Кафедра "Кібербезпека"
Постійне посилання колекціїhttps://repository.kpi.kharkov.ua/handle/KhPI-Press/63626
Офіційний сайт кафедри https://cybersecurity.kpi.kharkov.ua
Кафедра "Кібербезпека" створена 11 січня 2022 року.
Кафедра активно співпрацює у галузі освіти та наукових досліджень із провідними ІТ-компаніями (Distributed Lab, Сайфер, Microcrypt Technologies). Викладачі кафедри та студенти, що навчаються за напрямом кафедри, активно використовують ресурси хмарних обчислень та застосовують технології сучасних мереж і засоби кібербезпеки разом із провідними фахівцями.
Кафедра проводить міжнародну науково-практичну конференцію “Інформаційна безпека та інформаційні технології” в рамках міжнародного науково-практичний форуму "Цифрова реальність", є співорганізатором міжнародного конгресу ”Human-Computer Interaction, Optimization and Robotic Applications” (IEEE, Анкара, Турція).
Кафедра входить до складу Навчально-наукового інституту комп'ютерних наук та інформаційних технологій Національного технічного університету "Харківський політехнічний інститут".
На кафедрі "Кібербезпека" працюють 11 викладачів, з них 3 мають науковий ступінь доктора технічних наук, 5 – науковий ступінь кандидата технічних наук; 3 – звання професора, 8 – звання доцента.
Переглянути
Документ Banking security synergetic models(2019) Hryshchuk, Ruslan; Yevseiev, S. P.; Romashchenko, NataliiaThe revolutionary changes of the last decade in the banking sector have led to the blending of information and computer networks into a single information and cybernetic space, which has led to the creation of automated banking systems (ABS), which have expanded the range of state electronic services and commercial banks of the world and Ukraine. As a result, threats to such national information resource of the state as banking information resources (BIR). Security threats BIR acquired signs of hybridization. Signs of hybridity as a result of simultaneous exposure to information security threats, cybernetic security (CS) and information security (InfoSec) to BIR led to the emergence of a synergistic phenomenon whose negative signs require a radical overhaul of the concepts of existing security systems development. The article proposes mathematical methodology models for building the BIR security based on the synergistic approach of estimating hybrid threats. The proposed model forms a complex approach to assessing the current level of BIR security in the ABS, assessing the economic feasibility of introducing one or another mechanism of Technical means of InfoSec system in the ABS, depending on the banking information value, based on an advanced threat classifier.Документ The concept of building security of the network with elements of the semiotic approach(Технологічний Центр, 2023) Yevseiev, S. P.; Tolkachov, Maksym; Shetty, Darshan; Khvostenko, Vladyslav; Strelnikova, Anna; Milevskyi, Stanislav; Golovashych, SergiiThe main scientific results: the concept of a structured protection system with the Zero Trust Security approach has been developed. The structure of the semiotic analysis of the segmentation of the transmitted load on the blocks is proposed. Blocks by signs are subjected to individual analysis. According to the features, the blocks are transformed by the selected representation into an object/groups of objects. Groups for transmission in the load are tagged, have different coding severity (depth), depending on the risk assessment. Groups are transmitted through the network in different ways (paths) – VPN (different ESP), unencrypted tunnel, open access, etc. This solution improves the throughput of malicious load analysis prior to transmission. The performance overhead for encoding/decoding the load and encapsulating/de-encapsulating during transmission is reduced. The transmission bandwidth is increased.Документ Construction of hybrid security systems based on the crypto-code structures and flawed codes(ПП "Технологічний Центр", 2017) Yevseiev, S. P.; Korol, O. G.; Kots, HryhoriiIn order to ensure safety of SCCI, it is proposed to use hybrid crypto-code constructions based on the modified asymmetric crypto-code McEliece systems on flawed codes, which make it possible to obtain maximum quantity of emergent properties at minimal resource cost for initiating in the system the synergistic effect of security provision. The main difference from known approaches to the construction of hybrid cryptosystems is the use of MCCS instead of symmetric cryptosystems; to strengthen resistance and to "reduce" the alphabet power (dimensionality of field GF(26–28) to build the McEliece MCCS), the systems on flawed codes are employed. The algorithms proposed in present work for the formation and decryption of a cryptogram in the hybrid cryptosystem based on MCCS on flawed codes make it possible to practically implement HCCSFC. The study that we conducted into energy consumption of major operations in the hybrid cryptosystems and their stability on the basis of the proposed assessment procedure confirms efficiency of their application in order to provide basic requirements to service quality in IES.