https://tacs.ipt.kpi.ua/issue/feedTheoretical and Applied Cybersecurity2025-08-11T22:56:02+00:00Dr. Prof. Oleksii Novikovtacs.journal@gmail.comOpen Journal Systems<p>"Theoretical and Applied Cybersecurity" journal is the scientific publication of the National Technical University of Ukraine "Igor Sikorsky Kyiv Polytechnic Institute". The publication unveils the results of the latest scientific research on the theory and practice of providing cybersecurity and cyber protection of its objects in cyberspace. The greatest attention is paid to research based on the use of modern mathematical methods and information technologies.</p>https://tacs.ipt.kpi.ua/article/view/333440Stealthy cyberattacks on control systems using an adaptive soft-constrained optimization method2025-06-24T10:26:23+00:00Iryna Styopochkinairyna.styopochkina@gmail.comOleksii Novikovo.novikov@kpi.uaMykola Ilinm.ilin@kpi.uaVolodymyr Duduladenkoduduladenko.volodymyr@lll.kpi.ua<p>This paper presents a novel approach for designing stealthy cyberattacks on automated control systems of critical infrastructure. The core idea lies in employing an adaptive soft-constrained optimization method, which simultaneously maximizes the impact functional of the attacker while keeping the attacked trajectory within the invisibility range of a standard fault detection mechanism. The proposed approach is based on a variational problem formulation, the construction of adjoint equations, and a gradient-based procedure with dynamic penalty parameter updates. Numerical simulation is conducted on a second-order test dynamic system. The results demonstrate the algorithm's effectiveness and convergence, as well as the feasibility of generating a controlled attack that successfully bypasses WLS-based detection methods. The method can be used to test the resilience of industrial systems to cyber threats through security scenario modeling.</p>2025-08-11T00:00:00+00:00Copyright (c) 2025 Iryna Stopochkina, Oleksii Novikov, Mykola Ilin, Volodymyr Duduladenkohttps://tacs.ipt.kpi.ua/article/view/329957Modeling competing artificial intelligence systems for energy and users2025-05-16T12:31:34+00:00Dmitry V. Landedwlande@gmail.comYuriy Danykzhvinau@ukr.net<p>The article addresses the problem of modeling competition between two artificial intelligence systems (AI-1 and AI-2) that interact within a shared environment under limited resources such as users and energy. The study focuses on analyzing the strategic behavior and adaptability of these systems, as well as their impact on competitive outcomes through mathematical models and methods, including differential equations, the Lancaster model, and Boyd cycles (OODA-loop). Special attention is given to formalizing the interaction of systems using basic primitives ("Condition," "Loop," "Function") and their compositions, enabling the description of complex behavioral strategies of AI systems. The paper presents a detailed mathematical formalization of the dynamics of user and energy distribution between systems, taking into account factors such as user satisfaction, response accuracy, query processing speed, and energy efficiency. The research also includes numerical calculations and simulations demonstrating how initial conditions and system parameters influence competitiveness. The proposed models can be applied for predicting AI system behavior in real-world scenarios such as information campaigns, cyber conflicts, and resource optimization in digital environments.</p>2025-08-11T00:00:00+00:00Copyright (c) 2025 Dmitry V. Landehttps://tacs.ipt.kpi.ua/article/view/323317LoRaWAN network security and efficiency: practical tips and recommendations2025-02-20T15:06:01+00:00Alina Yankoal9_yanko@ukr.netViktor Krasnobaevv.a.krasnobaev@gmail.comStanislav Honcharenkotodd.stas@gmail.com<p>Актуальність дослідження полягає в тому, що у сучасному світі, підхід Інтернет речей IoT (Internet of Things – IoT) набуває все більшого поширення, а технологія LoRaWAN (Long Range Wide Area Network) є однією з ключових для побудови LPWAN (Low Power Wide Area Network) мереж, що забезпечують зв'язок на великій відстані з низьким енергоспоживанням. Зростаюча популярність LoRaWAN зумовлює необхідність забезпечення безпеки передачі даних, стійкості до атак та оптимізації параметрів мережі для досягнення максимальної ефективності. </p> <p>Для досягнення поставленої мети дослідження використано комплексний методологічний