informatics
R. Ivanov. Automatic Beacon Deployment for Indoor Localization

Key Words: Beacon deployment; indoor localization; Indoor Positioning Systems.

Abstract. Localization of visitors in public buildings is a key technology to create accessible environments using location-based services. The usability of these services and the satisfaction of their clients depend on the accurate calculation of the position of visitors. This is most often realized using wireless sensor networks. The localization accuracy depends on a number of factors, one of which is the deployment of the sensor nodes. This is a complex task, which is most often realized by experts. In this article, we offer a complete solution for creating systems for indoor localization, which includes: (1) Algorithm for fast partitioning of the building components into non-overlapping rectangles; (2) Algorithm for sensor nodes deployment based on the geometry of the rectangles obtained; and (3) Algorithm for optimizing the sensor nodes placement taking into account the connectivity between the building components (rooms and corridors), as well as the static objects, which are obstacles for radio signals. Numerous experiments have been implemented in stimulating and real environments, which prove the applicability of the proposed solution.

Read More

informatics
P. Vasilev, V. Sindrakovska. Relations between Standards IEC/EN 62264 and RAMI 4.0

Key Words: RAMI 4.0; IEC/EN 62264; asset; communication and presentation capabilities; activity; scheduling; model; web services; B2MML.

Abstract. The Reference Architectural Model for Industry (RAMI) 4.0 tends to unify the efforts for rapid development of new technologies of the information and communication technology sector by stating definitions of an asset and its role in the cyber-physical world with the use of presentation and communication functions applied to the asset. Furthermore, the standard describes how an asset should interact with the cyber-physical world. In order to introduce the asset as a conceptual fundament, the standard RAMI 4.0 extends the Equipment hierarchy model of another standard – IEC/EN 62264, which is well known and applied as an architectural framework within software integration projects of various information systems. The differences between, are that in IEC/EN 62264, a physical asset model corresponds to the equipment model, whereas the RAMI 4.0 states that an asset may present even a Product or Connected World (Cyber-Physical World). The introduced extension is necessary because th perspective of the two standards is different. IEC/EN 62264 defines objects and models for integration, in which a Product, as an abstraction of “what should be made?” is a part of Product Definition Model (Operations Definition Model), and when it is physically performed “what is actually made?”, it is a part of Material Model. As such, the objects “carrying” the integration information are different. The Connected world also is an asset in RAMI 4.0, because it has value for a company, while the whole subject of the IEC/EN 62264 standard is to integrate information systems, thus achieving “Connected World”. This is why the standard IEC/EN 62264 should be considered as a “roadmap” for the cyber-physical transformation of the RAMI 4.0 standard. The aim of the article is to discuss the importance and the assumption of non-implicit relations between the two standards as well as the concept for development of RAMI 4.0 administration shell based on IEC/EN 62264 architecture.

Read More

informatics
R. Kaltenborn. Integration in Educational Systems Extended with Artificial Intelligence – Based Technologies

Key Words: Artificial intelligence; intelligent learning system; integration; learning technologies; optimization; system of systems.

Abstract. The main problems related to the integration of diverse functional elements of advanced intelligent learning systems are considered. It is shown that the integration of the elements in the learning process is a complex multilayered process due to the great variety and complexity of the ongoing basic processes – cognitive, pedagogical, technological, social and interpersonal. It is emphasized that the need for the integration process to be solved as a multifactor optimization data-driven problem and the use of modern techniques in the field of artificial intelligence – machine learning, pattern recognition, natural language processes, network management.

Read More

informatics
P. Petrov, G. Kostadinov, P. Zhivkov, V. Velichkova, T. Balabanov. Approximated Sequences Reconstruction with Genetic Algorithms

Кey Words: Reconstruction; sequencing; genetic algorithms.

