Development of a method for assessing cybernetic security in special-purpose information systems

Authors

DOI:

https://doi.org/10.15587/1729-4061.2020.218158

Keywords:

cybersecurity, artificial intelligence, cyber threats, intelligent systems, information systems

Abstract

A method for assessing cybersecurity in special-purpose information systems was developed. Cybersecurity assessment was performed using decision trees, implemented using “IF-THEN” fuzzy rules, which are considered as common building blocks of the decision tree. This approach allows processing large amounts of data. The use of the decision tree allows increasing evaluation accuracy, is easy to set up and intuitive. Improvement of the efficiency of cybersecurity assessment (error reduction) was achieved using evolving neuro-fuzzy artificial neural networks. Training of evolving neuro-fuzzy artificial neural networks was carried out by learning not only the synaptic weights of the artificial neural network, type, parameters of the membership function, but also by reducing the dimensionality of the feature space. The efficiency of information processing was also achieved through training the architecture of artificial neural networks; taking into account the type of uncertainty of information to be assessed; working with both clear and fuzzy products, and reducing the feature space. This reduces the computational complexity of decision-making and eliminates the accumulation of learning errors of artificial neural networks. The computational complexity of the method is on average 2 million calculations less compared to the known ones, and after 2 epochs, the learning error decreases. Cybersecurity analysis in general occurs due to an advanced clustering procedure that allows working with both static and dynamic data. Testing of the proposed method was carried out. The increase in the efficiency of cybersecurity assessment of about 20–25 % in terms of information processing efficiency was revealed

Author Biographies

Serhii Drozdov, Air Force of Armed Forces of Ukraine Striletska str., 105, Vinnytsia, Ukraine, 21001

PhD, Commander

Yurii Zhuravskyi, Zhytomyr Military Institute named after S. P. Koroliov Myru ave., 22, Zhytomyr, Ukraine, 10004

Doctor of Technical Sciences, Senior Researcher

Scientific Center

Olha Salnikova, Ivan Chernyakhovsky National Defense University of Ukraine Povitrofloski ave., 28, Kyiv, Ukraine, 03049

Doctor of Public Administration Sciences, Senior Researcher, Head of Educational and Research Center

Educational and Research Center of Strategic Communications in the sphere of National Security and Defense

Ruslan Zhyvotovskyi, Central Scientifically-Research Institute of Arming and Military Equipment of the Armed Forces of Ukraine Povitrofloski ave., 28, Kyiv, Ukraine, 03049

PhD, Senior Researcher, Head of Research Department

Research Department of the Development of Anti-Aircraft Missile Systems and Complexes

Elena Odarushchenko, Poltava State Agrarian Academy Skovorody str., 1/3, Poltava, Ukraine, 36003

PhD, Associate Professor

Department of Information Systems and Technologies

Oleksandr Shcheptsov, Institute of Naval Forces of the National University “Odessa Maritime Academy” Hradonachalnytska str., 20, Odessa, Ukraine, 65029

PhD, Head of Department

Department of Weapon

Oleksiy Alekseienko, Ivan Chernyakhovsky National Defense University of Ukraine Povitrofloski ave., 28, Kyiv, Ukraine, 03049

PhD, Associate Professor, Head of Laboratory

Scientific and Innovative Laboratory

Roman Lazuta, Military Institute of Telecommunications and Information Technologies named after Heroiv Krut Moskovsky str., 45/1, Kyiv, Ukraine, 01011

Senior Researcher

Scientific Center

Oleksii Nalapko, Central Scientifically-Research Institute of Arming and Military Equipment of the Armed Forces of Ukraine Povitrofloski ave., 28, Kyiv, Ukraine, 03049

Adjunct

Olha Pikul, National Defense University of Ukraine named after Ivan Cherniakhovskyi Povitrofloski ave., 28, Kyiv, Ukraine, 03049

