I. Zaiets, V. Brydinskyi, D. Sabodashko, Yu. Khoma, Khrystyna Ruda, M. Shved
This paper explores the use of diarization systems which employ advanced machine learning algorithms for the precise detection and separation of different speakers in audio recordings for the implementation of an intruder detection system. Several state-of-the-art diarization models including Nvidia’s NeMo Pyannote and SpeechBrain are compared. The performance of these models is evaluated using typical metrics used for the diarization systems such as diarization error rate (DER) and Jaccard error rate (JER). The diarization system was tested on various audio conditions including noisy environment clean environment small number of speakers and large number of speakers. The findings reveal that Pyannote delivers superior performance in terms of diarization accuracy and thus was used for implementation of the intruder detection system. This system was further evaluated on a custom dataset based on Ukrainian podcasts and it was found that the system performed with 100% recall and 93.75% precision meaning that the system has not missed any criminal from the dataset but could sometimes falsely detect a non-criminal as a criminal. This system proves to be effective and flexible in intruder detection tasks in audio files with different file sizes and different numbers of speakers which are present in these audio files. Keywords: deep learning diarization speaker embeddings speaker recognition cyber security.
{"title":"UTILIZATION OF VOICE EMBEDDINGS IN INTEGRATED SYSTEMS FOR SPEAKER DIARIZATION AND MALICIOUS ACTOR DETECTION","authors":"I. Zaiets, V. Brydinskyi, D. Sabodashko, Yu. Khoma, Khrystyna Ruda, M. Shved","doi":"10.23939/csn2024.01.054","DOIUrl":"https://doi.org/10.23939/csn2024.01.054","url":null,"abstract":"This paper explores the use of diarization systems which employ advanced machine learning algorithms for the precise detection and separation of different speakers in audio recordings for the implementation of an intruder detection system. Several state-of-the-art diarization models including Nvidia’s NeMo Pyannote and SpeechBrain are compared. The performance of these models is evaluated using typical metrics used for the diarization systems such as diarization error rate (DER) and Jaccard error rate (JER). The diarization system was tested on various audio conditions including noisy environment clean environment small number of speakers and large number of speakers. The findings reveal that Pyannote delivers superior performance in terms of diarization accuracy and thus was used for implementation of the intruder detection system. This system was further evaluated on a custom dataset based on Ukrainian podcasts and it was found that the system performed with 100% recall and 93.75% precision meaning that the system has not missed any criminal from the dataset but could sometimes falsely detect a non-criminal as a criminal. This system proves to be effective and flexible in intruder detection tasks in audio files with different file sizes and different numbers of speakers which are present in these audio files. Keywords: deep learning diarization speaker embeddings speaker recognition cyber security.","PeriodicalId":504130,"journal":{"name":"Computer systems and network","volume":"13 21","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141394037","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The National Cybersecurity Cluster of Ukraine is functionally oriented towards building systems to protect various platforms of information infrastructure including the creation of secure technologies for detecting deepfake modifications of biometric images based on neural networks in cyberspace. This space proposes a conceptual approach to detecting deepfake modifications which is deployed based on the functioning of a convolutional neural network and the classifier algorithm for biometric images structured as 'sensitivity-Yuden index-optimal threshold-specificity'. An analytical security structure for neural network information technologies is presented based on a multi-level model of 'resources-systems-processes-networks-management' according to the concept of 'object-threat-defense'. The core of the IT security structure is the integrity of the neural network system for detecting deepfake modifications of biometric face images as well as data analysis systems implementing the information process of 'video file segmentation into frames-feature detection processing - classifier image accuracy assessment'. A constructive algorithm for detecting deepfake modifications of biometric images has been developed: splitting the video file of biometric images into frames - recognition by the detector - reproduction of normalized facial images - processing by neural network tools - feature matrix computation - image classifier construction. Keywords: biometric image deepfake modifications neural network technology convolutional neural network classification decision support system conceptual approach analytical security structure.