Abstract. Sequences reconstruction is a problem often met in many research areas. The core of this problem is how to recreate a full sequence of ordered information when only chunks of it are known.
Sequence reconstruction is applied in fields like genetics, cryptography and encoding. In this research, an approximate reconstruction of sequences is proposed, which is applied in the gambling industry for reverse engineering of slot machine virtual reels. The importance of this problem is related to the control of gambling games parameters by law regulators. The problem in this research has a combinatorial nature. The analyzed sequences are taken from commercial slot machine games. When the gambler spins the virtual reels he/she does not know how symbols are distributed on the reels. The gambler sees only small parts of the reels when they are stopped. By observing the game for a long enough time the gambler can record these small parts of the reels observer on the screen.
Collecting enough information the gambler can try to reconstruct all positions of the symbols on the virtual reels. Such reconstruction is not trivial, because there is too much unknown information. If there are absolutely identical repeating patterns on the virtual reels the gambler can not find this out by just observing small chunks.
Reverse engineering is commonly used during the analysis of slot machine gambling games. There are many approaches such reverse reconstruction to be done. In most cases, the goal of the engineers is to reconstruct the virtual reels completely. The reconstruction is similar to puzzle solving by attaching each observed piece with a proper corresponding one. Such reconstruction is not always possible because in some cases there is more than one way of connecting the observed pieces. The contribution of this study is related to the approximate reconstruction of the sequences. It does not give a direct solution to the reconstruction problem. Instead of this, it gives an approximate solution. The goal is a little bit changed from the exact reconstruction of the virtual reels to the construction of such reels which will give close behavior of the slot machine gambling game if they are loaded inside the machine instead of the original reels. The innovative approach is that the search for a sub-optimal solution is done in the space of the chunks instead of in the space of the sequences. The proposed approximate reconstruction is approved by experiments with real industrial data.

Read More

informatics
V. Dimitrov, K. Kolev. Development of a Browser Based Strategy Game Application

Кey Words: Kinvey; JavaScript; jQuery; HTML; CSS.

Abstract. The proposed application discussed in the present article is a browser based strategy game. The programmable languages and tools used for its development including JavaScript, jQuery, HTML, CSS, Kinvey, Sublime Text, etc. The application is build using the 3-Tier Software Architecture. Some of the benefits of this architecture are scalability, speed of development, performance, availability, etc.

Read More

informatics
Y. Aleksieva, H. Valchanov. Botnet Detection System Based on Genetic Algorithms

Key Words: Botnet attacks; DoS attacks; intrusion detecting system; genetic algorithms.

Abstract. One of the most common attacks against information security is Botnet. Recognizing such attacks requires the development of effective security systems. Intrusion detection systems collect information from different sources in computer systems and networks. For most systems, this information is compared to predefined patterns of abuse to identify attacks and vulnerabilities. Much of the existing host-based systems for botnet detection use techniques based on anomalies or rules. This paper presents some aspects of the implementation of a host-based botnet attack detection system. The system uses an anomaly detection technique based on a genetic algorithm.

Read More

informatics
V. Aleksieva, A. Hulian. Crypto-token Based on Smart-contract of Ethereum Blockchain

Key Words: Ethereum; block chain; smart contract; crypto-token; crypto-currency.

Abstract. The proposed paper realized a smart contract based on Ethereum blockchain. The decentralized crypto-token is created for Initial Coin Offering (ICO) and based on ERC20 standard. A web-based interface is created for sale of these crypto-tokens. The results from experimental tests are presented.

Read More

informatics
E. Otsetova-Dudin, I. Kurtev. ModSecurity Rules for Web-Server Protection

Key Words: ModSecurity; HTTP; OWASP; Web Application; Firewall.

Abstract. The security of the information in the contemporary dynamic and information world is by priority importance. Every day the entire world alarms for different in their nature and object hacker’s attacks. The damages of those attacks are as well fiscal and moral. The most popular attacks against the web-applications are those with causing service denial (Denial of Service – DoS), the blocking of the functioning of different sites or entire systems. Protection opportunities of web-servers, functioning in real time of OWASP (Open Web Application Security Project) are presented in that material. The module ModSecurity provides a set of protection rules, based on control of the ingoing and outgoing traffic from the point of view of the server

Read More

informatics
K. Dimitrov. Analysis of the Information Security in WLAN Standards IEEE 802.11

Key Words: Wireless LAN (WLAN) security; WEP; RC4; IEEE 802.11; IEEE 802.1X; IEEE 802.11i; WPA; TKIP; WPA2; AES; CCMP; KRACK attack.

