DEVELOPMENT OF A MODEL FOR CHOOSING STRATEGIES FOR INVESTING IN INFORMATION SECURITY

Providing information security (IS) is a complex and costly task. In addition to costly investments, there are some contradictions to be resolved. First, there is a contradiction between the availability of information resources (IR) and the required degree of protection. This is especially true for distributed computing systems (DCS). Second, the over-expansion of information protection tools leads to a decrease in the ease of IR use. Third, it is a contradiction of the interests of the party operating the IS tools, focused on the predictable parameters of the efficiency of IS systems and companies that develop hardware and software solutions for IS. It is no secret that a series of manufacturers in the field of IS actively advertise the innovation of their solutions. As a result, the user a priori overpays for excess functionality or is forced to constantly increase the performance of the systems, adapting them to the requirements of developers. The increase in the scale and number of successful cyberattacks [1], the growing rate of computer crime, have become a global trend. The objective need to address the multi-criteria optimization task to manage resources allocated to information security is such acute that decision-makers (DMs) are forced to act in dynamically complex situations. Such situations are caused by the ever-changing landscape of cyber threats, the increasing complexity of cyberattacks, the variability of scenarios used by the attacker to carry out attacks, etc. In a dynamically changing situation, the side of the protection of various objects of information (OBI) has to make difficult decisions, which, in general, can be characterized by the following features. First, in order to achieve the goals of IS, the defense side has to take many decisions (for example technical, organizational, financial, etc.). And each of these decisions must be seen in the context of the rest. Second, decisions made to provide OBI IS are almost always dependent on each other. Such solutions are interconnected (for example, communication can be direct, stochastic, indirect, etc.). Third, the external environment of OBI can change under the influence of both external factors, for example, with the general decline in protection due to targeted attacks, and as a result of decisions made. Under such conditions, the complexity of the multicriteria optimization task of resource How to Cite: Lakhno, V., Malyukov, V., Akhmetov, B., Kasatkin, D., Plyska, L. (2021). Development of a model for


Introduction
Providing information security (IS) is a complex and costly task. In addition to costly investments, there are some contradictions to be resolved. First, there is a contradiction between the availability of information resources (IR) and the required degree of protection. This is especially true for distributed computing systems (DCS). Second, the over-expansion of information protection tools leads to a decrease in the ease of IR use. Third, it is a contradiction of the interests of the party operating the IS tools, focused on the predictable parameters of the efficiency of IS systems and companies that develop hardware and software solutions for IS. It is no secret that a series of manufacturers in the field of IS actively advertise the innovation of their solutions. As a result, the user a priori overpays for excess functionality or is forced to constantly increase the performance of the systems, adapting them to the requirements of developers. The increase in the scale and number of successful cyberattacks [1], the growing rate of computer crime, have become a global trend. The objective need to address the multi-criteria optimization task to manage resources allocated to information security is such acute that decision-makers (DMs) are forced to act in dynamically complex situations. Such situations are caused by the ever-changing landscape of cyber threats, the increasing complexity of cyberattacks, the variability of scenarios used by the attacker to carry out attacks, etc. In a dynamically changing situation, the side of the protection of various objects of information (OBI) has to make difficult decisions, which, in general, can be characterized by the following features. First, in order to achieve the goals of IS, the defense side has to take many decisions (for example technical, organizational, financial, etc.). And each of these decisions must be seen in the context of the rest. Second, decisions made to provide OBI IS are almost always dependent on each other. Such solutions are interconnected (for example, communication can be direct, stochastic, indirect, etc.). Third, the external environment of OBI can change under the influence of both external factors, for example, with the general decline in protection due to targeted attacks, and as a result of decisions made. Under such conditions, the complexity of the multicriteria optimization task of resource

