have been reviewed. Among them are: the use of fractal analysis in encryption algorithms; development of a method of protecting documents with latent elements based on fractals; modeling the security system of each automated workplace network using a set of properties that can be represented as fractals. The considered approaches to the application of fractal analysis in information and cyber security can be used in the preparation of specialists in the process of research work or diploma work.
Vadym Abramov
Cybersecurity: Education, Science, Technique, Volume 1, pp 73-82; doi:10.28925/2663-4023.2019.5.7382

Abstract:The principles of construction and parameters of sensor network interfaces are characterized, which are characterized by a large number of sensors and a considerable distance of information transmission to the central point or server. The majority of sensors on the Internet of Things system have little performance. In this case, the sensor network requires protection against interference and interference. Only cable networks are eligible for this group of sensor networks. Sensor networks are most suitable for cable industrial networks. The analysis and comparison of industrial cable network interfaces shows that the most appropriate requirements are the RS-485 interface and its derivative interfaces. All industrial network cable interfaces are very good at satisfying one requirement and not meeting the other. Passive fiber optic network is the most satisfying. It is convenient to use passive fiber optic (PON) technologies to build such a network. There are currently quite a number of passive fiber splitter technologies that can be used to create a multipoint trunk or ring passive fiber optic network. Networks with fiber-optic encoders, which also have a large number for measuring different physical parameters, are very convenient and efficient. For the exchange of information in these networks, it is convenient to use the 1- wire interface protocol, which is supplemented by the use of frequency signals. Such networks will be lightweight and compact over time on moving objects and in hazardous conditions. The materials of the article are of interest for carrying out the educational process in universities, in particular at the Kyiv University named after B. Grinchenko.
Zoreslava Brzhevska, Nadiia Dovzhenko, Halyna Haidur, Andriy Anosov
Cybersecurity: Education, Science, Technique, Volume 1, pp 52-60; doi:10.28925/2663-4023.2019.5.5260

Abstract:This article is about criteria of reliability of information. The validity period of the information has been determined. It is established that an important stage of selection, development of methods and mechanisms for ensuring the reliability of information is the analysis of the processes of its processing. The definition of the information reliability assessment is given, and it is also established that the complexity of the information reliability assessment is information evaluation. To assess the accuracy of information, such features as the doubtfulness of the facts presented, the emotional coloring of the content, the tone of the content in relation to an object or event, the sensational content, the hidden content. These features will be based on monitoring the reliability of information in the information space, which aims to minimize the subjectivity of peer review of the content of authors from the point of view of their influential orientation towards individuals of the information space. In order to minimize this subjectivism, the basis of evaluations is the key criteria for the reliability of information, which, unlike estimates, are largely fully measured: the criterion of balance of information, the criterion for separating facts from opinions, the criterion for the accuracy and reliability of information, the criterion for completeness of information. Thus, there is a need to create an algorithm for assessing the reliability of information in the information space, which makes it possible to investigate information resources for the impact on them, identify problems of information security in a timely manner, recommend proven solutions for use at critical sites, organize and to carry out special trainings at the state level, etc.
Volodymyr Sokolov, Bohdan Vovkotrub, Yevhen Zotkin
Cybersecurity: Education, Science, Technique, Volume 1, pp 16-30; doi:10.28925/2663-4023.2019.5.1630

Abstract:The article presents the research and comparative analysis of the bandwidth of low-power wireless IoT devices as wireless switches. The following IoT devices were investigated: Raspberry Pi 3 Model B and Raspberry Pi Zero W. The DS18B20 and INA219 sensors investigated and analyzed the dependence of FTP multimedia data transmission speed on wireless Wi-Fi network on the temperature of the switch processor, temperature. The environment and the current and voltage consumed by the switch. Advantages of sensors with GPIO interface over analog meters for this experiment are revealed. Much of the work is devoted to the development of automation of results from GPIO interfaces, which helped eliminate human error and get more accurate metrics. Measurement automation was developed using Python 3.7 programming language. Using the INA219 library we were able to obtain current and voltage indicators from the ina219 board. To get temperature indicators sufficiently built into Python libraries to read temperature files in Raspbian. The article focuses on the synchronicity of measurement results records for more accurate analysis. Therefore, an FTP client was developed that measures the download speed of the file from the FTP server and records the results simultaneously with temperature, current and voltage measurements. To this end, attention is drawn to the multithreading in Python programming language and the transmission of commands using TCP sockets in that language. As a result, the dependence of the measured factors was calculated using the Pearson correlation formula. These measurement factors affect the autonomy and energy consumption, which is very important for IoT devices, and therefore, among the devices tested, recommendations were made regarding their choice when used depending on the conditions.
Yanina Roy, Nataliia Mazur, Olena Riabchun
Cybersecurity: Education, Science, Technique, Volume 3, pp 97-103; doi:10.28925/2663-4023.2019.3.97103

Abstract:In this article, a mathematical apparatus for comparative analysis of the set of threats of state information resources (DIR) is proposed for consideration, which combines methods and approaches to assess their qualitative and quantitative indicators. The main feature of the study is that the proposed approach to solving the problem of choice does not require a complete restoration of the principle of optimality, but allows to limit only information that will be sufficient to select the "reference sample". The essence of the ranking procedure lies in the fact that the expert poses the threat of an IP in the order that, in his opinion, is the most rational. For each of them the expert assigns specific numbers from a natural series - ranks. In this case, the highest rank receives the threat that has the highest priority. The order scale to be obtained as a result of ranking should satisfy the condition of equality of the number of ranks of the number of ranked threats. In this case, the less complex value of the numerical value will correspond to the least dangerous threat. The essence of the method lies in the fact that the expert must put each threat considered in a certain place in accordance with the degree of availability of one or another property, or in accordance with the proposed by the same expert, the coefficient of significance. In this case, the larger value of a complex assessment corresponds to the least dangerous threat. The basic mathematical method for assessing the threat of threats from the "general population" of the IB classes of threats is the method of formation and research of generalized indicators (criteria), the results of complex combination of which determine the trends of qualitative growth of their significance. Methods of expert assessments are used to increase the reliability of the results of assessing the levels of potential hazards of each threat from the "general population" of IB threat classes. The application of the proposed method will reduce the time to assess the state of the security of information resources and will allow, firstly, to identify the most significant threats that could inflict the greatest damage to information security and, secondly, to direct them the necessary means and safeguards.
Serhii Smirnov, Liudmyla Polishchuk, Tetiana Smirnova, Oksana Konoplitska-Slobodeniuk, Oleksii Smirnov, Central Ukrainian National Technical University
Cybersecurity: Education, Science, Technique, Volume 3, pp 63-87; doi:10.28925/2663-4023.2019.3.6387

Volodymyr Pikh, Mykhaylo Bestylnyy, Vasyl Sheketa, Ivano-Frankivsk National Technical University of Oil and Gas
Cybersecurity: Education, Science, Technique, Volume 3, pp 122-133; doi:10.28925/2663-4023.2019.3.122133