Перегляд за Автор "Yevseiev, S. P."
Зараз показуємо 1 - 20 з 27
Результатів на сторінці
Налаштування сортування
Документ Algorithm of information security risk assessment based on fuzzy-multiple approach(Національний технічний університет "Харківський політехнічний інститут", 2019) Yevseiev, S. P.; Shmatko, Oleksandr; Romashchenko, NataliiaThe subject of the study is the process of assessing the level of information security risk that is being implemented with the help of the fuzzy logic apparatus. The purpose of this work is to develop a methodology for assessing the degree of information security risk, which would avoid the uncertainty factor, that occurs when some parts of information about the analyzed automated information system are absent. The methodology is based on the use of fuzzy logic and fuzzy sets and implies the introduction of the term sets for each of the system characteristics and the linguistic assessment of the indicators. The tasks to be solved are to analyze existing information security risk assessment methodologies for identifying their strengths and weaknesses. On the basis of the conducted analysis, a new method for assessing the risk of automated information systems information security is proposed. The following resultswere obtained: the advantages and disadvantages of qualitative and quantitative methodologies for assessing the risk degree of automated systems information security were identified; the main stages of the proposed methodology were described; the degree of information security risk is calculated in comparison to the FAIR methodology. Conclusion: The methodology presented in the article provides an opportunity to translate the obtained results of risk assessment from a mathematical language into a linguistic form that is more comprehensible to the decision-maker. This increases the effectiveness of the management of automated information systems protection mechanisms.Документ Banking security synergetic models(2019) Hryshchuk, Ruslan; Yevseiev, S. P.; Romashchenko, NataliiaThe revolutionary changes of the last decade in the banking sector have led to the blending of information and computer networks into a single information and cybernetic space, which has led to the creation of automated banking systems (ABS), which have expanded the range of state electronic services and commercial banks of the world and Ukraine. As a result, threats to such national information resource of the state as banking information resources (BIR). Security threats BIR acquired signs of hybridization. Signs of hybridity as a result of simultaneous exposure to information security threats, cybernetic security (CS) and information security (InfoSec) to BIR led to the emergence of a synergistic phenomenon whose negative signs require a radical overhaul of the concepts of existing security systems development. The article proposes mathematical methodology models for building the BIR security based on the synergistic approach of estimating hybrid threats. The proposed model forms a complex approach to assessing the current level of BIR security in the ABS, assessing the economic feasibility of introducing one or another mechanism of Technical means of InfoSec system in the ABS, depending on the banking information value, based on an advanced threat classifier.Документ The concept of building security of the network with elements of the semiotic approach(Технологічний Центр, 2023) Yevseiev, S. P.; Tolkachov, Maksym; Shetty, Darshan; Khvostenko, Vladyslav; Strelnikova, Anna; Milevskyi, Stanislav; Golovashych, SergiiThe main scientific results: the concept of a structured protection system with the Zero Trust Security approach has been developed. The structure of the semiotic analysis of the segmentation of the transmitted load on the blocks is proposed. Blocks by signs are subjected to individual analysis. According to the features, the blocks are transformed by the selected representation into an object/groups of objects. Groups for transmission in the load are tagged, have different coding severity (depth), depending on the risk assessment. Groups are transmitted through the network in different ways (paths) – VPN (different ESP), unencrypted tunnel, open access, etc. This solution improves the throughput of malicious load analysis prior to transmission. The performance overhead for encoding/decoding the load and encapsulating/de-encapsulating during transmission is reduced. The transmission bandwidth is increased.Документ Construction of hybrid security systems based on the crypto-code structures and flawed codes(ПП "Технологічний Центр", 2017) Yevseiev, S. P.; Korol, O. G.; Kots, HryhoriiIn order to ensure safety of SCCI, it is proposed to use hybrid crypto-code constructions based on the modified asymmetric crypto-code McEliece systems on flawed codes, which make it possible to obtain maximum quantity of emergent properties at minimal resource cost for initiating in the system the synergistic effect of security provision. The main difference from known approaches to the construction of hybrid cryptosystems is the use of MCCS instead of symmetric cryptosystems; to strengthen resistance and to "reduce" the alphabet power (dimensionality of field GF(26–28) to build the McEliece MCCS), the systems on flawed codes are employed. The algorithms proposed in present work for the formation and decryption of a cryptogram in the hybrid cryptosystem based on MCCS on flawed codes make it possible to practically implement HCCSFC. The study that we conducted into energy consumption of major operations in the hybrid cryptosystems and their stability on the basis of the proposed assessment procedure confirms efficiency of their application in order to provide basic requirements to service quality in IES.