Institute of Information Technology

References

  1. Bashkyrov, O. M., Kostyna, O. M., Shyshatskyi, A. V. (2015). Rozvytok intehrovanykh system zviazku ta peredachi danykh dlia potreb Zbroinykh Syl. Ozbroiennia ta viyskova tekhnika, 1, 35–39.
  2. Kalantaievska, S., Pievtsov, H., Kuvshynov, O., Shyshatskyi, A., Yarosh, S., Gatsenko, S. et. al. (2018). Method of integral estimation of channel state in the multiantenna radio communication systems. Eastern-European Journal of Enterprise Technologies, 5 (9 (95)), 60–76. doi: https://doi.org/10.15587/1729-4061.2018.144085
  3. Shevchenko, D. (2020). The set of indicators of the cyber security system in information and telecommunication networks of the armed forces of Ukraine. Modern Information Technologies in the Sphere of Security and Defence, 38 (2), 57–62. doi: https://doi.org/10.33099/2311-7249/2020-38-2-57-62
  4. Sokolov, K., Hudyma, O., Tkachenko, V., Shyyatyy, O. (2015). Main directions of creation of IT infrastructure of the Ministry of Defense of Ukraine. Zbirnyk naukovykh prats Tsentru voienno-stratehichnykh doslidzhen Natsionalnoho universytetu oborony Ukrainy imeni Ivana Cherniakhovskoho, 3, 26–30.
  5. Kuchuk, N., Mohammed, A. S., Shyshatskyi, A., Nalapko, O. (2019). The method of improving the efficiency of routes selection in networks of connection with the possibility of self-organization. International Journal of Advanced Trends in Computer Science and Engineering, 8 (1), 1–6. Available at: http://www.warse.org/IJATCSE/static/pdf/file/ijatcse01812sl2019.pdf
  6. Perrine, K. A., Levin, M. W., Yahia, C. N., Duell, M., Boyles, S. D. (2019). Implications of traffic signal cybersecurity on potential deliberate traffic disruptions. Transportation Research Part A: Policy and Practice, 120, 58–70. doi: https://doi.org/10.1016/j.tra.2018.12.009
  7. Wang, J., Neil, M., Fenton, N. (2020). A Bayesian network approach for cybersecurity risk assessment implementing and extending the FAIR model. Computers & Security, 89, 101659. doi: https://doi.org/10.1016/j.cose.2019.101659
  8. Matheu-García, S. N., Hernández-Ramos, J. L., Skarmeta, A. F., Baldini, G. (2019). Risk-based automated assessment and testing for the cybersecurity certification and labelling of IoT devices. Computer Standards & Interfaces, 62, 64–83. doi: https://doi.org/10.1016/j.csi.2018.08.003
  9. Henriques de Gusmão, A. P., Mendonça Silva, M., Poleto, T., Camara e Silva, L., Cabral Seixas Costa, A. P. (2018). Cybersecurity risk analysis model using fault tree analysis and fuzzy decision theory. International Journal of Information Management, 43, 248–260. doi: https://doi.org/10.1016/j.ijinfomgt.2018.08.008
  10. Shyshatskyi, A., Sova, O., Zhuravskyi, Y., Zhyvotovskyi, R., Lyashenko, A., Cherniak, O. et. al. (2020). Development of resource distribution model of automated control system of special purpose in conditions of insufficiency of information on operational development. Technology Audit and Production Reserves, 1 (2 (51)), 35–39. doi: https://doi.org/10.15587/2312-8372.2020.198082
  11. Mohammad, A. (2020). Development of the concept of electronic government construction in the conditions of synergetic threats. Technology Audit and Production Reserves, 3 (2 (53)), 42–46. doi: https://doi.org/10.15587/2706-5448.2020.207066
  12. Bodin, L. D., Gordon, L. A., Loeb, M. P., Wang, A. (2018). Cybersecurity insurance and risk-sharing. Journal of Accounting and Public Policy, 37 (6), 527–544. doi: https://doi.org/10.1016/j.jaccpubpol.2018.10.004
  13. Cormier, A., Ng, C. (2020). Integrating cybersecurity in hazard and risk analyses. Journal of Loss Prevention in the Process Industries, 64, 104044. doi: https://doi.org/10.1016/j.jlp.2020.104044
  14. Hoffmann, R., Napiórkowski, J., Protasowicki, T., Stanik, J. (2020). Risk based approach in scope of cybersecurity threats and requirements. Procedia Manufacturing, 44, 655–662. doi: https://doi.org/10.1016/j.promfg.2020.02.243
  15. Promyslov, V. G., Semenkov, K. V., Shumov, A. S. (2019). A Clustering Method of Asset Cybersecurity Classification. IFAC-PapersOnLine, 52 (13), 928–933. doi: https://doi.org/10.1016/j.ifacol.2019.11.313
  16. Zarreh, A., Saygin, C., Wan, H., Lee, Y., Bracho, A. (2018). A game theory based cybersecurity assessment model for advanced manufacturing systems. Procedia Manufacturing, 26, 1255–1264. doi: https://doi.org/10.1016/j.promfg.2018.07.162
  17. Gerami Seresht, N., Fayek, A. R. (2020). Neuro-fuzzy system dynamics technique for modeling construction systems. Applied Soft Computing, 93, 106400. doi: https://doi.org/10.1016/j.asoc.2020.106400