{"title":"CONCEPTUAL APPROACH TO DETECTING DEEPFAKE MODIFICATIONS OF BIOMETRIC IMAGES USING NEURAL NETWORKS","authors":"K. Mykytyn, K. Ruda","doi":"10.23939/csn2024.01.124","DOIUrl":"https://doi.org/10.23939/csn2024.01.124","url":null,"abstract":"The National Cybersecurity Cluster of Ukraine is functionally oriented towards building systems to protect various platforms of information infrastructure including the creation of secure technologies for detecting deepfake modifications of biometric images based on neural networks in cyberspace. This space proposes a conceptual approach to detecting deepfake modifications which is deployed based on the functioning of a convolutional neural network and the classifier algorithm for biometric images structured as 'sensitivity-Yuden index-optimal threshold-specificity'. An analytical security structure for neural network information technologies is presented based on a multi-level model of 'resources-systems-processes-networks-management' according to the concept of 'object-threat-defense'. The core of the IT security structure is the integrity of the neural network system for detecting deepfake modifications of biometric face images as well as data analysis systems implementing the information process of 'video file segmentation into frames-feature detection processing - classifier image accuracy assessment'. A constructive algorithm for detecting deepfake modifications of biometric images has been developed: splitting the video file of biometric images into frames - recognition by the detector - reproduction of normalized facial images - processing by neural network tools - feature matrix computation - image classifier construction. Keywords: biometric image deepfake modifications neural network technology convolutional neural network classification decision support system conceptual approach analytical security structure.","PeriodicalId":504130,"journal":{"name":"Computer systems and network","volume":"57 20","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141416046","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
A. Partyka, O. Harasymchuk, E. Nyemkova, Y. Sovyn, V. Dudykevych
In this article the authors focused on analyzing the possibilities of using artificial intelligence models for effective detection and analysis of cybercrimes. A comprehensive method using artificial intelligence algorithms such as Random Forest and Isolation Forest algorithms is developed and described to detect ransomware which is one of the main threats to information security management systems (ISMS) in the field of critical infrastructure. The result of the study is the determination of the compatibility of such methods with the requirements of ISO 27001:2022 emphasizing the importance of integrating innovative AI technologies into already existing security systems. In addition the article analyzes the potential advantages of such integration including compliance with the requirements of international information security frameworks. Keywords: Isolation Forest Random Forest critical infrastructure information security management system ISO 27001 cyber security cyber security standard cybercrime ISMS ransomware siem edr security monitoring antivirus machine learning computer networks information systems.
{"title":"DEVELOPMENT OF A METHOD FOR INVESTIGATING CYBERCRIMES BY THE TYPE OF RANSOMWARE USING ARTIFICIAL INTELLIGENCE MODELS IN THE INFORMATION SECURITY MANAGEMENT SYSTEM OF CRITICAL INFRASTRUCTURE","authors":"A. Partyka, O. Harasymchuk, E. Nyemkova, Y. Sovyn, V. Dudykevych","doi":"10.23939/csn2024.01.015","DOIUrl":"https://doi.org/10.23939/csn2024.01.015","url":null,"abstract":"In this article the authors focused on analyzing the possibilities of using artificial intelligence models for effective detection and analysis of cybercrimes. A comprehensive method using artificial intelligence algorithms such as Random Forest and Isolation Forest algorithms is developed and described to detect ransomware which is one of the main threats to information security management systems (ISMS) in the field of critical infrastructure. The result of the study is the determination of the compatibility of such methods with the requirements of ISO 27001:2022 emphasizing the importance of integrating innovative AI technologies into already existing security systems. In addition the article analyzes the potential advantages of such integration including compliance with the requirements of international information security frameworks. Keywords: Isolation Forest Random Forest critical infrastructure information security management system ISO 27001 cyber security cyber security standard cybercrime ISMS ransomware siem edr security monitoring antivirus machine learning computer networks information systems.","PeriodicalId":504130,"journal":{"name":"Computer systems and network","volume":"413 3","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141401625","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In this work a new conversion method is proposed which makes it possible to implement recurrent logarithmic analog-to-digital converters (LADCs) with a constant base of the logarithm in which the reference voltages are formed using a reference voltage divider composed of identical L-shaped links of resistors and additional resistor and the values of the resistors are set according to the formulas. The use of this method significantly simplifies the schematic solution of the recurrent LADC and makes it technological for integrated manufacturing. Electrical and mathematical models of recurrent LADCs with a constant base of the logarithm have been developed which take into account the influence of changes in the structure of LADCs during the transformation process. Formulas for estimating the fundamental error and conversion time are given. Key words: recurrent logarithmic ADCs constant base of the logarithm construction error conversion time.
