Abstract: Reinforcement learning is a core technology for modern artificial intelligence, and it has become a workhorse for AI applications ranging from Atrai Game to Connected and Automated Vehicle System (CAV). Therefore, a reliable RL system is the foundation for the security critical applications in AI, which has attracted a concern that is more critical than ever. However, recent studies discover that the interesting attack mode adversarial attack also be effective when targeting neural network policies in the context of reinforcement learning, which has inspired innovative researches in this direction. Hence, in this paper, we give the very first attempt to conduct a comprehensive survey on adversarial attacks in reinforcement learning under AI security. Moreover, we give briefly introduction on the most representative defense technologies against existing adversarial attacks.

Abstract: Blockchain technology ensures that data is tamper-proof, traceable, and trustworthy. This article introduces a well-known blockchain technology implementation—Hyperledger Fabric. The basic framework and privacy protection mechanisms of Hyperledger Fabric such as certificate authority, channel, Private Data Collection, etc. are described. As an example, a specific business scenario of supply chain finance is figured out. And accordingly, some design details about how to apply these privacy protection mechanisms are described.

Abstract: Data security and privacy issues are magnified by the volume, the variety, and the velocity of Big Data and by the lack, up to now, of a reference data model and related data manipulation languages. In this paper, we focus on one of the key data security services, that is, access control, by highlighting the differences with traditional data management systems and describing a set of requirements that any access control solution for Big Data platforms may fulfill. We then describe the state of the art and discuss open research issues.

Abstract: Recently released Intel processors have been equipped with hardware instruction tracing facilities to securely and efficiently record the program execution path. In this paper, we study a case for data integrity checking based on Intel Processor Trace (Intel PT), the instruction tracing facility on x86 processors. We incorporate software instrumentation and hardware instruction tracing to guarantee fine-grained data integrity without frequently switching the processor mode. We incorporate the idea in a system named DTrace which provides primitives to instruct Intel PT to capture the data load and store events, even current Intel PT implementations only record control transfers. The trace is analyzed before the program makes security-sensitive operations. We apply DTrace in several case studies to show that the primitives that DTrace provides are easy to use and help to enhance data integrity in applications. We further evaluate DTrace with several microbenchmarks to show the time cost that DTrace’s data tracing operation incurs. We also evaluate DTrace on Nginx to show the performance impact when Nginx is enhanced in security to provide the integrity during the runtime execution for programmer-defined security sensitive data. We find the performance overhead that DTrace incurs for the data tracing is moderate.

Abstract: Web crawlers have been misused for several malicious purposes such as downloading server data without permission from the website administrator. Moreover, armoured crawlers are evolving against new anti-crawler mechanisms in the arm races between crawler developers and crawler defenders. In this paper, based on one observation that normal users and malicious crawlers have different short-term and long-term download behaviours, we develop a new anti-crawler mechanism called PathMarker to detect and constrain persistent distributed crawlers. By adding a marker to each Uniform Resource Locator (URL), we can trace the page that leads to the access of this URL and the user identity who accesses this URL. With this supporting information, we can not only perform more accurate heuristic detection using the path related features, but also develop a Support Vector Machine based machine learning detection model to distinguish malicious crawlers from normal users via inspecting their different patterns of URL visiting paths and URL visiting timings. In addition to effectively detecting crawlers at the earliest stage, PathMarker can dramatically suppress the scraping efficiency of crawlers before they are detected. We deploy our approach on an online forum website, and the evaluation results show that PathMarker can quickly capture all 6 open-source and in-house crawlers, plus two external crawlers (i.e., Googlebots and Yahoo Slurp).

Abstract: A main challenge of attribute-based access control (ABAC) is the handling of missing information. Several studies have shown that the way standard ABAC mechanisms, e.g. based on XACML, handle missing information is flawed, making ABAC policies vulnerable to attribute-hiding attacks. Recent work has addressed the problem of missing information in ABAC by introducing the notion of extended evaluation, where the evaluation of a query considers all queries that can be obtained by extending the initial query. This method counters attribute-hiding attacks, but a naive implementation is intractable, as it requires an evaluation of the whole query space. In this paper, we present a framework for the extended evaluation of ABAC policies. The framework relies on Binary Decision Diagram (BDDs) data structures for the efficient computation of the extended evaluation of ABAC policies. We also introduce the notion of query constraints and attribute value power to avoid evaluating queries that do not represent a valid state of the system and to identify which attribute values should be considered in the computation of the extended evaluation, respectively. We illustrate our framework using three real-world policies, which would be intractable with the original method but which are analyzed in seconds using our framework.

