Book Open Access

SYNERGY OF BUILDING CYBERSECURITY SYSTEMS

Serhii Yevseiev; Volodymir Ponomarenko; Oleksandr Laptiev; Oleksandr Milov; Olha Korol; Stanislav Milevskyi; Serhii Pohasii; Andrii Tkachov; Olexander Shmatko; Yevgen Melenti; Оleksandr Sievierinov; Sergey Ostapov; Alla Gavrilova; Oleksii Tsyhanenko; Sergey Herasimov; Elena Nyemkova; Bogdan Tomashevsky; Ivan Hrod; Ivan Opirskyy; Volodymyr Zvieriev; Oleksandr Prokopenko; Vitalii Savchenko; Oleg Barabash; Valentyn Sobchuk; German Shuklin; Vladyslav Khvostenko; Oleksandr Tymochko; Maksim Pavlenko; Andrii Trystan; Serhii Florov

The development of the modern world community is closely related to advances in computing resources and cyberspace. The formation and expansion of the range of services is based on the achievements of mankind in the field of high technologies. However, the rapid growth of computing resources, the emergence of a full-scale quantum computer tightens the requirements for security systems not only for information and communication systems, but also for cyber-physical systems and technologies.

The methodological foundations of building security systems for critical infrastructure facilities based on modeling the processes of behavior of antagonistic agents in security systems are discussed in the first chapter.

The concept of information security in social networks, based on mathematical models of data protection, taking into account the influence of specific parameters of the social network, the effects on the network are proposed in second chapter.

The nonlinear relationships of the parameters of the defense system, attacks, social networks, as well as the influence of individual characteristics of users and the nature of the relationships between them, takes into account.

In the third section, practical aspects of the methodology for constructing post-quantum algorithms for asymmetric McEliece and Niederreiter cryptosystems on algebraic codes (elliptic and modified elliptic codes), their mathematical models and practical algorithms are considered. Hybrid crypto-code constructions of McEliece and Niederreiter on defective codes are proposed. They can significantly reduce the energy costs for implementation, while ensuring the required level of cryptographic strength of the system as a whole. The concept of security of corporate information and educational systems based on the construction of an adaptive information security system is proposed.

Files (3.4 MB)
Name Size
SYNERGY OF BUILDING CYBERSECURITY SYSTEMS.pdf
md5:ce945cfa6e3ed9a072e828757eb4a73a
3.4 MB Download
  • Riley, M., Elgin, B., Lawrence, D., Matlack, C. (2014). Missed alarms and 40 million stolen credit card numbers: How target blew it. Available at: http://www.bloomberg.com/news/articles/2014-03-13/target-missed-warnings-in-epic-hack-of-credit-card-data Last accessed: 30.03.2016

  • M-trends 2016 (2016). Mandaint: A FireEye Company. Technical report. Available at: https://www.fireeye.com/content/dam/fireeye-www/current-threats/pdfs/rpt-mtrends-2016.pdf

  • Jajodia, S., Noel, S. (2010) Advanced cyber attack modeling analysis and visualization. Technical report, DTIC Document. Available at: https://apps.dtic.mil/dtic/tr/fulltext/u2/a516716.pdf

  • Qin, X., Lee, W. (2004). Attack plan recognition and prediction using causal networks. Proceedings of 20th Annual Computer Security Applications Conference. Tucson, 370–379. doi: http://doi.org/10.1109/csac.2004.7

  • Xie, P., Li, J. H., Ou, X., Liu, P., Levy, R. (2010). Using bayesian networks for cyber security analysis. Proceedings of 2010 IEEE/IFIP International Conference on Dependable Systems and Networks (DSN). Chicago, 211–220. doi: http://doi.org/10.1109/dsn.2010.5544924

  • Fava, D. S., Byers, S. R., Yang, S. J. (2008). Projecting Cyberattacks Through Variable-Length Markov Models. IEEE Transactions on Information Forensics and Security, 3 (3), 359–369. doi: http://doi.org/10.1109/tifs.2008.924605

  • Stotz, A., Sudit, M. (2007). Information fusion engine for real-time decisionmaking: A perceptual system for cyber attack tracking. Proceedings of 2007 10th International Conference on Information Fusion. Quebec, 1–8. doi: http://doi.org/10.1109/icif.2007.4408113

  • Wang, B., Cai, J., Zhang, S., Li, J. (2010). A network security assessment model based on attack-defense game theory. Proceedings of 2010 International Conference on Computer Application and System Modeling (ICCASM). Taiyuan, 3, V3–639. doi: http://doi.org/10.1109/iccasm.2010.5620536

  • Grunewald, D., Liitzenberger, M., Chinnow, J., Bye, R., Bsufka, K., Albayrak, S. (2011). Agent-based network security simulation. Proceedings of The 10th International Conference on Autonmous Agents and Multiagent Systems, 3, 1325–1326.