{"title":"RECURRENT LOGARITHMIC ANALOG-DIGITAL CONVERTERS WITH A CONSTANT LOGARITHM BASE","authors":"Z. Mychuda, L. Mychuda, H. Yelisieieva","doi":"10.23939/csn2024.01.148","DOIUrl":"https://doi.org/10.23939/csn2024.01.148","url":null,"abstract":"In this work a new conversion method is proposed which makes it possible to implement recurrent logarithmic analog-to-digital converters (LADCs) with a constant base of the logarithm in which the reference voltages are formed using a reference voltage divider composed of identical L-shaped links of resistors and additional resistor and the values of the resistors are set according to the formulas. The use of this method significantly simplifies the schematic solution of the recurrent LADC and makes it technological for integrated manufacturing. Electrical and mathematical models of recurrent LADCs with a constant base of the logarithm have been developed which take into account the influence of changes in the structure of LADCs during the transformation process. Formulas for estimating the fundamental error and conversion time are given. Key words: recurrent logarithmic ADCs constant base of the logarithm construction error conversion time.","PeriodicalId":504130,"journal":{"name":"Computer systems and network","volume":"161 s335","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141413613","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Ways to improve the security of the enterprise's network infrastructure in the face of modern challenges the main stages of the implementation of security solutions which makes it possible to eliminate potential system vulnerabilities and determine possible information losses are considered. It is noteworthy that global digitalization gives rise to the development of new technologies and approaches in the information industry. Devices mechanisms and applications that were previously autonomous are becoming nodes of a global information network. Such a transformation of information technologies significantly expands the landscape of the implementation of cyber threats. Every year traditional models of computer network security lose their relevance therefore in order to protect them from modern cyber threats it becomes necessary to develop and implement new approaches that would increase the effectiveness of the protection of information systems. Potential vectors of attacks on the network infrastructure of the enterprise based on the traditional security model were analyzed typical ways to eliminate them were considered the components of the Zero Trust Network Access security model were studied and a number of measures were proposed to increase the resistance of the enterprise network infrastructure to cyber threats. Taking into account the current trends in the spread of cyber threats and the analysis of selected measures to counter them the criticality of threat implementation is determined for each of the developed ways of increasing the level of security of the enterprise's network infrastructure and the sequence of their implementation is proposed taking into account the complexity of implementing its protection with limited enterprise resources. Key words: computer network micro-segmentation Zero Trust Network Access architecture cyber threat security perimeter.
