Hennadii Hulak scite author profile

Hennadii Hulak

4Publications

0Citation Statements Received

0Citation Statements Given

How they've been cited

How they cite others

Affiliations

Borys Grinchenko Kyiv University, Institute of Mathematical Machines and Systems Problems

Publications

Order By: Most citations

Rules for the Implementation of Exploits During an Active Analysis of the Corporate Networks` Security Based on a Fuzzy Assessment of the Quality of the Vulnerability Validation Mechanism

et al. 2021

View full text Add to dashboard Cite

The dynamics of the increase in the number of vulnerabilities of software and hardware platforms of corporate networks, the accessibility of exploit modules for these vulnerabilities in the Internet and the Darknet, along with the lack of a sufficient number of highly qualified cybersecurity specialists make the problem of effective automation of preventive information protection mechanisms quite urgent. In particular, the basic algorithms for the sequential implementation of exploits embedded in the vulnerability exploitation tools are quite primitive, and the proposed approaches to their improvement require constant adaptation of mathematical models of the implementation of attacking actions. This justifies the direction of this research. This paper considers the issue of forming decision-making rules for the implementation of vulnerabilities’ exploits during an active analysis of the corporate networks’ security. Based on the results of the analysis of quantitative indicators of the quality of the validation mechanism of the identified vulnerabilities and the use of fuzzy logic methods, a fuzzy system was formed, membership functions for each of the linguistic variables were determined and a knowledge base was built, which makes it possible to determine the quality level of the validation mechanism of the identified vulnerabilities based on all available information. At the same time, in order to eliminate the “human factor” of making mistakes when validating vulnerabilities, based on the built fuzzy knowledge base and the established levels of exploit modules’ efficiency, the rules for the implementation of individual exploit modules during an active analysis of the corporate network’s security were formed. Results of research make it possible to create expert systems for diagnosing the effectiveness of the validation mechanism of the identified vulnerabilities of target systems, and also help to solve the problem of the lack of qualified specialists in the analysis and maintenance of an appropriate level of information security of corporate networks.

show abstract

Аналіз Операцій Модульного Та Покомпонентного Додавання У Блокових Шифрах

Hulak¹

2023

Bezpeka ìnf.

View full text Add to dashboard Cite

У роботі досліджуються властивості операцій модульного та покомпонентного додавання, що використовуються у вузлах блокових шифрів, які забезпечують додавання ключової інформації (ключові суматори), та їх вплив на практичну криптографічну стійкість. Для цього отримані допоміжні результати щодо функцій розподілу імовірностей звичайних та модульних сум незалежних рівномірно розподілених випадкових величин. В основній частині доведено що послідовність бітів переносу в наступний розряд при модульному додаванні чисел утворюють однорідний ланцюг Маркова з визначеним початковим станом та відповідною матрицею переходів, а також обчислена імовірність того, що при модульному та покомпонентному додаванні в результаті утвориться переходів між блоками, в яких всі компоненти співпадають, та блоками, в яких всі компоненти не співпадають. З урахуванням допоміжних результатів у статті отриманні та порівняні імовірнісні характеристики операцій покомпонентного та модульного додавання (віднімання), обчислені імовірності співпадіння результатів зазначених операцій, зроблені висновки щодо коректності (некоректності) використання відповідних модифікацій блокових шифрів для побудови оцінок стійкості, наведені практично застосовні зразки блоків заміни до блокових шифрів, які відповідають визначеним умовам, визначена можливість вразливості шифру до певних типів різницевих атак за умови наявності додаткової інформації щодо того, що при оцінці стійкості даного шифру використовувалась його модифікація, отримана шляхом заміни операції у ключовому суматорі на деяку іншу. У статті обґрунтовані висновки, що заміна операції у ключовому суматорі або блоку підстановки шифру недопустима без попередніх досліджень, що полягають в обчисленні і порівнянні відповідних параметрів.

show abstract

The Complexity of the Functional Security Assessment Algorithm for Information Technologies for the Creation of Warranty Automated Systems

Hulak

2020

Cybersecurity

View full text Add to dashboard Cite

The complexity of the algorithm of communication of the system of linear levels with open regular parts by means of list decoding of "shortened" codes of reed painters which are intended for use in methods of an estimation of functional safety of cryptographic algorithms of cryptographic subsystems of the guaranteed automated systems creating on objects of critical infrastructure and socially important objects. This paper proposes solving problems to assess the complexity of the proposed algorithm. As a result, the upper estimates of the average labor productivity for the general case and the maximum complexity of the proposed algorithm for many special reviews related to the restoration of the formed linear results of the maximum period over a field of two elements. The achievable upper part of the list, which is formed using the proposed algorithm, is also indicated. The obtained results indicate that with certain collaborations between the parameters of the previously proposed algorithm, the time complexity was changed in comparison with the previously known deterministic algorithm for a similar purpose, which is based on the fast Hadamara transformation. This means that a more effective tool can be used to assess the impact of cryptographic subsystems on powerful cyberattacks to obtain a more accurate assessment of their functional security.

show abstract

Vulnerabilities of Short Message Encryption in Mobile Information and Communication Systems of Critical Infrastructure Objects

Hulak

Skladannyi

et al. 2022

Cybersecurity

View full text Add to dashboard Cite

The article considers the possibility of implementing attacks on information exchange in mobile information and communication systems (ICS), which are protected for additional practical cryptographic transformations. Information exchange in the IСS of critical infrastructure objects is often implemented by means of transmission, receiving and paying fees of apparently short notices. Such improvements can be used to formalize control commands and data on the flow mill of objects, alert signals, alerts about suspected activity in computer networks or data for the formation of multiple secrets (keys) in cyber defense systems. Short message services (Short Message Service - SMS) or add-ons on mobile platforms - messengers are analyzed for the exchange of apparently short notifications. Informed about the possibility of an attack on cryptographic systems with a method of designating a streaming station, the object of critical infrastructure and methods of its implementation. Formulated practical recommendations about how to prevent significant attacks, as well as direct further charges.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Hennadii Hulak

Rules for the Implementation of Exploits During an Active Analysis of the Corporate Networks` Security Based on a Fuzzy Assessment of the Quality of the Vulnerability Validation Mechanism

Аналіз Операцій Модульного Та Покомпонентного Додавання У Блокових Шифрах

The Complexity of the Functional Security Assessment Algorithm for Information Technologies for the Creation of Warranty Automated Systems

Vulnerabilities of Short Message Encryption in Mobile Information and Communication Systems of Critical Infrastructure Objects

Contact Info

Product

Resources

About