This paper has proposed a model of the computational core for the decision support system (DSS) when investing in the projects of information security (IS) of the objects of informatization (OBI). Including those OBI that can be categorized as critically important. Unlike existing solutions, the proposed model deals with decision-making issues in the ongoing process of investing in the projects to ensure the OBI IS by a group of investors. The calculations were based on the bilinear differential quality games with several terminal surfaces. Finding a solution to these games is a big challenge. It is due to the fact that the Cauchy formula for bilinear systems with arbitrary strategies of players, including immeasurable functions, cannot be applied in such games. This gives grounds to continue research on finding solutions in the event of a conflict of multidimensional objects. The result was an analytical solution based on a new class of bilinear differential games. The solution describes the interaction of objects investing in OBI IS in multidimensional spaces. The modular software product "Cybersecurity Invest decision support system" (Ukraine) for the Windows platform is described. Applied aspects of visualization of the results of calculations obtained with the help of DSS have been also considered. The Plotly library for the Python algorithmic language was used to visualize the results. It has been shown that the model reported in this work can be transferred to other tasks related to the development of DSS in the process of investing in high-risk projects, such as information technology, cybersecurity, banking, etc.
Keywords: Smart City, optimal funding strategies, decision support, Python, Plotly library management by the side that ensures OBI IS is determined by the multidimensional composition of the information protection tools (IPT) and the complexity of the distributed OBI computing structures. It is obvious that the potential of intelligent decision-making support systems (hereafter DSS) needs to be harnessed in the process of solving such a problem. Such modular [2,3] or clustered [4] DSS in OBI IS management tasks can be used as a set of interconnected systems. Such DSSs are usually based on synergistic ensembles of methods and models. One such ensemble of methods and models is extremely important in the sub-task of OBI IS management such as the task of finding a rational strategy for investing in information protection tools for a distributed computing system (DCS) of OBI. Indeed, DM needs to prioritize the investment of financial resources (FR) in such areas of development of the DCS IS as [5,6]: 1) ensuring the cyber-resilience of OBI; 2) innovative technologies in the tasks of monitoring the risk indicators of the implementation of information threats and ensuring the required level of OBI IS; 3) IS culture; 4) IS of the DCS infrastructure or OBI in general; 5) safety of applied software (SW); 6) security of data processing technologies; 7) other. Note that, as shown in [6,7], innovations are not always beneficial in the specialized segment of the IS products and services market. Advances in the field of IS are most often the result of investments in the development and acquisition of new knowledge, the development of ideas to update the composition of IS systems.
The innovative process in the field of IS is based on a complex system of mutually agreed and interconnected activities. In addition, the resources available to investors are important: financial, organizational, scientific, technological, manufacturing, organizational.
Thus, innovative projects in the field of IS can be categorized as a set of mutually agreed goals and programs aimed at improving the effectiveness of the IS system of a particular OBI.
It is noted in [8] that the probability of losses arising from the wrong strategy of investing the company's financial resources in IS is quite high. Although it remains a fact that the field of IS by its nature does not have to be overly innovative.
A successful solution to the task of choosing a rational strategy to invest in the information security of OBI has become the basis for a successful business. This is particularly evident in the experience of successful IS deployment projects for innovative companies. However, it is not enough to have sufficient financial resources (FR) to implement OBI IS projects. It is also necessary to have a toolset to predict and evaluate the options of strategies for investing FR in the project. As noted above, effective support for solutions in such projects is not complete without the use of IT, and, specifically, DSS. The computational core of such DSS takes on all the routine work of finding analytical solutions to multicriteria optimization tasks. For example, in the context of the problem considered, it is possible to constructively define rational strategies for the allocation of FR to complex OBI IS projects.
With the help of the intellectualized DSS, it is easier for DM to determine which of these or other areas of IS [8,9] is a higher priority for the investment of FR during the forecast assessment. Note that in fact in such situations the rate of return of the invested FR for the defense side will be different. All of the above dictates the need to intellectualize the search for rational strategies for investing in such complex projects as ensuring the information security of the object of informatization. And, without the appropriate computer support to make such risky decisions, DM may find it difficult to manage them.

Literature review and problem statement
In paper [10], the authors note that not all innovations positively affect the market for investment in the development of IS hardware and software. This leads to disagreements among experts about their expediency. Which is a definite drawback of this approach.
Paper [11] notes that IS investment projects can be seen as a system of interconnected goals and programs on IS. The system approach is an advantage of this approach. However, this statement was not further developed in the cited paper.
It is shown in [12] that achieving a predefined level of OBI IS depends on the successful solution to a whole range of tasks: financial, design, manufacturing, organizational, research, commercial, etc. Systemic character is undoubtedly the advantage of this approach. However, the paper does not provide an estimate of the potential of using DSS in such tasks related to the field of IS.
The GL model, proposed in works [13,14], has become one of the main models used to evaluate investments in OBI IS. However, the GL model, and its modifications [15,16], exclude the possibility of considering real mechanisms for taking into consideration the interests of investors in the formation of the structure of the IS system. This significantly limits the practical aspects of the application of the model and the objectivity of the findings.
The theoretical aspects of mathematical support for decision-making in the course of choosing a rational strategy for investing in IS are considered in [17,18]. However, these works do not describe the software implementation of those models. This makes it difficult to put the models reported in those works into practice.
It is noted in [19] that the category of software products such as DSS and expert systems (ES) facilitates the task of finding rational strategies for investors in the field of IS. The authors do not give specific examples of the use of such systems in practice.
Work [20] analyzes different approaches in terms of the mathematical apparatus used in such models. However, the work does not address examples of these models being implemented in practice.
The authors of [21] describe the application of classical economic and mathematical models. However, in most situations related to investment appraisal, these models do not take into account many parameters of investing in complex projects in the field of OBI IS.
The DSS to select investor strategies were analyzed in [22]. It is shown that the main drawback of such software products is low informative results. In addition, it is difficult to assess the prospects of investment projects and options for investors in the field of OBI IS.
It is shown in [23] that there is no universal method of multicriteria optimization of the distribution of FR allocated for the construction of the contours of the IS distributed computing systems for OBI. This means that the solutions identified by the task, the computational core of the DSS, must include an ensemble of models.
That has predetermined the relevance of the development of new models and software products in the DSS segment in the task of evaluating investor strategies for the IS of specific OBI. The software product being developed would be able to support decision-making procedures as they search for rational strategies for continuous investment by a group of investors in complex infrastructure projects related to the IS of OBI distributed computing systems.

