Developing of Multi-factor Authentication Method Based on Niederreiter-mceliece Modified Crypto-code System

Two-factor authentication methods to date, are considered by experts as authenticators resistance amplification mechanisms, while ensuring the authenticity services in various fields of high technology, financial and insurance sectors of the market, large banking institutions and public sector enterprises. Thus, authenticators based on OTP passwords and various types of tokens are typically used in the ABS. The suggested synergistic threat assessment approach revealed that attackers use a comprehensive approach to the implementation of threats, based on a combination of social engineering techniques with traditional methods, of disguise and infiltration. New types of cyber-attacks are also used to effectively embed malware on mobile communication devices, which in turn leads to a decrease in the profitability of the two-factor authentication methods based on SMS messages and OTP passwords in ABS. The proposed safety mechanisms based on modified crypto code Niederreiter and Mc-Eliece systems allow to ensure reliability (based on the use of elliptical error-correcting codes) and safety (proposed cryptosystem are secret models of provable resistance) of data transmitted. Their usage in the multi-factor authentication protocol ensures the security of the physical separation of transmission of the parts of authenticator of banking transactions through mobile lines (using the Niederreiter MCCS) and ABS (using the McEliece MCCS). The proposed mathematical model and algorithms of practical implementation of the Niederreiter MCCS allow, based on the error vector symbol shortening, to reduce the energy capacity of the group operations, reduce the power of the Galois field to GF 26–27, providing the required cryptographic resistance

Development of Scenario Modeling of Conflict Tools in a Security System Based on Formal Grammars

The results of the development of tools for scenario modeling based on formal grammars are presented. The works related to various ways of scenario description in their development systems are analyzed. For the natural language description of scenarios, it is indicated that this approach is sufficiently transparent and understandable for users. However, this approach has several disadvantages for formalizing and unifying scenario description. In particular, the presence of a number of ambiguities in the language makes it impossible for the description to be uniquely interpreted, and as a result, unsuitable for performing formal transformations on the description. The graphical representation of the script is a visual representation of the script. Moreover, the visual representation of the scenario in the form of some automaton model can be estimated as extremely attractive for subsequent multi-agent modeling of its execution. The disadvantage of such scenario description is still the difficulty of performing formal manipulations and the need to switch to a more convenient representation for manipulations. Using formal grammars to describe scenarios is a compromise approach that allows scripts to be described in an unambiguously interpreted form. The formal grammar description is also more familiar to computer language specialists. In addition, there are programs focused on working with formal grammars. The transition from the natural linguistic description of scenarios to its formal representation as a standard description in the Backus-Naura form is shown. The change in the presentation form was made using the example of description of the scenario of behavior of cyber-conflict participants in the security system. The resulting script description was used in the context-free grammar analyzer. The results showed the applicability of the proposed approach and the tools used to describe and verify the description correctness of scenarios related to any subject are

Development of A Method for Assessing Forecast of Social Impact in Regional Communities

The development of the social aspect of the world community is closely related to the expansion of the range of digital services in cyberspace. A special place in which social networks occupy. The world's leading states are conducting information operations in this environment to achieve geopolitical goals. Such processes are reflected in real social and political life. This makes it possible to influence not only the social groups of society, but also to ensure manipulation in political "games" in the conduct of hybrid wars. The simultaneous interaction of social factors, influencing factors, the presence of communities in social networks forms a full-fledged socio-cyber-physical system capable of integrating real and virtual interactions to manage regional communities. The article proposes a method for predicting the assessment of social mutual influence between “formal” and “informal” leaders and regional societies. The proposed models make it possible to form not only a forecast of the influence of agents, but also the interaction of various agents, taking into account their formal and informal influences, the use of administrative resources, political moods of the regional society. This approach allows dynamic modeling based on impact and relationship analysis. The presented results of simulation modeling do not contradict the results of opinion polls and make it possible to form a set of measures that can be aimed at overcoming the negative impact on the regional society of both individual “leaders” and political parties. Analysis of the simulation results allows to increase both the political and social stability of the regional society, helps to prevent conflict moods and contradictions

