Персона: Когос, Константин Григорьевич
Загружается...
Email Address
Birth Date
Научные группы
Организационные подразделения
Организационная единица
Институт интеллектуальных кибернетических систем
Цель ИИКС и стратегия развития - это подготовка кадров, способных противостоять современным угрозам и вызовам, обладающих знаниями и компетенциями в области кибернетики, информационной и финансовой безопасности для решения задач разработки базового программного обеспечения, повышения защищенности критически важных информационных систем и противодействия отмыванию денег, полученных преступным путем, и финансированию терроризма.
Статус
Фамилия
Когос
Имя
Константин Григорьевич
Имя
9 results
Результаты поиска
Теперь показываю 1 - 9 из 9
- ПубликацияТолько метаданныеTouch and Move: Incoming Call User Authentication(2019) Eremin, A.; Kogos, K.; Valatskayte, Y.; Когос, Константин Григорьевич© 2019, Springer Nature Switzerland AG.This paper presents two methods of implicit authentication during answering an incoming call based on user behavior biometrics. Such methods allow to increase usability of authentication against common PIN or graphical password. Also, a concept of authentication system based on presented methods is proposed. The paper shows that user’s touch dynamics and movement of the hand towards the ear when accepting the call provide all necessary information for authentication and there is no need for user to enter a PIN or graphical password.
- ПубликацияТолько метаданныеContinuous authentication of smartphone users via swipes and taps analysis(2019) Garbuz, A.; Epishkina, A.; Kogos, K.; Епишкина, Анна Васильевна; Когос, Константин Григорьевич© 2019 IEEE.Nowadays, smartphones are used for getting access to sensitive and private data. As a result, we need an authentication system that will provide smartphones with additional security and at the same time will not cause annoyance to users. Existing authentication mechanisms provide just a one-time user verification and do not perform re-authentication in the process of further interaction. In this paper, we present a continuous user authentication system based on user's interaction with the touchscreen in conjunction with micromovements, performed by smartphones at the same time. We consider two of the most common types of gestures performed by users (vertical swipes up and down, and taps). The novelty of our approach is that swipes and taps are both analyzed to provide continuous authentication. Swipes are informative gestures, while taps are the most common gestures. This way, we aim to reduce the time of impostors' detection. The proposed scheme collects data from the touchscreen and multiple 3-dimensional sensors integrated in all modern smartphones. We use One-Class Support Vector Machine (OSVM) algorithm to get a model of a legitimate user. The obtained results show that the proposed scheme of continuous authentication can improve smartphone security.
- ПубликацияТолько метаданныеMobile user authentication using keystroke dynamics(2019) Frolova, D.; Epishkina, A.; Kogos, K.; Епишкина, Анна Васильевна; Когос, Константин Григорьевич© 2019 IEEE.Behavioral biometrics identifies individuals according to their unique way of interacting with computer devices. Keystroke dynamics can be used to identify people, and it can replace the second factor in two-factor authentication. This paper presents a keystroke dynamics biometric system for user authentication in mobile devices. We propose to use data from sensors of motion and position as features for the biometric system to improve the quality of user recognition. The proposed novel model combines different anomaly detection methods (distance-based and density-based) in an ensemble. We achieved the average EER of 8.0%. Our model has a retraining module that updates the keystroke dynamics template of a user each time after a successful authentication in the system. All the process of training and retraining a model and making a decision is made directly on a mobile device using our mobile application, as well as keystroke data is stored on a device.
- ПубликацияТолько метаданныеTiming covert channels detection cases via machine learning(2019) Epishkina, A.; Finoshin, M.; Kogos, K.; Yazykova, A.; Епишкина, Анна Васильевна; Финошин, Михаил Александрович; Когос, Константин Григорьевич© 2019 IEEE.Currently, packet data networks are widespread. Their architectural features allow constructing covert channels that are able to transmit covert data under the conditions of using standard protection measures. However, encryption or packets length normalization, leave the possibility for an intruder to transfer covert data via timing covert channels (TCCs). In turn, inter-packet delay (IPD) normalization leads to reducing communication channel capacity. Detection is an alternative countermeasure. At the present time, detection methods based on machine learning are widely studied. The complexity of TCCs detection based on machine learning depends on the availability of traffic samples, and on the possibility of an intruder to change covert channels parameters. In the current work, we explore the cases of TCCs detection via.