The aim and objectives of the study
The aim of this study is to develop a model for a DSS computational core used in the process of selecting strategies for investing in information security.
To accomplish the aim, the following tasks have been set: -to find the best strategies for investors and their sets of preferences in a bilinear differential quality game with several terminal surfaces for the procedure of investing in information security; to perform computer simulation of the selection of strategy to invest in the information security of an object of informatization.

Materials and methods to study strategies for investing in information security
The following research methods were used: game theory methods to synthesize new models of the computational core for a decision support system in order to select a rational financial strategy for investing in the information security of objects of informatization; methods of dealing with bilinear differential quality games with multiple terminal surfaces in order to find areas of investor preference.
The practical implementation of the proposed model is based on the paradigm of object-oriented programming when implementing the modular software product "Cybersecurity Invest decision support system" (Ukraine) for the Windows platform. In addition, the visualization of the results obtained using DSS to describe the interaction of objects in multidimensional spaces was performed on the basis of the Plotly library for the Python algorithmic language.

1. Finding investor strategies based on the bilinear differential quality games with multiple terminal surfaces
Problem statement. Two groups of investors (players) manage a dynamic system in multidimensional spaces. Groups of players have different strategies in their approach to investing in OBI IS. For example, one group acts based on prioritizing the paradigm of innovation in IS systems for OBI. At the same time, new and new hardware is needed.
The second group justifies more pragmatic approaches. This approach of investors assumes the investment of financial resources in IS systems, which do not suffer from excessive demands on system resources. The dynamic system (DS) is set by a totality of bilinear differential equations with dependent movements. The sets of strategies (U) and (V) of player groups are specified for DS. In addition, the S 0 , F 0 terminal surfaces are defined for DS. The goal of the first group of players (hereafter Inv1) is to bring DS through their management strategies to the terminal surface S 0 . And this should be achieved regardless of the actions of the second group of players (hereafter Inv2). Inv2's goal is to bring DC through its management strategies to the terminal surface F 0 , regardless of Inv1's actions. The problem's statement generates two tasks. This is, respectively, a task on the part of the first ally player and on the part of the second ally [24].
Given the symmetry of the task for allied players, it can only be considered from the perspective of the first ally player.
The solution is to find the sets of the players' initial states. It is also necessary to define their strategies. Strategies would allow the players to bring DS to one or another terminal surface.
Players have certain financial resources (FR) to invest in OBI IS projects. For example, building multi-contour protection of a distributed computing system.
We believe that Inv1 has a set of g(0)=(g 1 (0),…,g n (0)) FR(g i (0) -FR for the development of the i-th IS system for OBI.
On the contrary, Inv2 has p(0)=(p 1 (0),…,p n (0)), (p i (0) -FR for the development of the i-th IS system for OBI, p i (0) is the vector of n-dimensional space with positive elements. These sets determine the predicted, at moment t=0, FR values (hereafter FinR) of the players for each new OBI information security system.
We shall describe the dynamics of change in FinR for the players in the following way: Introduce the following designations: ; .
Then the system of differential equations in the model takes the following form:  If condition (2) is met, we believe that the financing procedure for the IOBI IS project under review has been completed. In this case, Inv2 did not have enough FR to continue the continuous investment procedure. This is, at least, true for one of the IS projects.
If condition (3) is met, we believe that the continuous procedure of investing in IS projects has been also completed. In this case, Inv1 did not have enough FR to continue the continuous investment procedure. This is true, at least for one of the OBI IS projects.
If both conditions (2) and (3) are not met, we believe that the continuous investment procedure for the IS projects of the object of informatization continues.
The process of continuous investment procedure within the framework of the positional differential game scheme with full information was previously considered in works [18,24].
As already noted, due to symmetry, we shall confine ourselves to considering the task from the Inv1 standpoint. The second can be solved in a similar way. Defining the pure strategy and the set of preferences by Inv1 was reported in studies [18,24].
The first task solution is to find the Inv1's "preferred" sets. The optimal strategies for Inv1 are also defined. Similarly, the task is set and solved from the point of view of Inv2.
Let us give the conditions under which the solution to the game is derived. That is, in the process of solving it, it is necessary to find the "preference" sets W 1 and the optimal strategies for Inv1. These conditions could be set by the following matrix inequalities (cases 1-5).
Case 5 -all other variants of the ratios of these matrices' elements.

