Development of the space-time structure of the methodology for modeling the behavior of antagonistic agents of the security system

Authors

DOI:

https://doi.org/10.15587/1729-4061.2020.218660

Keywords:

cybersecurity, antagonistic agents, modeling methodology, reflexive agent, multiagent systems, business process contour

Abstract

The rapid development of computer technology, the emergence of modern cyber threats with signs of hybridity and synergy put forward strict requirements for the economic component of national security and especially the processes of ensuring the economy cybersecurity. The cybersecurity industry is trying to meet today's requirements by introducing new and more advanced security technologies and methods, but it is believed that such a universal approach is not enough. The study is devoted to resolving the objective contradiction between the growing practical requirements for an appropriate level of cybersecurity of business process contours while increasing the number and technological complexity of cybersecurity threats. Also the fact that threats acquire hybrid features on the one hand, and imperfection, and sometimes the lack of methodology for modeling the behavior of interacting agents of security systems should be taken into account. However, this does not allow timely prediction of future actions of attackers, and as a result, determining the required level of investment in security, which will provide the required level of cybersecurity.

The paper proposes the Concept of modeling the behavior of interacting agents, the basis of which is a three-level structure of modeling the subjects and business processes of the contours of the organization and security system, based on modeling the behavior of antagonistic agents. The proposed methodology for modeling the behavior of interacting agents, which is based on the Concept of behavior of antagonistic agents, allows assessing and increasing the current level of security by reducing the number of hybrid threats by 1.76 times, which reduces losses by 1.65 times and increases the time for choosing threat counteraction means by reducing the time to identify threats online by 38 %

Author Biographies

Oleksandr Milov, Simon Kuznets Kharkiv National University of Economics Nauky ave., 9-А, Kharkiv, Ukraine, 61166

PhD, Professor

Department of Cyber Security and Information Technology

Andrii Hrebeniuk, Dnipropetrovsk State University of Internal Affairs Gagarina ave., 26, Dnipro, Ukraine, 49005

PhD

Department of Economic and Information Security

Andrii Nalyvaiko, National Defence University of Ukraine named after Ivan Cherniakhovskyi Povitroflotskyi ave., 28, Kyiv, Ukraine, 03049

PhD, Associate Professor

Center for Military and Strategic Studies

Elena Nyemkova, Lviv Polytechnic National University S. Bandery str., 12, Lviv, Ukraine, 79013

PhD, Associate Professor

Department of Information Technology Security

Ivan Opirskyy, Lviv Polytechnic National University S. Bandery str., 12, Lviv, Ukraine, 79013

Doctor of Technical Sciences

Department of Information Security

Igor Pasko, Scientific-Research Center of Missile Troops and Artillery Herasima Kondratieva str., 165, Sumy, Ukraine, 40021

PhD, Senior Research

Khazail Rzayev, Azerbaijan State Oil and Industrial University Azadlyg ave., 20, Baku, Azerbaijan, AZ1010

PhD, Associate Professor

Department of Computer Technology and Programming

Anatolii Salii, National Defence University of Ukraine named after Ivan Cherniakhovskyi Povitroflotskyi ave., 28, Kyiv, Ukraine, 03049

PhD, Associate Professor, Deputy Head of Institute

Institute of Aviation and Air Defense

Uliia Synytsina, Dnipropetrovsk State University of Internal Affairs Gagarina ave., 26, Dnipro, Ukraine, 49005

PhD

Department of Economic and Information Security

Olha Soloviova, Ivan Kozhedub Kharkiv National Air Force University Sumska ave, 77/79, Kharkiv, Ukraine, 61023