{"title":"IMPROVEMENT THE SECURITY OF THE ENTERPRISE’S NETWORK INFRASTRUCTURE IN CONDITIONS OF MODERN CHALLENGES AND LIMITED RESOURCES","authors":"R. Syrotynskyi, I. Tyshyk","doi":"10.23939/csn2024.01.155","DOIUrl":"https://doi.org/10.23939/csn2024.01.155","url":null,"abstract":"Ways to improve the security of the enterprise's network infrastructure in the face of modern challenges the main stages of the implementation of security solutions which makes it possible to eliminate potential system vulnerabilities and determine possible information losses are considered. It is noteworthy that global digitalization gives rise to the development of new technologies and approaches in the information industry. Devices mechanisms and applications that were previously autonomous are becoming nodes of a global information network. Such a transformation of information technologies significantly expands the landscape of the implementation of cyber threats. Every year traditional models of computer network security lose their relevance therefore in order to protect them from modern cyber threats it becomes necessary to develop and implement new approaches that would increase the effectiveness of the protection of information systems. Potential vectors of attacks on the network infrastructure of the enterprise based on the traditional security model were analyzed typical ways to eliminate them were considered the components of the Zero Trust Network Access security model were studied and a number of measures were proposed to increase the resistance of the enterprise network infrastructure to cyber threats. Taking into account the current trends in the spread of cyber threats and the analysis of selected measures to counter them the criticality of threat implementation is determined for each of the developed ways of increasing the level of security of the enterprise's network infrastructure and the sequence of their implementation is proposed taking into account the complexity of implementing its protection with limited enterprise resources. Key words: computer network micro-segmentation Zero Trust Network Access architecture cyber threat security perimeter.","PeriodicalId":504130,"journal":{"name":"Computer systems and network","volume":"81 S1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141395236","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
This article explores the creation of a data classification policy in line with SOC2 Type 2 compliance requirements. SOC2 Type 2 is a notable certification that attests to an organization's ability to adhere to the Trust Services Criteria including security availability processing integrity confidentiality and privacy. The initial and crucial step in formulating a solid data security strategy is data classification which helps organizations recognize their data and assign a sensitivity level guiding the appropriate security measures. Data classification aims to organize and manage data in a manner that enhances its protection and aligns with the organization's overall data security strategy. In the data classification process data security has a central role as it directly impacts the protection and management of classified data. The design of a data classification policy for SOC2 Type 2 compliance presents several challenges and considerations. Organizations must understand the scope of their data align with the Trust Services Criteria balance security with usability provide training and awareness conduct regular updates and reviews define classification levels ensure consistency automate classification integrate with other policies and controls handle third-party vendors monitor and enforce and comply with legal and regulatory requirements. Keywords: SOC2 Type 2 storage standards data classification data storage data security.
{"title":"METHODOLOGY FOR COLLECTING PROCESSING STORING AND CLASSIFYING DATA IN ACCORDANCE WITH SOC2 TYPE2 REQUIREMENTS","authors":"O. Deineka, L. Bortnik","doi":"10.23939/csn2024.01.036","DOIUrl":"https://doi.org/10.23939/csn2024.01.036","url":null,"abstract":"This article explores the creation of a data classification policy in line with SOC2 Type 2 compliance requirements. SOC2 Type 2 is a notable certification that attests to an organization's ability to adhere to the Trust Services Criteria including security availability processing integrity confidentiality and privacy. The initial and crucial step in formulating a solid data security strategy is data classification which helps organizations recognize their data and assign a sensitivity level guiding the appropriate security measures. Data classification aims to organize and manage data in a manner that enhances its protection and aligns with the organization's overall data security strategy. In the data classification process data security has a central role as it directly impacts the protection and management of classified data. The design of a data classification policy for SOC2 Type 2 compliance presents several challenges and considerations. Organizations must understand the scope of their data align with the Trust Services Criteria balance security with usability provide training and awareness conduct regular updates and reviews define classification levels ensure consistency automate classification integrate with other policies and controls handle third-party vendors monitor and enforce and comply with legal and regulatory requirements. Keywords: SOC2 Type 2 storage standards data classification data storage data security.","PeriodicalId":504130,"journal":{"name":"Computer systems and network","volume":"3 5","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141415916","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The primary objective of this research is to develop an advanced automated method for configuring and managing public cloud accounts and subscriptions on prominent platforms such as AWS GCP and Azure. This method involves the application of standardized configurations to ensure optimal performance and security compliance. A significant component of this methodology is the intermittent scanning of the infrastructure of these cloud accounts and subscriptions. This scanning is meticulously designed to identify and address any deviations or non-compliance issues with globally recognized security standards including NIST 800-53 ISO 27001 HIPAA and PCIDSS. The approach leverages cutting-edge automation technologies to streamline the deployment and management of cloud resources. By automating the application of configurations the method aims to reduce manual effort minimize the likelihood of human error and enhance operational efficiency. This automation extends to the continuous monitoring and auditing processes enabling real-time detection of configuration drifts or security vulnerabilities. Furthermore the research delves into the development of a dynamic responsive system capable of adapting to the evolving requirements of cloud security. The automated scanning component plays a pivotal role in this aspect providing ongoing assurance that the cloud environments adhere to the strictest security protocols and standards. Continuous compliance monitoring is critical in today's ever-changing digital landscape where threats to data security and privacy are increasingly sophisticated. By integrating these automated processes the proposed method promises not only to bolster the security posture of cloud environments but also to offer a scalable efficient solution for cloud infrastructure management. This automated approach is poised to set a new standard in cloud management aligning with best practices in IT security and compliance and paving the way for more secure manageable and efficient cloud computing practices. Keywords: Hosting security standards automation cloud technologies cloud service models.
