Кафедра "Кібербезпека"
Постійне посилання зібрання
Офіційний сайт кафедри https://cybersecurity.kpi.kharkov.ua
Кафедра "Кібербезпека" створена 11 січня 2022 року.
Кафедра активно співпрацює у галузі освіти та наукових досліджень із провідними ІТ-компаніями (Distributed Lab, Сайфер, Microcrypt Technologies). Викладачі кафедри та студенти, що навчаються за напрямом кафедри, активно використовують ресурси хмарних обчислень та застосовують технології сучасних мереж і засоби кібербезпеки разом із провідними фахівцями.
Кафедра проводить міжнародну науково-практичну конференцію “Інформаційна безпека та інформаційні технології” в рамках міжнародного науково-практичний форуму "Цифрова реальність", є співорганізатором міжнародного конгресу ”Human-Computer Interaction, Optimization and Robotic Applications” (IEEE, Анкара, Турція).
Кафедра входить до складу Навчально-наукового інституту комп'ютерних наук та інформаційних технологій Національного технічного університету "Харківський політехнічний інститут".
На кафедрі "Кібербезпека" працюють 11 викладачів, з них 3 мають науковий ступінь доктора технічних наук, 5 – науковий ступінь кандидата технічних наук; 3 – звання професора, 8 – звання доцента.
Переглянути
Перегляд Кафедра "Кібербезпека" за Назва
Результатів на сторінці
Налаштування сортування
Документ Banking security synergetic models(2019) Hryshchuk, Ruslan; Yevseiev, S. P.; Romashchenko, NataliiaThe revolutionary changes of the last decade in the banking sector have led to the blending of information and computer networks into a single information and cybernetic space, which has led to the creation of automated banking systems (ABS), which have expanded the range of state electronic services and commercial banks of the world and Ukraine. As a result, threats to such national information resource of the state as banking information resources (BIR). Security threats BIR acquired signs of hybridization. Signs of hybridity as a result of simultaneous exposure to information security threats, cybernetic security (CS) and information security (InfoSec) to BIR led to the emergence of a synergistic phenomenon whose negative signs require a radical overhaul of the concepts of existing security systems development. The article proposes mathematical methodology models for building the BIR security based on the synergistic approach of estimating hybrid threats. The proposed model forms a complex approach to assessing the current level of BIR security in the ABS, assessing the economic feasibility of introducing one or another mechanism of Technical means of InfoSec system in the ABS, depending on the banking information value, based on an advanced threat classifier.Документ The concept of building security of the network with elements of the semiotic approach(Технологічний Центр, 2023) Yevseiev, S. P.; Tolkachov, Maksym; Shetty, Darshan; Khvostenko, Vladyslav; Strelnikova, Anna; Milevskyi, Stanislav; Golovashych, SergiiThe main scientific results: the concept of a structured protection system with the Zero Trust Security approach has been developed. The structure of the semiotic analysis of the segmentation of the transmitted load on the blocks is proposed. Blocks by signs are subjected to individual analysis. According to the features, the blocks are transformed by the selected representation into an object/groups of objects. Groups for transmission in the load are tagged, have different coding severity (depth), depending on the risk assessment. Groups are transmitted through the network in different ways (paths) – VPN (different ESP), unencrypted tunnel, open access, etc. This solution improves the throughput of malicious load analysis prior to transmission. The performance overhead for encoding/decoding the load and encapsulating/de-encapsulating during transmission is reduced. The transmission bandwidth is increased.Документ Construction of hybrid security systems based on the crypto-code structures and flawed codes(ПП "Технологічний Центр", 2017) Yevseiev, S. P.; Korol, O. G.; Kots, HryhoriiIn order to ensure safety of SCCI, it is proposed to use hybrid crypto-code constructions based on the modified asymmetric crypto-code McEliece systems on flawed codes, which make it possible to obtain maximum quantity of emergent properties at minimal resource cost for initiating in the system the synergistic effect of security provision. The main difference from known approaches to the construction of hybrid cryptosystems is the use of MCCS instead of symmetric cryptosystems; to strengthen resistance and to "reduce" the alphabet power (dimensionality of field GF(26–28) to build the McEliece MCCS), the systems on flawed codes are employed. The algorithms proposed in present work for the formation and decryption of a cryptogram in the hybrid cryptosystem based on MCCS on flawed codes make it possible to practically implement HCCSFC. The study that we conducted into energy consumption of major operations in the hybrid cryptosystems and their stability on the basis of the proposed assessment procedure confirms efficiency of their application in order to provide basic requirements to service quality in IES.