  18. Folorunso, O., Mustapha, O. A. (2015). A fuzzy expert system to Trust-Based Access Control in crowdsourcing environments. Applied Computing and Informatics, 11 (2), 116–129. doi: https://doi.org/10.1016/j.aci.2014.07.001
  19. Luy, M., Ates, V., Barisci, N., Polat, H., Cam, E. (2018). Short-Term Fuzzy Load Forecasting Model Using Genetic–Fuzzy and Ant Colony–Fuzzy Knowledge Base Optimization. Applied Sciences, 8 (6), 864. doi: https://doi.org/10.3390/app8060864
  20. Salmi, K., Magrez, H., Ziyyat, A. (2019). A Novel Expert Evaluation Methodology Based on Fuzzy Logic. International Journal of Emerging Technologies in Learning (iJET), 14 (11), 160. doi: https://doi.org/10.3991/ijet.v14i11.10280
  21. Allaoua, B., Laoufi, A., Gasbaoui, B., Abderrahmani, A. (2009). Neuro-Fuzzy DC Motor Speed Control Using Particle Swarm Optimization. Leonardo Electronic Journal of Practices and Technologies, 15. Available at: http://lejpt.academicdirect.org/A15/001_018.pdf
  22. Rybak, V. A., Shokr, A. (2016). Analysis and comparison of existing decision support technology. System analysis and applied information science, 3, 12–18.
  23. Hassanzad, M., Orooji, A., Valinejadi, A., Velayati, A. (2017). A fuzzy rule-based expert system for diagnosing cystic fibrosis. Electronic Physician, 9 (12), 5974–5984. doi: https://doi.org/10.19082/5974
  24. Shang, W., Gong, T., Chen, C., Hou, J., Zeng, P. (2019). Information Security Risk Assessment Method for Ship Control System Based on Fuzzy Sets and Attack Trees. Security and Communication Networks, 2019, 1–11. doi: https://doi.org/10.1155/2019/3574675
  25. Safdari, R., Kadivar, M., Nazari, M., Mohammadi, M. (2017). Fuzzy Expert System to Diagnose Neonatal Peripherally Inserted Central Catheters Infection. Health Information Management, 13 (7), 446–452.
  26. Al-Qudah, Y., Hassan, M., Hassan, N. (2019). Fuzzy Parameterized Complex Multi-Fuzzy Soft Expert Set Theory and Its Application in Decision-Making. Symmetry, 11 (3), 358. doi: https://doi.org/10.3390/sym11030358
  27. Koshlan, A., Salnikova, O., Chekhovska, M., Zhyvotovskyi, R., Prokopenko, Y., Hurskyi, T. et. al. (2019). Development of an algorithm for complex processing of geospatial data in the special-purpose geoinformation system in conditions of diversity and uncertainty of data. Eastern-European Journal of Enterprise Technologies, 5 (9 (101)), 35–45. doi: https://doi.org/10.15587/1729-4061.2019.180197
  28. Dudnyk, V., Sinenko, Y., Matsyk, M., Demchenko, Y., Zhyvotovskyi, R., Repilo, I. et. al. (2020). Development of a method for training artificial neural networks for intelligent decision support systems. Eastern-European Journal of Enterprise Technologies, 3 (2 (105)), 37–47. doi: https://doi.org/10.15587/1729-4061.2020.203301
  29. Pievtsov, H., Turinskyi, O., Zhyvotovskyi, R., Sova, O., Zvieriev, O., Lanetskii, B., Shyshatskyi, A. (2020). Development of an advanced method of finding solutions for neuro-fuzzy expert systems of analysis of the radioelectronic situation. EUREKA: Physics and Engineering, 4, 78–89. doi: https://doi.org/10.21303/2461-4262.2020.001353
  30. Zuiev, P., Zhyvotovskyi, R., Zvieriev, O., Hatsenko, S., Kuprii, V., Nakonechnyi, O. et. al. (2020). Development of complex methodology of processing heterogeneous data in intelligent decision support systems. Eastern-European Journal of Enterprise Technologies, 4 (9 (106)), 14–23. doi: https://doi.org/10.15587/1729-4061.2020.208554
  31. Shyshatskyi, A., Zvieriev, O., Salnikova, O., Demchenko, Y., Trotsko, O., Neroznak, Y. (2020). Complex Methods of Processing Different Data in Intellectual Systems for Decision Support System. International Journal of Advanced Trends in Computer Science and Engineering, 9 (4), 5583–5590. doi: https://doi.org/10.30534/ijatcse/2020/206942020
  32. Sova, O., Golub, V., Shyshatskyi, A., Ostapchuk, V., Nalapko, O., Zubrytska, H. (2019). Method of Forecasting the Duration of Data Transmission Routes in Mobile Radio Networks. 2019 IEEE 2nd Ukraine Conference on Electrical and Computer Engineering (UKRCON). doi: https://doi.org/10.1109/ukrcon.2019.8879978
  33. Mamdani, E. H., Assilian, S. (1975). An experiment in linguistic synthesis with a fuzzy logic controller. International Journal of Man-Machine Studies, 7 (1), 1–13. doi: https://doi.org/10.1016/s0020-7373(75)80002-2
  34. Sugeno, M. (1985). Industrial applications of fuzzy control. Elsevier Science Inc., 269.