PhD

Department of Information Technology

References

  1. Riley, M., Elgin, B., Lawrence, D., Matlack, C. (2014). Missed alarms and 40 million stolen credit card numbers: How target blew it. Bloomberg. Available at: http://www.bloomberg.com/news/articles/2014-03-13/target-missed-warnings-in-epic-hack-of-credit-card-data
  2. M-trends 2016. Mandaint: A FireEye Company. Available at: https://www.fireeye.com/content/dam/fireeye-www/current-threats/pdfs/rpt-mtrends-2016.pdf
  3. Jajodia, S., Noel, S. (2010). Advanced cyber attack modeling analysis and visualization. Final Technical Report. Available at: https://apps.dtic.mil/dtic/tr/fulltext/u2/a516716.pdf
  4. Qin, X., Lee, W. (2004). Attack Plan Recognition and Prediction Using Causal Networks. 20th Annual Computer Security Applications Conference. doi: https://doi.org/10.1109/csac.2004.7
  5. Xie, P., Li, J. H., Ou, X., Liu, P., Levy, R. (2010). Using Bayesian networks for cyber security analysis. 2010 IEEE/IFIP International Conference on Dependable Systems & Networks (DSN). doi: https://doi.org/10.1109/dsn.2010.5544924
  6. Fava, D. S., Byers, S. R., Yang, S. J. (2008). Projecting Cyberattacks Through Variable-Length Markov Models. IEEE Transactions on Information Forensics and Security, 3 (3), 359–369. doi: https://doi.org/10.1109/tifs.2008.924605
  7. Stotz, A., Sudit, M. (2007). Information fusion engine for real-time decision-making (INFERD): A perceptual system for cyber attack tracking. 2007 10th International Conference on Information Fusion. doi: https://doi.org/10.1109/icif.2007.4408113
  8. Wang, B., Cai, J., Zhang, S., Li, J. (2010). A network security assessment model based on attack-defense game theory. 2010 International Conference on Computer Application and System Modeling (ICCASM 2010). doi: https://doi.org/10.1109/iccasm.2010.5620536
  9. Grunewald, D., Lutzenberger, M., Chinnow, J., Bye, R., Bsufka, K., Albayrak, S. (2011). Agent-based network security simulation. In Proceedings of The 10th International Conference on Autonomous Agents and Multiagent Systems, 3, 1325–1326. Available at: http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.387.1315&rep=rep1&type=pdf
  10. Moskal, S., Wheeler, B., Kreider, D., Kuhl, M. E., Yang, S. J. (2014). Context Model Fusion for Multistage Network Attack Simulation. 2014 IEEE Military Communications Conference. doi: https://doi.org/10.1109/milcom.2014.32
  11. Moskal, S., Kreider, D., Hays, L., Wheeler, B., Yang, S. J., Kuhl, M. (2013). Simulating attack behaviors in enterprise networks. 2013 IEEE Conference on Communications and Network Security (CNS). doi: https://doi.org/10.1109/cns.2013.6682726
  12. Sheyner, O., Haines, J., Jha, S., Lippmann, R., Wing, J. M. (2002). Automated generation and analysis of attack graphs. Proceedings 2002 IEEE Symposium on Security and Privacy. doi: https://doi.org/10.1109/secpri.2002.1004377
  13. Jha, S., Sheyner, O., Wing, J. (2002). Two formal analyses of attack graphs. Proceedings 15th IEEE Computer Security Foundations Workshop. CSFW-15. doi: https://doi.org/10.1109/csfw.2002.1021806
  14. Moskal, S. F. (2016). Knowledge-based Decision Making for Simulating Cyber Attack Behaviors. Rochester Institute of Technology.
  15. Kotenko, I., Man’kov, E. (2003). Experiments with Simulation of Attacks against Computer Networks. Computer Network Security, 183–194. doi: https://doi.org/10.1007/978-3-540-45215-7_15
  16. Kotenko, I. (2005). Agent-based modeling and simulation of cyber-warfare between malefactors and security agents in internet. Proceedings 19th European Conference on Modelling and Simulation.
  17. Kotenko, I. (2010). Agent-Based Modeling and Simulation of Network Infrastructure Cyber-Attacks and Cooperative Defense Mechanisms. Discrete Event Simulations. doi: https://doi.org/10.5772/46961
  18. Kotenko, I., Doynikova, E. (2014). Security Assessment of Computer Networks Based on Attack Graphs and Security Events. Lecture Notes in Computer Science, 462–471. doi: https://doi.org/10.1007/978-3-642-55032-4_47
  19. Kotenko, I., Doynikova, E. (2015). The CAPEC based generator of attack scenarios for network security evaluation. 2015 IEEE 8th International Conference on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications (IDAACS). doi: https://doi.org/10.1109/idaacs.2015.7340774
  20. Milov, O., Kostyak, M., Milevsky, S., Pogasiy, S. (2019). Methods for modeling agent behavior in information and communication systems. Control, Navigation and Communication Systems. Academic Journal, 6 (58), 63–70. doi: https://doi.org/10.26906/sunz.2019.6.063
  21. Yevseiev, S., Milov, O., Milevskyi, S., Voitko, O., Kasianenko, M., Melenti, Y. et. al. (2020). Development and analysis of game-theoretical models of security systems agents interaction. Eastern-European Journal of Enterprise Technologies, 2 (4 (104)), 15–29. doi: https://doi.org/10.15587/1729-4061.2020.201418