Abstract: The group signature scheme is an important primitive in cryptography, it allows members in a group to generate signatures anonymously on behalf of the whole group. In view of the practical application of such schemes, it is necessary to allow users’ registration and revocation when necessary, which makes the construction of dynamic group signature schemes become a significant direction. On the basis of (Ling et al., Lattice-based group signatures: achieving full dynamicity with ease, 2017), we present the first full dynamic group signature scheme over ring, and under the premise of ensuring security, the efficiency of the scheme is improved mainly from the following three aspects: the size of keys, the dynamic construction of a Merkle hash tree that used to record the information of registered users, and the reuse of the leaves in this tree. In addition, the public and secret keys of both group manager and trace manager are generated by a trusted third party, which prevents the situation that the two managers generate their respective public key and secret key maliciously. Compared with the counterpart of the scheme in (Ling et al., Lattice-based group signatures: achieving full dynamicity with ease, 2017) over ring, the expected space complexity of the Merkle tree used in our work down almost by half, and the computational complexity of its update has been reduced by a notch because of the dynamic construction of the hash tree.

Abstract: The article presents the research and comparative analysis of the bandwidth of low-power wireless IoT devices as wireless switches. The following IoT devices were investigated: Raspberry Pi 3 Model B and Raspberry Pi Zero W. The DS18B20 and INA219 sensors investigated and analyzed the dependence of FTP multimedia data transmission speed on wireless Wi-Fi network on the temperature of the switch processor, temperature. The environment and the current and voltage consumed by the switch. Advantages of sensors with GPIO interface over analog meters for this experiment are revealed. Much of the work is devoted to the development of automation of results from GPIO interfaces, which helped eliminate human error and get more accurate metrics. Measurement automation was developed using Python 3.7 programming language. Using the INA219 library we were able to obtain current and voltage indicators from the ina219 board. To get temperature indicators sufficiently built into Python libraries to read temperature files in Raspbian. The article focuses on the synchronicity of measurement results records for more accurate analysis. Therefore, an FTP client was developed that measures the download speed of the file from the FTP server and records the results simultaneously with temperature, current and voltage measurements. To this end, attention is drawn to the multithreading in Python programming language and the transmission of commands using TCP sockets in that language. As a result, the dependence of the measured factors was calculated using the Pearson correlation formula. These measurement factors affect the autonomy and energy consumption, which is very important for IoT devices, and therefore, among the devices tested, recommendations were made regarding their choice when used depending on the conditions.

Abstract: The subject of the research is a mathematical model of authentication of the transmitted message based on the McEliese scheme on shortened and elongated modified elliptic codes using the modified UMAC algorithm. The aim of this work is to develop such a scheme for the information exchange over Internet communication channels, which would ensure the proper level of verification and integrity of the transmitted information, taking into account the prevention of an increase in the costs of the actions taken. Tasks: analysis of existing ways to increase the resistance to hacking of transmitted messages over telecommunication networks; analysis of a message transfer scheme using blockchain technology; formalized description of a mathematical model for providing clear text authentication using a modified UMAC algorithm, as the formation of key data, a crypto-code construction (CCC) is used on the McEliese scheme on modified elliptic codes (MEС); development of data encryption and decryption algorithms using CCC based on McEliese on the MEC and UMAC algorithm. Аn approach was proposed to verify the authentication and verification of the information packet during transmission and reception via telecommunication channels, which allows using already known hashing methods to compare generated codegrams and transmitted messages for their correspondence, which increases the level of cryptographic stability of the transmitted data and the reliability of the received data. The developed schemes of algorithms for generating codеgrams and their decryption using the proposed approach make it possible to gradually demonstrate the implementation of procedures for generating codegrams and their hash codes using both shortening and lengthening the code. Further research should prove from a practical point of view the effectiveness of using this approach when transmitting a message regarding the preservation of its integrity and authenticity. Therefore, it is necessary to develop a test system that should implement the proposed approach, as well as evaluate the results obtained.

Abstract: Dual receiver encryption (DRE) is an important cryptographic primitive introduced by Diament et al. at CCS’04, which allows two independent receivers to decrypt a same ciphertext to obtain the same plaintext. This primitive is quite useful in designing combined public key cryptosystems and denial of service attack-resilient protocols. In this paper, we obtain some results as follows.

