IDEAS home Printed from https://ideas.repec.org/b/baq/pcbook/978-617-7319-72-5.redif.html
   My bibliography  Save this book

Models of socio-cyber-physical systems security

Author

Listed:
  • Serhii Yevseiev

    (National Technical University “Kharkiv Polytechnic Institute”)

  • Yuliia Khokhlachova

    (National Aviation University)

  • Serhii Ostapov

    (Y. Fedkovych Chernivtsi National University)

  • Oleksandr Laptiev

    (Taras Shevchenko National University of Kyiv)

  • Olha Korol

    (National Technical University “Kharkiv Polytechnic Institute”)

  • Stanislav Milevskyi

    (National Technical University “Kharkiv Polytechnic Institute”)

  • Oleksandr Milov

    (National Technical University “Kharkiv Polytechnic Institute”)

  • Serhii Pohasii

    (National Technical University “Kharkiv Polytechnic Institute”)

  • Yevgen Melenti

    (National Academy of Security Service of Ukraine)

  • Vitalii Hrebeniuk

    (National Academy of Security Service of Ukraine)

  • Alla Havrylova

    (National Technical University “Kharkiv Polytechnic Institute”)

  • Serhii Herasуmov

    (National Technical University “Kharkiv Polytechnic Institute”)

  • Roman Korolev

    (National Technical University “Kharkiv Polytechnic Institute”)

  • Oleg Barabash

    (National Technical University of Ukraine "Igor Sikorsky Kyiv Polytechnic Institute")

  • Valentyn Sobchuk

    (Taras Shevchenko National University of Kyiv)

  • Roman Kyrychok

    (Borys Grinchenko Kyiv University)

  • German Shuklin

    (State University of Telecommunications)

  • Volodymyr Akhramovych

    (State University of Telecommunications)

  • Vitalii Savchenko

    (State University of Telecommunications)

  • Sergii Golovashych

    (National Technical University “Kharkiv Polytechnic Institute”)

  • Oleksandr Lezik

    (Ivan Kozhedub Kharkiv National Air Force University)

  • Ivan Opirskyy

    (Lviv Polytechnic National University)

  • Oleksandr Voitko

    (National Defence University of Ukraine named after Ivan Cherniakhovskyi)

  • Kseniia Yerhidzei

    (National Defence University of Ukraine named after Ivan Cherniakhovskyi)

  • Serhii Mykus

    (National Defence University of Ukraine named after Ivan Cherniakhovskyi)

  • Yurii Pribyliev

    (National Defence University of Ukraine named after Ivan Cherniakhovskyi)

  • Oleksandr Prokopenko

    (National Defence University of Ukraine named after Ivan Cherniakhovskyi)

  • Andrii Vlasov

    (Kharkiv National University of Radioelectronics)

  • Nataliia Dzheniuk

    (National Technical University “Kharkiv Polytechnic Institute”)

  • Maksym Tolkachov

    (National Technical University “Kharkiv Polytechnic Institute”)

