Designing a decision support system for the weakly formalized problems in the provision of cybersecurity

Authors

DOI:

https://doi.org/10.15587/1729-4061.2017.90506

Keywords:

decision support system, cybersecurity, weakly formalized problems, interpretation of situation

Abstract

We devised a decision support system (DSS) for the weakly formalized problems of information protection and the provision of cybersecurity at the informatization objects. The system is based on the models that describe the tasks of information safety and cyberprotection in the conceptual and functional aspects. We described the process of compiling a knowledge base of DSS for the circumstances related to the detection of hard-to-explain attributes of anomalies and attacks. The DSS "Decision Support System of Management protection of information – DMSSCIS", which we designed, makes it possible to improve understanding of the analyzed situations that occur in the process of cyberprotection of mission critical computer systems. While tested at the enterprises, it was established that the "DMSSCIS" system enabled effective visualization and interpretation of results of current assessment of the revealed hard-to-explain attributes of anomalies and cyberattacks, as well as allowed us to describe current situation in the course of multistage targeted cyberattacks. It was established that the application of DSS "DMSSCIS" in the interaction with other systems for the intelligent recognition of illegitimate interference in the computer systems operations made it possible to improve efficiency of decision making on information security. While testing, it was found that the application of the "DMSSCIS" system allowed reducing the time required to inform persons, responsible for cybersecurity, about the incidents by 6.9–7.2 times. 

Author Biographies

Berik Akhmetov, International Kazakh-Turkish University named after H. A. Yesevi B. Sattarhanov str., 29, Turkistan, Kazakhstan, 161200

PhD, Associate Professor

Department of Computer Engineering

Valeriy Lakhno, European University 16B Academician Vernadskiy Blvd., Kyiv, Ukraine, 03115

Doctor of Technical Sciences, Associate professor

Department of Managing Information Security

Yuliia Boiko, National Aviation University Kosmonavta Komarova ave., 1, Kyiv, Ukraine, 03058

Associate Professor

Department of Information Technology Security

Andrii Mishchenko, National Aviation University Kosmonavta Komarova ave., 1, Kyiv, Ukraine, 03058