Abstract. On the basis of extensive research in the specialized literature, a critical analysis of information security protocols in the standards for IEEE 802.11 wireless LAN (WLAN, WiFi) has been carried out. Finally, some conclusions and recommendations are made. The first WLAN security protocol – WEP is extremely insecure and should not be used. Due to the inherited vulnerabilities of WEP and the fact that some parts of TKIP (such as the Michael function) have some security deficiencies, WPA has already exhausted its role as a temporary WEP fix for legacy hardware and is not recommended. Despite the mathematically proven cryptographic security of the AES standard in CBC mode, a weakness in the cryptographic key management process makes it vulnerable and leads to a security breach of WPA2 in October 2017. Although the vulnerability is removable by patch, probably a lot of WiFi-Devices have not been updated, which puts users at risk. In addition, despite updates of the firmware and recommendations from information security professionals to circumvent and/or block the protocol breach, reports emerged in October 2018 that the vulnerability to KRACK was still being exploited.

Read More

informatics
L. Boyanov. Data Communications in Internet of Things – Approaches and Protocols

Key Words: Internet of Things; data transmission; communication protocols; big data.

Abstract. Communication models and protocols in Internet of Things (IoT) are relatively new field of research and use due to the fact, that connecting objects by digital means in Internet has occurred only in the last decade. However, the rapid grow of applications of this paradigm in almost all areas of human activity has led to enormous volume of data generated from all kind of sources (things) and transmitted all over the global digital network. This, in turn, has led to the creation of new models and protocols for data transmission in IoT. The paper gives an overview of the main approaches / models for communication in IoT. The requirement for scalability and simplicity is amongst the most important when IoT and Big data are involved. Four models are presented – the Push, Request/Response, Subscribe/Notify and Publish/Subscribe. A classification and layered approach is made for protocols used in IoT. Three of the most widely used for data transmission in IoT are taken for further investigation – MQTT, CoAP and AMQP. They are compared in terms of bandwidth, overhead, size of transmitted data, reliability and security. Then are compared with HTTP, which is well known and widely used on the Internet. The conclusions are that the most popular model for IoT and Big data communication is the Publish/Subscribe one, whether in regard to the use and recommendation for data protocol, one cannot point a clear leader at present (unlike the protocols in the TCP/IP stack for Internet), so there is the tendency that for the time being, different data protocols will be used in different IoT and Big data applications.

Read More

informatics
P. Petrov, G. Kostadinov, P. Zhivkov, V. Velichkova, N. Keremedchieva. G Code Vectorization after Colors Reduction for Plotter Painting

Key Words: G Code; vectorization; colors reduction; plotting.

Abstract. G Code instructions are used for CNC machines. In order, such machines to produce objects or drawings visual information should be vectorized. Transformation of full-color image to set of 16 colors is achieved by color reduction algorithm. Pixels in the image are replaced with simple shapes (strokes) in such a way that these simple graphic primitives to be drawn by CNC driven 2D plotter. Each stroke should be drawn by a single loading of oil paint. This goal cannot be achieved by standard G Code generation and this research.

Read More

informatics
A. Popov, S. Lekova. System for Monitoring and Analysis of the Environmental Data (Part 2)

Key Words: Particulate matter PM10 and PM2.5; sensors for РМ; temperature and light; Arduino Nano 3.0.

Abstract. Air pollution causes damage to human health and ecosystems. Large parts of the population do not live in a healthy environment in accordance with current standards. Today, almost every city has problems with particulate matter concentration, especially in time of temperature inversions. This article introduces an automated system for monitoring and analyzing fine particulates in ambient air, temperature and light. It can be used in the workplace, at home, and in particular in student classrooms and laboratories, not only for monitoring, but also for training and refinement involving students, in various disciplines or informal аactivities.