Документ Cybersecurity challenges and solutions for critical infrastructure protection(Національний авіаційний університет, 2024) Tkachov, Andrii; Korolov, Roman; Rahimova, Irada; Aksonova, Iryna; Sevriukova, YelyzavetaCritical infrastructure can be vulnerable to attack from natural disasters or malicious actors such as hackers or terrorists. If these threats are not addressed quickly, they can lead to significant disruption in service delivery or even complete shutdowns which could have devastating consequences for those relying on them for their day-to-day activities. Therefore, it is important that governments take steps towards protecting critical infrastructure from potential threats by implementing comprehensive security measures both online and offline. Based on a comprehensive analysis of current issues, a decision has been made to ensure the cyber protection of critical infrastructure objects infrastructure. An analysis of cyber threats was carried out in relation to the dynamics of historical retrospective in sectors of critical infrastructure objects. As more and more systems become connected to the internet and vulnerable to cyber-attacks, it is important for organizations to invest in robust cybersecurity defenses to protect their systems from malicious actors. By taking these measures, organizations can help protect their systems from cyber-attacks and ensure the safety of the public. Formulates a model of threats from spills of critical infrastructure objects to cyber-attacks with a breakdown of threats by type. A triad of main actions and approaches for protecting critical infrastructure has been seen. Existing problems in implementing countermeasures and major threats posed to cyberspace actors have been identified. Key factors have been identified to break the cycle of cyber-attacks on critical infrastructure. Based on a comprehensive analysis and formulated concepts, a comprehensive approach to the protection of critical infrastructure objects is proposed in accordance with the management of global trends in the development of threats, threat models, and vulnerabilities of the protection system, a triad of actions and approaches to breaking cycles of cyber-attacks on critical infrastructure.Документ Developing a model of efficiency of investment in the security of banking information in ABS(Харківський національний економічний університет ім. Семена Кузнеця, 2019) Yevseiev, S. P.; Çetinkaya, K.Документ Developing of multi-factor authentication method based on Niederreiter-McEliece modified crypto-code system(ПП "Технологічний Центр", 2016) Yevseiev, S. P.; Kots, Hryhorii; Liekariev, YehorTwo-factor authentication methods to date, are considered by experts as authenticators resistance amplification mechanisms, while ensuring the authenticity services in various fields of high technology, financial and insurance sectors of the market, large banking institutions and public sector enterprises. Thus, authenticators based on OTP passwords and various types of tokens are typically used in the ABS. The suggested synergistic threat assessment approach revealed that attackers use a comprehensive approach to the implementation of threats, based on a combination of social engineering techniques with traditional methods, of disguise and infiltration. New types of cyber-attacks are also used to effectively embed malware on mobile communication devices, which in turn leads to a decrease in the profitability of the two-factor authentication methods based on SMS messages and OTP passwords in ABS. The proposed safety mechanisms based on modified crypto code Niederreiter and Mc-Eliece systems allow to ensure reliability (based on the use of elliptical error-correcting codes) and safety (proposed cryptosystem are secret models of provable resistance) of data transmitted. Their usage in the multi-factor authentication protocol ensures the security of the physical separation of transmission of the parts of authenticator of banking transactions through mobile lines (using the Niederreiter MCCS) and ABS (using the McEliece MCCS). The proposed mathematical model and algorithms of practical implementation of the Niederreiter MCCS allow, based on the error vector symbol shortening, to reduce the energy capacity of the group operations, reduce the power of the Galois field to GF 2⁶–2⁷, providing the required cryptographic resistance.