  22. Yevseiev, S., Karpinski, M., Shmatko, O., Romashchenko, N., Gancarczyk, T., Falat, P. (2019). Methodology of the cyber security threats risk assessment based on the fuzzy-multiple approach. 19th International Multidisciplinary Scientific GeoConference SGEM2019, Informatics, Geoinformatics and Remote Sensing. doi: https://doi.org/10.5593/sgem2019/2.1/s07.057
  23. Yevseiev, S., Aleksiyev, V., Balakireva, S., Peleshok, Y., Milov, O., Petrov, O. et. al. (2019). Development of a methodology for building an information security system in the corporate research and education system in the context of university autonomy. Eastern-European Journal of Enterprise Technologies, 3 (9 (99)), 49–63. doi: https://doi.org/10.15587/1729-4061.2019.169527
  24. Yevseiev, S., Ponomarenko, V., Ponomarenko, V., Rayevnyeva, O., Rayevnyeva, O. (2017). Assessment of functional efficiency of a corporate scientific­educational network based on the comprehensive indicators of quality of service. Eastern-European Journal of Enterprise Technologies, 6 (2 (90)), 4–15. doi: https://doi.org/10.15587/1729-4061.2017.118329
  25. Sun, R. (2007). The importance of cognitive architectures: an analysis based on CLARION. Journal of Experimental & Theoretical Artificial Intelligence, 19 (2), 159–193. doi: https://doi.org/10.1080/09528130701191560
  26. Gilbert, N. (2004). Agent-based social simulation: dealing with complexity. Available at: http://wiki.commres.org/pds/AgentBasedModeling/AbssDealingWithComplexity.pdf
  27. Carley, K. M., Prietula, M. J., Lin, Z. (1998). Design versus cognition: The interaction of agent cognition and organizational design on organizational performance. Journal of Artificial Societies and Social Simulation, 1 (3). Available at: http://jasss.soc.surrey.ac.uk/1/3/4.html
  28. Helbing, D., Balietti, S. (2011). How to do agent-based simulations in the future: From modeling social mechanisms to emergent phenomena and interactive systems design. Santa Fe Institute. Available at: https://sfi-edu.s3.amazonaws.com/sfi-edu/production/uploads/sfi-com/dev/uploads/filer/bf/ee/bfee7621-d34e-438c-ae9a-cbe9346b7d85/11-06-024.pdf
  29. Axelrod, R., Tesfatsion, L. (2006). Appendix A A Guide for Newcomers to Agent-Based Modeling in the Social Sciences. Handbook of Computational Economics, 1647–1659. doi: https://doi.org/10.1016/s1574-0021(05)02044-7
  30. Nilsson, N. J. (1977). A production system for automatic deduction. Technical Note 148. Available at: http://www.sri.com/sites/default/files/uploads/publications/pdf/743.pdf
  31. Chao, Y. R. (1968). Language and Symbolic Systems. Journal of the American Oriental Society, 88 (2), 386. doi: https://doi.org/10.2307/597363
  32. Ishida, T. (1994). Parallel, Distributed and Multiagent Production Systems. Lecture Notes in Computer Science. doi: https://doi.org/10.1007/3-540-58698-9
  33. Georgeff, M., Pell, B., Pollack, M., Tambe, M., Wooldridge, M. (1999). The Belief-Desire-Intention Model of Agency. Lecture Notes in Computer Science, 1–10. doi: https://doi.org/10.1007/3-540-49057-4_1
  34. Bordini, R. H., Hbner, J. F., Wooldridge, M. (2007). Programming Multi-Agent Systems in AgentSpeak usingJason. Wiley Series in Agent Technology. doi: https://doi.org/10.1002/9780470061848
  35. Dignum, F., Kinny, D., Sonenberg, L. (2002). From desires, obligations and norms to goals. Cognitive Science Quarterly, 2 (3-4), 407–430. Available at: https://dspace.library.uu.nl/bitstream/handle/1874/19827/dignum_02_from.pdf?sequence=1
  36. Cohen, P. R., Levesque, H. J. (1990). Intention is choice with commitment. Artificial Intelligence, 42 (2-3), 213–261. doi: https://doi.org/10.1016/0004-3702(90)90055-5
  37. Adam, C., Gaudou, B. (2016). BDI agents in social simulations: a survey. The Knowledge Engineering Review, 31 (3), 207–238. doi: https://doi.org/10.1017/s0269888916000096
  38. Pereira, D., Oliveira, E., Moreira, N., Sarmento, L. (2005). Towards an Architecture for Emotional BDI Agents. 2005 Purtuguese Conference on Artificial Intelligence. doi: https://doi.org/10.1109/epia.2005.341262
  39. Jiang, H., Vidal, J. M. (2006). From rational to emotional agents. In: Proceedings of the AAAI Workshop on Cognitive Modeling and Agent-based Social Simulation. Available at: http://jmvidal.cse.sc.edu/papers/jiang06b.pdf
  40. Kennedy, W. G. (2011). Modelling Human Behaviour in Agent-Based Models. Agent-Based Models of Geographical Systems, 167–179. doi: https://doi.org/10.1007/978-90-481-8927-4_9