підхід, який включає аналіз існуючих рішень та рекомендацій щодо безпеки та оптимізації LoRaWAN мережі та обладнання. Важливим елементом дослідження є вивчення актуальної документації LoRa Alliance, яка містить детальний опис найкращих практик та підходів до використання LoRaWAN. Ця документація базується на практичному досвіді, отриманому LoRa Alliance від користувачів мережі та операторів, що дозволяє врахувати різноманітні аспекти використання технології та забезпечити її ефективність та безпеку. Дослідження також включає аналіз наукових публікацій та практичного досвіду користувачів для отримання більш глибокого розуміння проблем та можливостей LoRaWAN. </p> <p>Основною метою дослідження була розробка рекомендацій та практичних рішень щодо підвищення безпеки передачі даних, стійкості до атак на LoRaWAN мережу, оптимізації швидкості передачі даних та налаштувань обладнання (кінцевий пристрій користувача та LoRaWAN Gateway), а також забезпечення відповідності рекомендаціям LoRa Alliance на основі аналізу існуючих рішень. Завданням є використання LoRaWAN мережі відповідно до офіційних рекомендацій LoRa Alliance що задовільняють усім сучасним вимогам та викликам безпеки. </p> <p>Дослідження показали, що ефективне використання LoRaWAN потребує комплексного підходу до забезпечення безпеки, який включає використання сучасних методів шифрування, аутентифікації та авторизації, а також постійний моніторинг та аналіз трафіку мережі для виявлення та запобігання можливим загрозам. Оптимізація швидкості передачі даних досягається шляхом правильного налаштування параметрів обладнання, вибору оптимальної швидкості передачі та врахування особливостей конкретного застосування. </p> <p>Дотримання рекомендацій від LoRa Alliance у побудові та використанні LoRaWAN є критично важливим для забезпечення сумісності обладнання різних виробників, досягнення високої якості зв'язку та забезпечення безпеки мережі.</p>2025-08-11T00:00:00+00:00Copyright (c) 2025 Alina Yanko, Viktor Krasnobaev, Stanislav Honcharenkohttps://tacs.ipt.kpi.ua/article/view/329565A method for assessing risk with accounting for the structure of threat and vulnerability relationships in a complex system2025-05-13T15:45:46+00:00Viktoriia Igorivna Polutsyhanovamedvika@ukr.net<p>The article presents a novel approach to risk assessment in complex information systems, which takes into account the structural relationships between threats, vulnerabilities, and system components. The primary focus is on developing a formalized model that enables the construction of a <strong data-start="479" data-end="501">simplicial complex</strong> of dependencies among potential threats and vulnerabilities, as well as identifying their impact pathways on the integrity, availability, and confidentiality of the system. The use of a simplicial complex model is proposed to represent these interconnections and to determine critical nodes that are most vulnerable to compound attacks. The methodology allows for quantitative risk evaluation by calculating threat levels, the probabilities of vulnerability exploitation, and their impact on the system. A key feature of the approach is the consideration of not only individual vulnerabilities but also their interactions, which significantly enhances the accuracy of risk assessment. The results of modeling and applied analysis confirm the effectiveness of the proposed method in identifying the most critical security elements and in justifying protection priorities under limited resource conditions. The proposed method can be integrated into information security management systems to improve the protection level of complex technical infrastructures.</p>2025-08-11T00:00:00+00:00Copyright (c) 2025 Viktoriia Igorivna Polutsyhanovahttps://tacs.ipt.kpi.ua/article/view/332340Estimation of the Probability of Success of a Suppression Attack2025-06-10T22:03:27+00:00Anton Vykhloantonvykhlo@gmail.comLyudmila Kovalchuklusi.kovalchuk@gmail.com<p>This work presents the results of research on suppression attacks, which are a specific case of frontrunning attacks. We provide a formal step-by-step algorithm for executing the attack, along with a mathematical model and explicit analytical formulas for calculating an upper bound on the success probability of such an attack with numerical examples.<br>This study continues the research presented in [1], which investigated insertion and displacement attacks.