  • Moskal, S., Wheeler, B., Kreider, D., Kuhl, M. E., Yang, S. J. (2014). Context model fusion for multistage network attack simulation. Proceedings of Military Communications Conference (MILCOM). Baltimore, 158–163. doi: http://doi.org/10.1109/milcom.2014.32

  • Moskal, S., Kreider, D., Hays, L., Wheeler, B., Yang, S. J., Kuhl, M. (2013) Simulating attack behaviors in enterprise networks. Proceedings of 2013 IEEE Conference on Communications and Network Security (CNS). National Harbor, 359–360. doi: http://doi.org/10.1109/cns.2013.6682726

  • Sheyner, O., Haines, J., Jha, S., Lippmann, R., Wing, J. M. (2002) Automated generation and analysis of attack graphs. Proceedings of 2002 IEEE Symposium on Security and Privacy. Berkeley, 273–284. doi: http://doi.org/10.1109/secpri.2002.1004377

  • Jha, S., Sheyner, O., Wing, J. (2002). Two formal analyses of attack graphs. Proceedings of 2002 15th IEEE Computer Security Foundations Workshop. Cape Breton, 49–63. doi: http://doi.org/10.1109/csfw.2002.1021806

  • Moskal, S. F. (2016). Knowledge-based Decision Making for Simulating Cyber Attack Behaviors. Rochester Institute of Technology.

  • Kotenko, I., Doynikova, E. (2015). The CAPEC based generator of attack scenarios for network security evaluation. Proceedings of 2015 IEEE 8th International Conference on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications (IDAACS). Warsaw, 1, 436–441. doi: http://doi.org/10.1109/idaacs.2015.7340774

  • Yevseiev, S., Milov, O., Milevskyi, S., Voitko, O., Kasianenko, M., Melenti, Y. et. al. (2020). Development and analysis of game-theoretical models of security systems agents interaction. Eastern-European Journal of Enterprise Technologies, 2 (4 (104)), 15–29. doi: http://doi.org/10.15587/1729-4061.2020.201418

  • Milov, O., Kostyak, M., Milevsky, S., Pogasiy, S. (2019). Methods for modeling agent behavior in information and communication systems. Control, Navigation and Communication Systems. Academic Journal, 6 (58), 63–70. doi: http://doi.org/10.26906/sunz.2019.6.063

  • Yevseiev, S., Karpinski, M., Shmatko, O., Romashchenko, N., Gancarczyk, T., Falat, P. (2019). Methodology of the cyber security threats risk assessment based on the fuzzy-multiple approach. 19th International Multidisciplinary Scientific GeoConference SGEM2019, Informatics, Geoinformatics and Remote Sensing. Sofia, 437–444. doi: http://doi.org/10.5593/sgem2019/2.1/s07.057

  • S. Yevseiev, S., Aleksiyev, V., Balakireva, S., Peleshok, Y., Milov, O., Petrov, O. et. al. (2019). Development of a methodology for building an information security system in the corporate research and education system in the context of university autonomy. Eastern-European Journal of Enterprise Technologies, 3 (9 (99)), 49–63. doi: http://doi.org/10.15587/1729-4061.2019.169527

  • Yevseiev, S., Ponomarenko, V., Ponomarenko, V., Rayevnyeva, O., Rayevnyeva, O. (2017). Assessment of functional efficiency of a corporate scientific­educational network based on the comprehensive indicators of quality of service. Eastern-European Journal of Enterprise Technologies, 6 (2 (90)), 4–15. doi: http://doi.org/10.15587/1729-4061.2017.118329

  • Sun, R. (2007). The importance of cognitive architectures: an analysis based on CLARION. Journal of Experimental & Theoretical Artificial Intelligence 19 (2), 159–193. doi: http://doi.org/10.1080/09528130701191560

  • Gilbert, N. (2004). Agent-based social simulation: dealing with complexity. Tech. rep. University of Surrey.

  • Carley, K. M., Prietula, M. J., Lin, Z. (1998). Design versus cognition: The interaction of agent cognition and organizational design on organizational performance. Journal of Artificial Societies and Social Simulation 1 (3). Available at: http://jasss.soc.surrey.ac.uk/1/3/4.html

  • Helbing, D., Balletti, S. (2011). How to do agent-based simulations in the future: From modeling social mechanisms to emergent phenomena and interactive systems design. Working Paper 11-06-024. Santa Fe Institute. Available at: https://www.santafe.edu/research/results/working-papers/how-to-do-agent-based-simulations-in-the-future-frc

  • Axelrod, R., Tesfatsion, L.; Tesfatsion, L., Judd, K. L. (Eds.) (2006). A guide for newcomers to agent-based modeling in the social sciences. Handbook of Computational Economics, Vol. 2: Agent-Based Computational Economics. Chap. Appendix A. Elsevier, 164–1659. doi: http://doi.org/10.1016/s1574-0021(05)02044-7

  • Nilsson, N. J. (1977). A production system for automatic deduction. Technical Note 148. Stanford. Available at: http://www.ai.sri.com/pubs/files/743.pdf

  • Chao, Y. R. (1968). Language and symbolic systems. Cambridge University Press, 260. Available at: http://services.cambridge.org/us/academic/subjects/languages-linguistics/english-language-and-linguistics-general-interest/language-and-symbolic-systems?format=PB&isbn=9780521094573

  • Ishida, T. (1994). Parallel, Distributed and Multiagent Production Systems, vol. 878 of Lecture Note in Computer Science. Springer. doi: http://doi.org/10.1007/3-540-58698-9

  • Bordini, R. H., Hübner, J. F., Wooldridge, M. (2007). Programming Multi-Agent Systems in AgentSpeak using Jason. Wiley Series in Agent Technology. John Wiley & Sons, 292.

