Military Communication Institute

Zegrze, Poland

Military Communication Institute

Zegrze, Poland
Time filter
Source Type

Szpyrka M.,AGH University of Science and Technology | Jasiul B.,Military Communication Institute
Symmetry | Year: 2017

This article presents a new method of risk propagation among associated elements. On the basis of coloured Petri nets, a new class called propagation nets is defined. This class provides a formal model of a risk propagation. The proposed method allows for model relations between nodes forming the network structure. Additionally, it takes into account the bidirectional relations between components as well as relations between isomorphic, symmetrical components in various branches of the network. This method is agnostic in terms of use in various systems and it can be adapted to the propagation model of any systems' characteristics; however, it is intentionally proposed to assess the risk of critical infrastructures. In this paper, as a proof of concept example, we show the formal model of risk propagation proposed within the project Cyberspace Security Threats Evaluation System of the Republic of Poland. In the article, the idea of the method is presented as well as its use case for evaluation of risk for cyber threats. With the adaptation of Petri nets, it is possible to evaluate the risk for the particular node and assess the impact of this risk for all related nodes including hierarchic relations of components as well as isomorphism of elements. © 2017 by the authors.

Berezinski P.,Military Communication Institute | Jasiul B.,Military Communication Institute | Szpyrka M.,AGH University of Science and Technology
Entropy | Year: 2015

Data mining is an interdisciplinary subfield of computer science involving methods at the intersection of artificial intelligence, machine learning and statistics. One of the data mining tasks is anomaly detection which is the analysis of large quantities of data to identify items, events or observations which do not conform to an expected pattern. Anomaly detection is applicable in a variety of domains, e.g., fraud detection, fault detection, system health monitoring but this article focuses on application of anomaly detection in the field of network intrusion detection.The main goal of the article is to prove that an entropy-based approach is suitable to detect modern botnet-like malware based on anomalous patterns in network. This aim is achieved by realization of the following points: (i) preparation of a concept of original entropy-based network anomaly detection method, (ii) implementation of the method, (iii) preparation of original dataset, (iv) evaluation of the method. © 2015 by the authors.

Mroczkowski P.,Military Communication Institute | Szmidt J.,Military Communication Institute
Fundamenta Informaticae | Year: 2012

In 2008 I. Dinur and A. Shamir presented a new type of algebraic attack on symmetric ciphers named cube attack. The method has been applied to reduced variants of stream ciphers Trivium and Grain-128, reduced variants of the block ciphers Serpent and CTC and to a reduced version of the keyed hash function MD6. Previously, a very similar attack named AIDA was introduced by M. Vielhaber, in 2007. In this paper we develop quadraticity tests within the cube attack and apply them to a variant of stream cipher Trivium reduced to 709 initialization rounds. Using this method we obtain the full 80-bit secret key. In this way it eliminates the stage of brute force search of some secret key bits which occured in previous cube attacks.

Hermanowski D.,Military Communication Institute
Proceedings - 2015 IEEE 2nd International Conference on Cybernetics, CYBCONF 2015 | Year: 2015

Nowadays, assuring security of computer systems becomes difficult due to the rapid development of IT technologies, even in household appliances. This article shows exemplary model of the IT security monitoring and management system. Proposed solution is aimed to collect security events, analyse them, assess the risk they bring and inform the administrator about them in order to take appropriate decision to mitigate potential security incident. This system is based on open source code toolset. This toolset was studied, tested and examined in the context of the whole system. These tools were configured and an additional code was developed in order to achieve synergy effect from adopting various techniques aimed at network monitoring and system security. © 2015 IEEE.

We present a new approach to modelling binary random sequences. We introduce a new concept of expected entropy which enables to explain us the problem that in practice the sample entropy never achieves its limit values. We show how to use the expected entropy to estimate the randomness of physically generated binary random sequences. Our theoretical analysis have been verified experimentally.

