Ukrainian Information Security Research Journal

ANALYSIS OF THREATS TO GENERATORS OF PSEUDO-RANDOM NUMBERS AND PSEUDO-RANDOM SEQUENCES AND PROTECTION MEASURES

Mariia Khomik — 2023-12-24

In the modern digital world with diverse applications, including cryptography, cybersecurity, and data protection, the issue of building reliable and secure pseudorandom number and sequence generators has become particularly significant. These generators create numerical sequences that appear random but are, in fact, deterministic and possess a certain structure, making them valuable in various fields. They are used for generating secret keys, ensuring confidentiality, data integrity, and transaction security, so their security is critical for applications that employ such generators. However, as the popularity and scope of pseudorandom number generators and pseudorandom sequence generators grow, so does their vulnerability to different types of attacks. Attacks on these generators can lead to the exposure of secret parameters and the compromise of security systems. Malicious actors and hackers seek various vulnerabilities in the methods and algorithms used to construct such generators to partially or fully disclose their operational principles. In this work, based on a thorough analysis of scientific publications by experts involved in the development, research, evaluation of quality, and application of pseudorandom number and sequence generators, the main vulnerabilities of these generators have been identified and described. Different types of attacks have been classified and described, and their impact on these generators has been determined. Security recommendations have been provided, and standards and testing methods have been identified to enhance the reliability, protection, and mitigation of vulnerabilities of such generators.

SOFTWARE FOR CYBER PROTECTION OF THE STATE AGAINST CYBER ATTACKS

Nataliya Blavatska — 2023-12-24

The protection of the state's critical infrastructure objects from cyber-attacks, especially in the conditions of hostilities, requires state bodies to take effective cyber protection measures. The basis of such measures is the development of state targeted cyber protection programs. When forming requirements for modern cyber protection systems, a number of tasks must be solved, the main ones of which include determining the characteristics of the impact of cyber-attacks on cyber protection systems, quantitative indicators of the effectiveness of cyber threat protection systems, and the optimal allocation of limited resources for the implementation of effective cyber protection. Based on the modification of known methods of target assessment of alternatives, the work develops a method of supporting decision-making in the formation of complex target programs of cyber protection of critical infrastructure objects in the conditions of the enemy's implementation of cyber-attacks, various threats and risks. The main idea of the proposed approach to the analysis of the impact of cyber-attacks when implementing a cyber-defense program is that the events that contribute to cyber-attacks are considered as an integral part of the cyber-defense system, that is, as an influence of the external environment. Therefore, such models of cyberattacks are included in the hierarchy of goals of the cyber defense program, their connections with other systems and goals of state target programs are established. The effectiveness of such programs is evaluated in the presence of cyber-attacks, considering their probable characteristics. Proposed models of cyber-attacks and risks. A model of a cyberattack is a program project, which is included in the hierarchy of goals of a comprehensive program, which is described by the degree and probability of implementation. The risk model is built from two components: a risk factor, which is described by a random process, and some fictitious target – a risk indicator.

SOCIOCYBERPHYSICAL SYSTEMS’ SECURITY MODELS

Stanislav Milevsky — 2023-12-24

The object of the study is the process of building multi-contour systems for the protection infrastructure elements of socio-cyber-physical systems based on a modification of the Lotka-Volterra model. The article presents the formation of security models for socio-cyber-physical systems based on the Lotka-Volterra model, which allows determining preventive measures of the security system against targeted (mixed) attacks with integration with social engineering methods and the possibility of hybridity and synergism signs. This approach allows, based on the initial data on the socio-political (economic) component, to determine the possibility of influencing the general opinion of both a separate society and certain age groups. In addition, the identification of signs of hybridity and synergism of cyber threats in the main components of socio-cyber-physical systems: social networks, the cloud and the physical component allows to determine the basic principles of building multi-contour security systems, considering the external and internal security contour systems on each platform. For the formation of multi-contour information protection systems of socio-cyber-physical systems, possible scenarios of the implementation of targeted attacks and their directionality are considered. And also, the possibility of influencing the socio-psychological state through social networks of formal and informal "leaders" of society.

THE CHALLENGES AND STRATEGIES OF STORING LARGE VOLUMES OF DATA IN THE MODERN WORLD

Oleg Deineka — 2023-12-24

In the modern world, the storage of large volumes of data is becoming an extremely relevant issue. Consumers and organizations continually generate large amounts of information, and this trend is on the rise. To ensure efficient and secure storage of this data, it is important to consider the challenges and strategies used in this field. A global trend in data storage is the expansion of information access capabilities. Organizations actively implement various types of access, such as cloud solutions, virtualization, and distributed storage systems. This enables greater availability and speed of data retrieval, which is crucial in today's industrial environment. Organizations must adhere to existing security standards and regulations to ensure the confidentiality, integrity, and availability of information. This means that they need to establish proper procedures, controls, and monitoring to protect data from unauthorized access and other threats. The volumes of information will continue to grow, and along with that, the importance of ensuring the security and transparency of its storage will increase. Developing new strategies and technologies to achieve this will be a significant task for the data storage industry in the future.