Abstract: This article is about the problems of vulnerability of the Ukrainian state in the conditions of information warfare. The main threats are described, among them: the destruction of a single information space of the state; manipulation of the public, lack of coordination of state authorities, weakness of education and education, illegal use of special means of influence on public consciousness, aggravation of international competition for ownership of information technologies and resources; activities of international terrorist organizations; insufficiency of regulatory legal framework regulating relations in the information sphere, as well as insufficient application of law. In the information warfare, there are three main goals: control of the information space and the protection of their information from hostile acts; use of control over the information space for carrying out informational attacks on the enemy; increasing the overall effectiveness of armed information functions. The components of information wars are considered and the priority directions of the state information policy and important steps from the authorities of Ukraine are described. Formation of public consciousness with the help of subjects of information warfare using methods of psychological influence becomes the most effective way of control and manipulation, both within the state and beyond its borders. It all depends on who actually determines the content. Thus, our attitude to problems and phenomena, even the very approach to what is considered a problem or phenomenon, is largely determined by those who control the world of communications.

Abstract: Role-Based Access Control (RBAC) policies are at the core of Cybersecurity as they ease the enforcement of basic security principles, e.g., Least Privilege and Separation of Duties. As ICT systems and business processes evolve, RBAC policies have to be updated to prevent unauthorised access to resources by capturing errors and misalignments between the current policy and reality. However, such update process is a human-intensive activity and it is expected to meet specific constraints. This paper proposes a semi-automatic RBAC maintenance process to fix and refine an RBAC state when “exceptions” and “violations” are detected. Exceptions are permissions some users realise they miss that are instrumental to their job and should be granted as soon as possible, while violations are permissions that have to be revoked since they are no longer required by their current owners. We propose a formalisation for the maintenance process which fixes single and multiple exceptions and violations by balancing two conflicting objectives, i.e., (i) optimising the current RBAC state, and (ii) reducing the transition cost. Our approach is based on a Max-SAT formalisation of the constraint-based optimisation problem, and on PDDL planning to define the transition strategy with minimum cost. Our implementation relies on incomplete Max-SAT solvers and satisficing PDDL planners which provide approximations of optimal solutions. Experiments along with a comparative evaluation show good performance on real-world benchmarks.

Abstract: As one of the most notorious programming errors, memory access errors still hurt modern software security. Particularly, they are hidden deeply in important software systems written in memory unsafe languages like C/C++. Plenty of work have been proposed to detect bugs leading to memory access errors. However, all existing works lack the ability to handle two challenges. First, they are not able to tackle fine-grained memory access errors, e.g., data overflow inside one data structure. These errors are usually overlooked for a long time since they happen inside one memory block and do not lead to program crash. Second, most existing works rely on source code or debugging information to recover memory boundary information, so they cannot be directly applied to detection of memory access errors in binary code. However, searching memory access errors in binary code is a very common scenario in software vulnerability detection and exploitation. In order to overcome these challenges, we propose Memory Access Integrity (MAI), a dynamic method to detect fine-grained memory access errors in off-the-shelf binary executables. The core idea is to recover fine-grained accessing policy between memory access behaviors and memory ranges, and then detect memory access errors based on the policy. The key insight in our work is that memory accessing patterns reveal information for recovering the boundary of memory objects and the accessing policy. Based on these recovered information, our method maintains a new memory model to simulate the life cycle of memory objects and report errors when any accessing policy is violated. We evaluate our tool on popular CTF datasets and real world softwares. Compared with the state of the art detection tool, the evaluation result demonstrates that our tool can detect fine-grained memory access errors effectively and efficiently. As the practical impact, our tool has detected three 0-day memory access errors in an audio decoder.

Abstract: In Wireless Sensor Network (WSN), energy and packet forwarding tendencies of sensor nodes plays a potential role in ensuring a maximum degree of co-operation under data delivery. This quantified level of co-operation signifies the performance of the network in terms of increased throughput, packet delivery rate and decreased delay depending on the data being aggregated and level of control overhead. The performance of a sensor network is highly inclined by the selfish behaving nature of sensor nodes that gets revealed when the residual energy ranges below a bearable level of activeness in packet forwarding. The selfish sensor node needs to be identified in future through reliable forecasting mechanism for improving the lifetime and packet delivery rate. Semi Markov Process Inspired Selfish aware Co-operative Scheme (SMPISCS) is propounded for making an attempt to mitigate selfish nodes for prolonging the lifetime of the network and balancing energy consumptions of the network. SMPISCS model provides a kind of sensor node’s behavior for quantifying and future forecasting the probability with which the node could turn into selfish. Simulation experiments are carried out through Network Simulator 2 and the performance are analyzed based on varying the number of selfish sensor nodes, number of sensor nodes and range of detection threshold.