Read More

informatics
Y. Belev, Ts. Ivanova, I. Bachkova. Cybersecurity Formal Verification of OPC-UA Applications

Кеу Words: Cybersecurity; OPC-UA applications; security; formal verification; information modeling; timed automata models; temporal logic.

Abstract. Cybersecurity protect the confidentiality, integrity and availability of computing devices and networks, hardware and software, and most importantly, data and information. The main aim of the paper is to analyze the capabilities and to propose an approach for increasing the security of OPC-UA applications based on the use of formal verification, and its integration into the development lifecycle model and information modeling capabilities provided by OPC-UA. The formal verification is based on using model checking based on timed automata models of the system and cybersecurity properties, defined by using temporal logic.

Read More

informatics
Survey of Security Recommendations for Building OPC-UA Applications

Key Words: IEC-62541 (OPC-UA) standard; Industry 4.0 reference architecture; cyber-attacks; security recommendations; OPC-UA applications.

Abstract. The IEC-62541 (OPC-UA) standard is an important part of the Industry 4.0 reference architecture and is recommended as the only possible communication standard. A particularly important issue that is being addressed is the issue of security. The paper analyzes the vulnerability of cyber-attacks and the main threats that threaten the security of OPC-UA-based applications and defines established and sustainable recommendations for increasing the security of these applications.

Read More

informatics
A. Popov, S. Lekova. System for Monitoring and Analysis of the Environmental Data (Part 1, Review)

Key Words: Particulate matter PM10 and PM2.5; sensors for РМ; temperature and light; Arduino Nano 3.0.

Abstract. Air pollution causes damage to human health and ecosystems. Large parts of the population do not live in a healthy environment in accordance with current standards. Today, almost every city has problems with particulate matter concentration, especially in time of temperature inversions. This article introduces an automated system for monitoring and analyzing fine particulates in ambient air, temperature and light. It can be used in the workplace, at home, and in particular in student classrooms and laboratories, not only for monitoring, but also for training and refinement involving students, in various disciplines or informal activities.

Read More

informatics
L. Boyanov. Architectures and Tools for Internet of Things Big Data Processing

Key Words: Internet of Things (IoT); big data; big data processing tools; Hadoop.

Abstract. Internet of Things (IoT) is a modern paradigm referring to interconnected things/objects in the global digital network Internet. This model differs significantly from the traditional approach of connecting computers, laptops and servers to Internet. There is a huge variety of connected devices – ranging from sensors and RFID tags and mobile phones to data centres and supercomputers. They all create, transmit and process digital/digital data in a quantity, variety and unimaginable until recently. All this leads to new requirements for the means and environment for data processing. The paper presents a classification of architectural model, used for data from IoT. They are placed in four groups – such of standardization organization, of commercial organizations, in respect of Industrial Internet of Things and of researchers. A well-known architecture, that distinguishes the data path according to the speed of data processing – Lambda Architecture is also presented. The paper also looks at the most popular products, programs and software libraries for big data processing. A particular attention is given to the Hadoop software library, which allows processing of big sets of data. Other products and tools for ETL (Extract, Transform and Load), distributed event streaming, data storage, data processing and analytics are also presented. The paper describes a simplified architecture, which has been implemented and demonstrated to work on a 40-node cluster. Its software comes from the open source Hadoop environment. The next tasks and future work on this architecture are presented.

Read More

informatics
W. Dimitrov, K. Spasov, S. Syarova. Analysis of the Scope of a Conceptual Model for a Sharing Center for ICS Cyber Security Operations

Key Words: Cyber; security; operations; center; ICS; shared.