METHODS OF OPTIMIZING THE DISTRIBUTION OF THE LOAD ON THE COMPUTING RESOURCE OF THE CLOUD SERVICE INFRASTRUCTURE

Olexander Chizhov — 2023-12-24

Methods and algorithms for optimizing the distribution of the load on the computing resource of the cloud service infrastructure are investigated in the paper. It is noted that load balancing is a major challenge among cloud networks. The main purpose of load balancing is to use resources efficiently and improve performance. Along with this, it removes nodes that contain heavy load as well as nodes that are not working properly or performing a small task. It is emphasized that the following can be identified as basic criteria related to increasing the efficiency of cloud load balancing in real time: minimization of resource movement costs and task execution costs, maximization of transfer speed and task execution. The quality (efficiency) of balancing in the work is understood as an integral criterion that includes the essential parameters of the system's operation. It is emphasized that the mathematical model of dynamic distribution of virtual resources to physical machines in cloud computing, which provides accounting of the previous state of the system load and the effect of the appearance of a new resource on the load balance in the system, and is distinguished by the use of a load adjustment factor to achieve balancing. It is noted that the genetic algorithm for the optimal distribution of new virtual resources is distinguished by the implementation of a tree-like structure of chromosomes with the preservation of highly loaded nodes, which ensures an increase in the quality of load balancing and a reduction in the dynamic movement of resources. It is emphasized that the multi-criteria optimization mathematical model of task scheduling in cloud computing ensures the minimization of task transfer time, execution time and execution costs, which differs by considering the parameters of the channel between the user and the data center.

SECURITY MANAGEMENT PLAN FOR INFORMATION ASSETS OF OBJECTS OF THE AVIATION TRANSPORT COMPLEX OF UKRAINE

Volodymyr Shulha — 2023-12-24

Governing documents International Civil Aviation Organization (ICAO) define a safety management system as an element of corporate governance responsibility that defines a company's safety policy and its intentions to manage safety as an integral part of its overall business. Thus, the security management system (Security Management System, SeMS) is a part of the overall information asset management system of the aviation enterprise, which is based on risk analysis and is intended for the design, implementation, control, monitoring and improvement of measures in the field of information security. This system consists of organizational structures, policies, planning actions, responsibilities and procedures, processes and resources, and much more. An analysis of modern management measures of the information security system of air transport facilities based on international standards of the ISO series was carried out. A scenario for the implementation of the plan for managing the security of information assets of the air transport complex is proposed, which is based on the best experience of foreign countries.

ANALYSIS OF THE CONCEPT OF CYBER RESILIENCE OF CRITICAL INFRASTRUCTURE

Yevgenia Ivanchenko — 2023-12-24

Due to the increase in the number of cyber-attacks and incidents on critical infrastructure facilities, specialists face the problem of improving the effectiveness of security measures that will be able to ensure reliable and uninterrupted operation of critical infrastructure facilities as a whole. Therefore, the concepts of cyber resilience, cyber resilience management, cyber resilience provision, and cyber resilience assessment are gaining further relevance. The concept of cyber resilience, in addition to security, includes a number of tasks and processes related to information technology (e.g., backup and recovery after failures) and brand protection. Moreover, the issue of stability and continuity of services in this concept refers both to the company itself and to external contractors who provide such services. The prerequisite for the emergence of cyber resilience as a direction of corporate cyber security was the acceptance by companies of the fact that a cyber-attack is inevitable. The concept of cyber resilience also includes the ability to prepare for an attack, ensure effective operations and countermeasures during an attack, and reduce the possible consequences of an attack on a company. It is important for enterprises to assess the cyber resilience of their critical infrastructures to plan investments that enable them to provide the required level of cyber resilience. However, in order to implement the evaluation process, it is necessary to clearly understand what is behind this concept. Therefore, the analysis of the concept of cyber resilience of critical infrastructure is an urgent task. The purpose of the article is to analyse the concept of cyber resilience for critical information infrastructures. To achieve this goal, it is necessary to define a set of criteria characterizing the concept of cyber resilience. This will make it possible to formulate definitions of "cyber resilience" for its further use in solving the tasks of cyber security and information protection. The article analyses the concept of cyber resilience, which is based on the formed set of criteria consisting of 31 components. This makes it possible to formulate definitions related to cyber resilience for its further use in solving cybersecurity and information protection problems. Based on the subsequent definition of the concept of cyber resilience, it is possible, for example, to develop methods and models for assessing its level.

