Фильтр публикаций с 2013 года:

Фильтр по типу:

О некоторых предварительных преобразованиях открытого текста типа «all-or-nothing» для усиления стойкости шифра к методу полного опробования

Scopus
Варфоломеев А.А.
2016 International Siberian Conference on Control and Communications (SIBCON). — 2016

Аннотация

В работе содержатся некоторые рекомендации по повышению стойкости симметричного шифра к методу полного опробования ключей, при условии, что размер ключа не превышает 56 бит. Это условие соответствует требованию регулятора для безлицензионного использования средств криптографической защиты информации. Рекомендации, предлагаемые в работе, учитывают различные определения понятия «ключ», в том числе из известного российского словаря криптографических терминов. Данные рекомендации существенно повышают сложность восстановления злоумышленником открытого текста указанным методом.

Ключевые слова: криптография, регулирование, AON преобразование, асимметрия, стандарты, ГОСТ 28147-89, ГОСТ Р 34.13 -2015.

Unified Information Security Maintenance Concept and IS Experts’ Knowledge Autoformalization

Scopus
A. Malyuk, N. Miloslavskaya
Proceedings of the 3rd International Conference on Digital Information Processing,vData Mining and Wireless Communications (DIPDMWC 2016). – 2016.

To implement the proposed Information Security Maintenance Concept, the IS experts’ knowledge autoformalization algorithm was created as the problems of IS assessment and protection level prediction are based mainly on the experts’ informal professional knowledge.

Towards Approximation of Human’s Perceptive Space on Photos, Videos and 3D Scenes

Scopus
A. Epishkina, S. Zapechnikov
Proceedings of Biologically Inspired Cognitive Architectures (BICA’2016). – 2016.

We initiate the study of processing photo pictures and video frames as well as synthetic scenes in three-dimensional (3D) space, which would allow to get images more similar to what human’s vision sees, compared to images created by existing technologies. It is known that human’s vision is nonlinear and creates sensually perceived image of 3D space not equal to well-known linear perspective. Because of that we offer inspired by the biology of human’s vision, a three-stage scheme for processing images and video.

Three-photon spontaneous downconversion in highly nonlinear germania-silica optical fiber waveguides

Scopus
S.V. Tsvetkov, K.G. Katamadze, N.A. Borshchevskaia, A.A. Sysolyatin, M.V. Fedorov, S.P. Kulik, M.Yu. Salganskii, A.S. Belanov
Proccedings of The 2016 International Conference on Laser Optics.

Three-photon spontaneous parametric downconversion (TPSPDC) is a challenging problem in nonlinear quantum optics. A highly doped germania-silica optical fiber is a good candidate for the appropriate nonlinear medium, because of the big interaction length and tight field confinement. A principal condition for TPSPDC is the exact phase-matching between the pump and signal fiber modes.

Three-photon generation by means of third-order spontaneous parametric down-conversion in bulk crystals

ScopusWoS
N.A. Borshchevskaya, K.G. Katamadze, S.P. Kulik, M.V. Fedorov
Laser Physics Letters. — Vol. 12, No. 11. — 2015.

We investigate the third order spontaneous parametric down-conversion process in a nonlinear media with inversion centers. Specifically, we analyze in details the three-photon differential count rate in unit frequency and angular regions, total count rate and measurement time for rutile and calcite crystals which have comparatively large cubic susceptibilities. Special attention is given to consideration of limited frequency and angular detection ranges in order to calculate experimentally available detection rate values.

The Design of Integrity Monitoring and Reliability Verification System for Critical Information, Transmitted in Automatic Train Signaling System, Based on DMR-RUS Radio Channel

Scopus
A. Epishkina, A. Korotin, V. Konyavskiy
Proceedings of the 3rd International Conference on Digital Information Processing,vData Mining and Wireless Communications (DIPDMWC 2016). – 2016.

This article gives us results of the work on ensuring protection of critical information, transmitted in automatic train signaling system (ALS), based on DMR-RUS radio channel, against computer attacks, targeted to modification and substitution of data. The purpose of this work is development of integrity monitoring and reliability verification system (IMRVS) for information, transmitted in ALS. There are different ways of building IMRVS. This article shows one of these methods, which, in authors’ opinion, is optimal for using in ALS.