  • Dignum, F., Kinny, D., Sonenberg, L. (2002). From desires, obligations and norms to goals. Cognitive Science Quarterly, 2 (3-4), 407–430. Available at: http://dspace.library.uu.nl/handle/1874/19827

  • Cohen, P. R., Levesque, H. J. (1990). Intention is choice with commitment. Artificial Intelligence, 42 (2-3), 213–261. doi: http://doi.org/10.1016/0004-3702(90)90055-5

  • Adam, C., Gaudou, B. (2016). BDI agents in social simulations: a survey. The Knowledge Engineering Review, 31 (3), 207–238. doi: http://doi.org/10.1017/s0269888916000096

  • Pereira, D., Oliveira, E., Moreira, N., Sarmento, L. (2005). Towards an architecture for emotional bdi agents. EPIA'05: Proceedings of 12th Portuguese Conference on Artificial Intelligence. Springer. doi: http://doi.org/10.1109/epia.2005.341262

  • Jiang, H., Vidal, J. M. (2006). From rational to emotional agents. In: Proceedings of the AAAI Workshop on Cognitive Modeling and Agent-based Social Simulation. AAAI Press.

  • Kennedy, W. G.; Heppenstall, A. J., Crooks, A. T., See, L. M., Batty, M., (Eds.) (2012). Modelling human behaviour in agent-based models. Agent-Based Models of Geographical Systems. Springer, 167–179. doi: http://doi.org/10.1007/978-90-481-8927-4_9

  • Kollingbaum, M. J. (2005). Norm-Governed Practical Reasoning Agents. University of Aberdeen. Available at: https://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.415494

  • Dignum, F. (1999). Autonomous agents with norms. Artificial Intelligence and Law, 7 (1), 69–79. doi: http://doi.org/10.1023/a:1008315530323

  • Castelfranchi, C., Dignum, F., Jonker, C. M., Treur, J. (2000). Deliberate normative agents: Principles and architecture. Intelligent Agents VI, Agent Theories, Architectures, and Languages. Proceedings 6th International Workshop, ATAL'99. Orlando, 364–378. doi: http://doi.org/10.1007/10719619_27

  • Conte, R., Castelfranchi, C. (1995). Cognitive and Social Action. Taylor & Francis, 224. doi: http://doi.org/10.4324/9780203783221

  • Sun, R.; Lukose, D., Shi, Z. (Eds.) (2009). Cognitive architectures and multi-agent social simulation. Multi-Agent Systems for Society. Springer-Verlag, 7–21. doi: http://doi.org/10.1007/978-3-642-03339-1_2

  • Card, S. K., Newell, A., Moran, T. P. (1983). The Psychology of Human-Computer Interaction. Hillsdale: L. Erlbaum Associates Inc., 448. doi: http://doi.org/10.1201/9780203736166

  • Byrne, M. D.; Sears, A., Jacko, J. A. (Eds.) (2007). Cognitive architecture. The Human-Computer Interaction Handbook: Fundamentals, Evolving Technologies and Emerging Applications. CRC Press, 93–114. doi: http://doi.org/10.1201/9781410615862.ch5

  • Sun, R., Peterson, T., Sessions, C. (2002). Beyond simple rule extraction: acquiring planning knowledge from neural networks. Proceedings of WIRN'01. Springer, 288–300. doi: http://doi.org/10.1007/978-1-4471-0219-9_32

  • Laird, J. E. (2012). The SOAR Cognitive Architecture. Cambridge: MIT Press. doi: http://doi.org/10.7551/mitpress/7688.001.0001

  • Attiah, A., Chatterjee, M., Zou, C. C. (2018). A Game Theoretic Approach to Model Cyber Attack and Defense Strategies. 2018 IEEE International Conference on Communications (ICC). doi: http://doi.org/10.1109/icc.2018.8422719

  • Alpcan, T., Baser, T. (2006). An intrusion detection game with limited observations. Proc. 12th Int. Symp. on Dynamic Games and Applications. Available at: https://wenku.baidu.com/view/07f2933031126edb6f1a10f9.html

  • Security measurement – white paper (2006). Available at: http://www.psmsc.com/Downloads/TechnologyPapers/SecurityWhitePaper_v3.0.pdf

  • He, W., Xia, C., Wang, H., Zheng, C., Ji, Y. (2008). A game theoretical attack-defense model oriented to network security risk assessment. International Conference on Computer Science and Software Engineering. Wuhan, 498–504. doi: http://doi.org/10.1109/csse.2008.1651

  • Yazar, Z. (2002). A qualitative risk analysis and management tool. CRAMM. SANS Institute. Available at: https://www.sans.org/reading-room/whitepapers/auditing/paper/83

  • Aigbokhaevbolo, O. (2011). Application of Game Theory to Business Strategy in Undeveloped Countries: A Case for Nigeria. Journal of Social Sciences, 27 (1), 1–5. doi: http://doi.org/10.1080/09718923.2011.11892900

  • Manshaei, M. H., Zhu, Q., Alpcan, T., Bacşar, T., Hubaux, J.-P. (2013). Game theory meets network security and privacy. ACM Computing Surveys, 45 (3), 1–39. doi: http://doi.org/10.1145/2480741.2480742

  • Akinwumi, D. A., Iwasokun, G. B., Alese, B. K., Oluwadare, S. A. (2018). A review of game theory approach to cyber security risk management. Nigerian Journal of Technology, 36 (4), 1271–1285. doi: http://doi.org/10.4314/njt.v36i4.38