Документ Development of a method for assessing the security of cyber-physical systems based on the Lotka-Volterra model(ПП "Технологічний Центр", 2021) Yevseiev, S. P.; Pohasii, Serhii ; Milevskyi, Stanislav ; Milov, Oleksandr ; Melenti, Y.; Grod, I.; Berestov, D.; Fedorenko, R.; Kurchenko, O.The paper presents the results of the development of a method for assessing the security of cyber-physical systems based on the Lotka–Volterra model. Security models of cyber-physical systems are proposed: “predator–prey” taking into account the computing capabilities and focus of targeted cyberattacks, “predator–prey” taking into account the possible competition of attackers in relation to the “prey”, “predator–prey” taking into account the relationships between “prey species” and “predator species”, “predator–prey” taking into account the relationship between “prey species” and “predator species”. Based on the proposed approach, the coefficients of the Lotka–Volterra model α=0.39, β=0.32, γ=0.29, φ=0.27 were obtained, which take into account the synergy and hybridity of modern threats, funding for the formation and improvement of the protection system, and also allow determining the financial and computing capabilities of the attacker based on the identified threats. The proposed method for assessing the security of cyber-physical systems is based on the developed threat classifier, allows assessing the current security level and provides recommendations regarding the allocation of limited protection resources based on an expert assessment of known threats. This approach allows offline dynamic simulation, which makes it possible to timely determine attackers' capabilities and form preventive protection measures based on threat analysis. In the simulation, actual bases for assessing real threats and incidents in cyber-physical systems can be used, which allows an expert assessment of their impact on both individual security services and security components (cyber security, information security and security of information). The presented simulation results do not contradict the graphical results of the classical Lotka–Volterra model, which indicates the adequacy of the proposed approach for assessing the security of cyber-physical systemsДокумент Development of a protocol for a closed mobile Internet channel based on post-quantum algorithms(Харківський національний університет Повітряних Сил ім. Івана Кожедуба, 2021) Yevseiev, S. P.; Pohasii, Serhii; Khvostenko, VladyslavThe development of computing technologies has made it possible not only to expand the range of mobile communication services, but also to significantly increase computing capabilities. The emergence of mobile Internet, 4G, 5G technologies makes it possible to talk about a fundamentally different approach to ensuring the quality of service to network customers, creating fundamentally new approaches to ensuring the efficiency and reliability of transmitted information flows. However, such a rapid growth of GSM technologies without the introduction of security services leads to active actions of attackers and cyber terrorists, the emergence of new and modification of known threats. Mobile communication channels are used by cybercriminals for selfish purposes of access to database resources not only of the mobile Internet, but also to the databases of information and communication systems and networks. The article proposes a fundamentally new approach to ensuring the closure of the voice channel of the mobile Internet based on post-quantum cryptography algorithms – McEliece and Niederreiter crypto-code constructions on elliptic codes. This approach provides not only the offline mode of closing the voice channel and creating a VPN channel in tunnel mode, but also the required level of cryptographic strength in the face of the emergence of full-scale quantum computers.Документ Development of crypto-code constructs based on LDPC codes(ПП "Технологічний Центр", 2022) Pohasii, Serhii; Yevseiev, S. P.; Milov, Oleksandr; Kovalenko, Oleksandr; Kostiak, Maryna; Volkov, Andrii; Lezik, Aleksandr; Susukailo, VitaliiThe results of developing post-quantum algorithms of McEliece and Niederreiter crypto-code constructs based on LDPC (Low-Density Parity-Check) codes are presented. With the rapid growth of computing capabilities of mobile technologies and the creation of wireless mesh and sensor networks, Internet of Things technologies, and smart technologies on their basis, information security is becoming an urgent problem. At the same time, there is a need to consider security in two circuits, internal (directly within the network infrastructure) and external (cloud technologies). In such conditions, it is necessary to integrate threats to both the internal and external security circuits. This allows you to take into account not only the hybridity and synergy of modern targeted threats, but also the level of significance (degree of secrecy) of information flows and information circulating in both the internal and external security circuits. The concept of building security based on two circuits is proposed. To ensure the security of wireless mobile channels, it is proposed to use McEliece and Niederreiter crypto-code constructs based on LDPC codes, which allows integration into the credibility technology of IEEE 802.15.4, IEEE 802.16 standards. This approach provides the required level of security services (confidentiality, integrity, authenticity) in a full-scale quantum computer. Practical security technologies based on the proposed crypto-code constructs, online IP telephony and the Smart Home system based on the use of an internal server are considered.