The Capacity of Undetectable On/Off Covert Channel

Scopus
A. Epishkina , M. Finoshin, K. Kogos
Information Science and Applications (ICISA). — 2016. — Volume 376. — C. 641-650

Abstract

Almost all modern computer networks are based on TCP/IP protocol suite. However, structure features of IP allow constructing covert channels with high capacity using modification of inter-packets delays, packets’ header fields and packets lengths. A technique to eliminate such channels is traffic normalization which means sending packets with equal lengths and fixed header fields with equal inter-packets delays that leads to significant decreasing of efficient communication channels capacity and missing of functional capabilities of network protocols. Another way to counteract covert channel is to detect an active channel. Nevertheless, an attacker can reduce the covert channel capacity purposely to make it undetectable. We investigate on/off covert channel and give recommendations to choose the parameters of ε-similarity detection method with specified threshold values of covert channels capacity.

Keywords: network covert channels, ε-similarity, packet length, transfer rate, dummy packet, capacity

Taxonomy for Unsecure Digital Information Processing

Scopus
S. Zapechnikov, N. Miloslavskaya, A. Tolstoy
Proceedings of the 3rd International Conference on Digital Information Processing,vData Mining and Wireless Communications (DIPDMWC 2016). – C. 81-86. – 2016.

At a time when the media constantly reports about new sophisticated attacks, organizations of any business and size need to be prepared for such attacks against their IT infrastructures. To reflect the attacks organizations should have a properly designed information security (IS) management system with adequate documentation support. Among the most important documents, there are IS policies for different application areas, including an IS incident management policy. In order to create a truly effective IS policy it is necessary to adequately describe the organization’s business environment from the IS viewpoint. The paper presents four most demand for these purposes classifications (taxonomy) of IS threats, vulnerabilities, attacks and IS incidents as the negative elements that should be avoided.

Taxonomy for Unsecure Big Data Processing in Security Operations Centers

Scopus
S. Zapechnikov, N. Miloslavskaya, A. Tolstoy
Proceedings of The IEEE 4th International Conference on Future Internet of Things and Cloud (FiCloud’2016). – 2016.

While the media constantly describes new attacks, the organizations seriously concerned about their business protection need to be prepared for such sophisticated attacks against their IT infrastructures. Hence a properly designed and formalized information security (IS) management system with Security Operations Center (SOC) as its centric part is required as never before. Among the most important documents for SOC there are two policies: IS policy and IS incident management policy. In order to create a truly effective policy it is vital to adequately describe SOC’s operational environment from the IS viewpoint. The paper presents the most demand for these purposes classifications (taxonomy) of IS threats, vulnerabilities, attacks and IS incidents as the negative elements that should be avoided.

Statistical reconstruction of optical quantum states based on mutually complementary quadrature quantum measurements

Scopus
Yu. I. Bogdanov, G. V. Avosopyants, L. V. Belinskii, K. G. Katamadze, S. P. Kulik, V. F. Lukichev
Journal of Experimental and Theoretical Physics. — Vol. 123, Iss. 2. — C. 212–218. — 2016.

We describe a new method for reconstructing the quantum state of the electromagnetic field from the results of mutually complementary optical quadrature measurements. This method is based on the root approach and displaces squeezed Fock states are used as the basis. Theoretical analysis and numerical experiments demonstrate the considerable advantage of the developed tools over those described in the literature.

Special digital signature schemes based on GOST R 34.10-2012

Scopus
A. Beresneva, A. Epishkina, O. Isupova, K. Kogos, M. Shimkiv
Proceedings of the 2016 IEEE North West Russia Section Young Researchers in Electrical and Electronic Engineering Conference (2016 ElConRusNW). — 2016. — С. 131-136

Abstract

In state of the art information systems some special digital signature schemes are utilized since traditional cryptographic primitives do not allow to solve a number of topical security tasks. The following signature schemes are widespread nowadays: threshold signatures, blind signatures, group signatures, ring signatures, etc. Fail-stop signature schemes are also quite investigated but are not used in practice yet. Special digital signature schemes are mostly based on well-known cryptographic algorithms, e.g. RSA, DSA, ElGamal. However, there are no similar modifications of Russian Digital Signature Standard GOST R 34.10-2012 used in many commercial applications. In order to fill a gap we propose and validate secure threshold, blind and fail-stop signature schemes based on GOST R 34.10-2012 algorithm. The obtained cryptographic primitives can be used in e-commerce to improve the security of information systems by using strong basic algorithm.

