Collection "Information Technology and Security"

Mathematical model for optimising the contemporary process of training specialists in the field of cybersecurity and information protection

Serhii Horlichenko — 2024-12-26

The article examines current issues of training cybersecurity specialists, which are of particular importance in the context of rapid development of information technology and the growing number of cyber threats. It is noted that in Ukraine, as in many other countries, there are problems related to the organisation and management of the process of training such specialists. Traditional teaching methods do not always correspond to the specifics of the rapidly changing cyber environment, which makes it difficult for graduates to adapt to real working conditions. There is also a lack of uniform methodological approaches to regulating the educational processes in the field of cybersecurity, which leads to different quality of training in different educational institutions. Emphasises the need to develop a mathematical model for optimising the modern educational process of cybersecurity specialists, which would provide an integrated approach to planning and managing the training of cybersecurity specialists. Analyses the latest scientific researches and publications on the education of cybersecurity specialists, which investigated the problems and ways of improving cyber-education both in Ukraine and abroad. The purpose of the article is to develop a mathematical model for optimising the modern educational process of training cybersecurity specialists. This model takes into account the interaction between students, teachers and employers, as well as the dynamic development of students' competences. The authors propose to define the main roles of the participants in the educational process and their strategies. The model allows to take into account the transition probabilities of the development of students' competences and possible risks associated with the choice of certain educational pathways. The proposed mathematical model makes it possible to optimise the process of training specialists, which will help to improve their professional competence and ability to respond to current challenges in the field of cybersecurity. Such an integrated approach makes it possible to ensure effective decision-making at each stage of the educational process, which is extremely important for training qualified personnel in the field of cybersecurity, capable of countering modern cyber threats and ensuring high levels of information security.

A model of the space of thematic telegram channels based on contextual links

Oleksandr Puchkov — 2024-12-26

The paper analyzes the existing models for describing the topology of the news web space, which reflect its division into coherent components such as its central part and peripheral areas, and proposes a new network model of thematic Telegram channels based on the idea of assessing the level of citation of individual information channels and taking into account direct links in messages from Telegram channels. It combines the content aspect of messages with the ability to take into account quantitative parameters. The study focuses on channels dedicated to cybersecurity and covers the first quarter of 2024. Based on the analysis of about 3,500 Telegram channels, more than 1,000 hyperlinked channels were identified and key areas of the information space, such as the communication zone, the communication core, and incoming and outgoing source segments, were outlined. The formed network is defined as a scale-free, structural network with self-similar properties and a power law distribution of node degrees, which confirms the applicability of the Pareto law to describe this space. A mathematical model is proposed that allows estimating the polynomial relationship between the volume of the communication area and the total number of sources. On the example of the CyberAggregator content monitoring system for information sources, a methodology for automated expansion of the database of target sources in the system is proposed, which provides dynamic enrichment of the list of information resources through the analysis of new contextual references in messages and an algorithm for its implementation.

Expanding the semantic markup of wiki encyclopedias for transformation of protected content into learning objects for individual educational trajectories

Julia Rogushina — 2024-12-26

Modern online encyclopedic resources provide actualization and integration of domain terminology, unambiguous definitions of its basic concepts and the semantics of relations between them agreed by experts. The use of encyclopedic content in the educational process allows to update the terminology of learning courses, correctly define connections with other disciplines and concepts, agree on definitions, etc. This content has to be protected from unauthorized changes, but as a result, third-party users do not have access to the elements of semantic structuring of such resources. Therefore, it is necessary to find a compromise between the resource code openness and the security of the encyclopedias content in order to expand their functionality and allow to obtain from them information pertinent for certain practical tasks. For this purpose, we propose to select clearly those elements of semantic markup that are necessary for search and further processing of the content of a certain type, to add these markup elements to pages of corresponding encyclopedic articles and formally define their values. We propose to expand the existing set of semantic properties, but display for users only a certain subset of the names and values of these properties. In this work, we consider this problem on example of metadata building for learning objects based on the transformation of the protected content of encyclopedic articles aimed at their use for the generation of individual educational trajectories. We have to define some minimal set of metadata that is sufficient for problem solving. For this purpose, we analyze the most common standards of metadata representation for learning objects and other important elements of the educational process. Based on this analysis, a set of properties of learning objects that can be obtained from the pertinent encyclopedia article (automatically, semi-automatically or with the help of domain experts) is selected.