Abstract: The interaction between gene loci, namely epistasis, is a widespread biological genetic phenomenon. In genome-wide association studies(GWAS), epistasis detection of complex diseases is a major challenge. Although many approaches using statistics, machine learning, and information entropy were proposed for epistasis detection, the privacy preserving for single nucleotide polymorphism(SNP) data has been largely ignored. Thus, this paper proposes a novel two-stage approach. A fusion strategy assists in combining and sorting the SNPs importance scores obtained by the relief and mutual information, thereby obtaining a candidate set of SNPs. This avoids missing some SNPs with strong interaction. Furthermore, differentially private decision tree is applied to search for SNPs. This achieves the efficient epistasis detection of complex diseases on the basis of privacy preserving compared with heuristic methods. The recognition rate on simulation data set is more than 90%. Also, several susceptible loci including rs380390 and rs1329428 are found in the real data set for Age-related Macular Degeneration (AMD). This demonstrates that our method is promising in epistasis detection.

Abstract: Astroturfing is a phenomenon in which sponsors of fake messages or reviews are masked because their intentions are not genuine. Astroturfing reviews are intentionally made to influence people to take decisions in favour of or against a target service or product or organization. The tourism sector being one of the sectors that is flourishing and witnessing unprecedented growth is affected by the activities of astroturfers. Astroturfing reviews can cause many problems to tourists who make decisions based on available online reviews. However, authentic and genuine reviews help people make informed decisions. In this paper a Latent Dirichlet Allocation (LDA) based Group Topic-Author model is proposed for efficient discovery of social astroturfing groups within the tourism domain. An algorithm named Astroturfing Group Topic Detection (AGTD) is defined for the implementation of the proposed model. The experimental results of this study revealed the utility of the proposed system for the discovery of social astroturfing groups within the tourism domain.

Abstract: The article deals with the problem of training modern specialists of the specialty "125 - Cyber Security". Issues of providing students with specialized and professional knowledge and skills in cryptographic protection of the information are considered. The necessity of obtaining practical knowledge on information protection with a certain amount of theoretical knowledge for future cybersecurity specialists has been substantiated. Through the analysis of literature and the use of own experience, the essence and structure of the concept of "competence on cryptographic protection of the information" have been determined. Formation of these competencies have been carried out within the framework of interdisciplinary links of educational disciplines, namely: "Applied Cryptology", "Secure Programming". The list of requirements for professionally significant characteristics of a cybersecurity specialist in the field of cryptographic protection of information has been determined. An overview of cryptographic libraries has been conducted and the main criteria for selecting the cryptographic service and the programming environment have been determined. The article demonstrates the need to use modern cryptographic .Net Framework services and the Microsoft Visual Studio application development environment to provide students with the knowledge and practical skills of information protection. The model of formation and development of competences on cryptographic protection of the information for students of the specialty “125-Cyber Security” has been developed and the ways of its realization at Borys Grinchenko Kyiv University have been offered. In the course of the research it was determined that in the programming of cryptographic protection mechanisms, practical skills of using cryptographic algorithms in the processing and transmission of data have been effectively formed. It is proved that the definition of the volume of theoretical knowledge and practical skills, taking into account the interdisciplinary connections of educational disciplines, allows preparing specialists with practical skills in cryptographic protection of the information. Such specialists are necessary for IT companies in the labor market.

