Публикации

In the domain of web security, websites strive to prevent themselves from data gathering performed by automatic programs called bots. In that way, crawler traps are an efficient brake against this kind of programs. By creating similar pages or random content dynamically, crawler traps give fake information to the bot and resulting by wasting time and resources. Nowadays, there is no available bots able to detect the presence of a crawler trap. Our aim was to find a generic solution to escape any type of crawler trap. Since the random generation is potentially endless, the only way to perform crawler trap detection is on the fly. Using machine learning, it is possible to compute the comparison between datasets of webpages extracted from regular websites from those generated by crawler traps. Since machine learning requires to use distances, we designed our system using information theory. We considered widely used distances compared to a new one designed to take into account heterogeneous data. Indeed, two pages does not have necessary the same words and it is operationally impossible to know all possible words by advance. To solve our problematic, our new distance compares two webpages and the results showed that our distance is more accurate than other tested distances. By extension, we can say that our distance has a much larger potential range than just crawler traps detection. This opens many new possibilities in the scope of data classification and data mining.

As new social, economic, environmental changes, including dramatic epidemic challenges, occur, the role of digital technologies becomes increasingly influential, especially in the development of the Architecture, Engineering, Construction and Facility Management (AEC/FM) industry.They allowa newperspective for sustainable evolution of urban environments and infrastructures that are permanently growing and becoming more complex. Although the digital transformation of the building industry has been an ongoing process over several decades, often hidden under the moniker of building information modelling (BIM), the progress in development and practical adoption of digital technologies does not fully meet the expectations. It certainly has much greater potential that will be realized in the coming years. The first organizations to introduce digital innovations have good chances to be leaders of the AEC/FM industry. The formula to achieve success and competitive advantage, apparently, is based on the same imperatives that are recommended by Gartner for any organizations adopting digital technologies. These imperatives are dynamism, privacy, augmented intelligence, culture, product management and digital twin; they definitely have need for emerging Information and Communication Technologies (ICT). Dynamism is crucial for the organization’s adaptability and its potential to improve business processes and increase productivity. ICT technologies bring new capabilities and new ways for AEC/FM organizations to succeed. However, rational adoption of the technologies still remains a challenging problem, to a significant degree, due to the multi-disciplinary nature of projects, large volumes of information and its heterogeneity, computationally hard optimization problems, involvement of numerous stakeholders, variety of used software tools and platforms, legacy data to be maintained throughout the entire project lifecycle (design, engineering, construction, operation, demolishment), insufficient levels of standardization, regulation and legislation. These factors prevent the direct use of general-purpose ICT technologies, and the latter must be essentially improved or adapted to meet these requirements. This circumstance opens up a wide field for further research and development.

Modern ICT technologies for management of databases, documents, revisions, workflows, and requirements remain a priority. The need to share information among project participants with own roles, expertise, skills leads to the problem of information consistency and trustworthiness. Involvement of the participants separated geographically, organizationally and technically only exacerbates the problem. Being exchanged, replicated, transformed, and updated in an uncoordinated manner, the information loses consistency and integrity, which makes it useless for further interpretation and processing by BIM tools. The development and deployment of advanced CDE (Common Data Environment) servers providing solid transaction guarantees ACID (Atomicity, Consistency, Isolation and Durability) and BASE (Basically Available, Soft state, Eventually consistent) seems to be a promising approach to management of semantically complex information, combining both BIM data driven by a formally specified schemata and complementary semi-structured or unstructured documents. BIM interoperability also remains a critically important and still unresolved issue. It relates to the ability of BIM software applications and users to exchange and share project information freely. A rather disappointing experience with openBIM standards by buildingSMART alliance and, particularly, with IFC files has forced the proponents to acknowledge the difference between enabling applications to exchange data (the so-called technical and semantic interoperability), and the desired substantive property of applications to coherently interact with each other while keeping data complete, consistent and meaningful (conceptual interoperability). To move towards this goal and ensure the conceptual interoperability of IFC-compliant applications, not just technical and semantic ones, standardization and certification activities should be thoroughly reviewed.