Associate Professor

Department of information security protection

References

  1. Petit, J., Shladover, S. (2015). Potential Cyberattacks on Automated Vehicles. IEEE Transactions on Intelligent Transportation Systems, 546–556. doi: 10.1109/tits.2014.2342271
  2. Miao, F., Zhu, Q., Pajic, M., Pappas, G. J. (2016). Coding Schemes for Securing Cyber-Physical Systems Against Stealthy Data Injection Attacks. IEEE Transactions on Control of Network Systems, 1. doi: 10.1109/tcns.2016.2573039
  3. Sawik, T. (2013). Selection of optimal countermeasure portfolio in IT security planning. Decision Support Systems, 55 (1), 156–164. doi: 10.1016/j.dss.2013.01.001
  4. Fielder, A., Panaousis, E., Malacaria, P., Hankin, C., Smeraldi, F. (2016). Decision support approaches for cyber security investment. Decision Support Systems, 86, 13–23. doi: 10.1016/j.dss.2016.02.012
  5. Atymtayeva, L., Kozhakhmet, K., Bortsova, G. (2014). Building a Knowledge Base for Expert System in Information Security, Chapter Soft Computing in Artificial Intelligence of the series Advances in Intelligent Systems and Computing, 270, 57–76. doi: 10.1007/978-3-319-05515-2_7
  6. Gamal, M. M., Hasan, B., Hegazy, A. F. (2011). A Security Analysis Framework Powered by an Expert System, International Journal of Computer Science and Security (IJCSS), 4 (6), 505–527.
  7. Dua S., Du, X. (2016). Data Mining and Machine Learning in Cybersecurity. CRC press, 225. doi: 10.1201/b10867
  8. Buczak, A., Guven, E. (2016). A Survey of Data Mining and Machine Learning Methods for Cyber Security Intrusion Detection, IEEE Communications Surveys & Tutorials, 18 (2), 1153–1176. doi: 10.1109/comst.2015.2494502
  9. Larionov, I. P., Khorev, P. B. (2016). Problemy sozdaniya i osnovnye zadachi ekspertnoy sistemy podderzhki proektirovaniya kompleksnoy sistemy zashchity informatsii. Internet-zhurnal «NAUKOVYEDYENIYE», 8 (2), 1–8. Available at: http://naukovedenie.ru/PDF/117TVN216.pdf
  10. Ben-Asher, N., Gonzalez, C. (2015). Effects of cyber security knowledge on attack detection. Computers in Human Behavior, 48, 51–61. doi: 10.1016/j.chb.2015.01.039
  11. Goztepe, K. (2012). Designing Fuzzy Rule Based Expert System for Cyber Security. International Journal of Information Security Science, 1 (1), 13–19.
  12. Gamal, M., Hasan, B., Hegazy, A. (2011). A Security Analysis Framework Powered by an Expert System. International Journal of Computer Science and Security (IJCSS), 4 (6), 505–527.
  13. Chang, L., Lee, Z. (2013). Applying fuzzy expert system to information security risk Assessment – A case study on an attendance system. International Conference on Fuzzy Theory and Its Applications (iFUZZY), 346–351. doi: 10.1109/ifuzzy.2013.6825462
  14. Kanatov, M., Atymtayeva, L., Yagaliyeva, B. (2014). Expert systems for information security management and audit, Implementation phase issues, Soft Computing and Intelligent Systems (SCIS). Joint 7th International Conference on and Advanced Intelligent Systems, 896–900. doi: 10.1109/scis-isis.2014.7044702
  15. Lee, K.-C., Hsieh, C.-H., Wei, L.-J., Mao, C.-H., Dai, J.-H., Kuang, Y.-T. (2016). Sec-Buzzer: cyber security emerging topic mining with open threat intelligence retrieval and timeline event annotation, Soft Computing, 1–14. doi: 10.1007/s00500-016-2265-0
  16. Pan, S., Morris, T., Adhikari, U. (2015). Developing a Hybrid Intrusion Detection System Using Data Mining for Power Systems. IEEE Transactions on Smart Grid, 6 (6), 3104–3113. doi: 10.1109/tsg.2015.2409775
  17. Lakhno, V., Kazmirchuk, S., Kovalenko, Y., Myrutenko, L., Zhmurko, T. (2016). Design of adaptive system of detection of cyber-attacks, based on the model of logical procedures and the coverage matrices of features. Eastern-European Journal of Enterprise Technologies, 3 (9 (81)), 30–38. doi: 10.15587/1729-4061.2016.71769
  18. Louvieris, P., Clewley, N., Liu, X. (2013). Effects-based feature identification for network intrusion detection, Neurocomputing, 121 (9), 265–273. doi: 10.1016/j.neucom.2013.04.038
  19. Wang, Z., Zhou, X., Yu, Z., He, Y., Zhang, D. (2010). Inferring User Search Intention Based on Situation Analysis of the Physical World. Lecture Notes in Computer Science, 35–51. doi: 10.1007/978-3-642-16355-5_6
  20. Yeremeev, A., Varshavskiy, P., Kurilenko, I. (2012). Modelirovanie vremennykh zavisimostey v intellektualnykh sistemakh podderzhki prinyatiya resheniy na osnove pretsedentov. International Journal «Information technologies and knowledge», 6 (3), 227–239.
  21. Kulinich, A. (2013). Kontseptualnye «karkasy» plokho opredelennykh predmetnykh oblastey. Otkrytye semanticheskie tekhnologii proektirovaniya intellektualnykh system, 135–142.
  22. Puri, C., Dukatz, C. (2015). Analyzing and Predicting Security Event Anomalies: Lessons Learned from a Large Enterprise Big Data Streaming Analytics Deployment. 26th International Workshop on Database and Expert Systems Applications (DEXA), 152–158. doi: 10.1109/dexa.2015.46
  23. Verma, R., Kantarcioglu, M., Marchette, D., Leiss, E., Solorio, T. (2015). Security Analytics: Essential Data Analytics Knowledge for Cybersecurity Professionals and Students, IEEE Security & Privacy, 13 (6), 60–65. doi: 10.1109/msp.2015.121
  24. Razaq, A., Tianfield, H., Barrie, P. (2016). A big data analytics based approach to anomaly detection. Proceedings of the 3rd IEEE/ACM International Conference on Big Data Computing, Applications and Technologies – BDCAT '16, 187–193. doi: 10.1145/3006299.3006317
  25. Perlovsky, L., Shevchenko, O. (2014). Dynamic Logic Machine Learning for Cybersecurity. Cybersecurity Systems for Human Cognition Augmentation, 85–98. doi: 10.1007/978-3-319-10374-7_6

Downloads

Published

2017-02-27

How to Cite

Akhmetov, B., Lakhno, V., Boiko, Y., & Mishchenko, A. (2017). Designing a decision support system for the weakly formalized problems in the provision of cybersecurity. Eastern-European Journal of Enterprise Technologies, 1(2 (85), 4–15. https://doi.org/10.15587/1729-4061.2017.90506

Issue

Vol. 1 No. 2 (85) (2017): Information technology. Industry control systems

Section

Information technology

License

Copyright (c) 2017 Valeriy Lakhno, Berik Akhmetov, Yuliia Boiko, Andrii Mishchenko

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

The consolidation and conditions for the transfer of copyright (identification of authorship) is carried out in the License Agreement. In particular, the authors reserve the right to the authorship of their manuscript and transfer the first publication of this work to the journal under the terms of the Creative Commons CC BY license. At the same time, they have the right to conclude on their own additional agreements concerning the non-exclusive distribution of the work in the form in which it was published by this journal, but provided that the link to the first publication of the article in this journal is preserved.

A license agreement is a document in which the author warrants that he/she owns all copyright for the work (manuscript, article, etc.).
The authors, signing the License Agreement with TECHNOLOGY CENTER PC, have all rights to the further use of their work, provided that they link to our edition in which the work was published.
According to the terms of the License Agreement, the Publisher TECHNOLOGY CENTER PC does not take away your copyrights and receives permission from the authors to use and dissemination of the publication through the world's scientific resources (own electronic resources, scientometric databases, repositories, libraries, etc.).
In the absence of a signed License Agreement or in the absence of this agreement of identifiers allowing to identify the identity of the author, the editors have no right to work with the manuscript.
It is important to remember that there is another type of agreement between authors and publishers – when copyright is transferred from the authors to the publisher. In this case, the authors lose ownership of their work and may not use it in any way.