- ПубликацияТолько метаданныеOn Way to Simplify the Reverse Engineering of UEFI Firmwares(2020) Lebedev, P.; Kogos, K.; Vasilenko, E.; Когос, Константин Григорьевич© 2020, Springer Nature Singapore Pte Ltd.In this paper authors introduce an algorithm to simplification of UEFI firmware reverse engineering via limiting the amount of code examined on Intel-based systems, which is based on proprietary UEFI protocols searching. The provided implementation of the algorithm is tested on few platforms that are Gigabyte BRIX, Razer Blade Stealth and Intel NUC based on 7th Generation Intel(R) Processor Families. As a result, UEFI modules that contain references to proprietary protocols were defined.
- ПубликацияТолько метаданныеNew Approach in the Rainbow Tables Method for Human-Like Passwords(2020) Alpatskiy, M. A.; Borzunov, G. I.; Epishkina, A. V.; Kogos, K. G.; Борзунов, Георгий Иванович; Епишкина, Анна Васильевна; Когос, Константин Григорьевич© 2020 IEEE.This paper represents a new approach to rainbow tables, a method of password recovery that was originally developed by Martin E. Hellman and then improved by P. Oechslin, so most of its implementations use Oechslin's modification. An improvement represented in this work mostly lies in the reduction function, which uses character statistics to generate more human-like passwords. Though it generates passwords 5 to 10 times slower than reduction function, which uses direct dependency between hash bytes and the inserted characters, it significantly increases common efficiency in memory (8 to 30 times less memory needed to store these tables) and successful human-like passwords recovery probability, while these tables are generated by the same time as tables with the use of random reduction function.
- ПубликацияТолько метаданныеInternet Users Authentication via Artificial Intelligence(2020) Kogos, K. G.; Finoshin, M. A.; Gentyuk, V. A.; Когос, Константин Григорьевич; Финошин, Михаил Александрович© 2020, Springer Nature Switzerland AG.The number of Internet users increases and the Internet is part of people’s daily lives, as a result, the behavior of the user becomes free and informal. This is the basis of the assumption that the manner of user actions on the Internet has become a factor that can be used by authentication using artificial intelligence. In turn, existing works related to users’ web browsing behavior-based authentication with using machine learning do not analyze some important behavioral user’s characteristics, such as patterns of behavior or user behavior on a frequently visited resource. It causes to suggest own features and check their contribution to the accuracy of the system. The aim of this work is to study the possibility of introducing a map of clicks, bigrams, trigrams of frequent web pages and their domains, evaluation of the contribution of added features. In this work, we replace the web pages’ genre classification by domain classification and don’t take into account the spikes in views. We have created a system based on artificial intelligence. As a work result, we have shown a significant improvement in the accuracy of the system using the click map and a slight improvement in the use of bigrams and trigrams.
- ПубликацияТолько метаданныеArtificial Intelligence to Detect Timing Covert Channels(2020) Yazykova, A.; Finoshin, M.; Kogos, K.; Финошин, Михаил Александрович; Когос, Константин Григорьевич© 2020, Springer Nature Switzerland AG.The peculiarities of the batch data transmission networks make it possible to use covert channels, which survive under standard protective measures, to perform data leaks. However, storage covert channels can be annihilated by means of limiting the flow capacity, or by use of encryption. The measures against storage covert channels cannot be implemented against timing covert channels (TCCs), otherwise their usage has to be conditioned by certain factors. For instance, while packet encryption an intruder still possesses the ability to covertly transfer the data. At the same time, normalization of inter-packet delays (IPDs) influences the flow capacity in a greater degree than sending fixed-length packets does. Detection can be called an alternative countermeasure. At the present time, detection methods based on artificial intelligence have been widespreadly used, however the possibility to implement these methods under conditions of a covert channel parametrization has not been investigated. In the current work, we study the possibility to implement artificial intelligence for detecting TCCs under conditions of varying covert channel characteristics: flow capacity and encoding scheme. The detection method is based on machine learning algorithms that solve the problem of binary classification.
- ПубликацияТолько метаданныеContinuous Authentication Over Hand-Waving for Android Smartphones(2020) Filina, A. N.; Kogos, K. G.; Когос, Константин Григорьевич© 2020, Springer Nature Switzerland AG.In this paper we propose a method of continuous authentication based on micromovements of the hand of mobile user. It shows good accuracy: on average, 4 movements are enough to understand who is using the device: a legitimate user or a violator. Our method has been tested on various devices, and applicability in conditions of limited training sample and in absence of some sensors in the smartphone has been proved. The proposed method can be used as an independent method of continuous authentication, or as an additional method, in combination with other methods of user recognition like passwords or PINs.