Development of the intelligent decision-making support system to manage cyber protection at the object of informatization

Authors

DOI:

https://doi.org/10.15587/1729-4061.2017.96662

Keywords:

information security, management of information protection, morphological approach, decision support system

Abstract

We proposed an architecture for a protection control system of the object of informatization (OBI) with the subsystem of intelligent support for making decisions on the operational management of cyberprotection. The proposed architecture, in particular, can be used under conditions of the incompleteness of knowledge about the state of OBI protection. We developed a model for the operational management of cyberprotection at OBI and formed a rational complex of protection means. The model is based on the morphological approach. The model allows, taking into account morphological matrices for each of the five proposed perimeters prepared by the intelligent decision-making support system (IDMSS), generation of variants of sets that consider the compatibility of software and hardware tools of information protection. It is proposed to make the choice on the optimal variant of a set for the perimeter using an objective function that maximizes the ratio of the summary indicator "protection of information" to the summary indicator "expenditures". The software is realized and tested under real conditions of IDMSS in the contours for the organizational-technical and operational management of the OBI protection. An improved architecture of IPCS is different from the existing solutions in the possibility of simultaneous optimization of sets of software and hardware tools for the examined perimeters of OBI, for both centralized and decentralized variants for processing the information. In this case, an analysis of the level of protection of OBI is performed in real time. It is proven that the use of the developed IDMSS makes it posible to significantly reduce the planned spending on an information protection system, as well as reduce the time it takes to inform decision-makers about information security incidents.

Author Biographies

Valeriy Lakhno, European University Akademika Vernadskoho blvd., 16 V, Kyiv, Ukraine, 03115

Doctor of Technical Sciences, Associate Professor

Department of Managing Information Security

Yuliia Boiko, National Aviation University Kosmonavta Komarova ave., 1, Kyiv, Ukraine, 03058

Phd, Associate Professor

Department of IT-Security

Andrii Mishchenko, National Aviation University Kosmonavta Komarova ave., 1, Kyiv, Ukraine, 03058

Doctor of Technical Sciences, Professor

Department of technical information security tools 

Valeriy Kozlovskii, National Aviation University Kosmonavta Komarova ave., 1, Kyiv, Ukraine, 03058

Doctor of Technical Sciences, Professor 

Department of technical information security tools 

Oleksandr Pupchenko, European University Akademika Vernadskoho blvd., 16 V, Kyiv, Ukraine, 03115