</p>2025-08-11T00:00:00+00:00Copyright (c) 2025 Anton Vykhlo, Lyudmila Kovalchukhttps://tacs.ipt.kpi.ua/article/view/327873Mitigating the impact of cyber attacks suach a load altering attacks2025-04-25T14:27:01+00:00Vladyslav Lychyklychyk.vlad@lll.kpi.uaLeonid Galchynskyhleonid@gmail.comDaria Kosarykkosdar-ipt24@lll.kpi.ua<p>Modern power systems are constantly exposed to cyberattacks that threaten to disable them and cause serious damage and even destruction. The cyber threat factor is nowadays on a par with such traditional threats as natural disasters, fires, and other destructive phenomena. Therefore, cyber threats raise the question of considering protection against them as a factor of power system sustainability necessary for survival, which should now be considered in the context of cyber resilience. This paper considers the issue of finding a solution to mitigate the harmful effects on the power system of one of the types of cyberattacks, namely, Load Altering Attacks (LAA). The danger of such an attack is that, taking advantage of the weak protection of a large number of IoT clients, an attacker can conduct a coordinated attack on a large number of compromised clients and suddenly change the load in the power grid. As a result, not only users will suffer, but also the basic equipment of the power grid itself, in particular, power generators. This paper proposes a solution that, by optimizing the regulator mode of the power generator, can significantly mitigate the harmful effects of LAA attacks.</p>2025-08-11T00:00:00+00:00Copyright (c) 2025 Vladyslav Lychyk, Leonid Galchynskyhttps://tacs.ipt.kpi.ua/article/view/332345Refined Method of Impossible Differentials Search with Application to Kalyna-Like Ciphers2025-06-11T11:30:04+00:00Andrii Turchynturchyn.andrew@gmail.comSerhii Yakovlievyasv@rl.kiev.ua<p>This work addresses the problem of evaluating the security of block ciphers against impossible differential cryptanalysis, with a particular focus on Kalyna-like ciphers. Based on formalized methods—specifically the Wu-Wang method—this work introduces refined rules tailored to AES- and Kalyna-like ciphers. These refinements simplify compatibility checks by replacing large systems of linear equations with computationally efficient conditions. Experimental results have identified several classes of impossible differentials for three-round versions of certain Kalyna cipher variants, thereby demonstrating the security of full-round ciphers against this method of cryptanalysis.</p>2025-08-11T00:00:00+00:00Copyright (c) 2025 Андрій Турчин, Сергій Яковлєвhttps://tacs.ipt.kpi.ua/article/view/328302Image steganography – classic and promising methods: a study2025-04-29T15:57:55+00:00Ivan Kazmidiivkaz-ipt22@lll.kpi.uaVitaly Zubokvitaly.zubok@lll.kpi.ua<p>Steganography, the art and science of hiding information within digital media, remains a dynamic and increasingly vital discipline in the age of pervasive digital communication and cybersecurity threats. Images, in particular, serve as highly adaptable carriers for covert data due to their ubiquity and rich payload capacity. This paper presents a comprehensive classification of image-based steganographic techniques, surveying both time-tested methods (e.g., LSB modification, wavelet transform) and cutting-edge approaches. We highlight how artificial intelligence—through deep learning models, generative adversarial networks, and AI-driven compression/enhancement—can greatly improve embedding robustness and evasion of detection. Furthermore, we explore the nascent frontier of quantum steganography, leveraging superposition, entanglement, and quantum key distribution to achieve unprecedented levels of security. Finally, we outline promising research directions that fuse classical methods with next-generation AI and quantum technologies, setting the agenda for the next wave of advances in secure information hiding.