Let us introduce additional designations.
( ) Considering these designations, for case 1, a set of preferences W 1 is determined as follows: The best strategy for the first player would be ( ) * * . U t E = For all cases except the first, the sets of preferences of the first player (Inv1) and his optimal strategies are found similarly. Similarly, the solution to the problem is found on the part of the second ally player.

2. Computer simulation of selecting the strategy of investing in the information security of an object of informatization
The models described in the previous chapter were implemented in the DSS module "DSS Cybersecurity Invest" (Ukraine), which is designed both for use on a regular PC and for the visualization of the results online through any browser. The bulk of the modules were written in the C# programming language.
The developed "DSS Cybersecurity Invest" DSS consists of several subsystems. The modular architecture of the DSS has allowed it to be implemented in a fairly flexible way. Thus, developers and the operating party have the option, if necessary, to complement the original DSS architecture with new functional modules. The software implementation of the "DSS Cybersecurity Invest" DSS is in the style of the MDI application. Thus, an expert, or another interested person, can simultaneously work with all the windows of a given software product, Fig. 1.
The "DSS Cybersecurity Invest" functional modules enable to solve the following local tasks in supporting decision-making related to multicriteria optimization of OBI IS investment strategies. The purpose of the modules is as follows: Module 1 -The hierarchy analysis method is used in the first phase of the "DSS Cybersecurity Invest" DSS to expertly evaluate specific class information protection systems. The module is based on the application of the T. Saaty method and can be used by experts as an independent software product, and as part of the DSS to choose the best IPT options for DCS nodes.
Module 2 is based on alternative algorithms (linear, modified dynamic programming, genetic, etc.) to determine the active composition of IPT for a DCS node of the object of informatization. The algorithms and related models are described in detail in works [18][19][20][21][22][23][24].
As a result of the operation of modules 1 and 2, an expert working with the "DSS Cybersecurity Invest" DSS would receive the final IPT sample for a DCS node on the right side of the window of module 2.
Module 3 is designed to select a strategy for investing in OBI IS. The model used in a given DSS module is detailed above.
A distinctive feature of this module is the possibility to visualize the results it receives through any browser online.
The calculations were made for investment projects in different options for investment strategies at the Aktau Sea Port (Kazakhstan). The original modeling data are given in Table 1. The calculation results are shown in Table 2. Graphic dependences of the preference set W 1 for the first investor in IS for the cases of 3, 4, and 5 variables are demonstrated in Fig. 2-4. Table 1 Fragment of the original data table  Table 2 Fragment of the table with the results of modeling the area of preference of the first investor and his investment strategy Here, T is the time during which the first player would bring the state of the system to its terminal surface with the data under the corresponding number in the table.
It should be noted that due to the bilinearity of the system of differential equations and the multidimensionality of the considered problem, it is not possible to find the sets of preferences to other approaches for investors.
For 4, 5, and 6 dimensional charts, one can emulate the depth of visualization with the Plotly library for Python by varying colors, size, or shape of markers. The Delta0(P0) parameter describes the value of the first investor's FR spent on bringing a dynamic system to its terminal surface. The points make it possible to determine the set of preferences of a first investor in IS. Here's how it works. As one knows, each point is a component set that characterizes the FR of investors. The component set, which is the first investor's FR, corresponds to a set of the components representing the second investor's FR. There may be several such component sets. Some of these sets, together with the first investor's FR component sets, belong to a set that guarantees the continuation of the process of investing in IS projects. Partbelongs to the set in which a second investor cannot continue investing. Then, by choosing minimum values from these values (for each component), we would get for each FR of the first investor a set, which would belong to the set of preferences of the first investor. In Fig. 3, the light shade of the markers would correspond to the lower Inv2 interest rate for the financial investments and the return on investment share of Inv2 in relation to the Inv1's investments in OBI IS projects. Fig. 4 provides further confirmation of the possibility of graphic interpretation in spaces of greater dimensionality than three. The essence of the interpretation is the same as in Fig. 3.
The size of the marker for Fig. 4 makes it possible to use the visualization of the fifth dimension. We used the markersize parameter of a Scatter3D function for the Plotly library. The markers' shapes are great for visualizing project categories as part of the search for a rational OBI IS strategy. Round markers correspond to the category of projects to develop the security of applied software. Diamond markers are an investment in the security of data processing technologies. Markers in the form of a plus sign (+) -investing in the risk control of the implementation of information threats and providing the required level of OBI IS, etc.
Our simulation results show the effectiveness of the proposed toolkit to solve the task of continuous management of the FR of parties, taking into consideration the multi-factor nature of investment in the OBI IS systems, using Aktau Sea Port as an example.