Abstract

The development of technologies and computing resources has not only expanded the range of digital services in all spheres of human activity, but also determined the range of targeted cyber attacks. Targeted attacks are aimed at destroying not only the business structure, but also its individual components that determine critical business processes. The continuity of such business processes is a critical component of any company, organization or enterprise of any form of ownership, which has a critical impact on making a profit or organizing production processes. The proposed concept of determining the security level of critical business processes is based on the need to use multiloop information security systems. This makes it possible to ensure the continuity of critical business processes through a timely objective assessment of the level of security and the timely formation of preventive measures. This approach is based on the proposed rules for determining the reach of a given security level, based on assessments of the integrity, availability and confidentiality of information arrays, as well as computer equipment for different points of the organization's business processes. The issues of applying situational management methods to ensure the safe functioning of objects of socio-cyberphysical systems, logical and transformational rules that form the foundation for building a situational type cybersecurity management system are considered. One of the main tasks of systems of this type is described – the task of replenishing the description of the situation. The use of pseudophysical logics, various types of pseudophysical logics, the method of their construction and their interconnection are proposed. Particular attention is paid to causal pseudophysical logic, as the least developed for the purposes of ensuring cybersecurity. The formation of smart technologies, as a rule, uses the wireless standards of communication channels IEEE 802.11X, IEEE 802.15.4, IEEE 802.16, which use only authentication protocols and privacy mechanisms that are formed on the basis of symmetric algorithms. In the conditions of the post-quantum period (the appearance of a full-scale quantum computer), the stability of such algorithms is questioned. Such systems, as a rule, are formed on the basis of the synthesis of socio-cyber-physical systems and cloud technologies, which simplifies the implementation of Advanced Persistent Threat attacks, both on the internal loop of control systems and on the external one. The proposed creation of multi-circuit information protection systems allows for an objective assessment of the flow state of the system as a whole and the formation of preventive measures against cyber threats. In the thied chapter, models of probable threats and information protection in public networks are proposed. The most general model of the formal description of the protection system is the model of the security system with full overlap, in which a complete list of protection objects and threats to information is determined, and means of ensuring security are determined from the point of view of their effectiveness and contribution to ensuring the security of the entire telecommunications system. It is also shown that the combination of four models (M1, M2, M3, M4) in various variants provides wide opportunities for modeling various known types of threats and their implementation. However, in connection with the continuity of the process of developing new and improving existing methods and means of implementing threats, it is necessary to use such approaches to ensuring information protection that allow detecting and preventing threats of unknown types and carrying out dynamic correction of protection behavior, adapting it to specific application conditions. The M5 basic model is described, which enables continuous refinement of threat classes and response measures, and continuous training of the adaptive component of the CSI, which, in turn, detects and prevents threats of unknown types. The M6 basic model is introduced with the aim of obtaining higher security due to the presence of a special module of internal diagnostics that diagnoses the entire protection system, decides on the correction of the SHI behavior algorithm, and makes it possible to achieve SHI fault tolerance; a special module that diagnoses the communication channel with subsequent changes in the level of protection, allows to achieve the adaptability of the SHI. The fourth chapter is deal with the development of cryptographic primitives based on cellular automata. The definition of a cellular automaton is given and the elementary rules of intercellular interaction are described. A number of generators of pseudorandom binary sequences have been developed based on a combination of elementary rules of intercellular interaction, as well as cell interaction according to a rule of our own development. In the “cryptographic sponge” architecture, a cryptographic hashing function with a shuffling function based on cellular automata was developed and its statistical characteristics and avalanche effect were investigated. A block cipher in the SP-network architecture is constructed, in which cellular automata are used to deploy the key, and the encryption process is based on elementary procedures of replacement and permutation. Substitution blocks are used from the well-known AES cipher, a description of a stream cipher is given, where a personal computer keyboard and mouse are used as the initial entropy. Random data received from the specified devices is processed by a proprietary hashing function based on a "cryptographic sponge". All developed cryptographic functions and primitives demonstrated good statistical characteristics and avalanche properties. The fifth chapter proposes a methodology for analyzing the quality of the mechanism for validating the identified vulnerabilities of a corporate network, which is based on integral equations that take into account the quantitative characteristics of the vulnerability validation mechanism under study at a certain point in time. This technique allows you to build the laws of distribution of quality indicators of the vulnerability validation process and quantify the quality of the mechanism for validating detected vulnerabilities, which allows you to monitor and control the validation of identified vulnerabilities in real time during active security analysis. A method is proposed for constructing a fuzzy knowledge base for making decisions when validating vulnerabilities of software and hardware platforms with an active analysis of the security of a target corporate network based on the use of fuzzy logic, which makes it possible to provide reliable information about the quality of the mechanism for validating vulnerabilities indirectly. The constructed knowledge base allows you to form decisive decision-making rules for the implementation of a particular attacking action, which allows you to develop expert systems to automate the decision-making process when validating the identified vulnerabilities of target information systems and networks. An improved method of automatic active security analysis is proposed, which, based on the synthesis of the proposed models, techniques and methods, allows, in contrast to the existing ones, to abstract from the conditions of dynamic changes in the environment, i.e. constant development of information technologies, which leads to an increase in the number of vulnerabilities and corresponding attack vectors, as well as an increase in ready-to-use exploits of vulnerabilities and their availability, and take into account only the quality parameters of the vulnerability validation process itself.

Suggested Citation

  • Serhii Yevseiev & Yuliia Khokhlachova & Serhii Ostapov & Oleksandr Laptiev & Olha Korol & Stanislav Milevskyi & Oleksandr Milov & Serhii Pohasii & Yevgen Melenti & Vitalii Hrebeniuk & Alla Havrylova &, 2023. "Models of socio-cyber-physical systems security," Monographs, PC TECHNOLOGY CENTER, number 978-617-7319-72-5.redif, December.
  • Handle: RePEc:baq:pcbook:978-617-7319-72-5.redif
    DOI: 10.15587/978-617-7319-72-5
    as

    Download full text from publisher

    File URL: http://monograph.com.ua/pctc/catalog/view/978-617-7319-72-5/978-617-7319-72-5/746-1
    Download Restriction: no

    File URL: https://libkey.io/10.15587/978-617-7319-72-5?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:baq:pcbook:978-617-7319-72-5.redif. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    We have no bibliographic references for this item. You can help adding them by using this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Iryna Prudius (email available below). General contact details of provider: http://monograph.com.ua/pctc/catalog .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.