информатика
В. Алексиева, Х. Вълчанов. Система за откриване на ботнет атаки, базирана на генетични алгоритми

Статията е 4 от 7 в списание АВТОМАТИКА И ИНФОРМАТИКА 4, 2018 г.

Key Words: Botnet attacks; DoS attacks; intrusion detecting system; genetic algorithms.

Abstract.  One of the most common attacks against information security is Botnet. Recognizing such attacks requires the development of effective security systems. Intrusion detection systems collect information from different sources in computer systems and networks. For most systems, this information is compared to predefined patterns of abuse to identify attacks and vulnerabilities. Much of the existing host-based systems for botnet detection use techniques based on anomalies or rules. This paper presents some aspects of the implementation of a host-based botnet attack detection system. The system uses an anomaly detection technique based on a genetic algorithm.

Повече

информатика
В. Алексиева, А. Хулиан. Крипто токен, базиран на смарт контракт на етериум блокчейн

Статията е 5 от 10 в списание АВТОМАТИКА И ИНФОРМАТИКА 3, 2018 г.

Key Words: Ethereum; block chain; smart contract; crypto-token; crypto-currency.

Abstract.  The proposed paper realized a smart contract based on Ethereum blockchain. The decentralized crypto-token is created for Initial Coin Offering (ICO) and based on ERC20 standard. A web-based interface is created for sale of these crypto-tokens. The results from experimental tests are presented.

Повече

информатика
Е. Оцетова-Дудин, И. Куртев. ModSecurity правила за защита на уеб сървър

Статията е 5 от 10 в списание АВТОМАТИКА И ИНФОРМАТИКА 2, 2018 г.

Key Words: ModSecurity; HTTP; OWASP; Web Application; Firewall.

Abstract. The security of the information in the contemporary dynamic and information world is by priority importance. Every day the entire world alarms for different in their nature and object hacker’s attacks. The damages of those attacks are as well fiscal and moral. The most popular attacks against the web-applications are those with causing service denial (Denial of Service – DoS), the blocking of the functioning of different sites or entire systems. Protection opportunities of web-servers, functioning in real time of OWASP (Open Web Application Security Project) are presented in that material. The module ModSecurity provides a set of protection rules, based on control of the ingoing and outgoing traffic from the point of view of the server

Повече

информатика
К. Димитров. Анализ на информационната сигурност в стандартите за безжична локална мрежа IEEE 802.11

Статията е 6 от 10 в списание АВТОМАТИКА И ИНФОРМАТИКА 2, 2018 г.

Key Words: Wireless LAN (WLAN) security; WEP; RC4; IEEE 802.11; IEEE 802.1X; IEEE 802.11i; WPA; TKIP; WPA2; AES; CCMP; KRACK attack.

Abstract. On the basis of extensive research in the specialized literature, a critical analysis of information security protocols in the standards for IEEE 802.11 wireless LAN (WLAN, WiFi) has been carried out. Finally, some conclusions and recommendations are made. The first WLAN security protocol – WEP is extremely insecure and should not be used. Due to the inherited vulnerabilities of WEP and the fact that some parts of TKIP (such as the Michael function) have some security deficiencies, WPA has already exhausted its role as a temporary WEP fix for legacy hardware and is not recommended. Despite the mathematically proven cryptographic security of the AES standard in CBC mode, a weakness in the cryptographic key management process makes it vulnerable and leads to a security breach of WPA2 in October 2017. Although the vulnerability is removable by patch, probably a lot of WiFi-Devices have not been updated, which puts users at risk. In addition, despite updates of the firmware and recommendations from information security professionals to circumvent and/or block the protocol breach, reports emerged in October 2018 that the vulnerability to KRACK was still being exploited.

Повече

информатика
Л. Боянов. Предаване на данни от интернет на обектите – подходи и протоколи

Статията е 4 от 10 в списание АВТОМАТИКА И ИНФОРМАТИКА 1-2, 2021 г.

Key Words: Internet of Things; data transmission; communication protocols; big data.

