Development of scenario modeling of conflict tools in a security system based on formal grammars

Authors

DOI:

https://doi.org/10.15587/1729-4061.2019.184274

Keywords:

scenario modeling, security system, formal grammar, context-free grammar, Backus-Naura form

Abstract

The results of the development of tools for scenario modeling based on formal grammars are presented. The works related to various ways of scenario description in their development systems are analyzed. For the natural language description of scenarios, it is indicated that this approach is sufficiently transparent and understandable for users. However, this approach has several disadvantages for formalizing and unifying scenario description. In particular, the presence of a number of ambiguities in the language makes it impossible for the description to be uniquely interpreted, and as a result, unsuitable for performing formal transformations on the description. The graphical representation of the script is a visual representation of the script. Moreover, the visual representation of the scenario in the form of some automaton model can be estimated as extremely attractive for subsequent multi-agent modeling of its execution. The disadvantage of such scenario description is still the difficulty of performing formal manipulations and the need to switch to a more convenient representation for manipulations. Using formal grammars to describe scenarios is a compromise approach that allows scripts to be described in an unambiguously interpreted form. The formal grammar description is also more familiar to computer language specialists. In addition, there are programs focused on working with formal grammars. The transition from the natural linguistic description of scenarios to its formal representation as a standard description in the Backus-Naura form is shown. The change in the presentation form was made using the example of description of the scenario of behavior of cyber-conflict participants in the security system. The resulting script description was used in the context-free grammar analyzer. The results showed the applicability of the proposed approach and the tools used to describe and verify the description correctness of scenarios related to any subject area

Author Biographies

Oleksandr Milov, Simon Kuznets Kharkiv National University of Economics Nauky аve., 9-А, Kharkiv, Ukraine, 61166

PhD, Associate Professor

Department of Cyber Security and Information Technology

Serhii Yevseiev, Simon Kuznets Kharkiv National University of Economics Nauky аve., 9-А, Kharkiv, Ukraine, 61166

Doctor of Technical Sciences, Senior Researcher

Department of Cyber Security and Information Technology

Andrii Vlasov, Ivan Kozhedub Kharkiv National Air Force University Sumska str., 77/79, Kharkiv, Ukraine, 61023

PhD

Air Force Science Center

Sergey Herasimov, Ivan Kozhedub Kharkiv National Air Force University Sumska str., 77/79, Kharkiv, Ukraine, 61023

Doctor of Technical Sciences, Senior Researcher

Department of Combat Use of Weapons of Air Defense of the Ground Forces

 

Oleh Dmitriiev, Flight Academy of the National Aviation University Dobrovolskoho str., 1, Kropyvnytskyi, Ukraine, 25005

PhD, Head of Department

Department of Flight Operations, Aerodynamics and Flight Dynamics

Maksym Kasianenko, Ivan Chernyakhovsky National Defense University of Ukraine Povitroflotskyi ave., 28, Kyiv, Ukraine, 03049

PhD

Department of Radio Technical and Special Troops

Hennady Pievtsov, Ivan Kozhedub Kharkiv National Air Force University Sumska str., 77/79, Kharkiv, Ukraine, 61023

Doctor of Technical Sciences, Professor, Honored Master of Sciences and Engineering of Ukraine, Deputy Commandant in Charge of Research and Scientific Work

Yevhen Peleshok, Institute of Special Communication and Information Security of National Technical University of Ukraine "Igor Sikorsky Kiev Polytechnic Institute" Verkhnokliuchova str., 4, Kyiv, Ukraine, 03056

PhD, Deputy Head of the Research Center

Yuliia Tkach, Chernihiv National University of Technology Shevchenka str., 95, Chernihiv, Ukraine, 14035

Doctor of Pedagogical Sciences, Associate Professor

Department of Cybersecurity and Mathematical Simulation

Serhii Faraon, Ivan Chernyakhovsky National Defense University of Ukraine Povitroflotskyi ave., 28, Kyiv, Ukraine, 03049