Jasiul B.,Military Communication Institute | Szpyrka M.,AGH University of Science and Technology | Sliwa J.,Military Communication Institute
Entropy | Year: 2014

The aim of this article is to present an approach to develop and verify a method of formal modeling of cyber threats directed at computer systems. Moreover, the goal is to prove that the method enables one to create models resembling the behavior of malware that support the detection process of selected cyber attacks and facilitate the application of countermeasures. The most common cyber threats targeting end users and terminals are caused by malicious software, called malware. The malware detection process can be performed either by matching their digital signatures or analyzing their behavioral models. As the obfuscation techniques make the malware almost undetectable, the classic signature-based anti-virus tools must be supported with behavioral analysis. The proposed approach to modeling of malware behavior is based on colored Petri nets. This article is addressed to cyber defense researchers, security architects and developers solving up-to-date problems regarding the detection and prevention of advanced persistent threats. © 2014 by the authors.

Borowski M.,Military Communication Institute
2016 International Conference on Military Communications and Information Systems, ICMCIS 2016 | Year: 2016

Assured security is the desirable feature of modern cryptography. A one-time pad cipher may be used to ensure perfect (unconditional) security. There are many ciphers and other cryptographic transformations, which are not perfect, but ensure conditional security adequate to needs. All cryptosystems require keys and other crypto materials. A hardware generator is the best source of random bit sequences used in production of keys for special cryptosystems. Military Communication Institute has developed a generator, which can produce binary random sequences with the potential output rate of 100 Mbit/s. It gives us the capability to build an efficient key generation equipment for cryptosystems rely on the OTP cipher, as well as for cryptosystems based on symmetric or asymmetric transformations, where many of relatively short keys are needed. © 2016 IEEE.

Kubiak I.,Military Communication Institute
Bulletin of the Polish Academy of Sciences: Technical Sciences | Year: 2016

Nowadays, when we have a strong presence of computers in our everyday lives the protection of electronically processed information using digital machines becomes very important. It is related to accidental formation of electromagnetic fields which distinctive features are intrinsically linked to the nature of processed information. Although many protective measures are taken - from technical to organisational - this phenomenon still poses a great threat. Therefore, methods supporting information protection against the so-called electromagnetic infiltration are still being developed. In addition, these methods would support security of data processing and perhaps replace some of the currently used solutions characterised by high costs of implementation, or a small degree of ergonomics. Conducted research deals both with an analogue VGA and digital DVI standards. The article presents the results of the research concerning possibilities of manipulating the level of video signal (black colour intensity) and its influence on the quality of displayed images, that is, on the effectiveness of electromagnetic infiltration. © 2016, Versita. All rights reserved.

Borowski M.,Military Communication Institute
2013 Military Communications and Information Systems Conference, MCC 2013 | Year: 2013

Most of modern cryptography primitives have no provably secure constructions. Their safety is defined on the basis of well-known in the given time cryptanalytic attacks. Moreover, the asymptotic nature of cryptographic definitions (and definitions of complexity theory in general) does not let us say anything about how hard it is to break a given cryptographic primitive for keys of a certain fixed length. Sponge constructions equipped with one ideal permutation and appropriate security parameters are suitable for building provably secure cryptographic primitives. The cryptographic primitives based on sponge and duplex constructions cover most symmetric crypto operations. © 2013 Military University of Technology.

Sliwa J.,Military Communication Institute | Jasiul B.,Military Communication Institute
Proceedings - IEEE Military Communications Conference MILCOM | Year: 2012

This article tackles the problem of supplying the low level commanders with information from information sources located on higher command levels, distributed using web services, the most commonly used technology in modern command and control systems. There has been proposed the Adaptation Framework For Web Services Provision (AFRO) that defines a mechanism for effective web services invocation in tactical networks, which are considered disadvantaged in terms of available throughput, delay and error rate. Its implementation, in the form of AFRO Proxy performs so called adaptation actions, which are modifications of the SOAP XML messages by changing their encoding to more efficient or dropping information that are accepted to be removed by the service requester. The proposed adaptation mechanism gives promising effects for low level commanders located at the battlefield. They can be supplied with information generally available on high command levels, which, up to now, were very rarely distributed to tactical networks. © 2012 IEEE.

Loading Military Communication Institute collaborators
Loading Military Communication Institute collaborators