Abstract. Communication models and protocols in Internet of Things (IoT) are relatively new field of research and use due to the fact, that connecting objects by digital means in Internet has occurred only in the last decade. However, the rapid grow of applications of this paradigm in almost all areas of human activity has led to enormous volume of data generated from all kind of sources (things) and transmitted all over the global digital network. This, in turn, has led to the creation of new models and protocols for data transmission in IoT. The paper gives an overview of the main approaches / models for communication in IoT. The requirement for scalability and simplicity is amongst the most important when IoT and Big data are involved. Four models are presented – the Push, Request/Response, Subscribe/Notify and Publish/Subscribe. A classification and layered approach is made for protocols used in IoT. Three of the most widely used for data transmission in IoT are taken for further investigation – MQTT, CoAP and AMQP. They are compared in terms of bandwidth, overhead, size of transmitted data, reliability and security. Then are compared with HTTP, which is well known and widely used on the Internet. The conclusions are that the most popular model for IoT and Big data communication is the Publish/Subscribe one, whether in regard to the use and recommendation for data protocol, one cannot point a clear leader at present (unlike the protocols in the TCP/IP stack for Internet), so there is the tendency that for the time being, different data protocols will be used in different IoT and Big data applications.

Повече

информатика
П. Петров, Г. Костадинов, П. Живков, В. Величкова, Н. Керемедчиева. G Code векторизация след редукция на цветовете за изрисуване с плотер

Статията е 5 от 10 в списание АВТОМАТИКА И ИНФОРМАТИКА 1-2, 2021 г.

Key Words: G Code; vectorization; colors reduction; plotting.

Abstract. G Code instructions are used for CNC machines. In order, such machines to produce objects or drawings visual information should be vectorized. Transformation of full-color image to set of 16 colors is achieved by color reduction algorithm. Pixels in the image are replaced with simple shapes (strokes) in such a way that these simple graphic primitives to be drawn by CNC driven 2D plotter. Each stroke should be drawn by a single loading of oil paint. This goal cannot be achieved by standard G Code generation and this research.

Повече

информатика
А. Попов, С. Лекова. Система за следене и анализ на данни от околната среда (част 2)

Статията е 6 от 10 в списание АВТОМАТИКА И ИНФОРМАТИКА 1-2, 2021 г.

Key Words: Particulate matter PM10 and PM2.5; sensors for РМ; temperature and light; Arduino Nano 3.0.

Abstract. Air pollution causes damage to human health and ecosystems. Large parts of the population do not live in a healthy environment in accordance with current standards. Today, almost every city has problems with particulate matter concentration, especially in time of temperature inversions. This article introduces an automated system for monitoring and analyzing fine particulates in ambient air, temperature and light. It can be used in the workplace, at home, and in particular in student classrooms and laboratories, not only for monitoring, but also for training and refinement involving students, in various disciplines or informal аactivities.

Повече

информатика
Й. Белев, Ц. Иванова и И. Бачкова. Формална верификация на киберсигурността на OPC-UA приложения

Статията е 7 от 10 в списание АВТОМАТИКА И ИНФОРМАТИКА 1-2, 2021 г.

Кеу Words: Cybersecurity; OPC-UA applications; security; formal verification; information modeling; timed automata models; temporal logic.

Abstract. Cybersecurity protect the confidentiality, integrity and availability of computing devices and networks, hardware and software, and most importantly, data and information. The main aim of the paper is to analyze the capabilities and to propose an approach for increasing the security of OPC-UA applications based on the use of formal verification, and its integration into the development lifecycle model and information modeling capabilities provided by OPC-UA. The formal verification is based on using model checking based on timed automata models of the system and cybersecurity properties, defined by using temporal logic.

Повече

новости, информация, общество
Национална програма за дигитална трансформация на образованието (проект)

Статията е 8 от 10 в списание АВТОМАТИКА И ИНФОРМАТИКА 2, 2018 г.