Downloads

Published

2020-12-31

How to Cite

Drozdov, S., Zhuravskyi, Y., Salnikova, O., Zhyvotovskyi, R., Odarushchenko, E., Shcheptsov, O., Alekseienko, O., Lazuta, R., Nalapko, O., & Pikul, O. (2020). Development of a method for assessing cybernetic security in special-purpose information systems. Eastern-European Journal of Enterprise Technologies, 6(9 (108), 42–52. https://doi.org/10.15587/1729-4061.2020.218158

Issue

Vol. 6 No. 9 (108) (2020): Information and controlling system

Section

Information and controlling system

License

Copyright (c) 2020 Serhii Drozdov, Yurii Zhuravskyi, Olha Salnikova, Ruslan Zhyvotovskyi, Elena Odarushchenko, Oleksandr Shcheptsov, Oleksiy Alekseienko, Roman Lazuta, Oleksii Nalapko, Olha Pikul

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

The consolidation and conditions for the transfer of copyright (identification of authorship) is carried out in the License Agreement. In particular, the authors reserve the right to the authorship of their manuscript and transfer the first publication of this work to the journal under the terms of the Creative Commons CC BY license. At the same time, they have the right to conclude on their own additional agreements concerning the non-exclusive distribution of the work in the form in which it was published by this journal, but provided that the link to the first publication of the article in this journal is preserved.

A license agreement is a document in which the author warrants that he/she owns all copyright for the work (manuscript, article, etc.).
The authors, signing the License Agreement with TECHNOLOGY CENTER PC, have all rights to the further use of their work, provided that they link to our edition in which the work was published.
According to the terms of the License Agreement, the Publisher TECHNOLOGY CENTER PC does not take away your copyrights and receives permission from the authors to use and dissemination of the publication through the world's scientific resources (own electronic resources, scientometric databases, repositories, libraries, etc.).
In the absence of a signed License Agreement or in the absence of this agreement of identifiers allowing to identify the identity of the author, the editors have no right to work with the manuscript.
It is important to remember that there is another type of agreement between authors and publishers – when copyright is transferred from the authors to the publisher. In this case, the authors lose ownership of their work and may not use it in any way.