Secure one-way data transfer

Scopus
V. Arkhangelskii, A. Epishkina, V. Kalmykov, K. Kogos
Proceedings of the 2016 IEEE North West Russia Section Young Researchers in Electrical and Electronic Engineering Conference (2016 ElConRusNW). — 2016. — С. 428–431

Abstract

Devices to provide one-way data transfer are known as one-way gateways and used in various security applications. The main problem to be solved by one-way gateways is to make secure communication between network segments with different security levels to maintain multilevel security policy. Although one-way gateways are utilized in lot of information systems, there is no solution, including “air gap”, to assure one-way transfer in fact and they are not resistant against data leakage via covert channels. We analyzed state of the art technologies and products supporting one-way data transfer, worked out the requirements for one-way gateway with assured data transmitting. We designed the algorithm and protocol of assured data transfer and proposed the detailed device scheme. Then we build the program modelling the interaction between communication parties and the one-way gateway. This program was tested and some recommendations of its implementation were given.

Random Delays to Limit Timing Covert Channel

Scopus
A. Belozubova, A. Epishkina, K. Kogos
Proceedings of the 2016 European Intelligence and Security Informatics Conference. — 2016.

Random delays to Limit On/Off covert channel

Scopus
A. Belozubova, A. Epishkina, K. Kogos
Proceedings of the 18-th Mediterranean Electrotechnical Conference MELECON. — 2016.

Quantum Random Number Generator for Secure Communications

Scopus
A. Epishkina, K. Kogos
2016 International Siberian Conference on Control and Communications (SIBCON). — 2016

Abstract

Nowadays information technologies are widespread and used in every computer-based system, hence information security tasks are quite important and their successful solution is required in business process. Cryptographic means are used in different applications, especially in cases when data confidentiality should be provided; although they can be utilized to maintain data availability and integrity, user’s anonymity, author’s non-repudiation and so on. Many information security tools use random numbers, but unfortunately, quality of output random numbers and speed of their generation do not satisfy modern requirements. The rate of production-run random number generators is limited by the physical processes used. One of the reasons of low random numbers generating rate is application of binary events. Many generators use analog events, e.g. noise in electronic devices, converted to binary numbers utilizing the threshold value or quantum discrete events, e.g. photon passing through the polarizer. The main idea of this work is that one can increase random number generator’s rate using the non-binary sequences, e.g. non-binary quantum processes.

Keywords: random numbers, high-rate, non-binary process, photon, information security.

Phase-matching of the HE11 and HE13 modes of highly doped GeO2–SiO2 fiber waveguides at 1596 nm and 532 nm, respectively, for triple-photon generation

ScopusWoS
S. Tsvetkov, K. Katamadze, N. Borshchevskaia, A. Sysolyatin, M. Fedorov, S. Kulik, M. Salganskii, A. Belanov
Laser Physics Letters. — 2016.

We theoretically investigate a phase-matching (PM) between the HE11 and HE13 modes at wavelengths 1596 and 532 nm, respectively, of a real germania-silica fiber waveguide, whose preform was made by MCVD technology. For several measured refractive index profiles of the fiber preform, the corresponding waveguide diameters, providing homogeneous PM, both with modal dispersion and power characteristics, are calculated. The PM parameters obtained for the real fiber are compared to that calculated for a standard step-index fiber model.

Packet Length Covert Channel Capacity Estimation

ScopusWoS
A. Epishkina, K. Kogos
Proceedings of the 6th International Conference on IT Convergence and Security. — 2016.

Overgroups of order 2n additive regular groups of a residue ring and of a vector space

Scopus
M. Pudovkina, B. Pogorelov
Discrete Mathematics and Applications. — Vol. 26, Iss. 4. — 2016.

On the distance from permutations to imprimitive groups for a fixed system of imprimitivity

Scopus
M. Pudovkina, B. Pogorelov
Discrete Mathematics and Applications. — Vol. 24, Iss. 2. — 2014.

On Experience of Using Distance Learning Technologies for Teaching Cryptology

ScopusWoS
S. Zapechnikov, N. Miloslavskaya, A. Tolstoy
IFIP Advances in Information and Communication Technology. — 2015. — Vol. 453. — C. 111-121.