Поколението на седемте екрана – на телевизора, компютъра, лаптопа, таблета, фаблета, смартфона и интелигентния часовник не може и не бива да се обучава така, както са били обучавани неговите родители. Пред това поколение не може и не бива да се пише на черна дъска с бял тебешир. Замяната на черната дъска с бяла, а на тебешира – с маркер, не е дори и количествена промяна, т.е. това не е начинът да се привлече вниманието на днешните ученици и студенти и те да се мотивират да акумулират знания и да развиват умения за практическото им прилагане. Необходимо е чрез масово и ефективно използване на информационни и комуникационни технологии, базирани иновационни образователни технологии и дидактически модели, да се адаптира образователната система към дигиталното поколение, а чрез въвеждане на изследователския подход в образователния процес той да се преориентира от механично усвояване на факти към преоткриване на знанията и развиване на уменията.

Повече

информатика
Й. Белев, Ц. Иванова, И. Бачкова. Обзор на препоръките за сигурност при изграждането на OPC-UA приложения

Статията е 4 от 10 в списание АВТОМАТИКА И ИНФОРМАТИКА 3-4, 2020 г.

Key Words: IEC-62541 (OPC-UA) standard; Industry 4.0 reference architecture; cyber-attacks; security recommendations; OPC-UA applications.

Abstract. The IEC-62541 (OPC-UA) standard is an important part of the Industry 4.0 reference architecture and is recommended as the only possible communication standard. A particularly important issue that is being addressed is the issue of security. The paper analyzes the vulnerability of cyber-attacks and the main threats that threaten the security of OPC-UA-based applications and defines established and sustainable recommendations for increasing the security of these applications.

Повече

информатика
А. Попов, С. Лекова. Система за следене и анализ на данни от околната среда (част 1, обзорна)

Статията е 5 от 10 в списание АВТОМАТИКА И ИНФОРМАТИКА 3-4, 2020 г.

Key Words: Particulate matter PM10 and PM2.5; sensors for РМ; temperature and light; Arduino Nano 3.0.

Abstract. Air pollution causes damage to human health and ecosystems. Large parts of the population do not live in a healthy environment in accordance with current standards. Today, almost every city has problems with particulate matter concentration, especially in time of temperature inversions. This article introduces an automated system for monitoring and analyzing fine particulates in ambient air, temperature and light. It can be used in the workplace, at home, and in particular in student classrooms and laboratories, not only for monitoring, but also for training and refinement involving students, in various disciplines or informal activities.

Повече

информатика
Л. Боянов. Архитектури и средства за обработка на големи данни от интернет на обектите

Статията е 6 от 10 в списание АВТОМАТИКА И ИНФОРМАТИКА 3-4, 2020 г.

Key Words: Internet of Things (IoT); big data; big data processing tools; Hadoop.

Abstract. Internet of Things (IoT) is a modern paradigm referring to interconnected things/objects in the global digital network Internet. This model differs significantly from the traditional approach of connecting computers, laptops and servers to Internet. There is a huge variety of connected devices – ranging from sensors and RFID tags and mobile phones to data centres and supercomputers. They all create, transmit and process digital/digital data in a quantity, variety and unimaginable until recently. All this leads to new requirements for the means and environment for data processing. The paper presents a classification of architectural model, used for data from IoT. They are placed in four groups – such of standardization organization, of commercial organizations, in respect of Industrial Internet of Things and of researchers. A well-known architecture, that distinguishes the data path according to the speed of data processing – Lambda Architecture is also presented. The paper also looks at the most popular products, programs and software libraries for big data processing. A particular attention is given to the Hadoop software library, which allows processing of big sets of data. Other products and tools for ETL (Extract, Transform and Load), distributed event streaming, data storage, data processing and analytics are also presented. The paper describes a simplified architecture, which has been implemented and demonstrated to work on a 40-node cluster. Its software comes from the open source Hadoop environment. The next tasks and future work on this architecture are presented.

Повече

информатика
В. Димитров, К. Спасов, С. Сярова. Анализ на обхвата на концептуален модел за споделен център за операции по киберсигурността на индустриални управляващи системи

Статията е 5 от 8 в списание АВТОМАТИКА И ИНФОРМАТИКА 1-2, 2020 г.

Key Words: Cyber; security; operations; center; ICS; shared.