Abstract: На сьогоднішній день з’явилася необхідність у розробці дієвих протоколів обміну даними та пристроїв, що будуть цей обмін забезпечувати, оскільки стандартні протоколи, що використовуються у традиційних мережах не можуть в повній мірі задовольнити потреб нового типу мереж. У статті описано процес розробки та реалізації натурної моделі стійкої до завад та розривів сенсорної мережі. Стійкість даної мережі досягається шляхом побудови розподіленої мережі, в якій всі вузли передають повідомлення всім доступним вузлам. Безпроводові мобільні однорангові мережі (MANET) можуть автоматично конфігуруватися, тому вузли в ній можуть вільно переміщатися. Безпроводові мережі не мають складнощів налаштування інфраструктури та управління, що дозволяє пристроям створювати і приєднуватися до мереж «на льоту» — в будь-якому місці, в будь-який час. У даній роботі розглянуто теоретичну частину функціонування подібних мереж та галузі їх використання. Після цього проведено початковий аналіз доступного обладнання, що використовується для побудови подібних апаратних рішень. Детально розглянуто програмне забезпечення для розробки таких рішень, а також наведено приклади готових моделей, що реалізують досліджуваний функціонал. Після цього зібрано декілька варіантів натурної моделі мережевих вузлів, а також тестового приладу для створення корисного навантаження на мережу. Для цього були використані сторонні відкриті рішення у поєднанні з власними розробками. З отриманою системою проведено ряд тестів, що дали змогу зрозуміти слабкі й сильні сторони такої мережі та зробити висновки для подальшого розвитку проекту та створення вдосконаленого робочого прототипу. У статті наведено принципові електричні схеми пристроїв, список використаного обладнання та програмного забезпечення, що було використано та наведено фотоматеріали прототипів створеної системи. Дана система може бути використана в реальних умовах для утворення системи розумного дому, отримання інформації з певних IoT датчиків.

Abstract: The procedures of comparative analysis using statistical criteria for evaluating the information content of radio sources of telecommunication networks and systems in their classification and recognition as a set of formalized rules for collecting, processing and analyzing the information obtained are considered. In the introduction, the general processes of recognition and classification of sources of radio emission of telecommunication networks are analyzed, the main statistical criteria for evaluating the information content of information features are given. It is noted that most of the mentioned criteria of recognition allow to carry out only ranking of signs and do not provide the solution of the problem of quantitative estimation of their informativeness by the criterion of minimum probability of error or maximum probability of true recognition. With this in mind, a research goal has been formed, which is to develop a procedure for comparative analysis using statistical criteria for evaluating the information content of radio sources of telecommunication networks and systems in their classification and recognition, as a set of formalized rules for collecting, processing and analyzing the information obtained. The study found that the exact value of the probability of error is difficult to obtain, since its estimation requires knowledge of decision thresholds. The integration in the calculation is only possible numerically. Therefore, in order to solve the recognition problem, it is advisable not to use the error probabilities, but their boundaries (upper and lower), which must be strict on the one hand and easily calculated analytically on the other. It should also be borne in mind that the probability of errors and their boundaries are uniquely related to the class distance (classes), which in turn must be clearly related to the probability of true recognition. Based on the analysis of analytical expressions of the statistical criteria for estimating interclass distances, recognition theory establishes mutual analytical relationships between the main criteria of interclass distances. It is substantiated and proposed to solve the problems of recognition by applying the Fali – Semmon transform, where the criterion of optimality is the maximum ratio of the mean differences of the projections of the vectors of the data of the classes to be recognized to the sum of the covariations in the middle of the classes in their projection to the parameter vector, resulting in a modified Fisher ratio. It is also determined that all the criteria considered are designed for a small number of recognition classes, whereas in practice the number of classes and their size is very large and their total number is unknown. Moreover, the recognition process is multi-parameter, which makes it difficult to solve the problems of classification and recognition of objects and sources of radio emission. To overcome this situation, it is proposed to use a criterion based on the coefficient of non-orthogonality of the conditional probability distributions of the probability of a trait, which can be considered as a variation of Bhattacharya distance for a large number of classes and their volume.

Abstract: This article is about criteria of reliability of information. The validity period of the information has been determined. It is established that an important stage of selection, development of methods and mechanisms for ensuring the reliability of information is the analysis of the processes of its processing. The definition of the information reliability assessment is given, and it is also established that the complexity of the information reliability assessment is information evaluation. To assess the accuracy of information, such features as the doubtfulness of the facts presented, the emotional coloring of the content, the tone of the content in relation to an object or event, the sensational content, the hidden content. These features will be based on monitoring the reliability of information in the information space, which aims to minimize the subjectivity of peer review of the content of authors from the point of view of their influential orientation towards individuals of the information space. In order to minimize this subjectivism, the basis of evaluations is the key criteria for the reliability of information, which, unlike estimates, are largely fully measured: the criterion of balance of information, the criterion for separating facts from opinions, the criterion for the accuracy and reliability of information, the criterion for completeness of information. Thus, there is a need to create an algorithm for assessing the reliability of information in the information space, which makes it possible to investigate information resources for the impact on them, identify problems of information security in a timely manner, recommend proven solutions for use at critical sites, organize and to carry out special trainings at the state level, etc.