Документ Cybersecurity: security of Linux operating system(Novyi Svit – 2000, 2021) Yevseiev, S. P.; Pogasiy, S.; Goloskokova, A.; Shmatko, O.; Melnik, M.Reference and methodical recommendations on the implementation of laboratory works in the study of the basics of working with the Linux operating system are provided. The issues of working with the Linux command line, process management, memory management and account management are considered. The problematic issues of cybersecurity in the process of working with the Linux operating system are highlighted. Recommended for students of the first (bachelor’s) level of specialty 125 "Cybersecurity", 121 "Software engineering", 122 "Computer sciences", 126 "Information systems and technologies".Документ Developing a model of efficiency of investment in the security of banking information in ABS(Харківський національний економічний університет ім. Семена Кузнеця, 2019) Yevseiev, S. P.; Çetinkaya, K.Документ Developing of multi-factor authentication method based on Niederreiter-McEliece modified crypto-code system(ПП "Технологічний Центр", 2016) Yevseiev, S. P.; Kots, Hryhorii; Liekariev, YehorTwo-factor authentication methods to date, are considered by experts as authenticators resistance amplification mechanisms, while ensuring the authenticity services in various fields of high technology, financial and insurance sectors of the market, large banking institutions and public sector enterprises. Thus, authenticators based on OTP passwords and various types of tokens are typically used in the ABS. The suggested synergistic threat assessment approach revealed that attackers use a comprehensive approach to the implementation of threats, based on a combination of social engineering techniques with traditional methods, of disguise and infiltration. New types of cyber-attacks are also used to effectively embed malware on mobile communication devices, which in turn leads to a decrease in the profitability of the two-factor authentication methods based on SMS messages and OTP passwords in ABS. The proposed safety mechanisms based on modified crypto code Niederreiter and Mc-Eliece systems allow to ensure reliability (based on the use of elliptical error-correcting codes) and safety (proposed cryptosystem are secret models of provable resistance) of data transmitted. Their usage in the multi-factor authentication protocol ensures the security of the physical separation of transmission of the parts of authenticator of banking transactions through mobile lines (using the Niederreiter MCCS) and ABS (using the McEliece MCCS). The proposed mathematical model and algorithms of practical implementation of the Niederreiter MCCS allow, based on the error vector symbol shortening, to reduce the energy capacity of the group operations, reduce the power of the Galois field to GF 2⁶–2⁷, providing the required cryptographic resistance.Документ Development of a method for assessing the security of cyber-physical systems based on the Lotka-Volterra model(ПП "Технологічний Центр", 2021) Yevseiev, S. P.; Pohasii, Serhii ; Milevskyi, Stanislav ; Milov, Oleksandr ; Melenti, Y.; Grod, I.; Berestov, D.; Fedorenko, R.; Kurchenko, O.The paper presents the results of the development of a method for assessing the security of cyber-physical systems based on the Lotka–Volterra model. Security models of cyber-physical systems are proposed: “predator–prey” taking into account the computing capabilities and focus of targeted cyberattacks, “predator–prey” taking into account the possible competition of attackers in relation to the “prey”, “predator–prey” taking into account the relationships between “prey species” and “predator species”, “predator–prey” taking into account the relationship between “prey species” and “predator species”. Based on the proposed approach, the coefficients of the Lotka–Volterra model α=0.39, β=0.32, γ=0.29, φ=0.27 were obtained, which take into account the synergy and hybridity of modern threats, funding for the formation and improvement of the protection system, and also allow determining the financial and computing capabilities of the attacker based on the identified threats. The proposed method for assessing the security of cyber-physical systems is based on the developed threat classifier, allows assessing the current security level and provides recommendations regarding the allocation of limited protection resources based on an expert assessment of known threats. This approach allows offline dynamic simulation, which makes it possible to timely determine attackers' capabilities and form preventive protection measures based on threat analysis. In the simulation, actual bases for assessing real threats and incidents in cyber-physical systems can be used, which allows an expert assessment of their impact on both individual security services and security components (cyber