The necessity of using Distance Learning (DL) for teaching cryptology is analyzed. The modern features of applying different DL approaches to solve this task are extracted. The NRNU MEPhI’s experience in creating mass-oriented DL project called Cryptowiki.net is described; its structure and assignments implemented by the students of cryptologic courses are shown. The related works are presented. Cryptowiki.net’s difference from the analogs is stressed out. The main findings of the research are formulated in conclusion.

Numerical Semigroups and Bounds on Impossible Differential Attacks on Generalized Feistel Schemes

Scopus
M. Pudovkina, A. Toktarev
Communications in Computer and Information Science. — Vol. 448. — 2014. — C. 1-11.

In this paper, we investigate a class of ciphers which can be described as a generalized Feistel scheme. Using the graph theory and the number theory, we provide upper and lower bounds for the maximum number of rounds when impossible differential technique is applicable for any cipher from the family. These estimations do not depend on the type of Feistel scheme and the number of non-linear functions.

Nonlinear effects in scintillation detectors

ScopusWoS
D.V. Efanov, G.K. Salakhutdinov
Instruments and Experimental Techniques. – Vol. 58, Iss. 3. –2015. – C. 345-349.

Investigation results of the dependence of the specific light yield on the energy of X-rays and γ-quanta in a range of 1.5–662 keV for NaI(Tl), CsI(Na), CsI(Tl), Bi4Ge3O12, CdWO4, ZnWO4, Y3Al5O12: Ce, CdI2, CaF2(Eu), LSO, YAlO3: Ce, and PS-111 scintillation crystals are presented. The obtained dependences are nonlinear with pronounced minima in a range of K- and L-absorption edges of scintillator-forming elements.

Modeling of next-generation firewalls as queueing services

Scopus
S. Zapechnikov, N. Miloslavskaya, V. Budzko
Proceedings of the 8th International Conference on Security of Information and Networks. — 2015. — C. 250-257.

The paper presents an analytical model to study the performance and availability of queueing systems with finite queue and a lot of service phases. The first phase has the exponential distribution of service time, while the second one has the hyper-Erlangian distribution. The analytical results obtained are verified using discrete-event simulation. A few numerical examples for varying the service rates and arrival rates are given. The results presented in the paper can be used for analysis of the Next Generation Firewalls (NGFWs).

Intracavity generation of broadband biphotons in a thin crystal

ScopusWoS
K.G. Katamadze, N.A. Borshchevskaya, I.V. Dyakonov, A.V. Paterova, S.P. Kulik
Laser Physics Letters. — Vol. 10, No. 4. — 2013.

We propose and realize a method of high intensity generation of broadband biphotons and achieve its value up to 150 THz. The source is based on a thin BBO crystal with a thickness of 100 microns, in which spontaneous parametric down-conversion takes place. To compensate for the intensity decrease of the down-conversion caused by the small thickness of the crystal, it is placed inside the cavity of an Ar+ laser. In general, this experiment relates to the widely discussed problem of two-photon shaping in the frequency and/or angular domain.

Information security maintenance issues for big security-related data

ScopusWoS
S. Zapechnikov, N. Miloslavskaya, A. Tolstoy, M. Senatorov
Proceedings of 2014 International Conference on Future Internet of Things and Cloud (FiCloud).

The need to protect big data, particularly those relating to information security (IS) maintenance (ISM) of an enterprise’s IT infrastructure, is shown. A worldwide experience of addressing big data ISM issues is briefly summarized and a big data protection problem statement is formulated. An infrastructure for big data ISM is proposed. New applications areas for big data IT after addressing ISM issues are listed in conclusion.

History of cryptography in syllabus on information security training

ScopusWoS
S. Zapechnikov, N. Miloslavskaya, S. Nagibin
IFIP Advances in Information and Communication Technology. — 2015. — Vol. 453. — C. 146-157.

This paper discusses the peculiarities and problems of teaching the historical aspects of Information Security Science (ISS) to the students of the “Information Security” specialization. Preferential attention is given to the ISS area with the longest history, namely cryptography. We trace exactly what ideas of fundamental importance for modern cryptography were formed in each of the historical periods, how these ideas can help students in mastering the training courses’ material, and how to communicate these ideas to students in the best way. The conclusions are based on the results of studies conducted over a few years at the “Cybernetics and Information Security” Faculty of the NRNU MEPhI, where our ideas are implemented in the educational process. We teach the history of cryptography in a few educational courses for Specialists in IS and Masters in Business Continuity and IS Maintenance in the form of introductory and individual lectures and seminars. Specific recommendations on the use of the historical facts considered during the classes are given.