Adjunct

Department of Communications and Automated Control Systems

References

  1. Do Prado Leite, J. C. S., Hadad, G. D. S., Doorn, J. H., Kaplan, G. N. (2000). A Scenario Construction Process. Requirements Engineering, 5 (1), 38–61. doi: https://doi.org/10.1007/pl00010342
  2. Carroll, J. (1995). Introduction: the scenario perspective on system development. Scenario-based design: envisioning work and technology in system development. Wiley, 1–18.
  3. Potts, C. (1995). Using schematic scenarios to understand user needs. Proceedings of the Conference on Designing Interactive Systems Processes, Practices, Methods, & Techniques - DIS’95, 247–256. doi: https://doi.org/10.1145/225434.225462
  4. Booch, G. (1992). Object oriented design with applications. Object-oriented software engineering: a use case driven approach. Addison-Wesley, Reading, MA/ACM Press, New York.
  5. Zorman, L. (1995). Requirements envisaging by utilizing scenarios (Rebus). University of Southern California.
  6. Rolland, C., Ben Achour, C., Cauvet, C., Ralyté, J., Sutcliffe, A., Maiden, N. et. al. (1998). A proposal for a scenario classification framework. Requirements Engineering, 3 (1), 23–47. doi: https://doi.org/10.1007/bf02802919
  7. Weidenhaupt, K., Pohl, K., Jarke, M., Haumer, P. (1998). Scenarios in system development: current practice. IEEE Software, 15 (2), 34–45. doi: https://doi.org/10.1109/52.663783
  8. Ryser, J., Glinz, M. (1999). A Practical Approach to Validating and Testing Software Systems Using Scenarios. Proceeding 3rd International Software Quality Week Europe 1999 QWE'99.
  9. Devillers, F., Donikian, S. (2003). A Scenario Language to orchestrate Virtual World Evolution. SCA '03 Proceedings of the 2003 ACM SIGGRAPH/Eurographics symposium on Computer animation, 265–275.
  10. Godet, M., Roubelat, F. (1996). Creating the future: The use and misuse of scenarios. Long Range Planning, 29 (2), 164–171. doi: https://doi.org/10.1016/0024-6301(96)00004-0
  11. Schwartz, P. (2000). The official future, self-delusion and the value of scenarios. Financial Times, 2.
  12. Steinitz, C., Arias, H., Bassett, S., Flaxman, M., Goode, T., Maddock III, T. et. al. (2003). Alternative Futures for Changing Landscapes: The Upper San Pedro River Basin in Arizona and Sonora. Island Press, New York.
  13. Timpe, C., Scheepers, M. J. (2003). A look into the future: scenarios for distributed generation in Europe. Energy research Centre of the Netherlands ECN.
  14. Maack, J. (2001). Scenario analysis: a tool for task managers. In: Social Development Paper No. 36. Social Analysis: Selected Tools and Techniques. World Bank, Washington, D.C.
  15. Hulse, D. W., Branscomb, A., Payne, S. G. (2004). Envisioning alternatives: using citizen guidance to map future land and water use. Ecological Applications, 14 (2), 325–341. doi: https://doi.org/10.1890/02-5260
  16. Anderson, R., Moore, T. (2006). The Economics of Information Security. Science, 314 (5799), 610–613. doi: https://doi.org/10.1126/science.1130992
  17. Varian, H. (2004). System Reliability and Free Riding. Advances in Information Security, 1–15. doi: https://doi.org/10.1007/1-4020-8090-5_1
  18. Bohme, R., Moore, T. (2009). The iterated weakest link. A model of adaptive security investment. Workshop on the Economics of Information Security (WEIS). Available at: http://weis09.infosecon.net/files/152/paper152.pdf
  19. Gordon, L. A., Loeb, M. P., Lucyshyn, W. (2003). Information security expenditures and real options: A wait-and-see approach. Computer Security Journal 14, 1–7.
  20. Purser, S. A. (2004). Improving the ROI of the security management process. Computers & Security, 23 (7), 542–546. doi: https://doi.org/10.1016/j.cose.2004.09.004
  21. Grossklags, J., Christin, N., Chuang, J. (2008). Secure or insure? Proceeding of the 17th International Conference on World Wide Web - WWW ’08, 209–218. doi: https://doi.org/10.1145/1367497.1367526
  22. Gordon, L. A., Loeb, M. P. (2002). The economics of information security investment. ACM Transactions on Information and System Security, 5 (4), 438–457. doi: https://doi.org/10.1145/581271.581274
  23. Zhang, Y., Fan, X., Wang, Y., Xue, Z. (2008). Attack Grammar: A New Approach to Modeling and Analyzing Network Attack Sequences. 2008 Annual Computer Security Applications Conference (ACSAC). doi: https://doi.org/10.1109/acsac.2008.34
  24. Gorodetski, V., Kotenko, I. (2002). Attacks against Computer Network: Formal Grammar-Based Framework and Simulation Tool. Recent Advances in Intrusion Detection, 219–238. doi: https://doi.org/10.1007/3-540-36084-0_12
  25. Yevseyev, S. P., Dorokhov, A. V. (2011). Information threats and safety in Ukrainian bank payment systems. Kriminologicheskiy zhurnal baykal'skogo gosudarstvennogo universiteta ekonomiki i prava, 2 (16), 68–75.
  26. Milov, A. V., Korol', O. G. (2019). Razrabotka ontologii povedeniya vzimodeystvuyushchih agentov v sistemah bezopasnosti. 4th International Congress on 3D Printing (Additive Manufacturing) Technologies and Digital Industry 2019, 832–842.

