Development of the interacting agents behavior scenario in the cyber security system

Authors

DOI:

https://doi.org/10.15587/1729-4061.2019.181047

Keywords:

scenario analysis, scenario modeling, security systems, agent behavior, cybersecurity system

Abstract

The results of modeling and analysis of scenarios of the behavior of interacting agents in conditions of cyber conflict are presented. General approaches to the development of a scenario of the behavior of antagonistic agents are presented. The definition of the scenario is given and the factors determining the scenario of behavior are highlighted. The given scenarios are determined by such factors as the ratio of the capabilities of the attacking and the defending sides, the presence or absence of information exchange between security agents, and the time of switching to a new attack vector. The value of the time of switching to a new attack vector is found, at which the interaction is more stable. This indicates that the reaction of the defense side should not be purely reactive, and the “wait and see” strategy is not always the best. Modeling and analysis of the results were carried out in the conditions of information exchange between agents of the protection system and in the absence of such an exchange. The advantages and disadvantages of this behavior are noted. It is shown that when changing the time of switching to a new attack vector, not only the financial indicators of the activity of the participants in cyber conflict change, but also the nature of the interaction. The value of the time of switching to a new attack vector was found, in which the interaction is more stable, which suggests that the reaction of the defense side should not be purely reactive, and the “wait and see” strategy is not always the best. It is shown how the proposed approach can be used to justify the choice of a strategy for agent behavior in security systems, as well as for economic assessments of countermeasures and their deterrent effect on attackers. The proposed scenarios can be considered as a useful tool for assessing investments in the security of the business process circuit by decision makers

Author Biographies

Oleksandr Milov, Simon Kuznets Kharkiv National University of Economics Nauky аve., 9-А, Kharkiv, Ukraine, 61166

PhD, Associate Professor

Department of Cyber Security and Information Technology

Serhii Yevseiev, Simon Kuznets Kharkiv National University of Economics Nauky аve., 9-А, Kharkiv, Ukraine, 61166

Doctor of Technical Sciences, Senior Researcher

Department of Cyber Security and Information Technology

Volodymyr Aleksiyev, Simon Kuznets Kharkiv National University of Economics Nauky аve., 9-А, Kharkiv, Ukraine, 61166

Doctor of Technical Sciences, Professor

Department of Cyber Security and Information Technology

Polina Berdnik, V. N. Karazin Kharkiv National University Svobody sq., 4, Kharkiv, Ukraine, 61022

PhD

Department of Natural Sciences

Oleksandr Voitko, National University of Defense of Ukraine named after Ivan Chernyakhovsky Povitroflotskiy ave., 28, Kyiv, Ukraine, 03049

PhD, Head of Research Laboratory

Research Laboratory of Information Security Issues

Department of Information Technology and Information Security Employment

Institute of Information Technologies

Valentyn Dyptan, National Defense University of Ukraine named after Ivan Cherniakhovskyi Povitroflotsky ave., 28, Kyiv, Ukraine, 03049

PhD, Associate Professor

Department of Air Force Logistics

Aviation and Air Defense Institute

Yevheniia Ivanchenko, National Aviation University Kosmonavta Komarova аve., 1, Kyiv, Ukraine, 03058

PhD, Associate Professor

Department of Information Technology Security

Maxim Pavlenko, Ivan Kozhedub Kharkiv National Air Force University Sumska str., 77/79, Kharkiv, Ukraine, 61023

Doctor of Technical Sciences, Professor, Head of Department

Department of Mathematical and Software of Automated Control Systems

Anatolii Salii, National Defense University of Ukraine named after Ivan Cherniakhovskyi Povitroflotsky ave., 28, Kyiv, Ukraine, 03049

PhD, Associate Professor, Deputy Head of Institute

Aviation and Air Defense Institute

Serhiy Yarovyy, Ivan Kozhedub Kharkiv National Air Force University Sumska str., 77/79, Kharkiv, Ukraine, 61023

