Designing a decision support system for the weakly formalized problems in the provision of cybersecurity




decision support system, cybersecurity, weakly formalized problems, interpretation of situation


We devised a decision support system (DSS) for the weakly formalized problems of information protection and the provision of cybersecurity at the informatization objects. The system is based on the models that describe the tasks of information safety and cyberprotection in the conceptual and functional aspects. We described the process of compiling a knowledge base of DSS for the circumstances related to the detection of hard-to-explain attributes of anomalies and attacks. The DSS "Decision Support System of Management protection of information – DMSSCIS", which we designed, makes it possible to improve understanding of the analyzed situations that occur in the process of cyberprotection of mission critical computer systems. While tested at the enterprises, it was established that the "DMSSCIS" system enabled effective visualization and interpretation of results of current assessment of the revealed hard-to-explain attributes of anomalies and cyberattacks, as well as allowed us to describe current situation in the course of multistage targeted cyberattacks. It was established that the application of DSS "DMSSCIS" in the interaction with other systems for the intelligent recognition of illegitimate interference in the computer systems operations made it possible to improve efficiency of decision making on information security. While testing, it was found that the application of the "DMSSCIS" system allowed reducing the time required to inform persons, responsible for cybersecurity, about the incidents by 6.9–7.2 times. 

Author Biographies

Berik Akhmetov, International Kazakh-Turkish University named after H. A. Yesevi B. Sattarhanov str., 29, Turkistan, Kazakhstan, 161200

PhD, Associate Professor

Department of Computer Engineering

Valeriy Lakhno, European University 16B Academician Vernadskiy Blvd., Kyiv, Ukraine, 03115

Doctor of Technical Sciences, Associate professor

Department of Managing Information Security

Yuliia Boiko, National Aviation University Kosmonavta Komarova ave., 1, Kyiv, Ukraine, 03058

Associate Professor

Department of Information Technology Security

Andrii Mishchenko, National Aviation University Kosmonavta Komarova ave., 1, Kyiv, Ukraine, 03058