security, information security and security of information). The presented simulation results do not contradict the graphical results of the classical Lotka–Volterra model, which indicates the adequacy of the proposed approach for assessing the security of cyber-physical systemsДокумент Development of a protocol for a closed mobile Internet channel based on post-quantum algorithms(Харківський національний університет Повітряних Сил ім. Івана Кожедуба, 2021) Yevseiev, S. P.; Pohasii, Serhii; Khvostenko, VladyslavThe development of computing technologies has made it possible not only to expand the range of mobile communication services, but also to significantly increase computing capabilities. The emergence of mobile Internet, 4G, 5G technologies makes it possible to talk about a fundamentally different approach to ensuring the quality of service to network customers, creating fundamentally new approaches to ensuring the efficiency and reliability of transmitted information flows. However, such a rapid growth of GSM technologies without the introduction of security services leads to active actions of attackers and cyber terrorists, the emergence of new and modification of known threats. Mobile communication channels are used by cybercriminals for selfish purposes of access to database resources not only of the mobile Internet, but also to the databases of information and communication systems and networks. The article proposes a fundamentally new approach to ensuring the closure of the voice channel of the mobile Internet based on post-quantum cryptography algorithms – McEliece and Niederreiter crypto-code constructions on elliptic codes. This approach provides not only the offline mode of closing the voice channel and creating a VPN channel in tunnel mode, but also the required level of cryptographic strength in the face of the emergence of full-scale quantum computers.Документ Development of crypto-code constructs based on LDPC codes(ПП "Технологічний Центр", 2022) Pohasii, Serhii; Yevseiev, S. P.; Milov, Oleksandr; Kovalenko, Oleksandr; Kostiak, Maryna; Volkov, Andrii; Lezik, Aleksandr; Susukailo, VitaliiThe results of developing post-quantum algorithms of McEliece and Niederreiter crypto-code constructs based on LDPC (Low-Density Parity-Check) codes are presented. With the rapid growth of computing capabilities of mobile technologies and the creation of wireless mesh and sensor networks, Internet of Things technologies, and smart technologies on their basis, information security is becoming an urgent problem. At the same time, there is a need to consider security in two circuits, internal (directly within the network infrastructure) and external (cloud technologies). In such conditions, it is necessary to integrate threats to both the internal and external security circuits. This allows you to take into account not only the hybridity and synergy of modern targeted threats, but also the level of significance (degree of secrecy) of information flows and information circulating in both the internal and external security circuits. The concept of building security based on two circuits is proposed. To ensure the security of wireless mobile channels, it is proposed to use McEliece and Niederreiter crypto-code constructs based on LDPC codes, which allows integration into the credibility technology of IEEE 802.15.4, IEEE 802.16 standards. This approach provides the required level of security services (confidentiality, integrity, authenticity) in a full-scale quantum computer. Practical security technologies based on the proposed crypto-code constructs, online IP telephony and the Smart Home system based on the use of an internal server are considered.Документ Development of McEliece modified asymmetric crypto-code system on elliptic truncated codes(ПП "Технологічний Центр", 2016) Yevseiev, S. P.; Rzayev, Kh.; Korol, O. G.; Imanova, Z.Symmetric and asymmetric cryptographic algorithms, providing the required level of cryptographic strength are generally used to ensure security in modern communication systems, and error-correcting coding techniques - to ensure reliability. The use of asymmetric crypto-code systems enables integrated (with one mechanism) provision of the required levels of reliability, security and efficiency in the processing and transmission of confidential information via open channels of telecommunication systems. The research confirms that their usage provides high performance on the level of symmetric encryption algorithms with BSSH, provable cryptographic strength based on theoretical and complexity problems in arbitrary code decoding (1030 – 1035 group operations are provided), and reliability through the use of a shortened algebra-geometric code (Рош10-9 – 10-12 is provided). A major disadvantage of the use of the McEliece cryptographic system are large amounts of critical data (to provide the required cryptographic strength it is necessary to build a system in the GF (210 – 213). In order to reduce the volume of key data (public key), we propose to use shortened codes, that enables to reduce the GF(26 –28), while maintaining a cryptographic strength level, by introducing the character location entropy at initialization vector.