  41. Kollingbaum, M. J. (2005). Norm-Governed Practical Reasoning Agents. University of Aberdeen. Available at: https://d1wqtxts1xzle7.cloudfront.net/4122560/10.1.1.140.9830.pdf?response-content-disposition=inline%3B+filename%3DNorm_governed_practical_reasoning_agents.pdf&Expires=1607609016&Signature=P7DWElEw3dWe3euGRJ8xm-3qVPj2zdQlNaUGqdC5RtoBYy~8r4ZTUf9iS-TyX7bnpLguKyGqdiuR964YWWpct8VTqzbUcbtfgjEJUy7LQqO4LnE7o3Gi9Jk48GGZZJJ1WTls4rdcJxbEIuV36edq~LW9NiKb1tVynLylL7EaJHuE3HixkysL26g37vixaHuysBefxcgtXmmLNB3JDs0GR-7lqn0c70LRzedugOdTGAAfbpcWIrsMEhG8jp39S4XUxjTgdU4czRuQOaBOcsRsoR8MPAL27CTg~2tvp9rBSXOu1SWurL4AgRxohSleQI0i9bt5~VZtwDtvm3u0gwTwwg__&Key-Pair-Id=APKAJLOHF5GGSLRBV4ZA
  42. Dignum, F. (1999). Autonomous agents with norms. Artificial Intelligence and Law, 7, 69–79. doi: http://doi.org/10.1023/A:1008315530323
  43. Castelfranchi, C., Dignum, F., Jonker, C. M., Treur, J. (2000). Deliberative Normative Agents: Principles and Architecture. Lecture Notes in Computer Science, 364–378. doi: https://doi.org/10.1007/10719619_27
  44. Conte, R., Castelfranchi, C. (1995). Cognitive and Social Action. Taylor & Francis, 224. doi: https://doi.org/10.4324/9780203783221
  45. Sun, R. (2009). Cognitive Architectures and Multi-agent Social Simulation. Lecture Notes in Computer Science, 7–21. doi: https://doi.org/10.1007/978-3-642-03339-1_2
  46. Card, S. K. (Ed.) (1983). The Psychology of Human-Computer Interaction. CRC Press, 488. doi: https://doi.org/10.1201/9780203736166
  47. Byrne, M. (2007). Cognitive Architecture. Human Factors and Ergonomics, 93–113. doi: https://doi.org/10.1201/9781410615862.ch5
  48. Sun, R., Peterson, T., Sessions, C. (2002). Beyond Simple Rule Extraction: Acquiring Planning Knowledge from Neural Networks. Neural Nets WIRN Vietri-01, 288–300. doi: https://doi.org/10.1007/978-1-4471-0219-9_32
  49. Laird, J. E., Newell, A., Rosenbloom, P. S. (1987). SOAR: An architecture for general intelligence. Artificial Intelligence, 33 (1), 1–64. doi: https://doi.org/10.1016/0004-3702(87)90050-6
  50. Laird, J. E. (2012). The SOAR Cognitive Architecture. MIT Press. doi: https://doi.org/10.7551/mitpress/7688.001.0001
  51. Laird, J. E. (2012). The SOAR cognitive architecture. AISB Quarterly, 134, 1–4. Available at: https://pdfs.semanticscholar.org/a065/0855634a156db81a01dcdceff931e9f1ac04.pdf
  52. Wooldridge, M., Jennings, N. R. (1995). Agent theories, architectures, and languages: A survey. Intelligent Agents, 1–39. doi: https://doi.org/10.1007/3-540-58855-8_1
  53. Dolan, P., Hallsworth, M., Halpern, D., King, D., Metcalfe, R., Vlaev, I. (2012). Influencing behaviour: The mindspace way. Journal of Economic Psychology, 33 (1), 264–277. doi: https://doi.org/10.1016/j.joep.2011.10.009
  54. Adam, C. (2007). Emotions: from psychological theories to logical formalization and implementation in a BDI agent. Institut de Recherche en Informatique de Toulouse. Available at: https://oatao.univ-toulouse.fr/7612/1/adam.pdf
  55. Steunebrink, B. R., Dastani, M., Meyer, J.-J. C. (2010). Emotions to control agent deliberation. AAMAS '10: Proceedings of the 9th International Conference on Autonomous Agents and Multiagent Systems, 1 (1), 973–980. Available at: http://dl.acm.org/citation.cfm?id=1838206.1838337
  56. Shmatko, O., Balakireva, S., Vlasov, A., Zagorodna, N., Korol, O., Milov, O. et. al. (2020). Development of methodological foundations for designing a classifier of threats to cyberphysical systems. Eastern-European Journal of Enterprise Technologies, 3 (9 (105)), 6–19. doi: https://doi.org/10.15587/1729-4061.2020.205702
  57. Milov, O., Yevseiev, S., Aleksiyev, V., Berdnik, P., Voitko, O., Dyptan, V. et. al. (2019). Development of the interacting agents behavior scenario in the cyber security system. Eastern-European Journal of Enterprise Technologies, 5 (9 (101)), 46–57. doi: https://doi.org/10.15587/1729-4061.2019.181047
  58. Milov, O., Yevseiev, S., Ivanchenko, Y., Milevskyi, S., Nesterov, O., Puchkov, O. et. al. (2019). Development of the model of the antagonistic agents behavior under a cyber conflict. Eastern-European Journal of Enterprise Technologies, 4 (9 (100)), 6–19. doi: https://doi.org/10.15587/1729-4061.2019.175978
  59. Yevseiev, S., Korol, O., Kots, H. (2017). Construction of hybrid security systems based on the crypto-code structures and flawed codes. Eastern-European Journal of Enterprise Technologies, 4 (9 (88)), 4–21. doi: https://doi.org/10.15587/1729-4061.2017.108461
  60. Yevseiev, S., Hryhorii, K., Liekariev, Y. (2016). Developing of multi-factor authentication method based on niederreiter-mceliece modified crypto-code system. Eastern-European Journal of Enterprise Technologies, 6 (4 (84)), 11–23. doi: https://doi.org/10.15587/1729-4061.2016.86175
  61. Yevseiev, S., Tsyhanenko, O., Ivanchenko, S., Aleksiyev, V., Verheles, D., Volkov, S. et. al. (2018). Practical implementation of the Niederreiter modified crypto­code system on truncated elliptic codes. Eastern-European Journal of Enterprise Technologies, 6 (4 (96)), 24–31. doi: https://doi.org/10.15587/1729-4061.2018.150903