Abstract. The article offers a analysis of the scope of a conceptual model for a Shared Industrial Control Sys-tems (ICS) CyberSecurity Operations Center (SOC). The analysis of design of the conceptual model is aimed at bridging the gaps in existing market solutions and meeting the needs of the entire cycle of cybersecurity en-gagements. It ensures continuous proportional ICS protection against malicious actors and in accordance with regulations and standards. The focus of the research is on the three basic functions of cybersecurity cycle – proactive functions, security operations management, and cybersecurity incident response. The aim of the study is to increase the effectiveness of cybersecurity for all Shared SOC subscribers, to overcome the problem of staff shortages, and allow each company to focus on its core business. The applied methodology is based on the Fea-ture Driven Development approach, empirical experience from the implementation of cyber defense systems, and interdisciplinary vision. The proposed analysis provides reference points for synthesizing a private solution for multiple clients of Shared SOC, a basis for concept of operations and preparation for technical design. The idea of a Shared SOC provides a powerful tool for meeting the requirement for multi-layered cyber protection, which is already a fact in many regulatory measures. Shared SOC creates conditions for all subscribers with ICS to increase their level of maturity in cybersecurity.

Повече

информатика
Р. Хрисчев. Информационната сигурност в системите за планиране на корпоративни ресурси (ERP)

Статията е 6 от 8 в списание АВТОМАТИКА И ИНФОРМАТИКА 1-2, 2020 г.

Key Words: ERP systems; data security; security policy.

Abstract. This paper introduces Enterprise Resource Planning (ERP) systems from its evolution through architecture to its products regarding the security point of view. ERP is a technology that integrates most business processes and covers all information flows in the organization. ERP is a prerequisite and tool with which the enterprise can automate its core business activities, reduce the complexity and cost of their interaction, force the company to start reengineering business processes to optimize its work and generate a successful business. But modern business is more and more open to communication with external organizations, especially through the Internet. Therefore ERP system is becoming a system with high vulnerability and high confidentiality, in which security is a critical aspect. The main characteristics of ERP systems are presented. The largest ERP vendors have already integrated their security solutions; many vendors are using specialized hardware and software solutions. The new e-business requires the development and implementation of e-features of ERP systems (e-orders, e-shop, e-store, e-invoice, etc.), focuses on business between companies and customers. New technologies – Cloud computing, IoT, Block Chain are opportunities to make ERP highly integrated, more intelligent, more collaborative, cloud-based. Based on the literature of the biggest developers of this type of systems are presented popular security solutions for ERP systems. The standard architecture of the systems, the security policies guaranteeing secure access to the information are presented. Methods for data transfer with remote access to the systems are considered. The evolution of database development from structured (SQL) via unstructured (NoSQL) to blockchain is shown. The methods for ensuring secure access to user information used by the developers of ERP systems, such as permissions, roles, authentication, are summarized. The main challenges to information security and the prospects for ensuring data security are outlined.

Повече

информатика
А. Христов, М. Нишева, Д. Димов. Въведение в конволюционните невронни мрежи

Статията е 5 от 7 в списание АВТОМАТИКА И ИНФОРМАТИКА 1, 2018 г.

Key Words: Convolutional neural networks; artificial neural networks; machine learning; object classification and recognition; computer vision.

Abstract. The field of machine learning has undergone rapid development with the rise of artificial neural networks (ANNs), over the past years. Some of the recently gained popularity models of the ANN are the so-called convolutional neural networks (CNNs). Impressive results in image recognition and object detection are achieved by the latest generation of CNN’s architectures, which unravel the significant interest in them from various professional communities. This paper presents the structure and basic principles of functioning and training of CNNs. The latest results in the field of development and application of such models have been discussed. The presentation has an informal, intuitive character and implies that the reader is familiar with the basics of machine learning and artificial neural networks.

Повече

информатика
Д. Иванова, С. Захов. Анализ на големи данни за океански водни маси в екосистемата за интернет на нещата

Статията е 6 от 7 в списание АВТОМАТИКА И ИНФОРМАТИКА 1, 2018 г.