Development of Scenario Modeling of Conflict Tools in a Security System Based on Formal Grammars

The results of the development of tools for scenario modeling based on formal grammars are presented. The works related to various ways of scenario description in their development systems are analyzed. For the natural language description of scenarios, it is indicated that this approach is sufficiently transparent and understandable for users. However, this approach has several disadvantages for formalizing and unifying scenario description. In particular, the presence of a number of ambiguities in the language makes it impossible for the description to be uniquely interpreted, and as a result, unsuitable for performing formal transformations on the description. The graphical representation of the script is a visual representation of the script. Moreover, the visual representation of the scenario in the form of some automaton model can be estimated as extremely attractive for subsequent multi-agent modeling of its execution. The disadvantage of such scenario description is still the difficulty of performing formal manipulations and the need to switch to a more convenient representation for manipulations. Using formal grammars to describe scenarios is a compromise approach that allows scripts to be described in an unambiguously interpreted form. The formal grammar description is also more familiar to computer language specialists. In addition, there are programs focused on working with formal grammars. The transition from the natural linguistic description of scenarios to its formal representation as a standard description in the Backus-Naura form is shown. The change in the presentation form was made using the example of description of the scenario of behavior of cyber-conflict participants in the security system. The resulting script description was used in the context-free grammar analyzer. The results showed the applicability of the proposed approach and the tools used to describe and verify the description correctness of scenarios related to any subject are

Development and Analysis of Game-theoretical Models of Security Systems Agents Interaction

A game-theoretic approach is presented, which claims to be a universal method for solving most problems in the field of cybersecurity. As arguments to confirm the superiority of game theory, mathematical validity and provability of the optimality of decisions made, unlike the widely used heuristics, the possibility of developing reliable protection based on analytical results, ensuring a timely response to cyberattacks in conditions of limited resources, as well as distributed nature of decision making are highlighted.The definitions of the basic concepts used in security tasks based on game-theoretic models are introduced.The features of the application of game theory methods in the field of cybersecurity are listed and the limitations of research in this area are formulated, namely: a restriction on game strategies, simultaneous moves of players in the behavior patterns of security system agents, uncertainty in the time the players take the move, uncertainty in the final goal of the enemy, unpredictability of further player moves, lack of players' assessment of enemy resources. as well as its ultimate goals, the inability to timely assess the current state of the game.The game-theoretic models are aligned with the listed security problems, and the main solutions obtained as a result of using the corresponding models are also determined.Many methods of game theory have been formed, for each of which a relationship is determined between the game model, its scope, simulation result and security services that the method under consideration supports.The limitations of the classical representation of game theory models are determined, the need to overcome which follows from the requirements for providing basic security services. Such limitations include: the ability of the defender to detect attacks, the certainty of the probabilities of a change of state before the start of the game, the synchronism of the players' moves, the inability to scale the model due to the size and complexity of the system under consideration.Models of the main tasks of the interaction of antagonistic agents of security systems have been developed. The resulting models made it possible to obtain solutions to two of the most common tasks in the field of cybersecurity, namely, the interaction of the system administrator and the attacker in organizing the protection of information resources. The tasks are solved for various conditions – the game matrix contains cost estimates of resources and the matrix reflects the probability of threat realization. Pure and mixed strategies are defined for various initial conditions, which allows to exclude from the consideration strategies that are not included in the solution.A synergistic approach to the use of game-theoretic modeling was formed taking into account the behavior of agents of security systems, based on an analysis of the diversity and characteristics of game-theoretic models, their inherent limitations and scop

Research of Collision Properties of the Modified UMAC Algorithm on Crypto-code Constructions