  • Kesselman, A., Leonardi, S. (2012). Game-theoretic analysis of Internet switching with selfish users. Theoretical Computer Science, 452, 107–116. doi: http://doi.org/10.1016/j.tcs.2012.05.029

  • Akella, A., Karp, R., Papadimitriou, C., Seshan, S., Shenker, S. (2002). Selfish behavior and the stability of the internet: A game theoretic analysis of TCP. Proceedings of SIGCOMM 2002. doi: http://doi.org/10.1145/633025.633037

  • Alpcan, T., Basar, T., Dey, S. (2004). A power control game based on outage probabilities for multicell wireless data networks. Proceedings of the 2004 American Control Conference. doi: http://doi.org/10.23919/acc.2004.1386817

  • Bencsth, B., Buttyn, L., Vajda, I. (2003). A game-based analysis of the client puzzle approach to defend against dos attacks. Soft- COM 2003 11th International conference on software, telecommunications and computer networks, 763–767.

  • Michiardi, P., Molva, R. (2002). Core: A collaborative reputation mechanism to enforce node co-operation in mobile ad hoc networks. 6th IEIP Communications and Multimedia Security Conference. doi: http://doi.org/10.1007/978-0-387-35612-9_9

  • Kodialam, M., Lakshman, T. V. (2003). Detecting network intrusions via sampling: A game theoretic approach. IEEE IN- EOCOMM 2003. San Francisco. doi: http://doi.org/10.1109/infcom.2003.1209210

  • Patchat, A., Park, J.-M. (2004). A Game Theoretic Approach to Modeling Intrusion Detection in Mobile Ad Hoc Networks. Proceedings of the 2004 IEEE Workshop on Information Assurance and Security. United States Military Academy. West Point. doi: http://doi.org/10.1109/iaw.2004.1437828

  • Alazzawe, A., Nawaz, A., Bayaraktar, M. M. (2006). Game theory and intrusion detection systems.

  • Hamilton, S. N., Miller, W. L., Ott, A., Saydjari, O. S. (2002). Challenges in applying game theory to the domain of information warfare. Proceedings of the 4th Information survivability workshop (ISW-2001/2002).

  • Hamilton, S. N., Miller, W. L., Ott, A., Saydjari, O. S. (2002). The role of game theory in information warfare. Proceedings of the 4th information survivability workshop (ISW- 2001/2002).

  • Liu, P., Zang, W., Yu, M. (2005). Incentive-based modeling and inference of attacker intent, objectives, and strategies. ACM Transactions on Information and System Security, 8 (1), 78–118. doi: http://doi.org/10.1145/1053283.1053288

  • Nguyen, K. C., Alpcan, T., Basar, T. (2009). Stochastic games for security in networks with interdependent nodes. 2009 International Conference on Game Theory for Networks. Istanbul. doi: http://doi.org/10.1109/gamenets.2009.5137463

  • Nguyen, K. C., Alpcan, T., Basar, T. (2009). Security Games with Incomplete Information. 2009 IEEE International Conference on Communications. Dresden. doi: http://doi.org/10.1109/icc.2009.5199443

  • Chen, Z. (2007). Modeling and defending against internet worm attacks. Georgia Institute of Technology.

  • Hryshchuk, R. V. (2013). Dyferentsialno-ihrovi modeli ta metody modeliuvannia protsesiv kibernapadu. Kyiv, 411.

  • Bursztein, E., Goubault-Larrecq, J. (2007). A Logical Framework for Evaluating Network Resilience Against Faults and Attacks. Advances in Computer Science – ASIAN 2007. Computer and Network Security, 4846, 212–227. doi: http://doi.org/10.1007/978-3-540-76929-3_20

  • Sun, W., Kong, X., He, D., You, X. (2008). Information Security Problem Research Based on Game Theory. 2008 International Symposium on Electronic Commerce and Security. Guangzhou. doi: http://doi.org/10.1109/isecs.2008.147

  • Hansman, S., Hunt, R. (2005). A taxonomy of network and computer attacks. Computers & Security, 24 (1), 31–43. doi: http://doi.org/10.1016/j.cose.2004.06.011

  • Ma, C. Y. T., Yau, D. K. Y., Lou, X., Rao, N. S. V. (2013). Markov Game Analysis for Attack-Defense of Power Networks Under Possible Misinformation. IEEE Transactions on Power Systems, 28 (2), 1676–1686. doi: http://doi.org/10.1109/tpwrs.2012.2226480

  • Milov, O., Yevseiev, S., Ivanchenko, Y., Milevskyi, S., Nesterov, O., Puchkov, O. et. al. (2019). Development of the model of the antagonistic agents behavior under a cyber conflict. Eastern-European Journal of Enterprise Technologies, 4 (9 (100)), 6–19. doi: http://doi.org/10.15587/1729-4061.2019.175978

  • Gordon, L. A., Loeb, M. P., Lucyshyn, W., Zhou, L. (2015). The impact of information sharing on cybersecurity underinvestment: A real options perspective. Journal of Accounting and Public Policy, 34 (5), 509–519. doi: http://doi.org/10.1016/j.jaccpubpol.2015.05.001

  • Huang, C. D., Behara, R. S. (2013). Economics of information security investment in the case of concurrent heterogeneous attacks with budget constraints. International Journal of Production Economics, 141 (1), 255–268. doi: http://doi.org/10.1016/j.ijpe.2012.06.022