A universal transaction delegation method for decentralized decision support systems

Vitaliy Tsyganok — 2024-12-26

This study examines methods for decentralizing computation and storage to enhance the security of end systems, focusing on decision support systems as a use case. Common limitations of system decentralization are identified, and a new, universal transaction delegation method is proposed to simplify decentralized system usage. An overview of available transaction delegation methods in self-protected decentralized data platforms is provided, based on well-known projects using the Ethereum platform. Four popular delegation methods in decentralized networks are distinguished, with their advantages and disadvantages demonstrated through common solutions. The research led to the implement of a universal transaction delegation method, independent of the decentralized program’s signature standard. This method is realized as a web application on both the server and client sides and can be applied to any decentralized program or existing system supporting decentralized transaction delegation. The study also describes the architecture of a decision support system using this method, applied specifically to the expert subsystem to ensure decentralization and the integrity of expert input, making it impossible to tamper with once submitted. Additionally, the economic model for the expert subsystem is reviewed, using real data. The findings of this study enable the construction of secure decentralized applications on decentralized data platforms, emphasizing usability and user-friendliness, and demonstrate an innovative application within a decision support system for expert knowledge collection.

Method of determining the maximum flight range of a UAV using the FPV mode and using the centimeter frequency range of radio-link in laboratory conditions

Oleksandr Salii — 2024-12-26

At the current stage of production of various unmanned aerial vehicles (UAVs) in the flight mode “first person view” (FPV), there are no individual passports with information on the maximum possible flight range for individual UAV-FPV kits and ground control stations (GSC) application of a suitable model of a digital video camera (including a thermal imaging camera) and the use of a radio line of communication in the centimeter frequency range. Therefore, the main goal of the article is the selection and development of methods for measuring the main parameters of the receiver-transmitter of UAVs and GSC in laboratory conditions in the combat zone, using the developed “simulator of the radio communication line of data transmission”; with further calculation, on the basis of relevant international standards, of the maximum possible flight range and drawing up the corresponding “flight map”. The main results of the article are: the method of determining the maximum possible flight range of UAVs in FPV mode in laboratory conditions for the frequency range of GHz has been developed, which is based on a set of developed experimental and empirical measurement methods and theoretical calculation methods, according to the recommendations of the ITU (International Telecommunication Union). The materials of the article are of practical value for the planning and organization of the flight mission of multi-rotor UAVs of the tactical level for a given distance, as well as for the activities of the UAV routine maintenance units of the Unmanned Systems Forces of the Armed Forces of Ukraine upon the fact that UAVs return from flight missions in order to check their technical parameters.

Model of hierarchical mobile radio network data flow management system

Serhii Salnyk — 2024-12-26

The article proposes a model of a hierarchical system of managing data flows of a mobile radio network, based on the interaction of intelligent agents and using neural inference. The essence of the development of this model is to describe the data flow management system in the form of a hierarchical distribution of the process of receiving and processing input data in the data flow management system. This model uses a multi-agent system to represent knowledge about the external environment of the system in the form of a mathematical model of an agent with different possible states. Next, the multi-agent system is presented in the form of a graph, using graph theory to describe the data flow management system and their interaction processes. Then the formation of a neural output with fuzzy sets occurs, as a result of which all received fuzzy input data will be reduced to a clear appearance. The next step involves the use of a neural network. At the last step, a simulation model is developed using a tool for its implementation. иThis will make it possible to simulate the control and switching system, digital data processing, taking into account the behavior caused by various external factors, taking into account the peculiarities of the use of the model in mobile radio networks. In general, the essence of creating an intelligent management system using a hierarchical decision-making support system is the possibility of interaction between elements of different types of networks using decision-making systems, by exchanging information when making management decisions. The developed model will make it possible to systematize the design process of the data flow management system in mobile radio networks, hierarchically distribute the process of receiving and processing input data, reduce the time of data processing and loading of the node and network resources used, using multi-agent systems, neural inference and modeling.

