Modern scientific problems of cyber security
DOI:
https://doi.org/10.15407/visn2023.02.012Keywords:
cyber security, cyber attack, algebraic modeling, code vulnerabilities, insertion modeling, formal verification, fuzzy testing, neural networks, machine learning, algebra of behaviorsAbstract
The article contains an overview of modern problems in cyber security and analyzes the role of scientific research in solving them. In particular, two types of research are distinguished - with the use of an algebraic approach and with the use of neural networks, which belongs to the methods of Artificial Intelligence. Algebraic methods are based on usage of automatic theorem proving and solver programs. These studies are conducted to solve two main problems of cyber security. The first problem concerns the detection of vulnerabilities in software and hardware systems and the assessment of their resistance to intrusions. The second problem is the detection of malicious intrusions in real time. The results of research that help create reliable protection against cyberattacks, which is important in modern circumstances for the protection of systems of critical infrastructure objects, are highlighted.
Cite this article:
Letychevskyi O.О. Modern scientific problems of cyber security. Visn. Nac. Akad. Nauk Ukr. 2023. (2): 12—20. https://doi.org/10.15407/visn2023.02.012
References
Khraisat A., Gonda I., Vamplew P., Kamruzzaman J. Survey of intrusion detection systems: techniques, datasets and challenges. Cybersecur. 2019. 2: 20. https://doi.org/10.1186/s42400-019-0038-7
Meiners C.R., Patel J., Norige E., Torng E., Liu A.X. Fast regular expression matching using small TCAMs for network intrusion detection and prevention systems. In: USENIX Security'10: Proc. 19th USENIX Conf. on Security. Washington, DC, 2010.
Lin C., Lin Y.-D., Lai Y.-C. A hybrid algorithm of backward hashing and automaton tracking for virus scanning. IEEE Trans. Comput. 2011. 60(4): 594—601. https://doi.org/10.1109/TC.2010.95
Walkinshaw N., Taylor R., Derrick J. Inferring extended finite state machine models from software executions. Empirical Software Engineering. 2016. 21(3): 811—853. https://doi.org/10.1007/s10664-015-9367-7
Studnia I., Alata E., Nicomette V., Kaâniche M., Laarouchi Y. A language-based intrusion detection approach for automotive embedded networks. Int. J. Embed Syst. 2018. 10(1): 1—12. https://doi.org/10.1504/IJES.2018.089430
Le T.H.M., Chen H., Ali Babar M. A Survey on Data-driven Software Vulnerability Assessment and Prioritization. ACM Computing Surveys. 2023. 55(5): 1—39. https://doi.org/10.1145/3529757
Shen Z., Chen S. A Survey of Automatic Software Vulnerability Detection, Program Repair, and Defect Prediction Techniques. Security and Communication Networks. 2020. 2020: 8858010. https://doi.org/10.1155/2020/8858010
Cyber Grand Challenge. DARPA. https://www.darpa.mil/program/cyber-grand-challenge
Godefroid P., Levin M.Y., Molnar D. SAGE: Whitebox Fuzzing for Security Testing. Queue. 2012. 10(1): 20—27. https://doi.org/10.1145/2090147.2094081
American Fuzzy Lop. https://lcamtuf.coredump.cx/afl/
Kapitonova J., Letichevsky A. Algebraic programming in the APS system. In: ISSAC 90: Proc. Int. Symp. on Symbolic and Algebraic Computation. ACM, New York, 1990. P. 68—75. https://doi.org/10.1145/96877.96896
Gilbert D., Letichevsky A. A model for interaction of agents and environments. In: Bert D., Choppy C. (eds). Recent Trends in Algebraic Development Techniques. LNCS 1827. Cham, Switzerland: Springer-Verlag, 1999. P. 311—328. https://doi.org/10.1007/978-3-540-44616-3_18
Letichevsky A., Letychevskyi O., Peschanenko V., Weigert T. Insertion modeling and symbolic verification of large systems. In: Fischer J., Scheidgen M., Schieferdecker I., Reed R. (eds). SDL 2015: Model-Driven Engineering for Smart Cities. Cham, Switzerland: Springer International Publishing, 2015. P. 3—18. https://doi.org/10.1007/978-3-319-24912-4_1
Letichevsky A. Algebra of behavior transformations and its applications. In: Kudryavtsev V.B., Rosenberg I.G. (eds). Structural Theory of Automata, Semigroups, and Universal Algebra. NATO Science Series II. Mathematics, Physics and Chemistry. Vol. 207. Springer, 2005. P. 241—272. https://doi.org/10.1007/1-4020-3817-8_10
Letychevskyi O. Two-level algebraic method for detection of vulnerabilities in binary code. In: 10th IEEE Int. Conf. on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications (IDAACS), 2019. https://doi.org/10.1109/IDAACS.2019.8924255
Z3 decision procedure. https://github.com/Z3Prover/z3
Pulapaka H. Windows sandbox. Windows OS Platform Blog. https://techcommunity.microsoft.com/t5/windows-kernel-internals-blog/windows-sandbox/ba-p/301849
Horbatyuk V.O., Horbatyuk S.O. Methods for Checking the Resistance to http Attacks on a Smart Home by Algebraic Comparison. Control Systems and Computers. 2022. (4): 13—23. https://doi.org/10.15407/csc.2022.04.013
Letychevskyi O.O., Peschanenko V.S., Hryniuk Y.V. Fuzz Testing Technique and its Use in Cybersecurity Tasks. Cybernetics and Systems Analysis. 2022. 58(1): 157—163. https://doi.org/10.1007/s10559-022-00445-2