Документ Development of McEliece modified asymmetric crypto-code system on elliptic truncated codes(ПП "Технологічний Центр", 2016) Yevseiev, S. P.; Rzayev, Kh.; Korol, O. G.; Imanova, Z.Symmetric and asymmetric cryptographic algorithms, providing the required level of cryptographic strength are generally used to ensure security in modern communication systems, and error-correcting coding techniques - to ensure reliability. The use of asymmetric crypto-code systems enables integrated (with one mechanism) provision of the required levels of reliability, security and efficiency in the processing and transmission of confidential information via open channels of telecommunication systems. The research confirms that their usage provides high performance on the level of symmetric encryption algorithms with BSSH, provable cryptographic strength based on theoretical and complexity problems in arbitrary code decoding (1030 – 1035 group operations are provided), and reliability through the use of a shortened algebra-geometric code (Рош10-9 – 10-12 is provided). A major disadvantage of the use of the McEliece cryptographic system are large amounts of critical data (to provide the required cryptographic strength it is necessary to build a system in the GF (210 – 213). In order to reduce the volume of key data (public key), we propose to use shortened codes, that enables to reduce the GF(26 –28), while maintaining a cryptographic strength level, by introducing the character location entropy at initialization vector.Документ Development of methodological support for the assessment and stratification of national HEI according to the level of innovation activity(Primedia eLaunch, 2021) Ponomarenko, Volodymir; Rayevnyeva, Olena; Yermachenko, Volodymyr; Yevseiev, Serhii; Poliakova, H.; Milov, Oleksandr; Labunska, S.; Brovko, Olha; Shmatko, Oleksandr; Aksonova, IrynaДокумент The development of the method of multifactor authentication based on hybrid cryptocode constructions on defective codes(2017) Yevseiev, S. P.; Kots, Hryhorii; Minukhin, Sergii; Korol, O. G.; Kholodkova, AnnaThe proposed security mechanisms in hybrid-crypto-code systems, based on Niederreiter and McEliece modified asymmetric crypto-code systems on flawed codes allow further use of the methods of strict two-factor authentication on OTP passwords (OTP based 2FA). To ensure the required security and efficiency in the multi-factor authentication protocol, the McEliece and Niederreiter modified asymmetric crypto-code systems, allowing integrated reliability provision in information transmission on the basis of error-correction coding on elliptic codes are used. The use of the MV2 algorithm ensures an increase in the total entropy of the key and the physical separation of the transmission of the authenticator parts by various mobile/Internet communication channels based on multi-channel cryptography systems on flawed codes. The proposed mathematical models and algorithms for the practical implementation of the Niederreiter and McEliece HCCSFC make it possible to significantly reduce the energy capacity of group operations by reducing the power of the Galois field to GF 24–26 by additional transformations based on the MV2 algorithm, ensuring the required cryptographic strength.Документ Digitalization as a development factor of innovative-active university(LLC "СPС "Business Perspectives", 2021) Ponomarenko, Volodymir; Rayevnyeva, Olena; Yermachenko, Volodymyr; Aksonova, Iryna; Brovko, OlhaA characteristic feature of the XXI century is the emergence of the digital society phenomenon, which significantly changes all processes in higher education. The implementation of innovations into university activity, creation of its digital culture, and digital environment are the key features of an innovative-active university (IAU) and factors of its development. The paper aims to develop a strategy and innovative-indicative measures for digitalization of IAU activities based on the study of society’s digital maturity. Index, rating, comparative analyzes, and decomposition method were used. It is determined that Ukraine has a significant gap in comparison with