The transfer of information by telecommunication channels is accompanied by message hashing to control the integrity of the data and confirm the authenticity of the data. When using a reliable hash function, it is computationally difficult to create a fake message with a pre-existing hash code, however, due to the weaknesses of specific hashing algorithms, this threat can be feasible. To increase the level of cryptographic strength of transmitted messages over telecommunication channels, there are ways to create hash codes, which, according to practical research, are imperfect in terms of the speed of their formation and the degree of cryptographic strength. The collisional properties of hashing functions formed using the modified UMAC algorithm using the methodology for assessing the universality and strict universality of hash codes are investigated. Based on the results of the research, an assessment of the impact of the proposed modifications at the last stage of the generation of authentication codes on the provision of universal hashing properties was presented. The analysis of the advantages and disadvantages that accompany the formation of the hash code by the previously known methods is carried out. The scheme of cascading generation of data integrity and authenticity control codes using the UMAC algorithm on crypto-code constructions has been improved. Schemes of algorithms for checking hash codes were developed to meet the requirements of universality and strict universality. The calculation and analysis of collision search in the set of generated hash codes was carried out according to the requirements of a universal and strictly universal class for creating hash code

Development of A Concept for Building A Critical Infrastructure Facilities Security System

To effectively protect critical infrastructure facilities (CIF), it is important to understand the focus of cybersecurity efforts. The concept of building security systems based on a variety of models describing various CIF functioning aspects is presented. The development of the concept is presented as a sequence of solving the following tasks. The basic concepts related to cyberattacks on CIF were determined, which make it possible to outline the boundaries of the problem and determine the level of formalization of the modeling processes. The proposed threat model takes into account possible synergistic/emergent features of the integration of modern target threats and their hybridity. A unified threat base that does not depend on CIF was formed. The concept of modeling the CIF security system was developed based on models of various classes and levels. A method to determine attacker's capabilities was developed. A concept for assessing the CIF security was developed, which allows forming a unified threat base, assessing the signs of their synergy and hybridity, identifying critical CIF points, determining compliance with regulatory requirements and the state of the security system. The mathematical tool and a variety of basic models of the concept can be used for all CIFs, which makes it possible to unify preventive measures and increase the security level. It is proposed to use post-quantum cryptography algorithms on crypto-code structures to provide security services. The proposed mechanisms provide the required stability (230–235 group operations), the rate of cryptographic transformation is comparable to block-symmetric ciphers (BSC) and reliability (Perr 10–9–10–12

Development of the Model of the Antagonistic Agents Behavior Under a Cyber Conflict

The results of the development of the model of the antagonistic agents behavior in a cyber conflict are presented. It is shown that the resulting model can be used to analyze investment processes in security systems, taking into account the assumption that investment processes are significantly influenced by the behavior of parties involved in a cyber conflict.General approaches to model development are presented. First of all, the system of concepts, assumptions and limitations is formed, within the framework of which a mathematical model of behavior must be developed. Taking this into account, the mathematical model of the conflicting agents behavior, presented in the form of algebraic and differential equations, is developed. The developed model presents both the technical characteristics of the security system and the psychological characteristics of the participants in the cyber conflict, which affect the financial characteristics of the investment processes in cybersecurity systems. A distinctive feature of the proposed model is the simultaneous consideration of the behavior of the parties to a cyber conflict not as independent parties, but as agents mutually interacting with each other. The model also makes it possible to simulate the destabilizing effect of the confrontation environment disturbances on the behavior of the conflicting parties, changing the degree of vulnerability of the cybersecurity system along various attack vectors and the level of their success.Using the developed model, simulation modeling of the interacting agents behavior in a cyber conflict is performed. The simulation results showed that even the simplest behavior strategies of the attacking side (“the weakest link”) and the defense side (“wait and see”) make it possible to ensure information security of the business process loop.The developed model of interaction between the attacker and the defender can be considered as a tool for modeling the processes of the conflicting parties behavior when implementing various investment scenarios. The simulation results enable decision-makers to receive support regarding the direction of investment in the security of the business process loop