Abstract: The article is devoted to the study of trends in cybercrime, which is a threat to the country's information security. The place and role of cybersecurity in the system of national security are determined. The state of the system of protection against cyber attacks in the developed countries of the world, such as France, Japan, China, South Korea and the United Kingdom, was analyzed. The main shortcomings and perspectives of protection of cyberspace are revealed. The use of modern information technologies in state structures, as well as in society in general, proposes solving information security problems as one of the main ones. The economy, logistics and security of the country increasingly depend on the technical infrastructure and its security. To improve the effectiveness of the fight against cybercrime, developed countries have long started the appropriate work needed to create their own cyber security strategy. Incidents in the field of cybersecurity affect the lives of consumers information and many other services and cyber attacks aimed at various objects of infrastructure of electronic communications systems or technological processes management. Modern world trends in the development of cybercrime and the strengthening of cyber attacks indicate an increase in the value of combating it for the further development of society, which in turn predetermines the assignment of certain groups of social relations of the cybersphere to the competence of legal regulation. The current situation with cybercrime requires constant improvement of methods the fight against cybercrime, the development of information systems and methods aimed at ensuring the cyber security of the country. Necessary tasks are the development of a national strategy on cybersecurity, which will include tactical and strategic priorities and tasks in this area for state bodies. So, the issue of cyberspace security, the fight against cybercrime is relevant both at the international level and at the level of the individual country, and therefore needs further consideration.

Abstract: Hashing functions play an applied and fundamental role in the current protection of programs and data by cryptography techniques. Typically, these security features transmit latency data at the same time, producing a small and fixed-size signal. Along with an avalanche-like growing volume of data requiring quick validation, the hash function throughput is becoming a key factor. According to scientific research published in the technical literature, one of the fastest implementations of SHA-512 is the SHA-2 implementation, which provides bandwidth of the algorithm over 1550 Mbps, but is also faster such as the Whirlpool where bandwidths exceed 4896 Mbps At present, many papers have been published discussing the hardware implementation of the SHA-512. All considered implementations are usually aimed at high bandwidth or efficient use of computing resources. In general, it is impossible to know in advance which choice of functional design for this component will be the best in achieving the specific design purpose. After implementation and implementation of the algorithm with different components, it was possible to carry out system analysis and comment on the quality of this implementation, since the goal relates to the achievement of high bandwidth or low overall computing power. We systematized the results of all the calculations performed and analyzed each implementation separately. A detailed description of the stages of the expansion and compression of messages. Similarly, at different stages and refers to the stage of update hash, but its implementation is not always clearly defined. One of the reasons to skip the details of the previous stage and the stage of the hash update is that it assumes that these steps will be implemented in such a way as to minimize the negative impact on it. The data mixing function in the article does not claim to be the highest bandwidth of the algorithm, but it proved to be sufficiently stable for third-party decoding. Summarizing our research in the field of cryptographic protection by various methods, we can state that the application developed on the basis of the SHA-512 algorithm application software corresponds to the following technical parameters, namely verification of the integrity of programs and data and a sufficiently reliable authentication algorithm.

Abstract: The article is devoted to the problem of information security, namely the study of the characteristics of antivirus programs which are standardized in Ukraine. The study used statistical methods to analyze the characteristics of antivirus software and comparative methods of comparing the various types of such programs. Relying on researches in scientific literature, the main threats to information security in the field of information technology were analyzed. The emphasis is placed on the fact that antivirus software is the most effective protection against malicious software (malware). The basic methods of work of the antivirus – signature and heuristic – are described. The list of standardized in Ukraine antivirus programs is determined. The study was based on the quantitative and qualitative results which while testing had obtained by the independent testing laboratory AV-Comparatives (Austria), the independent Virus Bulletin (VB) laboratory for testing and certification in the field of security, the Center for antivirus protection information of the State Special Communication Service of Ukraine. The comparative analysis of the main characteristics of antivirus programs was carried out, namely: antivirus and anti-spyware; anti-phishing; anti-rootkit protection against exploits; Intrusion Prevention System; Real-time protection; parental control; host-based firewall; antispam; protection against network attacks; home network protection; anti-theft; password management.