PhD

Department of Combat Use of Radar Armament

References

  1. Kovalev, P. P. (2009). Stsenarniy analiz, metodologicheskie aspekty. Finansy i kredit, 44 (380), 9–13.
  2. Van der Heijden, K., Bradfield, R., Burt, G., Cairns, G., Wright, G. (2002), The Sixth Sense: Accelerating Organizational Learning with Scenarios. Wiley & Sons, 320.
  3. Van Notten, Ph. (2005). Writing on the Wall: Scenario Development in Times of Discontinuity. Dissertation.Com., 228.
  4. Ducot, G., Lubben, G. J. (1980). A typology for scenarios. Futures, 12 (1), 51–57. doi: https://doi.org/10.1016/s0016-3287(80)80007-3
  5. Duncan, N. E., Wack, P. (1994). Scenarios designed to improve decision making. Planning Review, 22 (4), 18–46. doi: https://doi.org/10.1108/eb054470
  6. Godet, M. (1997). Scenarios and Strategies: A Toolbox for Scenario Planning. Conservatoire National des Arts etMetiers (CNAM).
  7. Godet, M., Roubelat, F. (1996). Creating the future: The use and misuse of scenarios. Long Range Planning, 29 (2), 164–171. doi: https://doi.org/10.1016/0024-6301(96)00004-0
  8. Heugens, P. P. M. A. R., van Oosterhout J. (2001). “To boldly go where no man has gone before: integrating cognitive and physical features in scenario studies. Futures, 33 (10), 861–872. doi: https://doi.org/10.1016/s0016-3287(01)00023-4
  9. Rolland, C., Ben Achour, C., Cauvet, C., Ralyté, J., Sutcliffe, A., Maiden, N. et. al. (1998). A proposal for a scenario classification framework. Requirements Engineering, 3 (1), 23–47. doi: https://doi.org/10.1007/bf02802919
  10. Li, X., He, K. (2008). A Unified Threat Model for Assessing Threat in Web Applications. International Journal of Security and its Applications, 2 (3), 25–30.
  11. Li, X., He, K., Feng, Z., Xu, G. (2014). Unified threat model for analyzing and evaluating software threats. Security and Communication Networks, 7 (10), 1454–1466. doi: https://doi.org/10.1002/sec.599
  12. Reznikov, D. O., Makhutov, N. A., Akhmetkhanov, R. S. (2018). Analysis of Terrorist Attack Scenarios and Measures for Countering Terrorist Threats. Probabilistic Modeling in System Engineering. doi: https://doi.org/10.5772/intechopen.75099
  13. Makhutov, N., Baecher, G. (Eds.) (2012). Comparative Analysis of Technological and Intelligent Terrorism Impacts on Complex Technical Systems. Amsterdam: IOS Press BV.
  14. Countering Terrorism: Biological Agents, Transportation Networks, and Energy Systems: Summary of a U.S.-Russian Workshop (2009). Washington: The National Academies Press, 244. doi: https://doi.org/10.17226/12490
  15. Frolov, K. V., Baecher, G. B. (Eds.) (2006). Protection of Civilian Infrastructure from Acts of Terrorism. NATO Security through Science Series. Springer. doi: https://doi.org/10.1007/1-4020-4924-2
  16. Berman, A. F., Nikolaychuk, O. A., Yurin, A. Y. (2012). Intellectual data system for analyzing failures. Journal of Machinery Manufacture and Reliability, 41 (4), 337–343. doi: https://doi.org/10.3103/s1052618812040036
  17. Makhutov, N. A., Reznikov, D. O. (2012). Analysis and ensuring protection of critical infrastructures taking into account risks and limit states. Problemy bezopasnosti i chrezvychaynyh situatsiy, 5, 14–36.
  18. Makhutov, N. A., Reznikov, D. O., Zatsarinny, V. V. (2014). Two types of failure scenarios in complex technical systems. Problemy bezopasnosti i chrezvychaynyh situatsiy, 2, 28–41.
  19. Bezopasnost' Rossii. Pravovye, sotsial'no-ekonomicheskie i nauchnotehnicheskie aspekty. Kosmicheskie sistemy i tehnologii povysheniya bezopasnosti i snizheniya riskov (2017). Moscow: MGOF «Znanie», 608.
  20. Trotsky, D. V., Gorodetsky, V. I. (2009). Scenario–based knowledge model and language for situation assessment and prediction. SPIIRAS Proceedings, 8, 94–127. doi: https://doi.org/10.15622/sp.8.6
  21. Tarakanov, A. (1988). Matrichnyy metod avtomaticheskogo sinteza programm. Izvestiya VUZov. Priborostroenie, 31 (10), 21–25.
  22. Gorodetski, V. I., Tarakanov, A. O. (1996). Matrix Form of Attributive Grammars for Distributed Processing Planning and Control. Intelligent Control, Neurocomputing and Fuzzy Logic, 2.
  23. Milov, O., Yevseiev, S., Ivanchenko, Y., Milevskyi, S., Nesterov, O., Puchkov, O. et. al. (2019). Development of the model of the antagonistic agents behavior under a cyber conflict. Eastern-European Journal of Enterprise Technologies, 4 (9 (100)), 6–19. doi: https://doi.org/10.15587/1729-4061.2019.175978
  24. Milov, O., Voitko, A., Husarova, I., Domaskin, O., Ivanchenko, Y., Ivanchenko, I. et. al. (2019). Development of methodology for modeling the interaction of antagonistic agents in cybersecurity systems. Eastern-European Journal of Enterprise Technologies, 2 (9 (98)), 56–66. doi: https://doi.org/10.15587/1729-4061.2019.164730
  25. Gordon, L. A., Loeb, M. P., Lucyshyn, W., Zhou, L. (2015). The impact of information sharing on cybersecurity underinvestment: A real options perspective. Journal of Accounting and Public Policy, 34 (5), 509–519. doi: https://doi.org/10.1016/j.jaccpubpol.2015.05.001
  26. Gal-Or, E., Ghose, A. (2005). The Economic Incentives for Sharing Security Information. Information Systems Research, 16 (2), 186–208. doi: https://doi.org/10.1287/isre.1050.0053
  27. Gordon, L. A., Loeb, M. P., Lucyshyn, W. (2003). Sharing information on computer systems security: An economic analysis. Journal of Accounting and Public Policy, 22 (6), 461–485. doi: https://doi.org/10.1016/j.jaccpubpol.2003.09.001
  28. Varian, H. (2004). System Reliability and Free Riding. Advances in Information Security, 1–15. doi: https://doi.org/10.1007/1-4020-8090-5_1
  29. Anderson, R., Moore, T. (2006). The Economics of Information Security. Science, 314 (5799), 610–613. doi: https://doi.org/10.1126/science.1130992
  30. Bohme, R., Moore, T. (2009). The Iterated Weakest Link A Model of Adaptive Security Investment. In Workshop on Economics in Information Security.

