Detection of Anomalies in the Traffic of IoT Devices

The article proposes an approach to finding anomalies in the traffic of IoT devices based on time series analysis and assessing normal and abnormal behavior using statistical methods. The main goal of the proposed approach is to combine statistical methods for detecting anomalies using unlabeled data and plotting key characteristics of device profiles. Within this approach the following techniques for traffic analysis has been developed and implemented: a technique for a feature extraction, a normal behavior boundary building technique and an anomaly detection technique. To evaluate the proposed approach, we used a technique for generating event logs from devices with the generation of anomalous markup. The experiments shown that the GESD-test gives the best results for anomaly detection in IoT traffic.

Decision Support System for Finding an Optimal Postquantum Key Encapsulation Mechanism. Part 2. Prototype Evaluation

This is the final part of the series of articles devoted to the development of a decision support system for choosing the optimal post-quantum key encapsulation mechanism. Efficiency of the methodology proposed for choosing the optimal implementation of the post-quantum cryptographic algorithm is evaluated and substantiated. The economic feasibility of approach is shown and its positive impact on the quality of the cryptographic information protection subsystem is demonstrated. Efficiency comparison of the prototype of the decision support system with existing software products aimed at supporting decision-making in the field of information security is carried out. The consistency of prototype’s recommendations with the conclusions of analytical studies in the field of post-quantum cryptography is checked.

Method for Assessing the Sustainability of the Information Direction, Functioning on the Resources of the Communication Network with Failures

The article presents the main directions of the qualitative and quantitative assessment of sustainability in the field of infocommunications, shows the differences in approaches to the definition of sustainability. A method is proposed that differs from the known well-grounded application of the provisions of the theory of random impulse flows. The generalized impulse flow describes the robustness of data transmission in the information direction. The estimation method allows one to take into account both the states of the elements of a composite channel, represented by impulse flows of failures and restorations, and transient processes and sub-processes of information exchange (transmission over a communication line, switching, storage in memory, destructive influences, etc.), represented by separate impulse streams. The variability of the composition of the impulse streams makes it possible to increase the accuracy and reliability of the assessment.

Experimental Research of Modulation-Coding Schemes Influence on Size of the DRM Digital Radio Broadcasting Service Area in the VHF Band. Part 2

The article presents the results of measurements of the parameters of the digital radio broadcasting DRM signal quality in the experimental zone of St. Petersburg in order to determine the influence of the transmission modes laid down in the DRM standard on the size of the service area.

Genetic Decompilation Concept of the Telecommunication Devices Machine Code

Reverse engineering correct source code from a machine code to find and neutralize vulnerabilities is the most pressing problem for the field of telecommunications equipment. The decompilation techniques applicable for this have potentially reached their evolutionary limit. As a result, new concepts are required that can make a quantum leap in problem solving. Proceeding from this, the paper proposes the concept of genetic decompilation, which is a solution to the problem of multiparameter optimization in the form of iterative approximation of instances of the source code to the "original" one which will compile to the given machine code. This concept is tested by conducting a series of experiments with the developed software prototype using a basic example of machine code. The results of the experiments prove the proof of the concept, thereby suggesting new innovative directions for ensuring information security in this subject area.

Secure Information Transfer Using Two Keyless Cryptography Methods

In the current paper, some methods of information security protocols based on physical layer security are considered. It is proved that well known Shamir’s protocol can be applied to RSA cryptosystem but not to Rabin, Mac-Ellice and trellis based cryptosystems.The main stream of this paper is a description of key sharing protocol on constant public and noiseless channels (like Internet). It is shown that it is able to provide a high reliability and control of security in terms of Shannon’s information providing nothing-additional requirements to communication channels and without any cryptographic assumptions.

Artificial Intelligence-Based Aircraft Accident Threat Parrying Method

An anti-aircraft accident method is proposed, implemented in the decision support module, which is the main element of the flight safety control system and is a dynamic expert system. On the basis of the proposed method, recommendations are formed to the threat countering crew accidents using the information about its psychophysical state, the technical state an aircraft, external influencing factors, as well as a forecast of changes in flight conditions. The advantage of the proposed method is the ability to identify the immediate threat of an accident, as well as the development of management decisions to reduce the impact of the cause of the accident on flight safety. The peculiarity of the method of parrying the threat of an aircraft accident is the classification of management decisions depending on the flight conditions of the aircraft, which will reduce the computational costs for generating a threat parrying signal. Numerical modeling of the work using the assessment of a set of decision support rules made it possible to confirm its performance. The results can be used in systems development for safety an aircraft’s flight, the mathematical support of decision support systems.

A Simulation Model of the Confrontation between an Organized Attacker and an Information Security System in the Implementation of an Attack on a Network Management System of Clock Network Synchronization

This article provides an overview of the interaction between the warring parties and the main stages of the confrontation between the organized attacker and the information security system in the implementation of an attack on the network management system of clock network synchronization. A simulation model has been developed that reflects all stages of the struggle, which allows, depending on the resources of an organized attacker and the information security system, to obtain probabilistic and temporal characteristics of the results of the confrontation. Simulation has been carried out for various scenarios of organizing an attack at all stages of the confrontation, from the overwhelming advantage of an organized malefactor to the overwhelming advantage of an information security system. The results obtained in the general case can be used by security administrators and network administrators to make adjustments to the strategy of organizing the protection of the network management system of clock network synchronization.

The Orbital Channel Resource Control on Non-Markov Priority Systems of Mass Service Basis. Part 2. Dispatch Method

The article develops a methodology for scheduling an orbital channel resource with operational priority assignment based on the calculation of the parameters of a non-Markov service model with a limited residence time of a request in the system, which differs from known methods in that it takes into account the priority of various network subscribers, taking into account the high dynamics of their movement and the average waiting time in the service system with priority in the allocation of the orbital channel resource of the satellite command-relay system. The analysis of the influence of service quality indicators of information data flows is carried out.It is shown that the developed method of priority scheduling makes it possible to meet the requirements for the quality of service. A complex of experimental studies was carried out, which showed the possibility of ensuring the required level of stability with the deterioration in difficult conditions of radio electronic equipment, which made it possible to formulate practical proposals for improving the complex of coordination and distribution of resources of in the satellite command relay system.

Functional Model of Communication Network of Microwave Link Stations with Adaptive Modulation and Package Switching

The article describes the model of the communication network functioning, which consist of microwave link stations with adaptive modulation and packet switching. Mathematical expressions are presented, which allow to calculate particular indicators of stability and throughput of microwave link intervals, lines and communication directions, as well as generalized quality indicators of the communication network as a whole, taking into account the peculiarities of the functioning of microwave link stations with adaptive modulation and packet switching under the fading conditions at separate microwave link intervals.