Документ Development of Niederreiter hybrid crypto-code structure on flawed codes(PC Technology center, 2019) Yevseiev, S. P.; Tsyhanenko, O. S.; Gavrilova, A.; Guzhva, V.; Milov, O.; Moskalenko, V.; Opirskyy, I.; Roma, O.; Tomashevsky, B.; Shmatko, O.The use of the Niederreiter modified crypto-code structure (MCCS) with additional initialization vectors (with many invalid positional vectors of the error vector and multiple positions of shortening the error vector) requires an increase in the speed of cryptographic transformation of the system as a whole. For this purpose, it is proposed to use flawed codes. Flawed codes allow you to increase the speed of code transformations by reducing the power of the field while damaging the plaintext and reducing the amount of data transferred by damaging the ciphertext. This approach allows the construction of hybrid crypto-code structures based on the synthesis of Niederreiter modified crypto-code structures on modified (shortened or extended) codes on elliptic curves with damaging procedures. A significant difference from classical hybrid (complex) cryptosystems is the use of asymmetric cryptosystems to ensure data security with fast crypto-transformation procedures (generation and decoding of a codogram). The paper discusses methods for constructing flawed codes and approaches for using the Niederreiter hybrid crypto-code structure on modified elliptic codes. Practical algorithms are proposed for using the MV2 damage mechanism in the Niederreiter crypto-code structure on modified elliptic codes, which makes it possible to implement a hybrid crypto-code structure. The results of a comparative assessment of energy consumption for the formation of an information package with various methods of damage, which determined the choice of damage method in practical algorithms. The conducted studies confirm the competitive efficiency of the proposed cryptosystem in Internet technologies and mobile networks, ensuring practical implementation on modern platforms and the necessary cryptographic strength under post-quantum cryptography.Документ Development of procedures for modifying the cipher GOST 28147(Національний технічний університет "Харківський політехнічний інститут", 2021) Yevseiev, S. P.; Korolyov, Roman; Tkachov, Andrii; Nimchenko, AnastasiaThe entry of mankind into the era of high technologies, the rapid growth of computer technology contributes to the expansion of the range of electronic services. To ensure the security of confidential information, personal data, cryptographic systems of traditional cryptography (symmetric cryptosystems) and public key cryptography (asymmetric cryptosystems) are used. As a rule, the former provides security services, the latter provide key distribution. However, in the conditions of totalitarian surveillance in society by the special services of developed countries, cryptographic tabs are embedded in cryptographic algorithms, which, on the one hand, provide “quick” access for special services to confidential information, and on the other hand, allow intruders to break into the cryptosystem and obtain user data. The article proposes a modification of the well-known GOST 28147-89 algorithm, which ensures the "elimination" of possible crypto-bookmarks and an increase in crypto-resistance in the post-quantum period (the emergence of a full-scale quantum computer that allows hacking modern symmetric and asymmetric cryptosystems based on Grover and Shor algorithms). It is proposed to use the procedures for modifying the block-symmetric encryption algorithm (BSEA) GOST 28147-89 (2009, 2015) in OFB mode, which will make it possible to form a pseudo-random sequence based on dynamic changes in the S-box, and provide the required level of security.Документ The development of the method of multifactor authentication based on hybrid cryptocode constructions on defective codes(2017) Yevseiev, S. P.; Kots, Hryhorii; Minukhin, Sergii; Korol, O. G.; Kholodkova, AnnaThe proposed security mechanisms in hybrid-crypto-code systems, based on Niederreiter and McEliece modified asymmetric crypto-code systems on flawed codes allow further use of the methods of strict two-factor authentication on OTP passwords (OTP based 2FA). To ensure the required security and efficiency in the multi-factor authentication protocol, the McEliece and Niederreiter modified asymmetric crypto-code systems, allowing integrated reliability provision in information transmission on the basis of error-correction coding on elliptic codes are used. The use of the MV2 algorithm ensures an increase in the total entropy of the key and the physical separation of the transmission of the authenticator parts by various mobile/Internet communication channels based on multi-channel cryptography systems on flawed codes. The proposed mathematical models and algorithms for the practical implementation of the Niederreiter and McEliece HCCSFC make it possible to significantly reduce the energy capacity of group operations by reducing the power of the Galois field to GF 24–26 by additional transformations based on the MV2 algorithm, ensuring the required cryptographic strength.