  • Alguliyev, R., Imamverdiyev, Y., Sukhostat, L. (2018). Cyber-physical systems and their security issues. Computers in Industry, 100, 212–223. doi: http://doi.org/10.1016/j.compind.2018.04.017

  • Cárdenas, A. A., Amin, S., Lin, Z.-S., Huang, Y.-L., Huang, C.-Y., Sastry, S. (2011). Attacks against process control systems. Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security - ASIACCS '11, 355–366. doi: http://doi.org/10.1145/1966913.1966959

  • Gollmann, D. (2013). Security for Cyber-Physical Systems. Mathematical and Engineering Methods in Computer Science, 12–14. doi: http://doi.org/10.1007/978-3-642-36046-6_2

  • Cardenas, A., Amin, S., Sinopoli, B., Giani, A., Perrig, A., Sastry, S. (2009). Challenges for securing cyber physical systems. Workshop on future directions in cyber-physical systems security.

  • Pfleeger, C. P., Pfleeger, S. L. (2006). Security in Computing. Prentice Hall, 880.

  • Cebula, J. J., Young, L. R. (2010). A taxonomy of operational cyber security risks. Technical report, DTIC Document.

  • Kang, D.-J., Lee, J.-J., Kim, S.-J. Park, J.-H. (2009). Analysis on cyber threats to SCADA systems. 2009 Transmission & Distribution Conference & Exposition: Asia and Pacific. Seoul. doi: http://doi.org/10.1109/td-asia.2009.5357008

  • Nicholson, A., Webber, S., Dyer, S., Patel, T., Janicke, H. (2012). SCADA security in the light of Cyber-Warfare. Computers & Security, 31 (4), 418–436. doi: http://doi.org/10.1016/j.cose.2012.02.009

  • Guide for conducting risk assessments (2012). NIST. doi: http://doi.org/10.6028/nist.sp.800-30r1

  • Cyber threat source descriptions. US-CERT. Available at: https://ics-cert.us-cert.gov/content/cyber-threat-source-descriptions

  • Milov, O., Korol, O., Khvostenko, V. (2019). Development of the classification of the cyber security agents bounded rationality. Control, Navigation and Communication Systems. Academic Journal, 4 (56), 82–90. doi: http://doi.org/10.26906/sunz.2019.4.082

  • Yevseiev, S. (2017). Intruder model of access rights in the automated banking system based on a synergistic approach. Naukovo-tekhnichnyi zhurnal "Informatsiyna bezpeka", 2 (26), 110–120.

  • Kravets, D. (2009). Feds: Hacker disabled offshore oil platforms' leak-detection system. Available at: https://www.wired.com/2009/03/feds-hacker-dis/

  • Chattopadhyay, A., Prakash, A., Shafique, M. (2017). Secure Cyber-Physical Systems: Current trends, tools and open research problems. Design, Automation & Test in Europe Conference & Exhibition (DATE). Lausanne. doi: http://doi.org/10.23919/date.2017.7927154

  • Dell Security (2016). Annual Threat Report. Available at: https://www.netthreat.co.uk/assets/assets/dell-security-annual-threat-report-2016-white-paper-197571.pdf

  • Walker, J. J. (2012). Cyber Security Concerns for Emergency Management. Emergency Management. doi: http://doi.org/10.5772/34104

  • Ali, N. S. (2016). A four-phase methodology for protecting web applications using an effective real-time technique. International Journal of Internet Technology and Secured Transactions, 6 (4), 303. doi: http://doi.org/10.1504/ijitst.2016.10003854

  • Park, K.-J., Zheng, R., Liu, X. (2012). Cyber-physical systems: Milestones and research challenges. Computer Communications, 36 (1), 1–7. doi: http://doi.org/10.1016/j.comcom.2012.09.006

  • State of the Phish: An in-depth look at user awareness (2020). Available at: https://cdw-prod.adobecqms.net/content/dam/cdw/on-domain-cdw/brands/proofpoint/gtd-pfpt-us-tr-state-of-the-phish-2020.pdf

  • Goel, S., Chen, V. (2005). Information security risk analysis – a matrix-based approach. Proceedings of the Information Resource Management Association (IRMA) International Conference. San Diego.

  • Kjaerland, M. (2006). A taxonomy and comparison of computer security incidents from the commercial and government sectors. Computers & Security, 25 (7), 522–538. doi: http://doi.org/10.1016/j.cose.2006.08.004

  • Blackwell, C. (2010). A security ontology for incident analysis. Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research - CSIIRW '10. doi: http://doi.org/10.1145/1852666.1852717

  • Hryshchuk, R., Yevseiev, S. (2017). Methodology of building a system for providing information security of bank information in automated banking systems. Ukrainian Scientific Journal of Information Security, 23 (3), 204–214. doi: http://doi.org/10.18372/2225-5036.23.12095

  • Pollock, G. M., Atkins, W. D., Schwartz, M. D., Chavez, A. R., Urrea, J. M., Pattengale, N. et. al. (2010). Modeling and simulation for cyber-physical system security research, development and applications. doi: http://doi.org/10.2172/1028942

  • Ahmad, R., Yunos, Z. (2012). A dynamic cyber terrorism framework. International Journal of Computer Science and Information Security, 10 (2), 149–158.