FPGA-based soft processors as a prospective platform of the future

Scopus
D. Efanov, K. Grigoryev, P. Roschin, V. Leonov
Proceedings of the 3rd International Conference on Digital Information Processing, Data Mining and Wireless Communications (DIPDMWC 2016). – 2016.

Modern FPGAs play a very important role in designing of new soft CPUs and integrated systems-on-chips. Compared to an ASIC, FPGAs provide the highest degree of flexibility being almost fully application neutral. The price of such flexibility is higher usage of basic logic gates and decrease in circuit operating frequency caused by the use of switched interconnect fabric as opposed to fixed metal interconnect defined by masks at manufacturing for ASIC. However due to more regular and less complex FPGA structure they lead in terms of new IC manufacturing technologies adoption.

Cybertrust in e-learning environment based on network time synchronization

Scopus
D. Melnikov, V. Petrov, N. Miloslavskaya, A. Durakovskiy, T. Kondratyeva
Proceedings of the 8th International Conference on Computer Supported Education. — 2016. — C. 402-407.

The concept of cybertrust as a crucial aspect of cyber security for public electronic interactions and, in particular, distance learning systems (DLSs), is introduced. This concept is the opposite of such well-known terms as cyberattacks and/or cyberespionage and it supports cyber security issues by providing legal significance of a public electronic document interchange. The possibility of cybertrust assurance in an e-Learning environment (ELE) is shown using two proposed methods of network time synchronization.

Constructing two-state "on-ramp" traffic flow mathematical model

Scopus
V.A. Danilkin, I.U. Zhukov, A.A. Trukhachev
Life Science Journal. – Vol. 11, Iss. 10. – 2014. – C. 569-573.

The purpose of this research is to find analytical functions for obtaining useful information of traffic flows properties such as capacity, average speed, queue and state (free or congested) for inhomogeneity «off-ramp» in the context of discrete dynamics. This work based on real empirical data collected by traffic detectors for long study period.

Computational Load Balancing Algorithm for Parallel Knapsack Packing Tree Traversal

Scopus
M. Kupriyashin, G. Borzunov
Proceedings of the 3rd International Conference on Digital Information Processing,vData Mining and Wireless Communications (DIPDMWC 2016). – 2016.

The paper considers efficient computational load distribution for the exact parallel algorithm for the knapsack problem based on packing tree search. We propose an algorithm that provides for static and dynamic computational load balancing for the problem in question.

Business continuity and information security maintenance masters' training program

ScopusРИНЦ
S. Zapechnikov, N. Miloslavskaya, A. Tolstoy, M. Senatorov
IFIP Advances in Information and Communication Technology. — 2014. — Vol. 406. — C. 95-102.

The experience of preparing for the «Business Continuity and Information Security Maintenance» (BC&ISM) Masters’ program implementation and realization at the «Information Security of Banking Systems» Department of the National Research Nuclear University MEPhI (NRNU MEPhI, Moscow, Russia) is presented. Justification of the educational direction choice for BC&ISM professionals is given. The model of IS Master being trained on this program is described. The curriculum is presented.

Broadband biphotons in a single spatial mode

ScopusWoS
K.G. Katamadze, N.A. Borshchevskaya, I.V. Dyakonov, A.V. Paterova, S.P. Kulik
Physical Review A - Atomic, Molecular, and Optical Physics. — 2015.

We demonastrate experimental technique for generating spatially single-mode broadband biphoton field. The method is based on dispersive optical element which precisely tailors the structure of type-I SPDC frequency angular spectrum in order to shift different spectral components to a single angular mode. Spatial mode filtering is realized by coupling biphotons into a single-mode optical fiber.

Big data information security maintenance

Scopus
S. Zapechnikov, N. Miloslavskaya, A. Tolstoy, M. Senatorov
Proceedings of the 7th International Conference on Security of Information and Networks. — 2014. — C. 89-94.

The need to protect big data, particularly those relating to information security maintenance (ISM) of an enterprise’s IT infrastructure (ITI), and their processing is shown. Related worldwide experience of addressing big data ISM issues is summarized. An attempt to formulate a big data ISM problem statement is undertaken. An infrastructure for big data ISM is proposed. The importance of big data visualization is discussed.