Postgraduate student

Department of Іnformation Systems and Mathematical Sciences

References

  1. Panaousis, E., Fielder, A., Malacaria, P., Hankin, C., Smeraldi, F. (2014). Cybersecurity Games and Investments: A Decision Support Approach. Decision and Game Theory for Security, 266–286. doi: 10.1007/978-3-319-12601-2_15
  2. Fielder, A., Panaousis, E., Malacaria, P., Hankin, C., Smeraldi, F. (2016). Decision support approaches for cyber security investment. Decision Support Systems, 86, 13–23. doi: 10.1016/j.dss.2016.02.012
  3. Chang, L.-Y., Lee, Z.-J. (2013). Applying fuzzy expert system to information security risk Assessment – A case study on an attendance system. 2013 International Conference on Fuzzy Theory and Its Applications (iFUZZY). doi: 10.1109/ifuzzy.2013.6825462
  4. Atymtayeva, L., Kozhakhmet, K., Bortsova, G. (2014). Building a Knowledge Base for Expert System in Information Security. Advances in Intelligent Systems and Computing, 57–76. doi: 10.1007/978-3-319-05515-2_7
  5. Grossklags, J., Christin, N., Chuang, J. (2008). Secure or insure? Proceeding of the 17th International Conference on World Wide Web – WWW ’08. doi: 10.1145/1367497.1367526
  6. Kanatov, M., Atymtayeva, L., Yagaliyeva, B. (2014). Expert systems for information security management and audit. Implementation phase issues. 2014 Joint 7th International Conference on Soft Computing and Intelligent Systems (SCIS) and 15th International Symposium on Advanced Intelligent Systems (ISIS). doi: 10.1109/scis-isis.2014.7044702
  7. Korzhyk, D., Yin, Z., Kiekintveld, C., Conitzer, V., Tamb, M. (2011). Stackelberg vs. Nash in Security Games: An Extended Investigation of Interchangeability, Equivalence, and Uniqueness. Journal of Artificial Intelligence Research, 41, 297–327.
  8. Rees, L. P., Deane, J. K., Rakes, T. R., Baker, W. H. (2011). Decision support for Cybersecurity risk planning. Decision Support Systems, 51 (3), 493–505. doi: 10.1016/j.dss.2011.02.013
  9. Akhmetov, B., Lakhno, V., Boiko, Y., Mishchenko, A. (2017). Designing a decision support system for the weakly formalized problems in the provision of cybersecurity. Eastern-European Journal of Enterprise Technologies, 1 (2 (85)), 4–15. doi: 10.15587/1729-4061.2017.90506
  10. Goztepe, K. (2012). Designing Fuzzy Rule Based Expert System for Cyber Security. International Journal of Information Security Science, 1 (1), 13–19.
  11. Oglaza, A., Laborde, R., Zarate, P. (2013). Authorization Policies: Using Decision Support System for Context-Aware Protection of User's Private Data. 2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications. doi: 10.1109/trustcom.2013.202
  12. Lakhno, V., Kazmirchuk, S., Kovalenko, Y., Myrutenko, L., Zhmurko, T. (2016). Design of adaptive system of detection of cyber-attacks, based on the model of logical procedures and the coverage matrices of features. Eastern-European Journal of Enterprise Technologies, 3 (9 (81)), 30–38. doi: 10.15587/1729-4061.2016.71769
  13. Gamal, M. M., Hasan, B., Hegazy, A. F. (2011). A Security Analysis Framework Powered by an Expert System. International Journal of Computer Science and Security (IJCSS), 4 (6), 505–527.
  14. Ben-Asher, N., Gonzalez, C. (2015). Effects of cyber security knowledge on attack detection. Computers in Human Behavior, 48, 51–61. doi: 10.1016/j.chb.2015.01.039
  15. Ou Yang, Y.-P., Shieh, H.-M., Tzeng, G.-H. (2013). A VIKOR technique based on DEMATEL and ANP for information security risk control assessment. Information Sciences, 232, 482–500. doi: 10.1016/j.ins.2011.09.012
  16. Linda, O., Manic, M., Vollmer, T., Wright, J. (2011). Fuzzy logic based anomaly detection for embedded network security cyber sensor. 2011 IEEE Symposium on Computational Intelligence in Cyber Security (CICS). doi: 10.1109/cicybs.2011.5949392
  17. Mashkina, I. V., Guzairov, M. B., Vasilyev, V. I., Tuliganova, L. R., Konovalov, A. S. (2016). Issues of information security control in virtualization segment of company information system. 2016 XIX IEEE International Conference on Soft Computing and Measurements (SCM). doi: 10.1109/scm.2016.7519715
  18. Gutzwiller, R. S., Hunt, S. M., Lange, D. S. (2016). A task analysis toward characterizing cyber-cognitive situation awareness (CCSA) in cyber defense analysts. 2016 IEEE International Multi-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support (CogSIMA). doi: 10.1109/cogsima.2016.7497780
  19. Lakhno, V. (2016). Creation of the adaptive cyber threat detection system on the basis of fuzzy feature clustering. Eastern-European Journal of Enterprise Technologies, 2 (9 (80)), 18–25. doi: 10.15587/1729-4061.2016.66015
  20. Burger, E. W., Goodman, M. D., Kampanakis, P., Zhu, K. A. (2014). Taxonomy Model for Cyber Threat Intelligence Information Exchange Technologies. Proceedings of the 2014 ACM Workshop on Information Sharing & Collaborative Security – WISCS ’14. doi: 10.1145/2663876.2663883
  21. Al-Jarrah, O., Arafat, A. (2014). Network Intrusion Detection System using attack behavior classification. 2014 5th International Conference on Information and Communication Systems (ICICS). doi: 10.1109/iacs.2014.6841978
  22. Lahno, V. (2014). Protection of information in critical application data processing systems. MEST Journal, 2 (2), 102–112. doi: 10.12709/mest.02.02.02.11
  23. Shin, J., Son, H., Khalil ur, R., Heo, G. (2015). Development of a cyber security risk model using Bayesian networks. Reliability Engineering & System Safety, 134, 208–217. doi: 10.1016/j.ress.2014.10.006
  24. Tosh, D., Sengupta, S., Kamhoua, C., Kwiat, K., Martin, A. (2015). An evolutionary game-theoretic framework for cyber-threat information sharing. 2015 IEEE International Conference on Communications (ICC). doi: 10.1109/icc.2015.7249499
  25. Hwang, J., Syamsuddin, I. (2009). Information Security Policy Decision Making: An Analytic Hierarchy Process Approach. 2009 Third Asia International Conference on Modelling & Simulation. doi: 10.1109/ams.2009.49

Downloads

Published

2017-04-21

How to Cite

Lakhno, V., Boiko, Y., Mishchenko, A., Kozlovskii, V., & Pupchenko, O. (2017). Development of the intelligent decision-making support system to manage cyber protection at the object of informatization. Eastern-European Journal of Enterprise Technologies, 2(9 (86), 53–61. https://doi.org/10.15587/1729-4061.2017.96662

Issue

Vol. 2 No. 9 (86) (2017): Information and controlling system

Section

Information and controlling system

License

Copyright (c) 2017 Valeriy Lakhno, Yuliia Boiko, Andrii Mishchenko, Valeriy Kozlovskii, Oleksandr Pupchenko

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

The consolidation and conditions for the transfer of copyright (identification of authorship) is carried out in the License Agreement. In particular, the authors reserve the right to the authorship of their manuscript and transfer the first publication of this work to the journal under the terms of the Creative Commons CC BY license. At the same time, they have the right to conclude on their own additional agreements concerning the non-exclusive distribution of the work in the form in which it was published by this journal, but provided that the link to the first publication of the article in this journal is preserved.

A license agreement is a document in which the author warrants that he/she owns all copyright for the work (manuscript, article, etc.).
The authors, signing the License Agreement with TECHNOLOGY CENTER PC, have all rights to the further use of their work, provided that they link to our edition in which the work was published.
According to the terms of the License Agreement, the Publisher TECHNOLOGY CENTER PC does not take away your copyrights and receives permission from the authors to use and dissemination of the publication through the world's scientific resources (own electronic resources, scientometric databases, repositories, libraries, etc.).
In the absence of a signed License Agreement or in the absence of this agreement of identifiers allowing to identify the identity of the author, the editors have no right to work with the manuscript.
It is important to remember that there is another type of agreement between authors and publishers – when copyright is transferred from the authors to the publisher. In this case, the authors lose ownership of their work and may not use it in any way.