Документ Improved umac algorithm with crypto-code mceliece's scheme(Premier Publishing s.r.o., Austria, 2020) Yevseiev, S. P.; Havrylova, AllaThe article discusses the mathematical model of the mini-version of the UMAC hashing algorithm, using various cryptoalgorithms as a pseudo-random substrate when generating key data, presents the results of studies of the considered mini-versions. A new approach is proposed to ensure the cryptographic stability of this hashing algorithm based on Mac-Elis crypto-code constructions on modified elliptic codes. This approach will provide the required level of cryptographic security in post-quantum cryptography.Документ Investigation of the properties of hybrid crypt-code constructions(Центральноукраїнський національний технічний університет, 2018) Bilodid, I. V.; Yevseiev, S. P.Документ Mathematical models of hybrid crypto - code constructions on damaged codes(Національний технічний університет "Харківський політехнічний інститут", 2019) Yevseiev, S. P.; Bakirova, Lala; Sushchenko, MariiaThe subject are mathematical models of building hybrid (complex) cryptosystems based on Mac-Elis crypto-code constructions on damagedcodes. The purpose of this work is cryptographic mechanisms design in post-quantum cryptography to provide basic security services. The use of crypto-code structures in the mechanisms of strong authentication based on OTP passwords Development of practical algorithms for their implementation based on the proposed mathematical models. The tasks: analysis of the main threats of using OTP passwords; basics of construction and using multi-channel cryptography systems on damaged codes; a formal description of mathematical models of hybrid crypto-code constructions on damaged codes based in the modified McEliece and Niederreiter crypto-code systems in elliptic curves; development of algorithms for data encryption and decryption at the Niederreiter-McEliece hybrid crypto code constructions (НССС). Conclusion: The comprehensive protection mechanisms proposed in the article ensure the use of a strong authentication protocol in post-quantum cryptography based on OTP passwords. The use of damaged codes extends the possibilities of using crypto-code structures by significantly reducing the power of the alphabet while maintaining the required level of cryptographic resistance.Документ Mécanismes intégrés de sécurité et de fiabilité des données dans les systèmes d'information basés sur la théorie des codes correcteurs d’erreurs(Paris University Press, France, 2014) Yevseiev, S. P.; Sverdlo, Tamara; Korol, O. G.Dans cet article, on s’intéresse à l’étude des moyens cryptographiques de la protection de l'information afin d’assurer la sécurité de la transmission de données dans les systèmes d'information. On réalise ainsi une étude comparative des mécanismes intégrés de sécurité et de fiabilité de la transmission de données basés sur l'utilisation de systèmes de chiffrement asymétrique de McEliece et de Niederreiter basés sur les codes correcteurs d'erreurs m-aires.Документ Mechanisms for ensuring the security of channels of a prospective management system(Національний технічний університет "Харківський політехнічний інститут", 2022) Tomashevsky, Bogdan; Yevseiev, S. P.; Pohasii, Serhii; Milevskyi, StanislavThe development of military (state) control systems in modern conditions of hybrid warfare requires the possibility of rapid expansion of both functionality and scaling of the physical and logical basis of management, increasing the range of digitization and use of both military and civilian communication channels to manage troops and weapons. Not only the computing power of the enemy, the means of suppressing and / or blocking the communication channels of the control system, but also the development of quantum technologies that place new and more stringent requirements on security mechanisms based on symmetric and asymmetric cryptography algorithms. According to NIST, a full-scale quantum computer breaks both symmetric and asymmetric cryptosystems in polynomial time, significantly reducing their resilience. The paper proposes mechanisms of post-quantum cryptography, which allow to ensure the stability of not only communication channels, but also elements of the structure of the control system. The basis of post-quantum encryption algorithms is the combination of algorithms (schemes) of crypto-code structures with cryptosystems on unprofitable codes (multi-channel cryptography), as well as the possibility of combining them with digital steganography methods. This approach provides the ability to hide elements of management commands, and the use of different channels provides the ability to hide individual elements of cryptograms.Документ Method of the horizon detection from electro-optical sensorsunder maritime environment(Харківський національний університет Повітряних Сил ім. Івана Кожедуба, 2018) Yevseiev, S. P.; Shmatko, O. V.; Liang, Dong; Babenko, E. V.A new method is presented to detect the sea sky line. In the first step, the original image is transformed into grayscale image and the sea-sky-line region is located by using the textural features gray-level co-occurrence ma-trix based on texture feature. In the second step, the adaptive segmentation thresholds are obtained by the OTSU algorithm, which produces a set of sea sky line candidate points. Finally, a simple clustering method is adopted to select appropriate points and transform them by straight line fitting. The results of experiments established on real-world sea-sky images demonstrate the effectiveness and robustness of the proposed approach.