Quantitative assessment of the probability of protective system functioning without unlawful actions

Volodymyr Akhramovych — 2024-12-26

Information security, also known as InfoSec, is the practice of preventing unauthorized access, use, disclosure, disruption, modification, or destruction of information. The primary goal of information security is to achieve a balanced protection of data confidentiality, integrity, and availability, while considering the expediency of application and without any harm to the organization's productivity. In this paper, the security levels (threats) T of the k-th threat to the properties of information circulating in the information and telecommunications system (ITS) are obtained from the parameters: c – assessment of the impact of the k-th threat on the confidentiality of information, i, a and s – assessments of the impact of the k-th threat on the integrity, availability, and observations of information, respectively. The weight coefficient p determines the share of the occurrence of this threat relative to the entire set of threats and can be calculated based on the analysis of ITS operation statistics or using known forecasting methods. The probability of no unauthorized access to information during the operation of the protection system has been quantitatively assessed. The assessment is based on the parameters: a – the intensity of the protection system's suppression of attempts to illegally access information, b – the intensity of such attempts at the input to the protection system, t – the number of days of the system's operation. For graphical interpretation of the dependencies, graphical materials are presented. For this purpose, modeling was performed in the MatLab system. The graphical materials clearly indicate the possibility of obtaining a state of operation of the protection system without unauthorized actions depending on the influence of threats to confidentiality, integrity, availability of information, and unauthorized access to information depending on the parameters of the intensity of suppression by the protection system of attempts to illegally access information, and the intensity of such attempts at the input to the protection system. This will, unlike analogues, allow developers of information systems and service personnel to have quantitative indicators of the probability of no unauthorized access to information and to make decisions regarding possible vulnerabilities.

Educational priorities of training of cyber security specialists under the conditions of the state of martial state in the state

Viktor Horlynskyi — 2024-12-26

Ensuring the cyber security of the state in the conditions of a full-scale invasion of the Russian Federation, the spread of hostilities in the national cyberspace, require a review and clarification of educational priorities in the training of specialists in the field of cyber security. These are the priorities: the focus of training on mastering the values that form the mental national-patriotic prerequisites for the proper performance of professional and military duty, personal responsibility for ensuring cyber security; orientation towards the preventive training of specialists who are able to actively act and perform professional tasks in dangerous conditions of martial law and increased risk, to competently warn and counteract dangers, to maintain moral and psychological stability in dangerous conditions of wartime; targeting the mastering of special, military and security norms by the acquirers, consistent with the standards adopted in the EU and NATO member countries; focus on the assimilation of special, military and security norms by the purchasers, which correspond to the standards adopted in the EU and NATO member states; direction to the comprehensive development of digital skills of interaction in the digital space and maintaining one's own cyber security, mastering digital tools for the organization of activities, in particular, artificial intelligence in the interests of educational, scientific, professional and managerial activities in the field of ensuring cyber security. On the basis of the outlined educational priorities, a list of security and professional abilities is proposed, on the formation of which it is advisable to direct the training of specialists in the field of cyber security.

Information technology for orchestration of the cybersecurity training situation center cyber range virtual environment

Ivan Horniichuk — 2024-12-26

The rapid development of information technology and the ever-increasing complexity of cyber threats create new challenges in the field of cybersecurity that require modern and innovative approaches to training. Effective training requires realistic and secure platforms, such as interactive simulated environments that allow for the modelling of various attack and defence scenarios. Cyber ranges have become a key tool for developing cybersecurity skills, but creating such platforms is a complex and resource-intensive process. Optimising the management of virtual resources is a critical condition for ensuring the flexibility and scalability of such environments. The aim of the paper is to improve the efficiency of managing virtual environments for cybersecurity training by improving the process of orchestrating virtual resources of a cyber training ground. The paper defines a cyber training ground as an interactive simulated platform that may include physical and virtual equipment to create training environments that are as close as possible to real-world conditions. The main types of such platforms and the main categories of their users are allocated. The modern approaches to the orchestration of virtual environments, such as manual configuration, scripting, infrastructure as code, containerisation and cloud orchestration, are analysed. An information technology for orchestrating the virtual environment of the cyber range training situation center for cybersecurity has been proposed, with functional requirements and the physical structure of the orchestration module defined. In the course of the work, a software implementation of the proposed information technology was developed in the form of an orchestration module, which automates the processes of deployment, configuration, management, and scaling of virtual resources. The development is based on Python 3, Flask 3, Docker, and JWT technologies, which allows for secure authentication, efficient container management, and integration via RESTful API. The testing confirmed that the module meets the criteria of scalability, flexibility, and security. The novelty of the work lies in the development of information technology for orchestrating the virtual environment of a cyber training ground, which takes into account the specific needs of organisations and minimises dependence on commercial solutions, as well as integrates modern technologies to improve the efficiency of training platforms.