PRESENTATION OF MULTIVARIATE PROBABILITY DISTRIBUTION BINARY SIGNS IN OBJECT RECOGNITION SYSTEMS

Nataliya Blavatska — 2023-12-24

The article considers the problem of object recognition by features in the process of deep learning and proposes a method of approximation of the multidimensional discrete probability distribution of features for efficient use of device memory. To achieve high recognition accuracy, a unified approach is used in the work, which provides an adequate balance with the accuracy of the results while reducing the amount of memory necessary for storing reference objects. The authors of the article consider the importance of considering the correlations between the features of objects, which contribute to increasing the efficiency of the recognition system. They show that computing probability distributions based on a limited number of parameters can significantly reduce the amount of training data needed to establish class standards for recognition. The results of the work emphasize that the complex approximation method can be successfully applied on various types of computers, including personal computers and specialized digital devices. The results of this study are important in the context of the development and optimization of such systems, as they are aimed at improving object recognition in deep learning systems under conditions of limited memory and data resources.

THE IMPACT OF THE INTERNET OF THINGS ON CONTEMPORARY SOCIETY AND CHALLENGES AND ISSUES IN ITS SECURITY

Oleh Harasymchuk — 2023-12-24

The work analyzes the importance and impact of the Internet of Things (IoT) on modern society, where the Internet serves as a platform for the exchange of services and goods among connected objects. IoT defines the networked interactivity of smart objects, expanding interaction capabilities and providing smarter services. It is noted that IoT is rapidly transforming our daily lives and fostering interaction with technology, the environment, and other people. Various forms of IoT implementation are highlighted, ranging from simple tags to intelligent medical devices, emphasizing potential benefits for individuals. The article examines the applications of IoT in various fields, including smart homes, scientific research, information security systems, medicine, industry, transportation, agriculture, ecology, and entertainment. It is emphasized that the implementation of IoT can significantly improve efficiency, safety, and resource conservation in various sectors, with a focus on sustainable development and ensuring user comfort. The text also analyzes the problems and challenges associated with the security of the Internet of Things. Despite the myriad opportunities brought by IoT, serious threats such as device vulnerabilities, inadequate data protection, and the potential for cyberattacks exist. Concrete solutions are proposed in the paper to overcome these challenges, such as the development of standards for authentication and authorization, the implementation of secure software, enhanced data encryption, and the management of the life cycle of IoT devices. This underscores the need for a comprehensive approach that combines technical innovations, the establishment of standards, and the improvement of users' cybersecurity literacy to ensure the security and sustainable development of the Internet of Things.

A MULTIPLE-THEORETICAL GDPR MODEL OF PARAMETERS FOR PERSONAL DATA

Volodymyr Shulha — 2023-12-24

Developing of an effective method for assessing the negative consequences of a personal data (PD) leakage helps companies manage risks more effectively and protect their financial and reputational stability. The GDPR provides for the possibility of imposing significant fines in case of violation of data protection rules. The method will allow businesses to assess the potential financial consequences of a data leakage and implement effective preventive measures to saving themselves from possible fines. This developed method will help organizations effectively implement the GDPR requirements, ensuring a high level of data protection and appropriate risk management. The purpose of this paper is to develop a method for assessing the negative consequences of a PD confidentiality leakage in case of violation of the requirements established by the GDPR. The method of assessment in accordance with the provisions of the GDPR Regulation, which, through the stages of identifying the object of assessment (providing information about the enterprise), determining the level of violation, forming primary expert information and finalizing the procedure for processing expert data, analytically transforms the sets of input data of the developed tuple model of the integrated representation of parameters, values of values reflecting the judgment of experts, developed new assessment rules, scattering of points and a certain set of recommendations.

DEFINING THE SEQUENCE OF INTEGRATING TRUSTWORTHINESS COMPONENTS INTO INFORMATION SECURITY SYSTEMS

Oleksandr Bakalynskyi — 2023-12-24

The article explores the concept of trustworthiness as an approach to building information security systems, which helps to maintain trust in the information systems they protect. Key components of trustworthiness are identified and ranked: resilience, security, safety, privacy, and compliance. Attention is focused on the significance of the emergent interaction of these components, providing a justified percentage weight for each of them. Two approaches to creating trustworthy systems are considered: the integration of trustworthiness components into the system architecture at the design stage, and the adaptation of existing systems. The advantages and disadvantages of each approach are discussed in the context of implementation speed, cost-effectiveness, and alignment with the philosophy of trustworthiness.