Abstract. The article offers a analysis of the scope of a conceptual model for a Shared Industrial Control Sys-tems (ICS) CyberSecurity Operations Center (SOC). The analysis of design of the conceptual model is aimed at bridging the gaps in existing market solutions and meeting the needs of the entire cycle of cybersecurity en-gagements. It ensures continuous proportional ICS protection against malicious actors and in accordance with regulations and standards. The focus of the research is on the three basic functions of cybersecurity cycle – proactive functions, security operations management, and cybersecurity incident response. The aim of the study is to increase the effectiveness of cybersecurity for all Shared SOC subscribers, to overcome the problem of staff shortages, and allow each company to focus on its core business. The applied methodology is based on the Fea-ture Driven Development approach, empirical experience from the implementation of cyber defense systems, and interdisciplinary vision. The proposed analysis provides reference points for synthesizing a private solution for multiple clients of Shared SOC, a basis for concept of operations and preparation for technical design. The idea of a Shared SOC provides a powerful tool for meeting the requirement for multi-layered cyber protection, which is already a fact in many regulatory measures. Shared SOC creates conditions for all subscribers with ICS to increase their level of maturity in cybersecurity.

Read More

informatics
R. Hrischev. Information Security in Enterprise Resources Planning Systems (ERP)

Key Words: ERP systems; data security; security policy.

Abstract. This paper introduces Enterprise Resource Planning (ERP) systems from its evolution through architecture to its products regarding the security point of view. ERP is a technology that integrates most business processes and covers all information flows in the organization. ERP is a prerequisite and tool with which the enterprise can automate its core business activities, reduce the complexity and cost of their interaction, force the company to start reengineering business processes to optimize its work and generate a successful business. But modern business is more and more open to communication with external organizations, especially through the Internet. Therefore ERP system is becoming a system with high vulnerability and high confidentiality, in which security is a critical aspect. The main characteristics of ERP systems are presented. The largest ERP vendors have already integrated their security solutions; many vendors are using specialized hardware and software solutions. The new e-business requires the development and implementation of e-features of ERP systems (e-orders, e-shop, e-store, e-invoice, etc.), focuses on business between companies and customers. New technologies – Cloud computing, IoT, Block Chain are opportunities to make ERP highly integrated, more intelligent, more collaborative, cloud-based. Based on the literature of the biggest developers of this type of systems are presented popular security solutions for ERP systems. The standard architecture of the systems, the security policies guaranteeing secure access to the information are presented. Methods for data transfer with remote access to the systems are considered. The evolution of database development from structured (SQL) via unstructured (NoSQL) to blockchain is shown. The methods for ensuring secure access to user information used by the developers of ERP systems, such as permissions, roles, authentication, are summarized. The main challenges to information security and the prospects for ensuring data security are outlined.

Read More

informatics
А. Hristov, М. Nisheva, D. Dimov. An Introduction into Convolutional Neural Networks

Key Words: Convolutional neural networks; artificial neural networks; machine learning; object classification and recognition; computer vision.

Abstract. The field of machine learning has undergone rapid development with the rise of artificial neural networks (ANNs), over the past years. Some of the recently gained popularity models of the ANN are the so-called convolutional neural networks (CNNs). Impressive results in image recognition and object detection are achieved by the latest generation of CNN’s architectures, which unravel the significant interest in them from various professional communities. This paper presents the structure and basic principles of functioning and training of CNNs. The latest results in the field of development and application of such models have been discussed. The presentation has an informal, intuitive character and implies that the reader is familiar with the basics of machine learning and artificial neural networks.

Read More

informatics
D. Ivanova, S. Zahov. Big Data Analytics of Ocean Water Masses in Internet of Things Ecosystem

Key Words: Internet of Things (IoT); big ocean data; machine learning; linear regression; SVM; Apache Spark; result analysis.

Abstract. The scientific paper has presented the various methods for collecting ocean data in Internet of Things Ecosystem. Most of the big ocean data is associated with sea surface temperature, water flows, air mass movement and their ocean-atmosphere interaction, sea level, sea-ice concentration, ocean topography and their impact on meteorological conditions. All these features of ocean data are of great importance and impact on climate change and its impact on human life. This paper is proposed a method for big data analytics and knowledge discovery of ocean water masses based on machine learning. The experimental framework is based on the Apache Spark environment and uses a PYTHON programming language optimized for big data processing. The experimental investigations have been performed using machine learning algorithms: linear regression and supporting vector machines. The paper has been presented the obtained results and their analysis.

Read More