  • Loukas, G., Gan, D., Vuong, T. (2013). A taxonomy of cyber attack and defence mechanisms for emergency management networks. 2013 IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOM Workshops). San Diego. doi: http://doi.org/10.1109/percomw.2013.6529554

  • Framework for Improving Critical Infrastructure Cybersecurity. Version 1.0 (2014). National Institute of Standards and Technology. Available at: https://www.nist.gov/publications/framework-improving-critical-infrastructure-cybersecurity-version-10

  • Hughes, J., Cybenko, G. (2014). Three tenets for secure cyber-physical system design and assessment. Cyber Sensing 2014. doi: http://doi.org/10.1117/12.2053933

  • Buchyk, S. (2016). The methodology of analysis of risks of tree that identifiers the state informative resources. Ukrainian Information Security Research Journal, 18 (1), 81–89. doi: http://doi.org/10.18372/2410-7840.18.10116

  • Yevseiev, S., Rzayev, K., Mammadova, T., Samedov, F., Romashchenko, N. (2018). Classification of cyber cruise of informational resources of automated banking systems. Cybersecurity: Education, Science, Technique, 2, 47–67. doi: http://doi.org/10.28925/2663-4023.2018.2.4767

  • Barabash, O., Laptiev, O., Tkachev, V., Maystrov, O., Krasikov, O., Polovinkin, I. (2020). The Indirect method of obtaining Estimates of the Parameters of Radio Signals of covert means of obtaining Information. International Journal of Emerging Trends in Engineering Research, 8 (8), 4133–4139. doi: http://doi.org/10.30534/ijeter/2020/17882020

  • Benson, V., Saridakis, G., Tennakoon, H., Ezingeard, J. N. (2015). The role of security notices and online consumer behaviour: An empirical study of social networking users. International Journal of Human-Computer Studies, 80, 36–44. doi: http://doi.org/10.1016/j.ijhcs.2015.03.004

  • Mvungi, B., Iwaihara, M. (2015). Associations between privacy, risk awareness, and interactive motivations of social networking service users, and motivation prediction from observable features. Computers in Human Behavior, 44, 20–34. doi: http://doi.org/10.1016/j.chb.2014.11.023

  • Barabash, O., Laptiev, O., Kovtun, O., Leshchenko, O., Dukhnovska, K., Biehun, A. (2020). The Method dynavic TF-IDF. International Journal of Emerging Trends in Engineering Research, 8 (9), 5713–5718. doi: http://doi.org/10.30534/ijeter/2020/130892020

  • Yevseiev, S., Laptiev, O., Lazarenko, S., Korchenko, A., Manzhul, I. (2021). Modeling the protection of personal data from trust and the amount of information on social networks. EUREKA: Physics and Engineering, 1, 24–31. doi: http://doi.org/10.21303/2461-4262.2021.001615

  • Laptiev, O., Savchenko, V., Kotenko, A., Akhramovych, V., Samosyuk, V. Shuklin, G., Biehun, A. (2021) Method of Determining Trust and Protection of Personal Data in Social Networks. International Journal of Communication Networks and Information Security, 13 (1), 1–14.

  • Obidin, D., Ardelyan, V., Lukova-Chuiko, N., Musienko, A. (2017). Estimation of Functional Stability of Special Purpose Networks Located on Vehicles. Actual Problems of Unmanned Aerial Vehicles Developments (APUAVD). Kyiv: National Aviation University, 167–170. doi: http://doi.org/10.1109/apuavd.2017.8308801

  • Korotin, S., Kravchenko, Y., Starkova, O., Herasymenko, K., Mykolaichuk, R. (2019). Analytical determination of the parameters of the self-tuning circuit of the traffic control system on the limit of vibrational stability. International Scientific-Practical Conference Problems of Infocommunications Science and Technology. PIC S&T`2019 – Proceedings. Kyiv, 471–476. doi: http://doi.org/10.1109/picst47496.2019.9061256

  • Rakushev, M., Permiakov, O., Tarasenko, S., Kovbasiuk, S., Kravchenko, Y., Lavrinchuk, O. (2019). Numerical Method of Integration on the Basis of Multidimensional Differential-Taylor Transformations. Proceedings of the IEEE International Scientific-Practical Conference Problems of Infocommunications Science and Technology, PIC S&T`2019 – Proceedings. Kyiv, 675–678. doi: http://doi.org/10.1109/picst47496.2019.9061339

  • Kravchenko, Y., Leshchenko, O., Dakhno, N., Trush, O., Makhovych, O. (2019). Evaluating the effectiveness of cloud services. IEEE International Conference on Advanced Trends in Information Theory. ATIT`2019 – Proceedings. Kyiv, 120–124. doi: http://doi.org/10.1109/atit49449.2019.9030430

  • Sobchuk, V., Pichkur, V., Barabash, O., Laptiev, O., Kovalchuk, I., Zidan, A. (2020). Algorithm of control of functionally stable manufacturing processes of enterprises. 2020 IEEE 2nd International Conference on Advanced Trends in Information Theory (IEEE ATIT 2020) Conference Proceedings. Kyiv, 206–211.

  • Sobchuk, V., Pichkur, V., Barabash, O., Laptiev, O., Kovalchuk, I., Zidan, A. (2020). Algorithm of control of functionally stable manufacturing processes of enterprises. 2020 IEEE 2nd International Conference on Advanced Trends in Information Theory (IEEE ATIT 2020) Conference Proceedings. Kyiv, 206–211.