Документ Developing a model of efficiency of investment in the security of banking information in ABS(Харківський національний економічний університет ім. Семена Кузнеця, 2019) Yevseiev, S. P.; Çetinkaya, K.Документ Developing of multi-factor authentication method based on Niederreiter-McEliece modified crypto-code system(ПП "Технологічний Центр", 2016) Yevseiev, S. P.; Kots, Hryhorii; Liekariev, YehorTwo-factor authentication methods to date, are considered by experts as authenticators resistance amplification mechanisms, while ensuring the authenticity services in various fields of high technology, financial and insurance sectors of the market, large banking institutions and public sector enterprises. Thus, authenticators based on OTP passwords and various types of tokens are typically used in the ABS. The suggested synergistic threat assessment approach revealed that attackers use a comprehensive approach to the implementation of threats, based on a combination of social engineering techniques with traditional methods, of disguise and infiltration. New types of cyber-attacks are also used to effectively embed malware on mobile communication devices, which in turn leads to a decrease in the profitability of the two-factor authentication methods based on SMS messages and OTP passwords in ABS. The proposed safety mechanisms based on modified crypto code Niederreiter and Mc-Eliece systems allow to ensure reliability (based on the use of elliptical error-correcting codes) and safety (proposed cryptosystem are secret models of provable resistance) of data transmitted. Their usage in the multi-factor authentication protocol ensures the security of the physical separation of transmission of the parts of authenticator of banking transactions through mobile lines (using the Niederreiter MCCS) and ABS (using the McEliece MCCS). The proposed mathematical model and algorithms of practical implementation of the Niederreiter MCCS allow, based on the error vector symbol shortening, to reduce the energy capacity of the group operations, reduce the power of the Galois field to GF 2⁶–2⁷, providing the required cryptographic resistance.Документ Development of a method for assessing the security of cyber-physical systems based on the Lotka-Volterra model(ПП "Технологічний Центр", 2021) Yevseiev, S. P.; Pohasii, Serhii ; Milevskyi, Stanislav ; Milov, Oleksandr ; Melenti, Y.; Grod, I.; Berestov, D.; Fedorenko, R.; Kurchenko, O.The paper presents the results of the development of a method for assessing the security of cyber-physical systems based on the Lotka–Volterra model. Security models of cyber-physical systems are proposed: “predator–prey” taking into account the computing capabilities and focus of targeted cyberattacks, “predator–prey” taking into account the possible competition of attackers in relation to the “prey”, “predator–prey” taking into account the relationships between “prey species” and “predator species”, “predator–prey” taking into account the relationship between “prey species” and “predator species”. Based on the proposed approach, the coefficients of the Lotka–Volterra model α=0.39, β=0.32, γ=0.29, φ=0.27 were obtained, which take into account the synergy and hybridity of modern threats, funding for the formation and improvement of the protection system, and also allow determining the financial and computing capabilities of the attacker based on the identified threats. The proposed method for assessing the security of cyber-physical systems is based on the developed threat classifier, allows assessing the current security level and provides recommendations regarding the allocation of limited protection resources based on an expert assessment of known threats. This approach allows offline dynamic simulation, which makes it possible to timely determine attackers' capabilities and form preventive protection measures based on threat analysis. In the simulation, actual bases for assessing real threats and incidents in cyber-physical systems can be used, which allows an expert assessment of their impact on both individual security services and security components (cyber security, information security and security of information). The presented simulation results do not contradict the graphical results of the classical Lotka–Volterra model, which indicates the adequacy of the proposed approach for assessing the security of cyber-physical systemsДокумент Development of a protocol for a closed mobile Internet channel based on post-quantum algorithms(Харківський національний університет Повітряних Сил ім. Івана Кожедуба, 2021) Yevseiev, S. P.; Pohasii, Serhii; Khvostenko, VladyslavThe development of computing technologies has made it possible not only to expand the range of mobile communication services, but also to significantly increase computing capabilities. The emergence of mobile Internet, 4G, 5G technologies makes it possible to talk about a fundamentally different approach to ensuring the quality of service to network customers, creating fundamentally new approaches to ensuring the efficiency and reliability of transmitted information flows. However, such a rapid growth of GSM technologies without the introduction of security services leads to active actions of attackers and cyber terrorists, the emergence of new and modification of known threats. Mobile communication channels are used by cybercriminals for selfish purposes of access to database resources not only of the mobile Internet, but also to the databases of information and communication systems and networks. The article proposes a fundamentally new approach to ensuring the closure of the voice channel of the mobile Internet based on post-quantum cryptography algorithms – McEliece and Niederreiter crypto-code constructions on elliptic codes. This approach provides not only the offline mode of closing the voice channel and creating a VPN channel in tunnel mode, but also the required level of cryptographic strength in the face of the emergence of full-scale quantum computers.