本研究的主要目的是开发一种先进的自动化方法,用于配置和管理 AWS GCP 和 Azure 等著名平台上的公共云账户和订阅。该方法涉及标准化配置的应用,以确保最佳性能和安全合规性。该方法的一个重要组成部分是对这些云账户和订阅的基础设施进行间歇性扫描。这种扫描经过精心设计,可识别并解决任何偏差或不符合全球公认安全标准的问题,包括 NIST 800-53 ISO 27001 HIPAA 和 PCIDSS。该方法利用最先进的自动化技术来简化云资源的部署和管理。通过自动应用配置,该方法旨在减少人工操作,最大限度地降低人为错误的可能性,并提高运行效率。这种自动化扩展到持续监控和审计流程,从而能够实时检测配置偏移或安全漏洞。此外,该研究还深入探讨了动态响应系统的开发,该系统能够适应不断变化的云安全要求。自动扫描组件在这方面发挥了关键作用,可持续确保云环境遵守最严格的安全协议和标准。在当今瞬息万变的数字环境中,对数据安全和隐私的威胁日益复杂,持续的合规性监控至关重要。通过整合这些自动化流程,所提出的方法不仅有望加强云环境的安全态势,还能为云基础设施管理提供可扩展的高效解决方案。这种自动化方法有望为云管理设定一个新标准,与 IT 安全和合规方面的最佳实践保持一致,并为更安全、可管理和高效的云计算实践铺平道路。关键词托管安全标准 自动化 云技术 云服务模式。
{"title":"THE CONCEPT OF AUTOMATED COMPLIANCE VERIFICATION AS THE FOUNDATION OF A FUNDAMENTAL CLOUD SECURITY MODEL","authors":"Y. Matseniuk, A. Partyka","doi":"10.23939/csn2024.01.108","DOIUrl":"https://doi.org/10.23939/csn2024.01.108","url":null,"abstract":"The primary objective of this research is to develop an advanced automated method for configuring and managing public cloud accounts and subscriptions on prominent platforms such as AWS GCP and Azure. This method involves the application of standardized configurations to ensure optimal performance and security compliance. A significant component of this methodology is the intermittent scanning of the infrastructure of these cloud accounts and subscriptions. This scanning is meticulously designed to identify and address any deviations or non-compliance issues with globally recognized security standards including NIST 800-53 ISO 27001 HIPAA and PCIDSS. The approach leverages cutting-edge automation technologies to streamline the deployment and management of cloud resources. By automating the application of configurations the method aims to reduce manual effort minimize the likelihood of human error and enhance operational efficiency. This automation extends to the continuous monitoring and auditing processes enabling real-time detection of configuration drifts or security vulnerabilities. Furthermore the research delves into the development of a dynamic responsive system capable of adapting to the evolving requirements of cloud security. The automated scanning component plays a pivotal role in this aspect providing ongoing assurance that the cloud environments adhere to the strictest security protocols and standards. Continuous compliance monitoring is critical in today's ever-changing digital landscape where threats to data security and privacy are increasingly sophisticated. By integrating these automated processes the proposed method promises not only to bolster the security posture of cloud environments but also to offer a scalable efficient solution for cloud infrastructure management. This automated approach is poised to set a new standard in cloud management aligning with best practices in IT security and compliance and paving the way for more secure manageable and efficient cloud computing practices. Keywords: Hosting security standards automation cloud technologies cloud service models.","PeriodicalId":504130,"journal":{"name":"Computer systems and network","volume":"11 6","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141415195","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
A multi-level structure of safe intellectualization of society's infrastructure 'objects - cyber-physical systems' in the functional space 'selection - exchange of information - processing - management' is proposed according to the profiles - confidentiality integrity availability for 'smart environmental monitoring' 'smart education' 'smart energy' 'intelligent transport system' and other subject areas. The multi-level structure 'objects - cyber-physical systems' of safe intellectualization is revealed by the paradigm 'multi-level cyber-physical system - multi-level information security' which is the basis for building complex security systems of technologies of physical space communication environment and cyberspace. A hierarchical model of Internet of Things security is built based on a three-layer architecture and the concept of 'object - threat - protection'. The complex security model of the wireless communication environment of cyber-physical systems for segments of the intellectualization of society's infrastructure is analysed. The presented methodology of safe processes of intellectualization allows the implementation of complex security systems of technologies for the functioning of society's infrastructure objects. Key words: intellectualization information security objects cyber-physical system multi-level structure security paradigm Internet of Things hierarchical model complex model.