  • Chen, P. A., Desmet, L., Huygens, C. (2019) Study on Advanced Persistent Threats. Communications and Multimedia Security. Berlin Heidelberg: Springer, 63–72. doi: http://doi.org/10.1007/978-3-662-44885-4_5

  • Freeman, L. C., Borgatti, S. P., White, D. R. (1991). Centrality in valued graphs: A measure of betweenness based on network flow. Social Networks, 13 (2), 141–154. doi: http://doi.org/10.1016/0378-8733(91)90017-n

  • Yevseiev, S., Korolyov, R., Tkachov, A., Laptiev, O., Opirskyy, I., Soloviova, O. (2020). Modification of the algorithm (OFM) S-box, which provides increasing crypto resistance in the post-quantum period. International Journal of Advanced Trends in Computer Science and Engineering, 9 (5), 8725–8729. doi: http://doi.org/10.30534/ijatcse/2020/261952020

  • Laptiev, O., Stefurak, O., Polovinkin, I., Barabash, O., Savchenko, V., Zelikovska, O. (2020). The method of improving the signal detection quality by accounting for interference. 2020 IEEE 2nd International Conference on Advanced Trends in Information Theory (IEEE ATIT 2020) Conference Proceedings. Kyiv, 172–176.

  • Korchenko, A., Breslavskyi, V., Yevseiev, S., Zhumangalieva, N., Zvarych, A., Kazmirchuk, S. et. al. (2021). Development of a method for constructing linguistic standards for multi-criteria assessment of honeypot efficiency. Eastern-European Journal of Enterprise Technologies, 1 (2 (109)), 14–23. doi: http://doi.org/10.15587/1729-4061.2021.225346

  • Bartock, M., Cichonski, J., Souppaya, M., Smith, M., Witte, G., Scarfone, K. (2016). Guide for cybersecurity event recovery. NIST. doi: http://doi.org/10.6028/nist.sp.800-184

  • Security requirements for cryptographic modules (2001). Available at: https://csrc.nist.gov/publications/fips/fips140-2/fips1402.pdf Last accessed: 01.02.2020

  • Cichonski, J., Franklin, J. M., Bartock, M. (2017). Guide to LTE security. doi: http://doi.org/10.6028/nist.sp.800-187

  • Hryshchuk, R., Yevseiev, S., Shmatko, A. (2018). Construction methodology of information security system of banking information in automated banking systems. Vienna: Premier Publishing, 284. doi: http://doi.org/10.29013/r.hryshchuk_s.yevseiev_a.shmatko.cmissbiabs.284.2018

  • Lohachab, A., Lohachab, A., Jangra, A. (2020). A comprehensive survey of prominent cryptographic aspects for securing communication in post-quantum IoT networks. Internet of Things, 9, 100174. doi: http://doi.org/10.1016/j.iot.2020.100174

  • Petrenko, K., Mashatan, A., Shirazi, F. (2019). Assessing the quantum-resistant cryptographic agility of routing and switching IT network infrastructure in a large-size financial organization. Journal of Information Security and Applications, 46, 151–163. doi: http://doi.org/10.1016/j.jisa.2019.03.007

  • Aggarwal, S., Chaudhary, R., Aujla, G. S., Kumar, N., Choo, K.-K. R., Zomaya, A. Y. (2019). Blockchain for smart communities: Applications, challenges and opportunities. Journal of Network and Computer Applications, 144, 13–48. doi: http://doi.org/10.1016/j.jnca.2019.06.018

  • Bobok, I., Kobozeva, A., Maksymov, M., Maksymova, O. (2016). Checking the Integrity of CCTV Footage in Real Time at Nuclear Facilities. Nuclear and Radiation Safety, 2 (70), 68–72. doi: http://doi.org/10.32918/nrs.2016.2(70).14

  • Kobozeva, A. A., Bobok, I. I., Garbuz, A. I. (2016). General Principles of Integrity Checking of Digital Images and Application for Steganalysis. Transport and Telecommunication Journal, 17 (2), 128–137. doi: http://doi.org/10.1515/ttj-2016-0012

  • Bobok, I. I. (2018). Steganalysis method for detection of the hidden communication channel with low capacity. Telecommunications and Radio Engineering, 77 (18), 1597–1604. doi: http://doi.org/10.1615/telecomradeng.v77.i18.20

  • Kobozeva, A. A., Bobok, I. I., Batiene, L. E. (2018). Steganoanalytical Method Based on the Analysis of Singular Values of Digital Image Matrix Blocks. Problemele Energeticii Regionale, 3 (38), 156–168. doi: http://doi.org/10.5281/zenodo.2222384

  • Kobozeva, A. A., Bobok, I. I., Grygorenko, S. M. (2020). Method for Detecting of Clone Areas in a Digital Image under Conditions of Additional Attacks. Journal of Signal Processing Systems, 92 (1), 55–69. doi: http://doi.org/10.1007/s11265-019-01449-6

  • Evseev, S., Abdullayev, V. (2015). Monitoring algorithm of two-factor authentication method based on рasswindow system. Eastern-European Journal of Enterprise Technologies, 2 (2 (74)), 9–16. doi: http://doi.org/10.15587/1729-4061.2015.38779

