Vladimir I. Gorodetski

SVD-Based Approach to Transparent Embedding Data into Digital Images

A new approach to transparent embedding of data into digital images is proposed. It provides a high rate of the embedded data and is robust to common and some intentional distortions. The developed technique employs properties of the singular value decomposition (SVD) of a digital image. According to these properties each singular value (SV) specifies the luminance of the SVD image layer, whereas the respective pair of singular vectors specifies image geometry. Therefore slight variations of SVs cannot affect the visual perception of the cover image. The proposed approach is based on embedding a bit of data through slight modifications of SVs of a small block of the segmented covers. The approach is robust because it supposes to embed extra data into low bands of covers in a distributed way. The size of small blocks is used as an attribute to achieve a tradeoff between the embedded data rate and robustness. An advantage of the approach is that it is blind. Simulation has proved its robustness to JPEG up to 40%. The approach can be used both for hidden communication and watermarking.

Attacks against computer network: formal grammar-based framework and simulation tool

The paper presents an approach and formal framework for modeling attacks against computer network and its software implementation on the basis of a multi-agent architecture. The model of an attack is considered as a complex process of contest of adversary entities those are malefactor or team of malefactors, on the one hand, and network security system implementing a security policy, on the other hand. The paper focuses on the conceptual justification of the chosen approach, specification of the basic components composing attack model, formal frameworks for specification of the above components and their interaction in simulation procedure. The peculiarities of the developed approach are the followings: (1) malefactors intention-centric attack modeling; (2) multi-level attack specification; (3) ontology-based distributed attack model structuring; (4) attributed stochastic LL(2) context-free grammar for formal specification of attack scenarios and its components (simple attacks); (5) using operation of formal grammar substitution for specification of multi-level structure of attacks; (6) state machine-based formal grammar framework implementation; (7) on-line generation of the malefactors activity resulting from the reaction of the attacked network security system.

Information Assurance in Computer Networks

The paper describes the design of a genetic classifier-based intrusion detection system, which can provide active detection and automated responses during intrusions. It is designed to be a sense and response system that can monitor various activities on the network (i.e. looks for changes such as malfunctions, faults, abnormalities, misuse, deviations, intrusions, etc.). In particular, it simultaneously monitors networked computer’s activities at different levels (such as user level, system level, process level and packet level) and use a genetic classifier system in order to determine a specific action in case of any security violation. The objective is to find correlation among the deviated values (from normal) of monitored parameters to determine the type of intrusion and to generate an action accordingly. We performed some experiments to evolve set of decision rules based on the significance of monitored parameters in Unix environment, and tested for validation.

Agent-Based Model of Computer Network Security System: A Case Study

The paper considers a multi-agent model of a computer networks security system, which is composed of particular autonomous knowledge-based agents, distributed over the hosts of the computer network to be protected and cooperating to make integrated consistent decisions. The paper is focused on an architecture, implementation and simulation of a case study aiming at exploration distinctions and potential advantages of using such an architecture for the computer network protection. The paper describes the conceptual model and architecture of the particular specialized agents and the system on a whole as well as implementation technology. Simulation scenario, input traffic model and peculiarities of the distributed security system operation are described. The major attention is paid to the intrusion detection task and agents interactions during detection of an attack against the computer network. The advantages of the proposed model of a computer networks security system are discussed.

BASIS: A Biological Approach to System Information Security

Advanced information security systems (ISS) play an ever-increasing role in the information assurance in global computer networks. Dependability of ISS is being achieved by the enormous amount of data processing that adversely affects the overall network performance. Modern ISS architecture is viewed as a multi-agent system comprising a number of semi-autonomous software agents designated to prevent particular kinds of threats and suppress specific types of attacks without burdening the network. The high efficiency of such a system is achieved by establishing the principles of successful individual and cooperative operation of particular agents. Such principles, evolved during evolution, are known to be implemented in biological immune systems. The aim of this paper is the exploration of the basic principles that govern an immune system and the potential implementation of these principles in a multi-agent ISS of a heterogeneous computer network.

Multi Agent System Development Kit

Recent research in area of multi-agent technology attracted a growing attention of both scientific community and industrial companies. This attention is stipulated by powerful capabilities of multi-agent technology allowing to create large scale distributed intelligent systems, and, on the other hand, by practical needs of industrial companies to possess an advanced and reliable technology for solving of practically important problems. Currently one of the topmost questions of the research is development of powerful methodologies for engineering of agent-based systems and development of more effective and efficient tools supporting implementation of applied systems. The paper presents one of such tools, Multi Agent System Development Kit, based on and implementing of Gaia methodology. It supports the whole life cycle of multi-agent system development and maintains integrity of solutions produced at different stages of the development process.

Ontology-Based Multi-Agent Model of an Information Security System

The paper is focused on a distributed agent-based information security system of a computer network. A multi-agent model of an information security system is proposed. It is based on the established ontology of the information security system domain. Ontology is used as a means of structuring distributed knowledge, utilized by the information security system, as the common ground of interacting agents as well as for the agent behavior coordination.

Integrated Multi-Agent Approach to Network Security Assurance: Models of Agents' Community

In this paper, an integrated multi-agent approach to construction of Network Security System (NSS) is considered. The NSS consists of a multitude of specialized intelligent agents that are distributed over the computer network. The architecture of the NSS is outlined. Emphasis is given to a description of the operation and learning mechanisms implemented in the security agents.

Key Distribution Protocol Based on Noisy Channel and Error Detecting Codes

Secret key agreement based on noisy channel connecting parties and on public discussion has been considered in [1-4] for asymptotic case. Extension of the information-theoretically secure key sharing concept to non- asymptotic case was given in [5]. In the last paper several channel transform protocols (corresponding to different algorithms of public discussion) were presented. Unfortunately the efficiency of these protocols was very low in comparison with asymptotic key capacity found in [1]. The reason of this was that these protocols do not use a redundancy efficiently. One of the considered protocols (the so-called advantage to the main channel primitive) exploits a repetition of binary symbols only. It may be much better to use linear error detecting codes, that is just a subject of consideration in the current paper. We regain the main formulas to compute Renyi entropy which is necessary to bound the information about the final key leaking to an eavesdropper after execution of such modificated protocol. The use of this protocol causes an increase in the key-rate by several times, that is very important in practical implementations of key sharing procedures.