Beating the abbe diffraction limit in confocal microscopy via nonclassical photon statistics

ScopusWoS
D. Gatto Monticone, K. Katamadze, P. Traina, E. Moreva, J. Forneris, I. Ruo-Berchera, P. Olivero, I.P. Degiovanni, G. Brida, M. Genovese
Physics Review Letters. — Vol. 113. — 2014.

We experimentally demonstrate quantum enhanced resolution in confocal fluorescence microscopy exploiting the nonclassical photon statistics of single nitrogen-vacancy color centers in diamond. By developing a general model of superresolution based on the direct sampling of the kth-order autocorrelation function of the photoluminescence signal, we show the possibility to resolve, in principle, arbitrarily close emitting centers.

Analysis of intrusion detection and prevention systems as queueing services

Scopus
S. Zapechnikov, N. Miloslavskaya, A. Tolstoy
Proceedings of The 2016 30th International Conference on Advanced Information Networking and Applications Workshops (WAINA). — C. 855-860.

The paper presents an analytical model to study the performance and availability of queueing systems with finite queue and two service phases. The first phase has the exponential distribution of service time, while the second one has the hyperexponential distribution. The analytical results obtained are verified using discrete-event simulation. A few numerical examples for varying the service rates and arrival rates are given. The results presented in the paper can be used for analysis of the intrusion detection and prevention systems (IDPS).

Analysis of Hypoexponential Computing Services for Big Data Processing

ScopusWoS
S. Zapechnikov, N. Miloslavskaya, A. Tolstoy
Proceedings of the 2015 3rd International Conference on Future Internet of Things and Cloud. — С. 579-584.

The paper presents two analytical models to study the performance and availability of queueing systems with the hypo exponential service time and finite queue. The analytical results obtained are verified using discrete-event simulation. A few numerical examples for varying number of service stages, service rates and arrival rates are given. The results presented in the paper can be used for analysis of MapReduce and multi-stage Big Data processing.

A Syllabus on Data Mining and Machine Learning with Applications in Cybersecurity

Scopus
A. Epishkina, S. Zapechnikov
Proceedings of International Workshop on Education for Secure Digital Information Processing, Data Mining and Wireless Communications (ESDIPDMWC 2016). – 2016.

Big data analytics are very fruitful for solving problems in cybersecurity. We have analyzed modern trends in intelligent security systems research and practice and worked out a syllabus for a new university course in the area of data mining and machine learning with applications to cybersecurity. The course is for undergraduate and graduate students studying the cybersecurity. The main objective of the course is to provide students with fundamental concepts in data mining (in particular, mining frequent patterns, associations and correlations, classification, cluster analysis, outlier detection), machine learning (including neural networks, support vector machines etc.) and related issues, e.g. the basics of multidimensional statistics. Contrary to the traditional data mining and machine learning courses we illustrate course topics by cases from the area of cybersecurity including botnet detection, intrusion detection, deep packet inspection, fraud monitoring, malware detection, phishing detection, active authentication. We note that our course has great potential for development.

A Course of Mathematical Logic and Theory of Algorithms as a Mathematical Background of Modern Cryptology

Scopus
A. Epishkina, K. Kogos, N. Nikiforova
Proceedings of the 3rd International Conference on Digital Information Processing, Data Mining, and Wireless Communications. — 2016.

The purpose of this work is to show that the course, Mathematical Logic and Theory of Algorithms, lectured by the authors in National Research Nuclear University MEPhI (Moscow Engineering Physics Institute) is the mathematical background of the cryptology study. Bachelors and specialists information security teaching has to focus attention on the mathematical training, therefore a set of mathematical disciplines should stand before applied cryptography in the curriculum. Due to the rapid development of computer power and information communication, cryptographic techniques have change. Hence, the course of Mathematical Logic and Theory of Algorithms is not fixed and vice versa it is dynamically updated, since changes in cryptographic methods bring out a revision of the mathematical background.