the developed countries in terms of digital maturity of society and occupies lower than average positions in international informatization indices. To assess the state of digitalization processes in Ukraine, government measures for the development of digital culture were analyzed, the limitations and triggers of society digitalization are identified. It is proved that the digitalization of education has a dominant impact on the overall level of digital competitiveness. That is, the introduction of information and communication technologies in the IAU activity is an urgent task of its management. The digitalization strategy of S.Kuznets KhNUE in accordance with its educational, scientific and technical, marketing, and international activities was created. The proposed strategy is based on a systemic understanding of digitalization processes, which makes it possible to increase the degree of their controllability. A set of innovative and indicative measures was developed, which constitute the tactical contour of IAU digital process management.Документ Economic security of the regions: comparative analysis of approaches and construction of the technology of assessment(Primedia eLaunch LLC, 2019) Rayevnyeva, Olena; Aksonova, Iryna; Derykhovska, Viktoriia; Brovko, OlhaIn today's conditions of country's development, the economic security of the regions serves as a guarantor of the independence of the territory and an indicator of its economic growth. Economic security acts as one of the components of national security and it is impossible to carry out effectively tasks for its maintenance without understanding of its essence. At the same time, the country's economic security is determined by the level of economic security of regional systems, the justified management of which requires an objective assessment of the state and development trends based on indicators of economic security. The purpose of the research is to generalize theoretical and analytical as well as methodological foundations for determining the level of the region economic security, the integral assessment technology formation and clustering of the regions of Ukraine according to the components of economic security. There were used the system approach, logical-comparative analysis, generalization method of information, methods of taxonomy and multivariate analysis during economic security research of the regions. Monographs of scientists from the mentioned issues, materials of periodicals, statistical information of the sites of the State Statistics Service of Ukraine, Main regional statistics officesismethodological and informational basis of the research. The research presents the results of calculating the integral indicators of economic security of Ukrainianregions for 64 indicators during 2015-2017. In terms of economic security there were applied cluster and discriminant analyses for the allocation of homogeneous groups of regions. In order to identify the factors having a negative impact on state of the general level of economic security of the regions, a correlation-regression model was built for each cluster. The results of the analysis demonstrate a low level of economic security of the regions of Ukraine. An integrated assessment of the economic security level of the regions made it possible to carry out a comparative analysis that identified the most volatile (weak, vulnerable) regions and showed according to which components of economic security should make the priority management impacts. In order to develop priority tactical and strategic measures to stabilize and increase the level of economic security of the regions their clusterization and analysis of cluster migration of the regions was carried out was. As a result of the use of multifactor econometric modeling, the weights of the impact of a specific structural component of economic security on its overall level for invariant regions are determined, and in accordance with this, a set of management recommendations for improving the economic security of the country's regions is formed.Документ Improved umac algorithm with crypto-code mceliece's scheme(Premier Publishing s.r.o., Austria, 2020) Yevseiev, S. P.; Havrylova, AllaThe article discusses the mathematical model of the mini-version of the UMAC hashing algorithm, using various cryptoalgorithms as a pseudo-random substrate when generating key data, presents the results of studies of the considered mini-versions. A new approach is proposed to ensure the cryptographic stability of this hashing algorithm based on Mac-Elis crypto-code constructions on modified elliptic codes. This approach will provide the required level of cryptographic security in post-quantum cryptography.