Application directions of artificial intelligence in software development technologies

Volodymyr Sokolov — 2024-12-26

The article presents the results of a systematic analysis of the current state of application of artificial intelligence (AI) in software engineering (SW) based on the analysis of publications, assessment of AI capabilities, experience in its application, and conducted experiments. The conceptual foundations of the research were formed, which determine: perception of AI as a tool, not an individual of work; the main directions of its application are engineering and management; the subject of AI application is the processing of artifacts (synthesis and analysis) and obtaining consultations; the need to assess the quality of AI-derived products and analyze the risks of its use is emphasized. Directions of application of AI in management: agreement processes (development of product concept and contract), organizational processes (project group formation and selection of technologies) and project management (planning, risk management, control and analysis of project implementation) Directions of application of AI in engineering: requirements management, design, construction, testing and documenting. To systematize the analysis of AI application directions, a conceptual model was developed, which includes: the direction, subject, and mode of application of AI. The mode of application of AI: the format of the prompt (problem statement and set of input data), the required product and its type (finished product, prototype, template, solution options, information support), the role of AI (executor, co-author, consultant), form of AI interaction (external service, integration via API, integrated system or local autonomous system). A structure of derivative models was formed for the analysis of the application of AI in specific directions with an overview of the capabilities of the most effective AI tools. As conclusions, it was determined that in management, the most rational model of using AI is to receive consultations and prototypes of documentation when contacting external AI services, in engineering – creating prototypes of project solutions and documentation based on external services, using integrated AI systems for design and testing in co-authorship mode. The risks of using AI include the possibility of obtaining insufficiently detailed documentation, complex and confusing software artifacts, and errors in the software code. To reduce risks and increase the effectiveness of AI application, it is determined that constant quality control of its products and training based on corporate requirements and standards is required.

Use of large language models to identify fake information

Dmytro Lande — 2024-12-26

In recent years, the field of artificial intelligence has undergone a true revolution with the emergence of large language models (LLMs) such as GPT-4, Llama-3, Gemini, and others, which have been successfully applied across a wide range of tasks – from text generation to data analysis. This article examines how these models can be effectively used for detecting fake information. This study explores the use of the ChatGPT chatbot for identifying fake information in the context of cybersecurity. Using a large language model, a swarm of virtual experts was created, which generated informational messages on the topic of cybersecurity (both fake and truthful) and assessed them as either “fake” or “true.” For analysis, a semantic network was constructed and subsequently visualized using Gephi. The research analyzed two datasets of messages: one created by human experts and the other by artificial experts. Each message was rated and converted into a numerical format for further analysis. Using the Hamming distance, the results were validated, and the accuracy of matches between assessments was determined. As a result of building the semantic network, key concepts in the field of cybersecurity were identified, along with the relationships between them. A swarm of artificial experts generated a dataset of messages with fake and truthful content, which was assessed both by the artificial experts themselves and by a human expert. Analysis of the Hamming distance between these assessments demonstrated that artificial intelligence has potential in detecting fake information; however, at this stage, its performance requires human oversight and adjustments.