Документ Development of crypto-code constructs based on LDPC codes(ПП "Технологічний Центр", 2022) Pohasii, Serhii; Yevseiev, S. P.; Milov, Oleksandr; Kovalenko, Oleksandr; Kostiak, Maryna; Volkov, Andrii; Lezik, Aleksandr; Susukailo, VitaliiThe results of developing post-quantum algorithms of McEliece and Niederreiter crypto-code constructs based on LDPC (Low-Density Parity-Check) codes are presented. With the rapid growth of computing capabilities of mobile technologies and the creation of wireless mesh and sensor networks, Internet of Things technologies, and smart technologies on their basis, information security is becoming an urgent problem. At the same time, there is a need to consider security in two circuits, internal (directly within the network infrastructure) and external (cloud technologies). In such conditions, it is necessary to integrate threats to both the internal and external security circuits. This allows you to take into account not only the hybridity and synergy of modern targeted threats, but also the level of significance (degree of secrecy) of information flows and information circulating in both the internal and external security circuits. The concept of building security based on two circuits is proposed. To ensure the security of wireless mobile channels, it is proposed to use McEliece and Niederreiter crypto-code constructs based on LDPC codes, which allows integration into the credibility technology of IEEE 802.15.4, IEEE 802.16 standards. This approach provides the required level of security services (confidentiality, integrity, authenticity) in a full-scale quantum computer. Practical security technologies based on the proposed crypto-code constructs, online IP telephony and the Smart Home system based on the use of an internal server are considered.Документ Development of McEliece modified asymmetric crypto-code system on elliptic truncated codes(ПП "Технологічний Центр", 2016) Yevseiev, S. P.; Rzayev, Kh.; Korol, O. G.; Imanova, Z.Symmetric and asymmetric cryptographic algorithms, providing the required level of cryptographic strength are generally used to ensure security in modern communication systems, and error-correcting coding techniques - to ensure reliability. The use of asymmetric crypto-code systems enables integrated (with one mechanism) provision of the required levels of reliability, security and efficiency in the processing and transmission of confidential information via open channels of telecommunication systems. The research confirms that their usage provides high performance on the level of symmetric encryption algorithms with BSSH, provable cryptographic strength based on theoretical and complexity problems in arbitrary code decoding (1030 – 1035 group operations are provided), and reliability through the use of a shortened algebra-geometric code (Рош10-9 – 10-12 is provided). A major disadvantage of the use of the McEliece cryptographic system are large amounts of critical data (to provide the required cryptographic strength it is necessary to build a system in the GF (210 – 213). In order to reduce the volume of key data (public key), we propose to use shortened codes, that enables to reduce the GF(26 –28), while maintaining a cryptographic strength level, by introducing the character location entropy at initialization vector.Документ The development of the method of multifactor authentication based on hybrid cryptocode constructions on defective codes(2017) Yevseiev, S. P.; Kots, Hryhorii; Minukhin, Sergii; Korol, O. G.; Kholodkova, AnnaThe proposed security mechanisms in hybrid-crypto-code systems, based on Niederreiter and McEliece modified asymmetric crypto-code systems on flawed codes allow further use of the methods of strict two-factor authentication on OTP passwords (OTP based 2FA). To ensure the required security and efficiency in the multi-factor authentication protocol, the McEliece and Niederreiter modified asymmetric crypto-code systems, allowing integrated reliability provision in information transmission on the basis of error-correction coding on elliptic codes are used. The use of the MV2 algorithm ensures an increase in the total entropy of the key and the physical separation of the transmission of the authenticator parts by various mobile/Internet communication channels based on multi-channel cryptography systems on flawed codes. The proposed mathematical models and algorithms for the practical implementation of the Niederreiter and McEliece HCCSFC make it possible to significantly reduce the energy capacity of group operations by reducing the power of the Galois field to GF 24–26 by additional transformations based on the MV2 algorithm, ensuring the required cryptographic strength.