Visualization and analysis of the exact algorithm for knapsack problem based on exhaustive search

Scopus
M.A. Kupriyashin, G.I. Borzunov
Scientific Visualization. — 2015. — 4. — C. 87-100

Abstract

Knapsack packing vector testing procedures for the parallel exhaustive search algorithm have been analyzed. Graphs of computational complexity to test a single knapsack vector have been obtained via experiment for different values of knapsack element sizes. Diagrams of load balancing have been obtained and analyzed for the case when lexicographic sequence is split into equal-length segments.

Keywords: knapsack problem, exhaustive search, parallel computing

Visual representation of the model of security threats for cloud-based information system

Scopus
D.S. Simonenkova, A.N. Veligura
Scientific Visualization. — 2015. — 7. — C. 80-95

Abstract

One of the key steps at the decision of scientific problems in the field of information security is to create actual model of security threats and model of intruders. This paper describes a new method for the visual representation of the model of security threats and model of intruders, which simplifies the work of researchers at this stage, without reducing the quality of the results.

The main advantages of the proposed method are described. The scheme of software system that allows to implement the developed technique for constructing and displaying the threat model in information security in cloud-based information system is described too.

Keywords: Visual representation, Petri net, information system, cloud computing technology, threat model.

Visual representation of file content during forensic analysis to detect files with pseudorandom data

Scopus
V.S. Matveeva, A.V. Epishkina
Scientific Visualization. — 2015. —4. — C. 109-120

Abstract

Searching for pseudorandom data is an important stage during forensic analysis. Existing approaches are based on verifying statistical properties of file contents by means of test suites for estimation of pseudorandom sequences. Some approaches are not adapted for work with file system and are time/resource consuming. The others have significant type I or II errors. That is why authors have conducted a research in this field and suggest an approach to estimate statistical properties of file contents by means of their visual representation. The approach was used for development of program for searching pseudorandom data. Its testing shows that type I error is reduced to zero and type II error for popular file formats is less than 1%.

Keywords: Pseudorandom data, encrypted data, density of distribution, compressed file formats, wavelet analysis.

Study of countermeasures against covert channels in IP networks

ScopusWoS
A.V. Epishkina, K.G. Kogos
Automatic Control and Computer Sciences. — 2015. — Volume 49. — Issue 8. — C. 785-789

Abstract

The existing methods of data transmission via covert channels in IP networks and methods to counter them are analyzed and systematized. The focus is placed on direct and indirect covert channels resistant to many methods of detection and elimination. It has been concluded that the studies aimed at limiting the covert channel capacity without a significant reduction of the communication channel capacity are promising.

Keywords: Covert channels, storage channels, timing channels, packet data networks, capac.

Searching for random data in file system during forensic expertise

Scopus
V. Matveeva, A. Epishkina
Biosciences Biotechnology Research Asia. — 2015. —12. — C. 745-752

Absract

During forensic expertise the searching for random data is an important step. Existing approaches are based on verification of statistical properties of file data by means of test suites that estimate properties of random sequences. Some tests are not adapted to file system and are resource and time consuming, others have significant type I and II error. That is why authors have conducted a research in this field and suggest a new approach to assess statistical properties of data contents by visualisation of it. This approach was used to develop a program which testing shows that type I error in searching for random data is reduced to zero and type II errors for widely spread file formats is less than 1%.

Keywords: Digital forensics; Conceal data; Random data; Statistical tests; Encrypted data; Assessment of uniformity; Localization of heterogeneity; Wavelet transform; Compressed file formats.

Protection from Binary and Multi-Symbol Packet Length Covert Channels

Scopus
A. Epishkina, K. Kogos
Proceedings of the 8th International Conference on security of information and networks. — 2015. — С. 196–202

Abstract

In this paper, we describe binary and multi-symbol packet length covert channels. Then we design a technique to estimate and limit their capacity. The method to choose parameters of counteraction tools is given, it takes into account an allowable value of covert channel capacity and error level. The novelty of the investigation undertaken is that the covert channel capacity is limited preliminary, whereas state of the art methods focus on detecting active IP covert channels.