It is worth acknowledging that the IFC standard seems to be the best solution for achieving the real interoperability between BIM applications produced by different software vendors. It is gratifying to see that the IFC standard continues to evolve, covering more infrastructure applications complementary to traditional disciplines. At the same time, alternative approaches to integrated data management are also being proposed and elaborated. These are federated databases, ontologies for separate BIM disciplines and aspects, linked data technologies, document-oriented information containers. However, they cause extremely hard issues of data consistency, concurrent access, change control, the resolution of which seems still rather nontrivial. All of the above approaches need formal methods to validate and certify software applications, otherwise interoperability can simply be declared, but can never be guaranteed. The project information privacy is another fundamental problem. Inability to successfully manage privacy puts the entire digital transformation of AEC/FM organizations at high risks. Many employers do not want

to give up safety, confidentiality and peace of mind in exchange for convenience and ability to freely share information with partners when collaborating together on multidisciplinary projects. Cryptography, blockchain, and smart contracts are just some of the technologies that need careful validation before being widely adopted into industrial practice. AEC/FM industry is encouraged to follow the latest ICT technologies like the Internet of Things (IoT), Big Data, Artificial Intelligence (AI), cloud computing, which are often employed together to bring the digital twin (DT) paradigm. Being a cyber-physical system (CPS) which integrates computation, control and communication facilities, DT reveals new perspectives on managing the construction, operation and maintenance of the building and its assets. A high level of fidelity is reached by gathering data about physical world objects in real time and automatically converting it into respective digital models.The behavior of the physical objects can be investigated and predicted under changing conditions, proper management decisions are taken to optimize objective functions. DTtechnologies have a lot of applications forAEC/FM industry.They allowstakeholders to continuously monitor real progress on the construction site against the initial BIM-based planning, to control energy performance of the building under different operation modes and occupation factors, to manage building assets.The methods that can significantly improve the building construction and operation have been well studied, but the services that implement them need more modern deployment platforms and highly automated configuration tools, sometimes called DT factories. Being scaled up to the city level, digital twins can help in optimizing traffic in urban environments, controlling pedestrian flows in crowded places, managing energy consumption, monitoring air pollution, and so on. Smart cities and smart buildings managed using digital twins are expected to provide better service, improved quality of life and a sustainable future. WhileBIMis focused on individual buildings, the need of the information integration at the city level and the resulting amalgamation of BIM and City Information Modeling (CIM) become more obvious. However, this aspect is not explored in its full potential yet. Diverse information standards, different computation models and methods should be reviewed and, likely, harmonized to bridge the gap between BIM and CIM technologies. The information acquisition is necessary for the functioning of CPS services and digital twins. Different sorts of sensors and IoT devices, integrated with BIM and CIM, seem to be the logical choice for monitoring infrastructures and building assets during construction and operation stages. Complementary methods of photogrammetry, laser scanning with point clouds and aerial drone captures have been gaining traction in monitoring urban environments and construction sites. Obtained semi-structured data such as time series, photos, videos and point clouds lacks concise semantics, raising many difficulties when interfacing with BIM and CIM models. Semantic recovery and enrichment of sensed and scanned data is a computationally hard problem often resolved using AI methods. The management of big spatial-temporal data is another serious problem requiring thorough research on special-purpose databases. As the pressure on the global climate and resources is constantly increasing due to population growth and intensified human activities, more and more attention is paid to sustainable development – a foundational principle that implies ensuring of a civilized quality of life for the future generation. Indeed, being a significant resource consumer, the AEC/FM industry is responsible for significant shares of the total energy use, global greenhouse gas emissions, total waste and raw material. Currently, most of the efforts within the industry are focused on new methods to acquire and use resources within so-called circular economy. It implies studying products, improving processes, increasing energy efficiency, managing supply chains to minimise wasted resources. However, all these efforts are still to be adopted at a larger scale. Sustainability is a quite complex concept covering both social, economic and environmental pillars and admitting different assessments and criteria such as design quality, functionality, comfort and health, floor area, spatial program, building cost and life-cycle cost, solar insolation, heating/cooling load, energy use intensity and global warming potential. To meet these criteria, different mathematical models, computation, simulation and optimization methods can be effectively employed. At the same time, as some criteria are subjective assessments, the role of social surveys still remains important.

In recent years, AI methods and tools have become an indispensable part of civil engineering, construction management, building operation control and are facing ever new applications. Regardless of what principles the methods are based on: neural networks, swarm intelligence, machine learning, metaheuristics such as evolutionary algorithms, ant colony, simulated annealing; the methods enable solving wide classes of problems of global optimization, reasoning and decision making, clustering and data mining, recognition and classification. Not aiming to provide a comprehensive panorama of AI methods and applications for the AEC/FM industry, we are pleased to present dedicated papers and surveys focusing on AI methods for such actual problems as structural damage detection, optimization of structural design, building code compliance checking, and analysis of semi-structured data. Unfortunately, little attention is paid to the issues of augmented intelligence which is the logical step beyond artificial intelligence in the AEC/FM and, according to Gartner, it will change jobs putting employers side by side with advanced artificial intelligence systems, process and robotics and making new jobs more meaningful and rewarding.

Finally, although mentioned last, culture is identified as the largest barrier to realizing the promise of digital transformations. Culture is not just social behavior and norms, but also the knowledge, beliefs, arts, laws, customs, capabilities, and habits. As culture is acquired through the learning processes, dissemination of the best practices, presentation of emerging ICT technologies at scientific and practical forums, standardization and legislation efforts, new education formats are all of great interest and importance. This book collects the papers presented at the 13th European Conference on Product and Process Modelling (ECPPM 2021, Moscow, 5–7 May 2021). Covering a wide spectrum of thematic areas overviewed above, the papers are devoted to critically important problems arising on the ongoing way of digital transformations in the AEC/FM industry. High quality contributions hold great promise towards the advancement of research and technological development targeted at the digitalization imperatives. I want to thank the chairman and founder of the ECPPM conference Prof. Raimar Scherer, the members of the scientific committee whose comments contributed to the quality of the presented papers, my colleague Vasily Shutkin who took over a significant part of the organizational work, and, of course, the authors who found the opportunity, strength and inspiration to complete and present exciting research results in such a difficult and strange time. Sincerely yours, Prof. Vitaly Semenov

This talk deals with new, innovative, data exfiltration techniques using laser printers. The aim is to understand the possibilities offered by laser printing to insert data subliminally on paper during printing when using office printers. These techniques are similar to those used in auxiliary channel attacks or sidechannel/covert channel attacks), which mainly target confidential environments requiring a high level of security (military, state, industrial sectors). By using the print function, not only it is possible to hide a message (invisible to the public eye) but also to decipher it easily once printed on a paper sheet. The objective is to make people aware of the need of strong security management of printers against unauthorized access to avoid data breach. The main reason lies in the fact that a simple malware hooking the print queue may enable confidential information to be added to legitimate documents and organize the leakage of sensitive information. Demos of our techniques will be made during the talk and source codes will be released.

Most modern democracies and states have adopted a large number of standards and norms to promote and harmonize international trade. The precautionary principle has come to complete this regulatory arsenal especially in the field of security of states and citizens, their health, their private life ... The aim is also to protect government agencies against wrong decisions, especially when uncertain, immature technologies are concerned. Social, political, institutional security and stability and now cybersecurity has become heavily dependent on these new forms of regulation. In this article we will show how this regulation arsenal could be exploited by cybercriminals. It is indeed possible through a broader vision of the notion of cyber attack to turn these norms and standards and this precautionary principle precisely against those they are supposed to protect. Among many possible scenarios, we consider a specific one for illustration with respect to the attack of voting machines. The m ain conclusion is that any (cyber)security risk analysis should now extend the mostly favoured technical view to a more operational vision in which non technical aspects also be included.

В статье рассматривается задача классификации сетевого трафика на три типа, в зависимости от представления данных в нём: прозрачный, сжатый и шифрованный. Описываются существующие методы классификации, служащие для разделения трафика на прозрачный и непрозрачный, сжатый и шифрованный применительно к сетевым данным и документам. На основе них выбираются методы, показавшие лучшие результаты, и производится отбор лучшей их комбинации и вывод единого результата с применением методов машинного обучения (случайный лес). Также исследуется вопрос классификации потоков как единого целого и предлагается новый, отличный от существующих способ. Завершается статья анализом направлений для дальнейших исследований.

Обсуждаются проблемы обеспечения интероперабельности BIM- при- ложений и построения развитых программных интегрированных комплек- сов для осуществления проектной деятельности в области архитектуры, инженерии и строительства. Указываются принципиальные отличия между уровнями технической, синтаксической, семантической, прагматической, ди- намической и концептуальной интероперабельности. Приводятся примеры аномалий, возникающих при использовании обменных файлов в проприетар- ных и открытых форматах, в том числе, основанных на стандартной инфор- мационной схеме IFC. Предлагается и описывается новый файловый формат, предназначенный для журнализации транзакций и изменений с IFC данными. Ожидается, что поддержка формата перспективными BIM-приложениями позволит обеспечить концептуальную интероперабельность как автономных приложений с функциями обмена файлами, так и приложений, интегрирован- ных и функционирующих в составе клиент-серверных систем.

Рассматривается действие на множестве булевых функций расширения G полной аффинной группы преобразований с помощью группы аффинных функций: действие заключается в преобразовании булевых функций невырожденными аффинными заменами переменных и сложением с аффинными булевыми функциями. Введены и исследованы параметры булевых функций, инвариантные относительно действия группы G: амплитуда (тесно связанная с нелинейностью), размерность функции и некоторые другие. Эти инварианты вместе с другими введенными понятиями могут быть использованы для получения новых оценок криптографических параметров булевых функций, в том числе максимальной нелинейности функций от нечетного числа переменных.

В статье рассматривается поиск ошибок помеченных данных в исходном коде программ, т.е. ошибок, вызванных небезопасным использованием данных, полученных из внешних источников, которые потенциально могут быть изменены злоумышленником. В качестве основы использовался межпроцедурный статический анализатор Svace. Анализатор осуществляет как поиск дефектов в программе, так и поиск подозрительных мест, в которых логика программы может быть нарушена. Целью является найти как можно больше ошибок при приемлемой скорости и низком уровне ложных срабатываний (< 20–35 %). Для поиска ошибок Svace с помощью компилятора строит низкоуровневое типизированное промежуточное представление, которое подаётся на вход основному анализатору SvEng. Анализатор строит граф вызовов, после чего выполняет анализ на основе резюме. При таком анализе функции обходятся в соответствии с графом вызовов, начиная с листьев. После анализа функции создаётся её резюме, которое затем будет использовано для анализа инструкций вызова. Анализ имеет как высокую скорость, так и хорошую масштабируемость. Внутрипроцедурный анализ основан на символьном выполнении с объединением состояний в точках слияния путей. Для отсеивания несуществующих путей для некоторых детекторов может использоваться SMT-решатель. При этом SMT-решатель вызывается, только если есть подозрение на ошибку. Анализатор был расширен возможностью поиска дефектов, связанных с помеченными данными. Детекторы реализованы в виде плагинов по схеме источник-приёмник. В качестве источников используются вызовы библиотечных функций, получающих данные извне программы, а также аргументы функции main. Приёмниками являются обращение к массивам, использование переменных как шага или границы цикла, вызов функций, требующих проверенных аргументов. Реализованы детекторы, покрывающие большинство возможных типов уязвимостей, для непроверенных целых чисел и строк. Для оценки покрытия использовался проект Juliet. Уровень пропусков составил от 46.31% до 81.17% при незначительном количестве ложных срабатываний.

В данной работе дается обзор научных исследований в области захвата и обработки высокоскоростного трафика, а также рассматриваются конкретные программно-аппаратные решения. В работе выделены основные направления развития технологий перехвата трафика и описано их взаимодействие между собой. На основе обзора выделены основные проблемы сетевого стека операционных систем и способы их решения. Рассматриваются реализованные в программно-аппаратных средствах алгоритмы и структуры, а также их архитектура. Для каждого из решений описывается процесс получения пакетов с сетевого интерфейса. Кроме того, проведено сравнение их производительности, общий анализ реализаций, а также приведены рекомендации по области применимости.

Обсуждаются современные технологии пространственно-временного (4D) визуального моделирования и планирования проектной деятельности в области архитектуры, инженерии и строительства. Описывается функци- онал популярных программных систем 4D-моделирования, предусматрива- ющий качественно новые средства для пространственно-временной визуали- зации, верификации, мониторинга и документирования календарно-сетевых графиков и индивидуальных заданий. Указываются принципиальные огра- ничения систем в случае моделирования сложных строительных проектов

и масштабных инфраструктурных программ. Предлагается подход к реализа- ции перспективных систем 4D-визуализации, основанный на использовании иерархических динамических уровней детализации (HDLOD) и мульти-про- ектной организации данных, представленных в соответствии с международ- ным информационным стандартом IFC. Подход обеспечивает интерактивную пространственно-временную визуализацию больших объемов IFC данных во внешней памяти. Применение подхода иллюстрируется на примере разра- ботанного программного приложения 4D-визуализации масштабных строи- тельных проектов и программ.