Discussion of results of modeling the choice of the strategy of investing in the information security of an object of informatization
A discrete-approximation method was used to solve the problem in question [24], which has made it possible to solve it in the case where known approaches, such as the first direct method by Pontryagin [26,27], and the alternative integral method [28][29][30], cannot be applied. This is due to the impossibility of using the Cauchy formula to find a solution to the system of differential equations. Approaches designed to address positional differential games that have built "stable bridges" to find the best strategies for players [27,28] are also not applicable in this task, as it allows any player management, including immeasurable functions that cannot be used in the approaches given in [26,31]. This gives reason for meaningful results in cases where widespread methods do not work.
The graphic interpretation depicting the set of points for the DSS's online charts would be consistent with the investment model, in which it is assumed that a first investor can use the FR determined by the specified sets of these resources. These sets of FR can be determined by the choice of specific investment programs. For example, these may be programs to develop new technologies in the tasks of monitoring the risk indicators of the implementation of information threats and ensuring the required level of OBI IS, etc.
As with Fig. 2, 3, we also gave sets of points that characterize the FR of the first and second investors. The essence of interpretation for Fig. 3 and Fig. 2 remains the same. However, let us repeat that the choice of this method of illustrating the set of preferences by a first investor allows for graphic illustration in spaces of greater dimensionality than three.
You know, it is impossible to use more than three dimensions directly. A workaround has been found for the online platform of the "DSS Cybersecurity Invest" DSS. For 4, 5, and 6 dimensional charts, one can emulate the depth of visualization with the Plotly library for Python by varying colors, size, or shape of markers.
The identified drawback of the model is the fact that the data acquired by the "DSS Cybersecurity Invest" DSS did not always coincide with the actual data when choosing investment strategies in OBI IS. Note that compared to existing models [13-17, 20, 22, 25], the proposed solution improves the predictability for an investor.
The quantitative effect of the developed model is to determine the rational value of resources for the implementation of investment programs in OBI IS.
The qualitative effect is that decision-makers have the opportunity to conclude whether it makes sense to start investing or not, depending on the resources available, both their own and the potential investor.
The core of the mathematical model of mutual investment in OBI IS is the bilinear differential quality game. It should be noted that the methods for solving linear differential games are not applicable to solving such games [26][27][28] as the Cauchy formula is not applicable to finding a solution to the system of bilinear differential equations. In addition, for such games, the methods of solving positional differential games, proposed in [29,30], are not applicable. This statement is true even though the conditions of existence of the value of the game are met here. This is due to the fact that if players use non-measurable management, methods to solve positional games, in this case, are impossible to apply. Our work has found an analytical solution for a multidimensional case, which is very difficult. Usually, the conditions of sufficiency for the existence of the solution to the game are formulated.
It seems promising to further study the presented model of models for solving tasks in the field of investment within the framework of a fuzzy information scheme, for example, industrial, energy, and other sectors of the economy.

1.
A model has been developed for the computing core of DSS in the course of investing in various projects related to the information security of objects of informatization. The model is built on a system of bilinear differential quality games with several terminal surfaces for the task of making a decision during the continuous process of investing in OBI IS projects by a group of investors. An analytical solution has been obtained, which is based on a new class of bilinear differential games, describing the interaction of objects in multidimensional spaces.
2. Computer modeling of the process of choosing strategies for investing in OBI IS has been carried out. The applied aspects of visualization of the results of calculations for the online platform based on the Plotly (Python) library are considered. The resulting solution for the DSS online platform has made it possible, during the computer simulation of investment strategies in OBI IS, to visually describe the procedure of finding rational strategies for groups of investors.