Downloads

Published

2019-11-19

How to Cite

Milov, O., Yevseiev, S., Vlasov, A., Herasimov, S., Dmitriiev, O., Kasianenko, M., Pievtsov, H., Peleshok, Y., Tkach, Y., & Faraon, S. (2019). Development of scenario modeling of conflict tools in a security system based on formal grammars. Eastern-European Journal of Enterprise Technologies, 6(9 (102), 53–64. https://doi.org/10.15587/1729-4061.2019.184274

Issue

Vol. 6 No. 9 (102) (2019): Information and controlling system

Section

Information and controlling system

License

Copyright (c) 2019 Oleksandr Milov, Serhii Yevseiev, Andrii Vlasov, Sergey Herasimov, Oleh Dmitriiev, Maksym Kasianenko, Hennady Pievtsov, Yevhen Peleshok, Yuliia Tkach, Serhii Faraon

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

The consolidation and conditions for the transfer of copyright (identification of authorship) is carried out in the License Agreement. In particular, the authors reserve the right to the authorship of their manuscript and transfer the first publication of this work to the journal under the terms of the Creative Commons CC BY license. At the same time, they have the right to conclude on their own additional agreements concerning the non-exclusive distribution of the work in the form in which it was published by this journal, but provided that the link to the first publication of the article in this journal is preserved.

A license agreement is a document in which the author warrants that he/she owns all copyright for the work (manuscript, article, etc.).
The authors, signing the License Agreement with TECHNOLOGY CENTER PC, have all rights to the further use of their work, provided that they link to our edition in which the work was published.
According to the terms of the License Agreement, the Publisher TECHNOLOGY CENTER PC does not take away your copyrights and receives permission from the authors to use and dissemination of the publication through the world's scientific resources (own electronic resources, scientometric databases, repositories, libraries, etc.).
In the absence of a signed License Agreement or in the absence of this agreement of identifiers allowing to identify the identity of the author, the editors have no right to work with the manuscript.
It is important to remember that there is another type of agreement between authors and publishers – when copyright is transferred from the authors to the publisher. In this case, the authors lose ownership of their work and may not use it in any way.