AUTOMATIC CONTROL AND COMPUTER SCIENCES最新文献

In this paper, we describe an approach for the early detection of network attacks using weight-insensitive neural networks (or weight agnostic neural networks (WANNs). The selection of the type of neural networks is determined by the specifics of their architecture, which provides high data-processing speed and performance, which is significant when solving the problem of the early detection of attacks. The experimental studies demonstrate the effectiveness of the proposed approach, which is based on a combination of multiple regression for selecting features of the training set and WANNs. The accuracy of attack recognition is comparable to the best results in this field with a significant gain in time.

This article analyzes the existing methods for searching for software vulnerabilities. For methods using deep learning models on a graph representation of the code, the problem of imaginary relationships between procedures is formulated, which complicates their application to code analysis problems. To solve the formulated problem, an iterative method is proposed based on an ensemble of algorithms for analyzing the graph representation of the code. The method relies on a step-by-step narrowing of the set of code sections under consideration to increase the efficiency of using highly computationally complex methods. For the proposed method, a prototype of a system for searching for vulnerabilities for programs based on the .NET platform is presented, tested on a sample of NIST SARD and software with a large amount of code.

This paper studies automatizing the analysis of access control in big data management systems by modeling security policies. It analyzes modern methods of ensuring access control in this class of systems, determines the respective requirements, and chooses the most advanced method for describing security policies as part of the solution in development. The task of modeling security policies in big data management systems is formulated. The architecture, the main components, and the general operating algorithm of the software framework for solving the task, as well as the experimental validation results, are presented. The strengths and weaknesses of the framework are assessed and ways for its further upgrade suggested.

A methodological approach to construct models for predicting indicators of properties of information security systems at evolutionary stages of development is proposed. The approach is based on the idea of the development of information security systems as a process of change in the acceptable range of indicators characterizing their properties. It is assumed that the number of resources spent on improving each property is greater the closer the current value of the indicator characterizing this property is to the maximum possible value for the information security system under consideration. This circumstance is taken into account by reducing the relative rates of improvement in indicators as their values approach the maximum possible value.

The existing methods for the detection of evasion attacks in machine learning systems are analyzed. An experimental comparison of the methods is carried out. The uncertainty method is universal; however, in this method, it is difficult to determine such uncertainty boundaries for adversarial examples that would enable the precise identification of evasion attacks, which would result in lower efficiency parameters with respect to the skip gradient method (SGM) attack, maps of significance (MS) attack, and boundary attack (BA) compared to the other methods. A new hybrid method representing the two-stage input data verification complemented with preliminary processing is developed. In the new method, the uncertainty boundary for adversarial objects has become distinguishable and quickly computable. The hybrid method makes it possible to detect out-of-distribution (OOD) evasion attacks with a precision of not less than 80%, and SGM, MS, and BA attacks with a precision of 93%.

This study considers the problem of detecting network anomalies caused by computer attacks in the networks of the industrial Internet of things. To detect anomalies, a new method is proposed, built using a hierarchical temporal memory (HTM) computation model based on the neocortex model. An experimental study of the developed method of detecting computer attacks based on the HTM model showed the superiority of the developed solution over the LSTM analog. The developed prototype of the anomaly detection system provides continuous training on unlabeled data sets in real time, takes into account the current network context, and applies the accumulated experience by supporting the memory mechanism.

This paper discusses the problem of searching for a region of interest for biometric identification based on the pattern of palm veins. An image segmentation method is proposed based on the use of convolutional neural networks (CNNs) to search for a region of interest. The operation of this method is compared with methods that use the features of a binarized image, and in particular, with the method of searching for the local minima and searching for the minimum threshold value.

Adversarial attacks on artificial neural network systems for image recognition are considered. To improve the security of image recognition systems against adversarial attacks (evasion attacks), the use of autoencoders is proposed. Various attacks are considered and software prototypes of autoencoders of full-link and convolutional architectures are developed as means of defense against evasion attacks. The possibility of using developed prototypes as a basis for designing autoencoders more complex architectures is substantiated.

The algorithm for finding the enumerators of degree 2 and higher for the generalized (L, G)‑code is presented. This algorithm makes it possible to enhance the rate of finding enumerators as distinct from the exhaustive search algorithm. It can be used to construct a modern variant of the McEliece cryptosystem. The presented solution is based on using the representation of the Galois field element via the function containing the coefficients of a smaller field. In addition, the results of comparison of the modern McEliece cryptosystem constructed based on the Goppa codes and generalized (L, G)-codes are presented.

This article proposes a method for preprocessing fragments of binary program codes for subsequent detection of their similarity using machine learning methods. The method is based on the analysis of pseudocode obtained as a result of decompiling fragments of binary codes. The analysis is performed using attributed abstract syntax trees (AASTs). As part of the study, testing and comparative analysis of the effectiveness of the developed method are carried out. This method makes it possible to increase the efficiency of detecting functionally similar fragments of program code, compared to analogs, by using the semantic context of vertices in abstract syntax trees.