Innovative methods of automotive crash detection through audio recognition using neural networks algorithms

Dmytro Mogylevych — 2024-12-26

The automatic e-Call system has become mandatory in the European Union since 2018. This requirement means that all new passenger vehicles released on the European market after this date must be equipped with a digital emergency response service, which automatically notifies emergency services in case of an accident through the Automatic Crash Notification (ACN) system. Since the response of emergency services (police, ambulance, etc.) to such calls is extremely expensive, the task arises of improving the accuracy of such reports by verifying the fact that the accident actually occurred. Nowadays, most car manufacturers determine an emergency by analyzing the information coming from the built-in accelerometer sensors. As a result, quite often sudden braking, which avoids an accident, is mistakenly identified as an emergency and leads to a false call to emergency services. Some car manufacturers equip their high-end vehicles with an automatic collision notification, which mainly monitors the airbag deployment in order to detect a severe collision, and call assistance with the embedded cellular radios. In order to reduce costs some third-party solutions offer the installation of boxes under the hood, wind-screen boxes and/or OBDII dongles with an embedded acceleration sensor, a third-party sim-card as well as a proprietary algorithm to detect bumps. Nevertheless, relying on acceleration data may lead to false predictions: street bumps, holes and bad street conditions trigger false positives, whereas collisions coming from the back while standing still may be classified as normal acceleration. Also acceleration data is not suitable to identify vehicle side impacts. In many cases emergency braking helps to avoid collision, while acceleration data would be very similar to the data observed in case of an accident, resulting in a conclusion that the crash actually occurred. As a result, the average accuracy of those car crash detection algorithms nowadays does not exceed , which is acceptable, yet offers a lot of room for further improvement, since each additional percept of accuracy would provide substantial cost savings. That is why the task of increasing accuracy of collision detection stays urgent. In this article, we will describe an innovative approach to the recognition of car accidents based on the use of convolutional neural networks to classify soundtracks recorded inside the car when road accidents occur, assuming that every crash produces a sound. Recording of the soundtrack inside the car can be implemented both with the help of built-in microphones as well as using the driver's smartphone, hands-free car kits, dash cameras, which would drastically reduce cost of hardware required to solve this task. Also, modern smartphones are equipped with accelerometers, which can serve as a trigger for starting the analysis of the soundtrack using a neural network, which will save the computing resources of the smartphone. Accuracy of the crash detection can be further improved by using multiple sound sources. Modern automobiles may be equipped with various devices capable of recording the audio inside the car, namely: built-in microphone of the hands-free speaking system, mobile phones of the driver and/or passengers, dash-cam recording devices, smart back-view mirrors etc.

Problem formulation and synthesis of statistical algorithms for recognising Web resources and their vulnerabilities by signatures of statistical and fuzzy linguistic features in cyberintelligence complexes

Oleksandr Iliashov — 2024-12-26

This study addresses the challenge of automating vulnerability recognition in web resources using statistical and fuzzy linguistic features. It presents a formalized approach for the fuzzy recognition of web resource vulnerabilities based on complex reference descriptions defined by signature intervals of statistical and fuzzy feature values. The research introduces algorithms for both single- and multi-alternative recognition of web resources, utilizing decision-making methods such as the minimax rule, Bayesian risk, maximum a posteriori probability, and maximum likelihood. The primary objective is to enhance the accuracy of vulnerability detection in web resources, especially under conditions of limited training data and fuzzy feature descriptions. The proposed algorithms aim to minimize decision errors and effectively classify vulnerabilities despite uncertain prior probabilities. This is particularly relevant in cybersecurity, where accurate threat detection and classification are critical. The research also highlights the practical value of these algorithms in improving the efficiency of cyber intelligence systems (CIs) for detecting security breaches and classifying web resource vulnerabilities. The proposed algorithms are designed to adapt to the complex and uncertain nature of web resource security, enabling better analysis of attack scenarios and the development of targeted protection strategies. In addition, the study identifies several challenges, including the complexity of formalizing reference descriptions for fuzzy features and the difficulties in applying traditional statistical recognition methods to web resources with fuzzy linguistic variables. The paper suggests future research directions, including developing new methodologies for processing large volumes of data and integrating these algorithms into modern cybersecurity systems. Overall, this research contributes to the field of cyber intelligence by offering novel solutions for automating the detection of web resource vulnerabilities, thus enhancing the security of online systems.