Downloads

Published

2020-12-31

How to Cite

Milov, O., Hrebeniuk, A., Nalyvaiko, A., Nyemkova, E., Opirskyy, I., Pasko, I., Rzayev, K., Salii, A., Synytsina, U., & Soloviova, O. (2020). Development of the space-time structure of the methodology for modeling the behavior of antagonistic agents of the security system. Eastern-European Journal of Enterprise Technologies, 6(2 (108), 30–52. https://doi.org/10.15587/1729-4061.2020.218660

Issue

Vol. 6 No. 2 (108) (2020): Information technology. Industry control systems

Section

Information technology

License

Copyright (c) 2020 Oleksandr Milov, Andrii Hrebeniuk, Andrii Nalyvaiko, Elena Nyemkova, Ivan Opirskyy, Igor Pasko, Khazail Rzayev, Anatolii Salii, Uliia Synytsina, Olha Soloviova

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

The consolidation and conditions for the transfer of copyright (identification of authorship) is carried out in the License Agreement. In particular, the authors reserve the right to the authorship of their manuscript and transfer the first publication of this work to the journal under the terms of the Creative Commons CC BY license. At the same time, they have the right to conclude on their own additional agreements concerning the non-exclusive distribution of the work in the form in which it was published by this journal, but provided that the link to the first publication of the article in this journal is preserved.

A license agreement is a document in which the author warrants that he/she owns all copyright for the work (manuscript, article, etc.).
The authors, signing the License Agreement with TECHNOLOGY CENTER PC, have all rights to the further use of their work, provided that they link to our edition in which the work was published.
According to the terms of the License Agreement, the Publisher TECHNOLOGY CENTER PC does not take away your copyrights and receives permission from the authors to use and dissemination of the publication through the world's scientific resources (own electronic resources, scientometric databases, repositories, libraries, etc.).
In the absence of a signed License Agreement or in the absence of this agreement of identifiers allowing to identify the identity of the author, the editors have no right to work with the manuscript.
It is important to remember that there is another type of agreement between authors and publishers – when copyright is transferred from the authors to the publisher. In this case, the authors lose ownership of their work and may not use it in any way.