Key Words: Internet of Things (IoT); big ocean data; machine learning; linear regression; SVM; Apache Spark; result analysis.

Abstract. The scientific paper has presented the various methods for collecting ocean data in Internet of Things Ecosystem. Most of the big ocean data is associated with sea surface temperature, water flows, air mass movement and their ocean-atmosphere interaction, sea level, sea-ice concentration, ocean topography and their impact on meteorological conditions. All these features of ocean data are of great importance and impact on climate change and its impact on human life. This paper is proposed a method for big data analytics and knowledge discovery of ocean water masses based on machine learning. The experimental framework is based on the Apache Spark environment and uses a PYTHON programming language optimized for big data processing. The experimental investigations have been performed using machine learning algorithms: linear regression and supporting vector machines. The paper has been presented the obtained results and their analysis.

Повече

информатика
П. Кесова, И. Бачкова. Подобряване на системите за енергиен мениджмънт с използване на индустриалeн интернет на нещата

Статията е 7 от 7 в списание АВТОМАТИКА И ИНФОРМАТИКА 1, 2018 г.

Key Words: Energy management systems; Internet of Things; optimization; ISO 50001; metallurgy plant.

Abstract. Energy management systems (EMS) are complete solutions for optimization of energy consumption and energy processes in enterprises. They encompass specialized hardware and software components and services directed towards monitoring, measurement and management of energy consumption. Тhe advanced Industrial Internet of Things (IIoT) paradigm may be successfully used to improve the functionality and quality of EMS ensuring reliable data collection and sharing, ubiquitous computing, and computing clouds using powerful resources to solve a variety of decision-making and scheduling tasks that abound in the system. The basic requirements for advanced energy management systems based on the ISO 50001 standard are analyzed. The architecture and functionality of currently used energy management system for non-ferrous metallurgy plants are presented and the weaknesses of this system are analyzed. An improved framework of the energy management system based on the concept and technologies of the Industrial Internet of Things is proposed and discussed.

Повече

информатика
Б. Тосков, А. Тоскова. Мултиагентна сензорна мрежа

Статията е 4 от 8 в списание АВТОМАТИКА И ИНФОРМАТИКА 2, 2019 г.

Key Words: JADEX intelligent agents; BDI architecture; MQTT communication; Internet of Things; WiFi sensor network.

Abstract. This publication presents an experimental model of the architecture of an intelligent guard system developed on the concept of IoT. The Guard System is part of the cyber-physical space of the Faculty of Mathematics and Informatics at Plovdiv University. This model is built with JADEX intelligent agents and hardware sensors working on WiFi sensor network.

Повече

информатика
В. Хаджиев, А. Рашидов. Обзор и анализ на методи и модели за структуриране, съхраняване и обработка на данни в интернет

Статията е 5 от 8 в списание АВТОМАТИКА И ИНФОРМАТИКА 2, 2019 г.

Key Words: Data-storage; Data-processing; Data-warehouse; Internet models; SWOT analysis; Cloud Database.

Abstract. This paper aims to review and analyze known models and methods for data structuring, storing and processing in the Internet. A SWOT analysis has been made to look at the strengths and weaknesses of known models.

Повече

информатика
А. Панайотов, П. Русков. Имплементиране на криптовалута при наемане на автомобил чрез блокчейн протокол

Статията е 6 от 8 в списание АВТОМАТИКА И ИНФОРМАТИКА 2, 2019 г.

Key Words: Cryptocurrency; blockchain; smart contract; protocol; car renting.

Abstract. Car renting is spreading, while cars are increasingly smart and connected allowing autonomous behavior like self-driving, self-parking, etc. The process of renting, however, is usually cumbersome, involves transfer of sensitive data, is not entirely digital, is heavily regulated and involves different parties directly or indirectly. Therefore, the security, validity and traceability of the data involved is of vital importance. In this paper the authors discuss the blockchain opportunity to innovate the car renting business and present a model where the process is digitalized, simplified and data authenticity and security are guaranteed by using blockchain protocols, smart contracts and cryptocurrency.

Повече