Downloads

Published

2019-10-18

How to Cite

Milov, O., Yevseiev, S., Aleksiyev, V., Berdnik, P., Voitko, O., Dyptan, V., Ivanchenko, Y., Pavlenko, M., Salii, A., & Yarovyy, S. (2019). Development of the interacting agents behavior scenario in the cyber security system. Eastern-European Journal of Enterprise Technologies, 5(9 (101), 46–57. https://doi.org/10.15587/1729-4061.2019.181047

Issue

Vol. 5 No. 9 (101) (2019): Information and controlling system

Section

Information and controlling system

License

Copyright (c) 2019 Oleksandr Milov, Serhii Yevseiev, Volodymyr Aleksiyev, Polina Berdnik, Oleksandr Voitko, Valentyn Dyptan, Yevheniia Ivanchenko, Maxim Pavlenko, Anatolii Salii, Serhiy Yarovyy

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

The consolidation and conditions for the transfer of copyright (identification of authorship) is carried out in the License Agreement. In particular, the authors reserve the right to the authorship of their manuscript and transfer the first publication of this work to the journal under the terms of the Creative Commons CC BY license. At the same time, they have the right to conclude on their own additional agreements concerning the non-exclusive distribution of the work in the form in which it was published by this journal, but provided that the link to the first publication of the article in this journal is preserved.

A license agreement is a document in which the author warrants that he/she owns all copyright for the work (manuscript, article, etc.).
The authors, signing the License Agreement with TECHNOLOGY CENTER PC, have all rights to the further use of their work, provided that they link to our edition in which the work was published.
According to the terms of the License Agreement, the Publisher TECHNOLOGY CENTER PC does not take away your copyrights and receives permission from the authors to use and dissemination of the publication through the world's scientific resources (own electronic resources, scientometric databases, repositories, libraries, etc.).
In the absence of a signed License Agreement or in the absence of this agreement of identifiers allowing to identify the identity of the author, the editors have no right to work with the manuscript.
It is important to remember that there is another type of agreement between authors and publishers – when copyright is transferred from the authors to the publisher. In this case, the authors lose ownership of their work and may not use it in any way.