</p>2025-08-11T00:00:00+00:00Copyright (c) 2025 Ivan Kazmidi, Vitaly Zubokhttps://tacs.ipt.kpi.ua/article/view/326898Lightweight Cryptography in UAV systems2025-04-14T12:58:18+00:00Maksym Skorobahatkomaksym.skorobahatko@protonmail.comAndrii Voitsekhovskyia.voitsekhovskyi@kpi.ua<p>The development and adoption of lightweight cryptographic algorithms have become increasingly important due to the growing volume of data transmitted by unmanned aerial vehicles (UAVs) and other unmanned systems. These systems demand security solutions that are both efficient and resource-conscious. Lightweight cryptography offers a promising balance of performance, low energy consumption, and implementation simplicity. In this paper, we present the first comparative analysis specifically focused on lightweight cryptographic algorithms for UAVs, assessing their suitability for real-time control and data protection in resource-constrained environments. A key contribution of our work is a practical experiment measuring processor load, memory usage, and energy consumption of selected algorithms on drone hardware. The results provide a clear evaluation of each algorithm’s effectiveness and efficiency under realistic operating conditions.</p>2025-08-11T00:00:00+00:00Copyright (c) 2025 Iryna Stopochkina, Maksym Skorobahatko, Andrii Voitsekhovskyihttps://tacs.ipt.kpi.ua/article/view/322299Intrusion detecting systems and blockchain technology2025-02-04T15:47:17+00:00Eduard Sikolenkosikolenko.eduard@lll.kpi.ua<p class="AbstractText" style="margin: 0cm -2.6pt .0001pt 0cm;"><span lang="EN-US" style="font-size: 11.0pt;">In this article, the information about intrusion detection systems and intrusion </span><span lang="EN-US">prevention</span><span lang="EN-US" style="font-size: 11.0pt;"> systems was analyzed. General information, differences, main advantages and disadvantages of intrusion detection and prevention systems were described.</span></p> <p class="AbstractText" style="margin: 0cm -2.6pt .0001pt 0cm;"><span lang="EN-US" style="font-size: 11.0pt;">The blockchain technology was analyzed as well. The main information on the blockchain technology was shown: the history of creation, sphere of application, working principle, potential threats and specifics of consensus mechanism.</span></p> <p class="AbstractText" style="margin: 0cm -2.6pt .0001pt 0cm;"><span lang="EN-US" style="font-size: 11.0pt;">Based on the information given, it is planned to apply the blockchain technology in intrusion detection systems to increase the level of security.</span></p>2025-08-11T00:00:00+00:00Copyright (c) 2025 Eduard Sikolenkohttps://tacs.ipt.kpi.ua/article/view/332175Construction of secure direct communication protocols in the topological quantum computing model2025-06-09T16:31:16+00:00Andrii Fesenkoa.fesenko@kpi.uaAnastasia Zatsarenkoanazac-ipt23@lll.kpi.ua<p>This paper presents an implementation of the six-state quantum key distribution protocol and the<br />LM05 quantum secure direct communication protocol based on anyonic systems. We consider the<br />representation of logical qubits and operations of the protocol through the manipulation of abelian<br />anyons of the Kitaev model and non-abelian Fibonacci anyons. A comparative analysis of the anyonic<br />implementations with the classical photonic approach is carried out in terms of key characteristics such<br />as accuracy, stability, and complexity. The advantages and experimental challenges of anyonic platforms<br />for quantum information exchange are discussed.</p>2025-08-11T00:00:00+00:00Copyright (c) 2025 Andrii Fesenko, Anastasia Zatsarenkohttps://tacs.ipt.kpi.ua/article/view/328265A Review of modern methods for steganalysis and localization of embedded data in digital images2025-04-28T15:46:24+00:00Pavlo Yatsurayatsura.pvl@gmail.comDmytro Progonovprogonov@gmail.com<p class="AbstractText" style="margin: 0cm -2.6pt .0001pt 0cm;"><span lang="EN-US" style="font-size: 11.0pt;">The article provides a systematic review of modern steganalysis methods for digital images based on artificial neural networks. The primary stages of development of advanced cover-image models, from widely used artificial neural networks to contemporary hybrid models, are considered. Advantages and limitations of various types of neural networks for constructing stegodetectors for digital images are investigated. Based on comparative analysis of steganalysis accuracy, it is established that the use of advanced artificial neural networks achieves a detection accuracy of steganograms exceeding 90%, even at low embedding rates (less than 20%). Additionally, applying complex methods of processing both examined images, and feature vectors in multidimensional spaces with studied neural networks allows reducing the computational complexity of configuring stegodetectors without significant losses in stego images detection accuracy.</span></p>2025-08-11T00:00:00+00:00Copyright (c) 2025 Pavlo Yatsura, Dmytro Progonov