  • Yevseiev, S., Hryhorii, K., Liekariev, Y. (2016). Developing of multi-factor authentication method based on niederreiter-mceliece modified crypto-code system. Eastern-European Journal of Enterprise Technologies, 6 (4 (84)), 11–23. doi: http://doi.org/10.15587/1729-4061.2016.86175

  • Yevseiev, S., Kots, H., Minukhin, S., Korol, O., Kholodkova, A. (2017). The development of the method of multifactor authentication based on hybrid crypto­code constructions on defective codes. Eastern-European Journal of Enterprise Technologies, 5 (9 (89)), 19–35. doi: http://doi.org/10.15587/1729-4061.2017.109879

  • Yevseiev, S., Tsyhanenko, O., Ivanchenko, S., Aleksiyev, V., Verheles, D., Volkov, S. et. al. (2018). Practical implementation of the Niederreiter modified crypto­code system on truncated elliptic codes. Eastern-European Journal of Enterprise Technologies, 6 (4 (96)), 24–31. doi: http://doi.org/10.15587/1729-4061.2018.150903

  • Milov, O., Yevseiev, S., Ivanchenko, Y., Milevskyi, S., Nesterov, O., Puchkov, O. et. al. (2019). Development of the model of the antagonistic agents behavior under a cyber conflict. Eastern-European Journal of Enterprise Technologies, 4 (9 (100)), 6–19. doi: http://doi.org/10.15587/1729-4061.2019.175978

  • Sidelnikov, V. M. (2002). Kriptografiia i teoriia kodirovaniia. Moskovskii universitet i razvitie kriptografii v Rossii. Moscow, 1–22.

  • Sidelnikov, V. M., Shestakov, S. O. (1992). O sisteme shifrovaniia, postroennoi na osnove obobshhennyh kodov Rida-Solomona. Diskretnaia matematika, 4 (3), 57–63.

  • Anohin, M. I., Varnovskii, N. P., Sidelnikov, V. M., Jashhenko, V. V. (1997). Kriptografiia v bankovskom dele. Moscow: MIFI.

  • Yevseiev, S., Tsyhanenko, O., Gavrilova, A., Guzhva, V., Milov, O., Moskalenko, V. et. al. (2019). Development of Niederreiter hybrid crypto-code structure on flawed codes. Eastern-European Journal of Enterprise Technologies, 1 (9 (97)), 27–38. doi: http://doi.org/10.15587/1729-4061.2019.156620

  • Tsyhanenko, O., Yevseiev, S., Milevskyi, S. (2019). Using the Flawed Codes In Niederreiter Crypto-Code Structure. Short Paper Proceedings of the 1st International Conference on Intellectual Systems and Information Technologies (ISIT 2019). Odessa, 17–19.

  • McEliece, R. J. (1978). A Public-Key Criptosystem Based on Algebraic Theory. DGN Progres Report 42-44, Jet Propulsi on Lab. Pasadena, 114–116.

  • Niederreiter, H. (1986). Knapsack-Type Cryptosystems and Algebraic Coding Theory. Problems of Control and Information Theory, 15, 19–34.

  • Mak-Viliams, F., Sloen, N. (1979). Teoriia kodov, ispravliaiuschikh oshibki. Moscow: Sviaz, 744.

  • Muterr, V. M. (1990). Osnovy pomekhoustoichivoi teleperedachi informatsii. Leningrad: Energoatomizdat. Leningr. otd-nie, 288.

  • Mishhenko, V. A., Vilanskii, Yu. V. (2007). Ushherbnye teksty i mnogokanalnaia kriptografiia. Minsk: Enciklopediks.

  • Mischenko, V. A., Vilanskii, Iu. V., Lepin, V. V.; Mischenko, V. A. (Ed.) (2007). Kriptograficheskii algoritm MV2. Minsk: Entsiklopediks, 176.

  • Meyer, D. (2016). Time is running out for this popular online security technique. FORTUNE. Available at: http://fortune.com/2016/07/26/nist-sms-two-factor/

  • Hackett, R. (2016). You're implementing this basic security feature all wrong. FORTUNE. Available at: http://fortune.com/2016/06/27/two-factor-authentication-sms-text/

  • McBride, T., Ekstrom, M., Lusty, L., Sexton, J., Townsend, A. (2017) Data Integrity: Recovering from Ransomware and Other Destructive Events. NIST Special Publication 1800-11. Available at: https://www.nccoe.nist.gov/sites/default/files/library/sp1800/di-nist-sp1800-11a-draft.pdf

  • Yevseiev, S., Korol, O., Kots, H. (2017). Construction of hybrid security systems based on the crypto-code structures and flawed codes. Eastern-European Journal of Enterprise Technologies, 4 (9 (88)), 4–21. doi: http://doi.org/10.15587/1729-4061.2017.108461

  • Shmatko, O., Balakireva, S., Vlasov, A., Zagorodna, N., Korol, O., Milov, O. et. al. (2020). Development of methodological foundations for designing a classifier of threats to cyberphysical systems. Eastern-European Journal of Enterprise Technologies, 3 (9 (105)), 6–19. doi: http://doi.org/10.15587/1729-4061.2020.205702

  • Rukhin, A., Soto, J. (2000). A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications. NIST Special Publication 800-22. doi: http://doi.org/10.6028/nist.sp.800-22

39
84
views
downloads
Views 39
Downloads 84
Data volume 286.1 MB
Unique views 30
Unique downloads 82

Share

Cite as