Документ International legislation on personal data protection(Харківський університет Повітряних Сил ім. Івана Кожедуба, 2012) Evseev, S. P.Basic regulations of legislative acts in the personal data protection field of the European Union, USA and CIS are considered. Threats to personal databases are classified, basic advantages and disadvantages of current re-quirements to personal data protection ensuring are analyzed.Документ Investigation of the properties of hybrid crypt-code constructions(Центральноукраїнський національний технічний університет, 2018) Bilodid, I. V.; Yevseiev, S. P.Документ Justification of directions for improving authentication protocols in information and communication systems(Національний авіаційний університет, 2023) Havrylova, Alla; Khokhlachova, Yuliia; Tkachov, Andrii; Voropay, Natalya; Khvostenko, VladyslavThe analysis of information about the conducted cyber-threats makes it possible to identify modern information security problems when transmitted through unprotected communication channels. When conducting such an analysis, various components of the methods of implementing cyber threats are considered, but in this paper, it is proposed to pay attention to the motivational component of the emergence of threats and the existing effective tools for countering them. Such a comprehensive approach will make it possible to predict various modes of cyberattacks that cybercriminals can use against certain systems and to prepare the necessary digital security systems for the implementation of future threats. The influence of the exponential growth of the capacities of computing devices on the growth of the possibilities of implementing attacks by cybercriminals on cryptographic algorithms was also revealed. In this regard, the work considered the possibilities of increasing the level of resistance to such interventions, which are ensured by the NIST requirements for stability and security in the conditions of the post-quantum period. To determine the level of security of data transmission over an insecure network with privacy, integrity and authentication, a comparative analysis of the capabilities of information transmission protocols was conducted. The results of the analysis are presented in the form of a scheme of security and stability of protocols and algorithms that made it to the finals of the NIST competition. To ensure the integrity and authenticity of users when establishing communication sessions with websites, it is recommended to use TLS protocols. A scheme of the process of authenticated encryption and verification ofthe authenticity of an encrypted message transmitted using a TLS connection has been developed. The process diagram of authentication encryption and decryption of information when establishing a communication session in TLS protocols has been developed. A comparative analysis of different versions of TLS protocols was carried out.Документ Management and modelling of the industrial enterprise's crisis situations(LLC "СPС "Business Perspectives", 2020) Rayevnyeva, Olena; Brovko, Olha; Filip, Stanislav; Aksonova, Iryna; Derykhovska, ViktoriiaIn conditions of national economy’s unstable development, the primary task of the enterprise internal management is to timely assess and predict the effects of external fluctuations on the state of the enterprise and to develop effective management decisions. The article aims to develop the methodological approach, which, based on a set of models for recognizing an artificial crisis or localizing a natural crisis, allows the crisis management of an enterprise considering its resource capabilities and stage of the life cycle as the interaction of system-forming spheres of life, namely production, financial, and labor. The practical value of the approach consists in developing a system of econometric and cognitive modeling models that allows developing a set of managerial decisions that are adaptive to external and internal fluctuations for localizing a natural crisis or recognizing an artificial crisis. The methodological approach was implemented at Ukrainian industrial enterprises. As the results of the study, several different scenarios of solutions for crisis management of the enterprise were obtained.Документ Mécanismes intégrés de sécurité et de fiabilité des données dans les systèmes d'information basés sur la théorie des codes correcteurs d’erreurs(Paris University Press, France, 2014) Yevseiev, S. P.; Sverdlo, Tamara; Korol, O. G.Dans cet article, on s’intéresse à l’étude des moyens cryptographiques de la protection de l'information afin d’assurer la sécurité de la transmission de données dans les systèmes d'information. On réalise ainsi une étude comparative des mécanismes intégrés de sécurité et de fiabilité de la transmission de données basés sur l'utilisation de systèmes de chiffrement asymétrique de McEliece et de Niederreiter basés sur les codes correcteurs d'erreurs m-aires.