Memory access time as entropy source for RNG

Scopus
S. Agafin, A. Krasnopevtsev
ACM International Conference Proceeding Series. — 2014. — C. 176-179

Information Security Theory for the Future Internet. Proceedings of the 3rd international conference «Future Internet of Things and Cloud» (FiCloud 2015)

Scopus
A. Malyuk, N. Miloslavskaya
Proceedings of the 3rd International Conference on Future Internet of Things and Cloud (FiCloud)

Abstract

The Future Internet and the Internet of Things (IoT) and clouds as its integral parts need a specialized theory for their information protection from different threats and intruders. The history and main results of research aimed at creating a scientific and methodological foundation of the Information Security Theory in Russia are examined. The discussion considers the formulation of the informal systems theory and approaches for creating the simulation models of information security (IS) maintenance (ISM) processes in conditions of incomplete and insufficiently reliable input data. The structure of a unified IS concept is proposed. Theoretical problems of designing an integrated information protection system’s functioning, including IS assessment methodology, methodology of defining requirements to ISM and methodology of creating information protection systems (IPSs) are described. Finally, the results of the IS theory development are summarized and areas of further research are outlined.

Information security insider threat visualization: theft of intellectual property

Scopus
A. Zaytsev, A. Malyuk
Scientific Visualization. — 2015. — 3. — C. 53-58

Abstract

Paper deals with the problem of insider threat visualization. An insider threat classification is adduced, method of visualization of insider threats using system dynamics modeling is considered and forecasting behavioral models for threats of theft of intellectual property for business advantages alone and with accomplices are developed.

Key words: system dynamics, behavioral models, scientific visualization, imitation modeling, insider threat, intellectual property.

Covert channels parameters evaluation using the information theory statements

ScopusWoS
A. Epishkina, K. Kogos
Proceedings of the 5th International Conference on IT convergence and security. — 2015. — С. 395–399

Abstract

This paper describes a packet length network covert channel and violators possibilities to build such a channel. Then the technique to estimate and limit the capacity of such channel is presented. The calculation is based on the information theory statements and helps to diminish the negative effects of covert channels in information systems, e.g. data leakage.

Access Control Mechanism Based On Entity Authentication With IPv6 Header “Flow Label” Field

ScopusWoS
D. Melnikov, J. Lavrukhin, A. Durakovsky, V. Gorbatov, V. Petrov
Proceedings of the 3rd International Conference on Future Internet of Things and Cloud (FiCloud 2015). — 2015. — С. 158-164

A Traffic Padding to Limit Packet Size Covert Channels

Scopus
A. Epishkina, K. Kogos
Proceedings of the International Conference on open and big data. — 2015. — С. 519–525

Abstract

Nowadays applications for big data are widely spread since IP networks connect milliards of different devices. On the other hand, there are numerous accidents of information leakage using IP covert channels worldwide. Covert channels based on packet size modification are resistant to traffic encryption, but there are some data transfer schemes that are difficult to detect. Investigation of the technique to limit the capacity of covert channels becomes topical as covert channels construction can violate big data security. The purpose of this work is to examine the capacity of a binary packet size covert channel when a traffic padding is generated.

A Technique to Limit Packet Length Covert Channels

ScopusWoS
A. Epishkina, K. Kogos
Proceedings of the 7th International Joint Conference on Knowledge Discovery, Knowledge Engineering and Knowledge Management. — 2015. — Volume 3. — C. 144–151

A Random Traffic Padding to Limit Packet Size Covert Channels

ScopusWoS
A. Epishkina, K. Kogos
Proceedings of the 2015 Federated Conference on Computer Science and Information Systems. — 2015. — C. 1119–1123

Abstract

This paper observes different methods for network covert channels constructing and describes the scheme of the packet length covert channel. The countermeasure based on random traffic padding generating is proposed. The capacity of the investigated covert channel is estimated and the relation between parameter of covert channel and counteraction tool is examined. Practical recommendation for using the obtained results are given.

On the distance from permutations to the union of all imprimitive groups with identical parameters of imprimitivity systems

Scopus
M.A. Pudovkina
Discrete Mathematics and Applications. — 2014. — 24. — C. 163-173

Аннотация

В работе исследуются расстояния Хемминга от подстановок степени n = wr до объединения всех групп Sw ≀ Sr с фиксированными параметрами w, r и объединения всех таких групп с произвольными нетривиальными параметрами w, r. Приведены расстояния от известных s-боксов до некоторых сплетений групп.

Ключевые слова: система импримитивности, линейные структуры, метрические пространства, расстояния от подстановки до импримитивной группы, сплетение.

Information Security Theory Development

Scopus
A. Malyuk, N. Miloslavskaya
Proceedings of the 7th International Conference on Security of Information and Networks (SIN2014). — 2014. — C. 52-55