Документ Improved umac algorithm with crypto-code mceliece's scheme(Premier Publishing s.r.o., Austria, 2020) Yevseiev, S. P.; Havrylova, AllaThe article discusses the mathematical model of the mini-version of the UMAC hashing algorithm, using various cryptoalgorithms as a pseudo-random substrate when generating key data, presents the results of studies of the considered mini-versions. A new approach is proposed to ensure the cryptographic stability of this hashing algorithm based on Mac-Elis crypto-code constructions on modified elliptic codes. This approach will provide the required level of cryptographic security in post-quantum cryptography.Документ International legislation on personal data protection(Харківський університет Повітряних Сил ім. Івана Кожедуба, 2012) Evseev, S. P.Basic regulations of legislative acts in the personal data protection field of the European Union, USA and CIS are considered. Threats to personal databases are classified, basic advantages and disadvantages of current re-quirements to personal data protection ensuring are analyzed.Документ Investigation of the properties of hybrid crypt-code constructions(Центральноукраїнський національний технічний університет, 2018) Bilodid, I. V.; Yevseiev, S. P.Документ Justification of directions for improving authentication protocols in information and communication systems(Національний авіаційний університет, 2023) Havrylova, Alla; Khokhlachova, Yuliia; Tkachov, Andrii; Voropay, Natalya; Khvostenko, VladyslavThe analysis of information about the conducted cyber-threats makes it possible to identify modern information security problems when transmitted through unprotected communication channels. When conducting such an analysis, various components of the methods of implementing cyber threats are considered, but in this paper, it is proposed to pay attention to the motivational component of the emergence of threats and the existing effective tools for countering them. Such a comprehensive approach will make it possible to predict various modes of cyberattacks that cybercriminals can use against certain systems and to prepare the necessary digital security systems for the implementation of future threats. The influence of the exponential growth of the capacities of computing devices on the growth of the possibilities of implementing attacks by cybercriminals on cryptographic algorithms was also revealed. In this regard, the work considered the possibilities of increasing the level of resistance to such interventions, which are ensured by the NIST requirements for stability and security in the conditions of the post-quantum period. To determine the level of security of data transmission over an insecure network with privacy, integrity and authentication, a comparative analysis of the capabilities of information transmission protocols was conducted. The results of the analysis are presented in the form of a scheme of security and stability of protocols and algorithms that made it to the finals of the NIST competition. To ensure the integrity and authenticity of users when establishing communication sessions with websites, it is recommended to use TLS protocols. A scheme of the process of authenticated encryption and verification ofthe authenticity of an encrypted message transmitted using a TLS connection has been developed. The process diagram of authentication encryption and decryption of information when establishing a communication session in TLS protocols has been developed. A comparative analysis of different versions of TLS protocols was carried out.Документ Mécanismes intégrés de sécurité et de fiabilité des données dans les systèmes d'information basés sur la théorie des codes correcteurs d’erreurs(Paris University Press, France, 2014) Yevseiev, S. P.; Sverdlo, Tamara; Korol, O. G.Dans cet article, on s’intéresse à l’étude des moyens cryptographiques de la protection de l'information afin d’assurer la sécurité de la transmission de données dans les systèmes d'information. On réalise ainsi une étude comparative des mécanismes intégrés de sécurité et de fiabilité de la transmission de données basés sur l'utilisation de systèmes de chiffrement asymétrique de McEliece et de Niederreiter basés sur les codes correcteurs d'erreurs m-aires.Документ Method of the horizon detection from electro-optical sensorsunder maritime environment(Харківський національний університет Повітряних Сил ім. Івана Кожедуба, 2018) Yevseiev, S. P.; Shmatko, O. V.; Liang, Dong; Babenko, E. V.A new method is presented to detect the sea sky line. In the first step, the original image is transformed into grayscale image and the sea-sky-line region is located by using the textural features gray-level co-occurrence ma-trix based on texture feature. In the second step, the adaptive segmentation thresholds are obtained by the OTSU algorithm, which produces a set of sea sky line candidate points. Finally, a simple clustering method is adopted to select appropriate points and transform them by straight line fitting. The results of experiments established on real-world sea-sky images demonstrate the effectiveness and robustness of the proposed approach.