{"title":"SECURITY METHODOLOGY OF CYBER-PHYSICAL SYSTEMS AND THE INTERNET OF THINGS IN INTELLECTUALIZATION OF INFRASTRUCTURE OBJECTS","authors":"V. Dudykevych, H. Mykytyn, L. Bortnik, T. Stosyk","doi":"10.23939/csn2024.01.044","DOIUrl":"https://doi.org/10.23939/csn2024.01.044","url":null,"abstract":"A multi-level structure of safe intellectualization of society's infrastructure 'objects - cyber-physical systems' in the functional space 'selection - exchange of information - processing - management' is proposed according to the profiles - confidentiality integrity availability for 'smart environmental monitoring' 'smart education' 'smart energy' 'intelligent transport system' and other subject areas. The multi-level structure 'objects - cyber-physical systems' of safe intellectualization is revealed by the paradigm 'multi-level cyber-physical system - multi-level information security' which is the basis for building complex security systems of technologies of physical space communication environment and cyberspace. A hierarchical model of Internet of Things security is built based on a three-layer architecture and the concept of 'object - threat - protection'. The complex security model of the wireless communication environment of cyber-physical systems for segments of the intellectualization of society's infrastructure is analysed. The presented methodology of safe processes of intellectualization allows the implementation of complex security systems of technologies for the functioning of society's infrastructure objects. Key words: intellectualization information security objects cyber-physical system multi-level structure security paradigm Internet of Things hierarchical model complex model.","PeriodicalId":504130,"journal":{"name":"Computer systems and network","volume":"24 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141406538","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
With the constant development of information technology and the growing threat of cyber attacks the security of Wi-Fi wireless networks is of particular relevance. This article aims to provide an in-depth analysis of modern Wi-Fi security protocols such as WPA2 WPA3 and OWE focusing on their strengths and weaknesses in securing the network against the most common types of attacks. This paper looks at wireless network security threats including man-in-the-middle attacks Wi-Fi access point phishing and exploits that target specific security mechanisms. An important part of the research is a description of test methods attack tools such as Aircrack-ng and Wireshark and a detailed analysis of the results obtained. This work focuses on a detailed security analysis of the WPA3 protocol using Dragonblood utilities to identify possible vulnerabilities in its implementation. Through targeted attacks and simulations that mimic real-world cyberattacks the goal is to identify potential breaches of secure wireless networks using WPA3. This allows us to evaluate the effectiveness of the encryption and authentication mechanisms used within the framework of this standard and develop recommendations for increasing the level of security of information systems. During the study practical experiments will be conducted to modify the code of the wireless access point server and data obtained using the Wireshark program will be analyzed to assess the impact of attacks on the functionality of the network. The results of the work highlight the need for continuous improvements in Wi-Fi security technologies to provide reliable security in the face of growing cyber threats. Keywords of the article: Wireless networks Wi-Fi security protocols WPA2 WPA3 attacks on Wi-Fi methods of protecting against attacks information system security vulnerability analysis attack tools increasing the level of security user education network component software data encryption VPN.