Associate Professor

Department of information security protection


  1. Petit, J., Shladover, S. (2015). Potential Cyberattacks on Automated Vehicles. IEEE Transactions on Intelligent Transportation Systems, 546–556. doi: 10.1109/tits.2014.2342271
  2. Miao, F., Zhu, Q., Pajic, M., Pappas, G. J. (2016). Coding Schemes for Securing Cyber-Physical Systems Against Stealthy Data Injection Attacks. IEEE Transactions on Control of Network Systems, 1. doi: 10.1109/tcns.2016.2573039
  3. Sawik, T. (2013). Selection of optimal countermeasure portfolio in IT security planning. Decision Support Systems, 55 (1), 156–164. doi: 10.1016/j.dss.2013.01.001
  4. Fielder, A., Panaousis, E., Malacaria, P., Hankin, C., Smeraldi, F. (2016). Decision support approaches for cyber security investment. Decision Support Systems, 86, 13–23. doi: 10.1016/j.dss.2016.02.012
  5. Atymtayeva, L., Kozhakhmet, K., Bortsova, G. (2014). Building a Knowledge Base for Expert System in Information Security, Chapter Soft Computing in Artificial Intelligence of the series Advances in Intelligent Systems and Computing, 270, 57–76. doi: 10.1007/978-3-319-05515-2_7
  6. Gamal, M. M., Hasan, B., Hegazy, A. F. (2011). A Security Analysis Framework Powered by an Expert System, International Journal of Computer Science and Security (IJCSS), 4 (6), 505–527.
  7. Dua S., Du, X. (2016). Data Mining and Machine Learning in Cybersecurity. CRC press, 225. doi: 10.1201/b10867
  8. Buczak, A., Guven, E. (2016). A Survey of Data Mining and Machine Learning Methods for Cyber Security Intrusion Detection, IEEE Communications Surveys & Tutorials, 18 (2), 1153–1176. doi: 10.1109/comst.2015.2494502
  9. Larionov, I. P., Khorev, P. B. (2016). Problemy sozdaniya i osnovnye zadachi ekspertnoy sistemy podderzhki proektirovaniya kompleksnoy sistemy zashchity informatsii. Internet-zhurnal «NAUKOVYEDYENIYE», 8 (2), 1–8. Available at:
  10. Ben-Asher, N., Gonzalez, C. (2015). Effects of cyber security knowledge on attack detection. Computers in Human Behavior, 48, 51–61. doi: 10.1016/j.chb.2015.01.039
  11. Goztepe, K. (2012). Designing Fuzzy Rule Based Expert System for Cyber Security. International Journal of Information Security Science, 1 (1), 13–19.
  12. Gamal, M., Hasan, B., Hegazy, A. (2011). A Security Analysis Framework Powered by an Expert System. International Journal of Computer Science and Security (IJCSS), 4 (6), 505–527.
  13. Chang, L., Lee, Z. (2013). Applying fuzzy expert system to information security risk Assessment – A case study on an attendance system. International Conference on Fuzzy Theory and Its Applications (iFUZZY), 346–351. doi: 10.1109/ifuzzy.2013.6825462
  14. Kanatov, M., Atymtayeva, L., Yagaliyeva, B. (2014). Expert systems for information security management and audit, Implementation phase issues, Soft Computing and Intelligent Systems (SCIS). Joint 7th International Conference on and Advanced Intelligent Systems, 896–900. doi: 10.1109/scis-isis.2014.7044702
  15. Lee, K.-C., Hsieh, C.-H., Wei, L.-J., Mao, C.-H., Dai, J.-H., Kuang, Y.-T. (2016). Sec-Buzzer: cyber security emerging topic mining with open threat intelligence retrieval and timeline event annotation, Soft Computing, 1–14. doi: 10.1007/s00500-016-2265-0
  16. Pan, S., Morris, T., Adhikari, U. (2015). Developing a Hybrid Intrusion Detection System Using Data Mining for Power Systems. IEEE Transactions on Smart Grid, 6 (6), 3104–3113. doi: 10.1109/tsg.2015.2409775
  17. Lakhno, V., Kazmirchuk, S., Kovalenko, Y., Myrutenko, L., Zhmurko, T. (2016). Design of adaptive system of detection of cyber-attacks, based on the model of logical procedures and the coverage matrices of features. Eastern-European Journal of Enterprise Technologies, 3 (9 (81)), 30–38. doi: 10.15587/1729-4061.2016.71769
  18. Louvieris, P., Clewley, N., Liu, X. (2013). Effects-based feature identification for network intrusion detection, Neurocomputing, 121 (9), 265–273. doi: 10.1016/j.neucom.2013.04.038
  19. Wang, Z., Zhou, X., Yu, Z., He, Y., Zhang, D. (2010). Inferring User Search Intention Based on Situation Analysis of the Physical World. Lecture Notes in Computer Science, 35–51. doi: 10.1007/978-3-642-16355-5_6
  20. Yeremeev, A., Varshavskiy, P., Kurilenko, I. (2012). Modelirovanie vremennykh zavisimostey v intellektualnykh sistemakh podderzhki prinyatiya resheniy na osnove pretsedentov. International Journal «Information technologies and knowledge», 6 (3), 227–239.
  21. Kulinich, A. (2013). Kontseptualnye «karkasy» plokho opredelennykh predmetnykh oblastey. Otkrytye semanticheskie tekhnologii proektirovaniya intellektualnykh system, 135–142.
  22. Puri, C., Dukatz, C. (2015). Analyzing and Predicting Security Event Anomalies: Lessons Learned from a Large Enterprise Big Data Streaming Analytics Deployment. 26th International Workshop on Database and Expert Systems Applications (DEXA), 152–158. doi: 10.1109/dexa.2015.46
  23. Verma, R., Kantarcioglu, M., Marchette, D., Leiss, E., Solorio, T. (2015). Security Analytics: Essential Data Analytics Knowledge for Cybersecurity Professionals and Students, IEEE Security & Privacy, 13 (6), 60–65. doi: 10.1109/msp.2015.121
  24. Razaq, A., Tianfield, H., Barrie, P. (2016). A big data analytics based approach to anomaly detection. Proceedings of the 3rd IEEE/ACM International Conference on Big Data Computing, Applications and Technologies – BDCAT '16, 187–193. doi: 10.1145/3006299.3006317
  25. Perlovsky, L., Shevchenko, O. (2014). Dynamic Logic Machine Learning for Cybersecurity. Cybersecurity Systems for Human Cognition Augmentation, 85–98. doi: 10.1007/978-3-319-10374-7_6




How to Cite

Akhmetov, B., Lakhno, V., Boiko, Y., & Mishchenko, A. (2017). Designing a decision support system for the weakly formalized problems in the provision of cybersecurity. Eastern-European Journal of Enterprise Technologies, 1(2 (85), 4–15.