Документ Methodology for Building A Security System for Banking Information Resources(Karabük University Publishing, Turkey, 2019) Yevseiev, S. P.Документ Perspective national communication system for cyber management of critical facilities(Peal Press Ltd., Great Britain, 2020) Tomashevsky, Bogdan; Yevseiev, S. P.; Tkachov, AndriiIn a promising confidential communication system, it is proposed to use special communication systems (networks), special dual-purpose systems, as well as systems of open public Internet systems and mobile communication systems. Secrecy of data transmission, cryptographic strength, authentication and authenticity is ensured by the use of a verbatim container, cryptoalgorithms of protection, hash functions, random switching of transmission channels and blockchain transaction technology.Документ Practical implementation of the Niederreiter modified cryptocode system on truncated elliptic codes(ПП "Технологічний Центр", 2018) Yevseiev, S. P.; Tsyhanenko, O. S.; Ivanchenko, Serhii; Aleksiyev, Volodymyr; Verheles, Dmytrо; Volkov, Sergey; Korolev, Roman; Kots, Hryhorii; Milov, Oleksandr; Shmatko, O. V.On the basis of the practical implementation of the classic Niederreiter scheme for non-binary codes, a pattern has been identified for practical implementation –fixing the admissible position vectors of the plaintext transformation based on equilibrium coding. The obtained set of position vectors of the error vector with a fixed set of masking matrices (the recipient's private key) allows us to obtain the algorithm for decoding the classical Niederreiter crypto-code scheme on non-binary codes. For this, a modification of the crypto-code system (CCS) is necessary. It is proposed to use the additional parameter of key data – the initialization vector (the set of invalid position vectors of the error vector). To counter the Sidelnikov attacks, it is proposed to use modified (shortened) algebraic-geometric (elliptic) codes (MEC). For this, it is necessary to use the second additional initialization vector (the set of positions for shortening the error vector). Based on the modification of the classical Niederreiter scheme on non-binary codes, applied algorithms for generating and decrypting a cryptogram in the Niederreiter modified crypto-code system based on modified (shortened) elliptic codes and software are proposed. To confirm the profitability of the proposed crypto-code system, the results of the comparative evaluation of energy consumption for the implementation of the classical Niederreiter scheme on elliptic codes and the implementation of the proposed system on modified elliptic codes are presented. The results confirm the possibility of practical implementation of the Niederreiter crypto-code system based on the proposed algorithms. At the same time, the required level of cryptographic strength of the crypto-code system, protection of the cryptosystem against the Sidelnikov attacks and an increase in the rate of cryptographic transformations by 3-5 times compared with the classical Niederreiter scheme are guaranteed.Документ Research of criteria of modified non-symmetric crypto-code construction of McEliece on extended elliptic codes(Харківський національний університет Повітряних Сил ім. Івана Кожедуба, 2019) Yevseiev, S. P.The computing development in the post-quantum cryptography era puts forward new requirements for crypto-graphic mechanisms for providing basic security services. The advent of a full-scale quantum computer casts doubt on the cryptographic strength of cryptosystems based on symmetric cryptography and public-key cryptography. One of the promising areas in the opinion of US NIST experts is the use of crypto-code constructions (crypto-code schemes or code-theoretic schemes) by McEliece or Niederreiter. The construction allows one integrated mecha-nism to provide the basic requirements for cryptosystems – cryptographic stability, speed of crypto conversion and in addition – reliability based on the use of noise-resistant coding. However, their use is difficult due to the large volume of power of the alphabet, and the possibility of hacking based on Sidelnikov’s attack. The paper proposes to use non-cyclic noise-resistant codes on elliptic curves in a modified McEliece cryptosystem that are not susceptible to Sidelnikov’s attack. The main criteria for constructing a modified crypto-code based on the McEliece scheme on elongated elliptic codes are investigated. It is proposed to reduce the energy intensity in the proposed crypto code design by reducing the power of the Galois field while ensuring the level of cryptographic stability of the modified cryptosystem as a whole with its software implementation. To reduce the field power, it is proposed to use modified elliptical codes, which allows to reduce the field power by 2 times. A comparative assessment of the performance of cryptocurrencies in the proposed design of the cryptosystem is carried out. The results of statistical stability studies based on the NIST STS 822 package confirm the cryptographic strength of the proposed cryptosystem on modified elongated elliptical codes.