{"title":"SECURITY ANALYSIS OF MODERN WI-FI NETWORK PROTECTION PROTOCOLS: ASSESSMENT OF WPA3 PROTOCOL RESISTANCE DURING ATTACKS BASED ON DRAGONBLOOD UTILITY","authors":"O. Mykhaylova, T. Nakonechny","doi":"10.23939/csn2024.01.133","DOIUrl":"https://doi.org/10.23939/csn2024.01.133","url":null,"abstract":"With the constant development of information technology and the growing threat of cyber attacks the security of Wi-Fi wireless networks is of particular relevance. This article aims to provide an in-depth analysis of modern Wi-Fi security protocols such as WPA2 WPA3 and OWE focusing on their strengths and weaknesses in securing the network against the most common types of attacks. This paper looks at wireless network security threats including man-in-the-middle attacks Wi-Fi access point phishing and exploits that target specific security mechanisms. An important part of the research is a description of test methods attack tools such as Aircrack-ng and Wireshark and a detailed analysis of the results obtained. This work focuses on a detailed security analysis of the WPA3 protocol using Dragonblood utilities to identify possible vulnerabilities in its implementation. Through targeted attacks and simulations that mimic real-world cyberattacks the goal is to identify potential breaches of secure wireless networks using WPA3. This allows us to evaluate the effectiveness of the encryption and authentication mechanisms used within the framework of this standard and develop recommendations for increasing the level of security of information systems. During the study practical experiments will be conducted to modify the code of the wireless access point server and data obtained using the Wireshark program will be analyzed to assess the impact of attacks on the functionality of the network. The results of the work highlight the need for continuous improvements in Wi-Fi security technologies to provide reliable security in the face of growing cyber threats. Keywords of the article: Wireless networks Wi-Fi security protocols WPA2 WPA3 attacks on Wi-Fi methods of protecting against attacks information system security vulnerability analysis attack tools increasing the level of security user education network component software data encryption VPN.","PeriodicalId":504130,"journal":{"name":"Computer systems and network","volume":"230 5","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141413191","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The examined approach to building an adaptive and convenient data warehouse goes beyond simple data storage focusing on processing data for various types of reports and analytics. It allows for more efficient use of data resources and ensures a flexible response to changing business needs. This hybrid method combines several techniques and technologies to provide the best possible performance and scalability. The article discusses the main challenges and benefits of this approach and presents a detailed analysis of the architecture and components of the proposed data warehouse system. The results show significant improvements in data processing speed and accuracy compared to traditional methods. Key words: data warehouse hybrid method data processing scalability.
{"title":"DEVELOPMENT OF A HYBRID METHOD FOR DATA WAREHOUSE CONSTRUCTION","authors":"O. Koval, O. Harasymchuk","doi":"10.23939/csn2024.01.067","DOIUrl":"https://doi.org/10.23939/csn2024.01.067","url":null,"abstract":"The examined approach to building an adaptive and convenient data warehouse goes beyond simple data storage focusing on processing data for various types of reports and analytics. It allows for more efficient use of data resources and ensures a flexible response to changing business needs. This hybrid method combines several techniques and technologies to provide the best possible performance and scalability. The article discusses the main challenges and benefits of this approach and presents a detailed analysis of the architecture and components of the proposed data warehouse system. The results show significant improvements in data processing speed and accuracy compared to traditional methods. Key words: data warehouse hybrid method data processing scalability.","PeriodicalId":504130,"journal":{"name":"Computer systems and network","volume":"23 4","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141403243","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: