| rus | eng |

Stepashkin Mikhail Viktorovich

Citizenship: Russia Address academic (office): St.Petersburg Institute for Informatics and Automation of the Russian Academy of Sciences 39, 14th Liniya, St.-Petersburg, 199178, Russia Tel.: +7-(812)-328-2642 Fax: +7-(812)-328-4450 E-mail: stepashkin@comsec.spb.ru Researcher of Laboratory of Computer Security Problems, have worked in SPIIRAS since 2001. Graduated with honors from St. Petersburg State University (2002). Author of more than 40 scientific works. E-mail: stepashkin[AT]comsec[DOT]spb[DOT]ru http://comsec.spb.ru/stepashkin/

Top 

Top 

2006

• Stepashkin Mikhail Viktorovich - Diploma of winner of competition of personal grants for 2006 for young scientists and specialists of Saint-Petersburg and North-West of Russia.

2004

• Stepashkin Mikhail Viktorovich - Diploma of winner of competition of personal grants for 2004 for young scientists and specialists of Saint-Petersburg and North-West of Russia.

  

Top 

Current Grants and Projects

• Igor Kotenko (Principal Investigator). State Contract No. 11.519.11.4008 “Research and development of methods, models and algorithms of intellectualizing the secirity services in critical infrastructures”. Project of Russian Ministry of Education and Science, 2011-2013 (Researcher).
• Igor Saenko (Principal Investigator). “Mathematical models and methods of analysis and synthesis of access systems to information and network resources in modern and advanced computer systems and networks through the establishment and application of artificial intelligence. Research grant # 11-07-00435-а of Russian Foundation of Basic Research, 2011-2013 (Researcher).
  Report-2011-11-07-00435-a-short.pdf [application/pdf] (287595 bytes)
• Igor Kotenko (Principal Investigator from SPIIRAS). “Design of Secure and energy-efficient embedded systems for Future internet applications (SecFutur)”. Research Project of the European Community seventh framework program (FP7). Contract No. 256668, 2010-2013 (Researcher).
• Igor Kotenko (Principal Investigator from SPIIRAS). “MAnagement of Security information and events in Service InFrastructures (MASSIF)”. Research Project of the European Community seventh framework program (FP7). Contract No. 257475, 2010-2013 (Researcher).
• Igor Kotenko (Principal Investigator). “Mathematical models and methods of integrated protection against network attacks and malware in computer networks and systems based on hybrid multi-agent modeling and simulation of computer counteraction, verified adaptive security policies and proactive monitoring by data mining”. Research grant # 10-01-00826-a of Russian Foundation of Basic Research, 2010-2012 (Researcher).
  Report-2010-10-01-00826-a-short.pdf [application/pdf] (191714 bytes)
  Report-2011-10-01-00826-a-short.pdf [application/pdf] (260794 bytes)
• Stepashkin M.V. (Principal Investigator). "Intellectual Models and Methods for Security Analysis of Information Systems from Socio-Engineering Attacks (attack trees)". Research grant 10-01-00640 of Russian Foundation of Basic Research. , 2010-2012 (Principal Investigator).

Former Projects

• Igor Kotenko (Principal Investigator). “Mathematical Models, Methods and Algorithms of Proactive Protection against Malware in Computer Networks and Systems”. Program "Architecture, system solutions, software, standardization and information security of computer complexes of new generations" of the Russian Academy of Sciences Branch "Nanotechnologies and Information Technologies", 2009-2011 (Researcher).
• Igor Kotenko (Principal Investigator). “Development of scientific-methodical bases of information protection in the communication channels of International collective ecological safety system”. The state contract with the Center of security problems research of the Russian Academy of Sciences, 2006-2006 (Researcher).
• Oleg Karsaev (Principal Investigator from SPIIRAS). “MIND - Machine Learning for Intrusion Detection”. Institute Fraunhofer First, Berlin, Germany, 2004-2006 (Researcher).
• Igor Kotenko (Principal Investigator). “Modeling of information security processes in computer networks in adversarial environment: formal framework, mathematical models, multi-agent architecture, software prototype and experimental evaluation”. Research grant 04-01-00167 of Russian Foundation of Basic Research, 2004-2006 (Researcher).
  Report-04-01-00167a-2006.pdf [application/pdf] (446259 bytes)
  Report-04-01-00167a.pdf [application/pdf] (510438 bytes)
• Igor Kotenko (Principal Investigator). “Network traffic preprocessing algorithms”. INTEL, 2004-2005 (Researcher).
• Igor Kotenko (Principal Investigator). “Monitoring of user activity in computer networks”. Contract for Centre of Information Technologies and Systems of Executive State Authorities, Russia, 2004-2004 (Researcher).
• Igor Kotenko (Principal Investigator from SPIIRAS). “Policy-based Security Tools and Framework (POSITIF)”. Research Project of the European Community sixth framework program. Contract # IST-2002-002314, 2003-2007 (Researcher).
• Igor Kotenko (Principal Investigator). “Software Prototype of Deception System”. Contract # 1/0308-к for Centre of Information Technologies and Systems of Executive State Authorities, Russia, 2003-2004 (Researcher).
• Igor Kotenko (Principal Investigator). “Mathematical Foundations, Architecture and Principles of Implementation of Multi-Agent Learning Components for Attack Detection Computer Networks”. Contract for European Office of Aerospace Research and Development, ISTC, 2001-2003 (Researcher).
  1994-2001-Task2-en.pdf [application/pdf] (151228 bytes)
  1994-2001-Task2-ru.pdf [application/pdf] (225220 bytes)
  1994-2002-Task2-en.pdf [application/pdf] (206860 bytes)
  1994-2002-Task2-ru.pdf [application/pdf] (315097 bytes)
  1994-2003-Task2-en.pdf [application/pdf] (135652 bytes)
  1994-2003-Task2-ru.pdf [application/pdf] (384850 bytes)
• Igor Kotenko (Principal Investigator). “Formal Grammar-Based Approach and Tool for Simulation Attacks against Computer Network”. Contract for European Office of Aerospace Research and Development, ISTC, 2001-2003 (Researcher).
  1994-2001-Task1-en.pdf [application/pdf] (159554 bytes)
  1994-2001-Task1-ru.pdf [application/pdf] (211870 bytes)
  1994-2002-Task1-en.pdf [application/pdf] (207362 bytes)
  1994-2002-Task1-ru.pdf [application/pdf] (294571 bytes)
  1994-2003-Task1-en.pdf [application/pdf] (68592 bytes)
  1994-2003-Task1-ru.pdf [application/pdf] (300009 bytes)
• Igor Kotenko (Principal Investigator). “Mathematical Models of Information Security Assurance in Computer Networks based on Multi-agent Technologies and their Experimental Evaluation”. Research grant 01-01-00108 of Russian Foundation of Basic Research, 2001-2003 (Researcher).
  RFBR-2003-FORM501-ru.pdf [application/pdf] (60135 bytes)
  RFBR-2003-FORM502-en.pdf [application/pdf] (7885 bytes)

Top 

Papers

2011

1. Igor Kotenko, Mikhail Stepashkin, Elena Doynikova. Security Analysis of Computer-aided Systems taking into account Social Engineering Attacks. Proceedings of the 19th Euromicro International Conference on Parallel, Distributed and network-based Processing (PDP 2011). Ayia Napa, Cyprus, 9-11 February, 2011. Los Alamitos, California. IEEE Computer Society. 2011. P.611-618. ISSN 1066-6192.
2. Igor Kotenko, Mikhail Stepashkin, Elena Doynikova. Security analysis of information systems taking into account social engineering attacks. Problems of information security. Computer systems. 2011, № 3. P.40-57. (in Russian).
3. Igor Kotenko, Mikhail Stepashkin, Dmitry Kotenko, Elena Doynikova. Information systems security evaluation on the base of social engineering attacks trees. News of High schools. Instrument making, Т.54, № 12, 2011. P.5-9. ISSN 0021-3454. (in Russian).

2010

1. M.Stepashkin, I.Kotenko, A.Chechulin, A.Tulupyev, T.Tulupyeva, A.Pashenko. Approach to security analysis of automated systems taking into account social-engineering attacks. Proceedings of ХIX All-Russian Conference “Methods and technical tools of information security” (MTTIS 2010)”. Proceedings. St.Petersburg, Russia. July 5 - 10, 2010. P. 128-129. (in Russian).
2. I.Kotenko, M. Stepashkin, A.Chechulin, E.Doynikova, D.Kotenko. Tools for security analysis of automated systems. ХIX All-Russian Conference “Methods and technical tools of information security” (MTTIS 2010)”. Proceedings. St.Petersburg, Russia. July 5-10, 2010. P.115-116. (in Russian).

2009

1. Michail Stepashkin, Igor Kotenko. Security analysis of computer networks ans systems based on building of attack trees. The St.Petersburg Scientific Forum “Science and Society. Information technologies”. Forth St.Petersburg Meeting of the Nobel Prize laureates. Proceedings. St.Petersburg. 2009. P.363-366. (in Russian).

2007

1. Igor Kotenko, Mikhail Stepashkin. Computer Network Security Evaluation based on Attack Graphs Analysis. Problems of risks and security management. Proceedings of Institute of System Analysis of Russian Academy of Science. Moscow, URSS, 2007. (in Russian).
2. Igor Kotenko, Mikhail Stepashkin. Evaluating the Computer Network Security on the Basis of Attack Graph Analysis. Problems of Security and Counter Terrorism. Materials of the Second International Scientific Conference on Security Issues and Counter Terrorism. Moscow State University. 2007. P.466-481. (in Russian).
3. Vitaly Bogdanov, Igor Kotenko, Mikhail Stepashkin. Proactive Approach to Network Security Policy Monitoring. Proceedings of the International Security and Counteracting Terrorism Conference. Moscow. Lomonosov Moscow State University Intellectual Center. 2007. 4 p.
4. Mikhail Stepashkin, Igor Kotenko, Vitaly Bogdanov. Network Security Evaluation based on Analysis of Attack Graphs. Proceedings of the International Security and Counteracting Terrorism Conference. Moscow. Lomonosov Moscow State University Intellectual Center. 2007. 5 p.

2006

1. Igor Kotenko, Mikhail Stepashkin, Alexander Ulanov. Agent-based modeling and simulation of malefactors' attacks against computer networks. Security and Embedded Systems. D.N.Serpanos, R.Giladi (Eds.). IOS Press. 2006. P.139-146. ISSN 1574-5589.
   NATO-ASI-06-Cover.jpg [image/jpeg] (168841 bytes)
   NATO-ASI-06-paper.pdf [application/pdf] (187094 bytes)
2. Igor Kotenko, Mikhail Stepashkin, Vitaly Bogdanov. Architectures and models of active security analysis components on the basis of imitation of malefactors' actions. Problems of information security. Computer systems. 2006, No. 2. (in Russian).
3. Igor Kotenko, Mikhail Stepashkin. Systems - simulators: purpose, functions, architecture and the approach to realization. News of High schools. Instrument making, Vol.49, No. 3, 2006, P.3-8. (in Russian).
4. Igor Kotenko, Mikhail Stepashkin, Vitaly Bogdanov. Security analysis of computer networks at various stages of their life cycle. News of High schools. Instrument making. Vol.49, No. 5, 2006, P.3-8. (in Russian).
5. Igor Kotenko, Mikhail Stepashkin. Security metrics for estimating the security level of computer networks on the basis of constructing attack graphs. Information Security. Inside, No. 3, 2006. P.36-45. (in Russian).
   inside-zi.3-Cover.jpg [image/jpeg] (415428 bytes)
   inside-zi.3-Paper.pdf [application/pdf] (1109875 bytes)
6. Igor Kotenko, Mikhail Stepashkin. Network Security Evaluation based on Simulation of Malefactor's Behavior. SECRYPT 2006. International Conference on Security and Cryptography. Proceedings. Portugal. 7-10 August 2006. P.339-344.
   Secrypt-06-Cover.jpg [image/jpeg] (339392 bytes)
   Secrypt-06-Paper.pdf [application/pdf] (1171216 bytes)
7. Igor Kotenko, Mikhail Stepashkin. Analyzing network security using malefactor action graphs. IJCSNS International Journal of Computer Science and Network Security, Vol.6 No.6, June 2006. P.226-235. ISSN: 1738-7906.
   IJCSNS-06-06-Cover.jpg [image/jpeg] (235118 bytes)
   IJCSNS-06-06-Paper.pdf [application/pdf] (378933 bytes)
8. Igor Kotenko, Mikhail Stepashkin. Attack Graph based Evaluation of Network Security. The 10th IFIP Conference on Communications and Multimedia Security. CMS'2006. Heraklion, Greece. 19 - 21 October 2006. 2006. Proceedings. Lecture Notes in Computer Science, Vol. 4237, 2006. P.216-227.
   CMS-06-LNCS-4237-Cover.jpg [image/jpeg] (384830 bytes)
   CMS-06-LNCS-4237-Paper.pdf [application/pdf] (429758 bytes)
9. Mikhail Stepashkin, Igor Kotenko. Technique of the analysis of computer network security based on modelling of the actions of internal and external infringers. Proceedings of ХV All-Russian Conference "Methods and technical tools of information assurance". June 26-28, 2006. St. Petersburg, SPbSPU. 2006. P.121. (in Russian).
10. Igor Kotenko, Mikhail Stepashkin, Vitaly Bogdanov. Evaluation of security level of computer networks on the basis of attack graph construction. Sixth International Scientific School "Modelling and Analysis of Safety and Risk in Complex Systems" (MASR - 2006), St. Petersburg, July 4-8, 2006. P.150-154. (in Russian).
11. Igor Kotenko, Mikhail Stepashkin, Rafael Yusupov. Mathematical Models, Methods and Architectures for Computer Networks Security: the State-of-the-art Review of Perspective Directions of Research by Results of International Workshop MMM-ACNS-2005. Proceedings of SPIIRAS, Issue 3, Vol.2. St. Petersburg, Nauka, 2006. P.11-29. (in Russian).
12. Igor Kotenko, Mikhail Stepashkin, Vitaly Bogdanov. Evaluating Security of Computer Networks based on Attack Graphs and Qualitative Security Metrics. Proceedings of SPIIRAS, Issue 3, Vol.2. St. Petersburg, Nauka, 2006. P.30-49. (in Russian).
13. Igor Kotenko, Mikhail Stepashkin. Models of actions of hackers-malefactors realizing distributed multistage attacks. NCAI-2006. X National Conference on Artificial Intelligence with International Participation. Proceedings. Vol. 2. Moscow, Fizmatlit, 2006. P.617-625. ISBN: 5-9221-0757-7. (in Russian).
    inside-zi.5-Cover.jpg [image/jpeg] (410110 bytes)
    inside-zi.5-Paper.pdf [application/pdf] (1110624 bytes)
14. Mikhail Stepashkin, Igor Kotenko, Vitaly Bogdanov. Intelligent system of computer network security analysis. NCAI-2006. X National Conference on Artificial Intelligence with International Participation. Proceedings. Vol. 1. Moscow, Fizmatlit, 2006. P.149-157. ISBN: 5-9221-0757-7. (in Russian).
    NCAI-06-A-Stepashkin.pdf [application/pdf] (7539 bytes)
    NCAI-06-Cover.jpg [image/jpeg] (261448 bytes)
    NCAI-06-Stepashkin.pdf [application/pdf] (347385 bytes)
15. Igor Kotenko, Mikhail Stepashkin, Vitaly Bogdanov. The models and technique of intelligent evaluation of computer networks security level. Proceedings of International Conferences "Intelligent systems (AIS'06)" and "Intelligent CAD (CAD-2006)". Moscow, Fizmatlit, 2006. P.321-328. ISBN: 5-9221-0686-4. (in Russian).
    AIS-06-A-Kotenko1.pdf [application/pdf] (7871 bytes)
    AIS-06-Cover.jpg [image/jpeg] (200919 bytes)
    AIS-06-Kotenko-paper.pdf [application/pdf] (238483 bytes)
16. Vitaly Bogdanov, Igor Kotenko, Mikhail Stepashkin. A proactive approach to security policy monitoring in computer networks. The Firth All-Russian scientific Conference "Mathematics and Security of Information Technologies" (MSIT-06). Moscow, Lomonosov Moscow State University, 2006. (in Russian).
17. Mikhail Stepashkin, Igor Kotenko, Vitaly Bogdanov. Computer network security estimation on the basis of attack graphs analysis. The Firth All-Russian scientific Conference "Mathematics and Security of Information Technologies" (MSIT-06). Moscow, Lomonosov Moscow State University, 2006. (in Russian).

2005

1. I.V.Kotenko, M.V.Stepashkin. Use of deception information systems for protection of information resources of computer networks. Problems of information security. Computer systems. 2005, №. 1, P.63-73. (in Russian).
2. I.V.Kotenko, M.V.Stepashkin. Imitation models for security level evaluation of information systems at their design stage. IV Inter-regional Conference "Information Security of Russia Regions" ("ISRR-2005"). June 14-16, 2005. Proceedings. St.Petersburg, 2005. P.63-64. (in Russian).
3. M.V.Stepashkin, I.V.Kotenko. The testbed of checking decisions on information protection in computer networks. IV Inter-regional Conference "Information Security of Russia Regions" ("ISRR-2005"). June 14-16, 2005. Proceedings. St.Petersburg, 2005. P.77-78. (in Russian).
4. I.V.Kotenko, M.V.Stepashkin. Intelligent system for analyzing computer networks security at various stages of life cycle. Proceedings of International Conferences "Artificial Intelligence Systems" (IEEE AIS'05)" and "Intelligent CAD" (CAD-2005). Мoscow, Fizmatlit, 2005. Vol.1. P.231-237. (in Russian).
5. I.Kotenko, M.Stepashkin. Analyzing Vulnerabilities and Measuring Security Level at Design and Exploitation Stages of Computer Network Life Cycle. Lecture Notes in Computer Science, Springer-Verlag, V.3685. The Third International Workshop "Mathematical Methods, Models and Architectures for Computer Networks Security" (MMM-ACNS-05). September 24-28, 2005, St. Petersburg, Russia. P. 317-330.
6. V.S.Bogdanov, I.V.Kotenko, M.V.Stepashkin. The active security analysis of computer networks. Methods and tools of information assurance. Proceedings of ХIV All-Russian scientific and technical conference. October 4-6, 2005. St. Petersburg, SPbSPU. 2005. P.95. (in Russian).
7. M.V.Stepashkin, V.S.Bogdanov, I.V.Kotenko. Subsystem of the passive analysis of computer networks security. Methods and tools of information assurance. Proceedings of ХIV All-Russian scientific and technical conference. October 4-6, 2005. St. Petersburg, SPbSPU. 2005. P.100. (in Russian).
8. M.V.Stepashkin, I.V.Kotenko, V.S.Bogdanov Imitation of attacks for the active vulnerabilities analysis of computer networks. The second All-Russian scientific-practical conference on imitation modelling and its application in science and industry "Imitation modelling. Theory and practice". IMMOD-2005. Proceedings. Vol.1. St.Petersburg, October 19-21, 2005. P.269-273. (in Russian).
9. I.V.Kotenko, M.V.Stepashkin, V.S.Bogdanov. Model of attacks for imitating malefactor's actions in security analysis system for computer networks. IV Inter-regional Conference "Information Security of Russia Regions". Selected papers proceedings. St.Petersburg, 2005. (in Russian).

2004

1. I.V.Kotenko, M.V. Stepashkin. The prototype of deception system simulator: architecture and scripts of carrying out of experiments. III Inter-regional Conference "Information Security of Russia Regions". Proceedings. St.Petersburg. 2004. P.68-73. (in Russian).
2. M.V.Stepashkin, I.V. Kotenko Analysis of attributes of network connections and operational system logs for intrusion detection. IX International Conference "Regional informatics-2004", St. Petersburg, Proceedings. SPb., 2004. P.152-153. (in Russian).
3. I.V.Kotenko, M.V. Stepashkin. Monitoring of users work in computer networks. IX International Conference "Regional informatics-2004", St. Petersburg, Proceedings. SPb., 2004. P.136-137. (in Russian).
4. I.V.Kotenko, M.V.Stepashkin Deception systems for protection of information resources in computer networks. Proceedings of SPIIRAS, Issue 2. SPb., SPIIRAS, 2004 (in Russian).
5. I.V.Kotenko, M.V. Stepashkin. Intelligent deception systems for information security in computer networks. Proceedings of International Conferences "Artificial Intelligence Systems" (IEEE AIS'04)" and "Intelligent CAD" (CAD-2004). Divnomorskoe, September 3-10, 2004. P.204-209. (in Russian).
6. I.V.Kotenko, M.V.Stepashkin, D.U.Mihailov. System of collection, analysis and storage of data for users work audit. Proceedings of ХI Russian Conference "Methods and tools of information assurance". St. Petersburg, SPbSPU. October 4-5, 2004. P.124. (in Russian).
7. I.V.Kotenko, M.V.Stepashkin Recognition of goals and plans of malefactors at detecting computer attacks. Proceedings of ХI Russian Conference "Methods and tools of information assurance". St. Petersburg, SPbSPU. October 4-5, 2004. P.97. (in Russian).

2003

1. I.Kotenko, M.Stepashkin. Intelligent system for simulating attacks on Web-server for computer systems vulnerabilities analysis. Proceedings of International Conference on Soft Computing and Measurements (SMC'2003). St. Petersburg, Russia, June 25 - 27, 2003, P.298-301. (in Russian).
2. V.Gorodetsky, O.Karsaev, I.Kotenko, V.Samoilov, M.Stepashkin. Multi-agent system of intrusion detection learning. Proceedings of III Inter-regional Conference "Information Security of Russia Regions", Vol.1. St. Petersburg, November 25-27, 2003. (in Russian).
3. I.Kotenko, M.Stepashkin. Prototype of honeypot system. Proceedings of ХI Russian Conference "Methods and tools of information assurance". St. Petersburg, SPbSPU,. November 26-27, 2003. (in Russian).

Top