Abstract: The article describes the use of information and telecommunication systems in public and private institutions and disadvantages for the construction of information and telecommunication systems for decentralization. The analysis of recent researches and publications on the subject of the block is conducted. The paper describes the principle of the technology, the block and the ways in which a block protects itself from attempting to make unauthorized changes or deletion of data. The expediency and perspectives of using information security technologies from the point of view of the triad of information security services as confidentiality, integrity and accessibility are considered. The rapid development of information technology is expected to rapidly increase and increase, and also threatens the information and telecommunication systems that have most of these systems. A promising direction for the construction of information and telecommunication systems is the use of decentralization. Therefore, it is important to analyze the use of Blockchain technology for the construction of decentralized information and telecommunication systems in terms of information security.

Abstract: Current article provides the trends of the hybrid threats landscape for 2020 and further. The key aspects of the implementation of hybrid threats and ways of counteracting them in cyberspace, which are closely related to the constant change of directions of cyber-attacks, improving their efficiency and speed of implementation, the use of artificial intelligence systems to ensure the security of information resources and the creation of adaptive systems of adversity to information and cyber threats , the use of machine learning techniques for a better understanding of the current state of threats, the application of artificial intelligence principles and responsive scenarios for predicting cyberattacks, developing customized action plans that rely on artificial intelligence systems to improve threat detection and response speed, utilize counterintelligence and counter-methods to respond quickly to any spyware before initiating active action, enhancing communication between law enforcement agencies to form a unified approach for interaction between law enforcement agencies at international and local levels, government organizations, the corporate sector and experts in the field of security. The article defines the necessity for development of experts validated strategies to protect against information and cyber-attacks by criminals. The article describes the object of protection with determination of purpose and basic functions of the system, group of tasks solved in the system, classification of users of the system, organizational structure of service personnel, structure and composition of a complex of software and hardware, types of information assets stored and processed in system, structure of information flows, characteristics of channels of interaction with other systems and entry points.

Abstract: Image filtering attempts to achieve greater resolution. There is a large number of filters that allows you to bring images with clear borders. In addition, noise is present when digitizing images. One of the most common types of filtering is the Gabor filter. It allows you to restore the image with the contour allocation at a certain frequency. Its core looks like elements of the Fourier basis, which is multiplied by Gaussian. The widespread use of Gabor filters for filtration is due to the fact that it gives a strong response at those points of the image where there is a component with local features of frequency in space and orientation. It is proposed to use the Ateb-Gabor filter, which greatly expands the well-known Gabor filter. The Ateb-Gabor filter combines all the properties of a harmonic function, which is multiplied by Gaussian. As a harmonic function, it is proposed to use the Ateb-functions that greatly extend the trigonometric effect. The developed filter is applied to the images. The Ateb-Gabor filter depends on the frequency and directions of the quasiperiodic structure of the image. Usually, to simplify the task, the average image frequency is calculated. It is unchanged at every point. Filtration of images is based on the generalized Ateb-Gabor filter. Influence of filtering parameters on images is investigated. The properties of periodic Ateb-functions are investigated. The value of the period from which the filtering results depend on is calculated. Ateb-Gabor filtering allowed for wider results than the classic Gabor filter. The one-dimensional Gabor filter based on the Ateb-functions gives the possibility to obtain more lenient or more convex forms of function at the maximum described in this study. In this way, filtration with a large spectrum of curves can be realized. This provides quick identification, since a more versatile kind of filtering has been developed.

Abstract: Key management is an essential component of a cryptographic access control system with a large number of resources. It manages the secret keys assigned to the system entities in such a way that only authorized users can access a resource. Read access control allows read access of a resource by the authorized users and disallows others. An important objective of a key management is to reduce the secret key storage with each authorized user. To this end, there exist two prominent types of key management hierarchy with single key storage per user used for read access control in data outsourcing scenario: user-based and resource-based. In this work, we analyze the two types of hierarchy with respect to static hierarchy characteristics and dynamic operations such as adding or revoking user authorization. Our analysis shows that the resource-based hierarchies can be a better candidate which is not given equal emphasis in the literature. A new heuristic for minimizing the key management hierarchy is introduced that makes it practical in use even for a large number of users and resources. The performance evaluation of dynamic operations such as adding or revoking a user’s read subscription is shown experimentally to support our analytical results.