MODEL OF CYBER SECURITY FINANCING WITHIN THE FRAMEWORK OF THE BILINEAR DIFFERENTIAL QUALITY GAME SCHEME

MODEL OF CYBER SECURITY FINANCING WITHIN THE FRAMEWORK OF THE BILINEAR DIFFERENTIAL QUALITY GAME SCHEME Akhmetov B. B. – PhD, Associate Professor, Rector of the Caspian State University of Technologies and Engineering named after Sh. Yessenov, Aktau, Kazakhstan. Lakhno V. A. – Dr. Sc., Professor, Head of Department of cybersecurity, European University, Kyiv, Ukraine. Malyukov V. P. – Dr. Sc., Associate Professor, Professor, Department of Informatics Systems, Mathematics Disciplines, European University, Kyiv, Ukraine. ABSTRACT Actuality. There is considered the actual problem of an optimal decision making on financing of information and cyber security means in the conditions of active counteraction to the side of the attackers of information and communication systems of the logistics and situational transport center. The aim of the work is to develop a model for the decisions support system of the financing process of the information and cyber security means of the logistics and situational transport center in conditions of active counteraction to the attacking party, which differs from existing approaches by solving a bilinear differential quality game with several terminal surfaces. Method. Solving a bilinear differential quality game, that allows to reflect adequately the essence of the problem, there was used a discrete approximation method. The method allowed not only to find a solution of the bilinear differential quality game with dependent motions, but also became an effective at the software implementation of the decisions support system in the field of financing information and cyber security means for information and communication systems of the protected logistics-situational transport center. Results. The developed model allows to obtain optimal financing strategies by the cyber security means protection side for information and communication logistics and situational transport centers at any ratio of parameters describing the financing process, no matter how financially the party tries to attack the security perimeters. Conclusions. In this article there was firstly considered the model within the framework of the bilinear differential quality game scheme for the decisions support system of the process of cyber security means financing for information and communication systems of protected logistics and situational transport centers. For such differential games there were previously developed no effective solution methods. In the proposed solution there were firstly used the differential equations that define the interaction dynamics, describe the dependent motions by means of bilinear functions.


IS -information security; ICTS -information and communication transport systems;
CS -cyber security; LSC -logistics and situational centers; ISS -information security systems; DSS -decision support system; GT -game theory.

INTRODUCTION
The rapid development of digital technologies in various fields, particularly, in ICTS, stimulate the active development of IS and CS systems.Analyzing the problems of ICTS protection it is advisable to consider the transformation of the situation in the context of actions of two parties (players): party 1 -IS and CS services; party 2 -intruder (hacker).In accordance with [1] the party 2 is regarded as a set of potential threats.As the threats there can be seen both the incompetent actions of individual performers inside the ICTS and the planned targeted cyber attacks.It is noted in works [2,3] that in such situations the most adequate models describing the behavior of a system with two or more opposing sides are the models based on TI.In fact, if the strategies of both parties 1 and 2, the win/loss for the players (for the cases under consideration) are known then we can talk about solving the problem of rational financing in the IS and CS systems.At the same time, the party 2 (hacker) does not have enough financial resources to overcome the perimeter of the ICTS protection.The reverse problem will be the situation in which the party 1 (the ICTS protector) did not have enough financial resources to protect it.
The object of the research is the process of financing in the means of information and cyber security of the LSC transport and its ICTS.
The aim of the work is the development of a model for the decision support system of the financing process in the means of information and cyber security of the LSC transport, in conditions of active counteraction to the attacking party, which differs from existing approaches by solving a bilinear differential quality game with several terminal surfaces.

PROBLEM STATEMENT
One of the most important tasks, facing the services ensuring the ICTS functioning, is the task of their IS and CS.This requires adequate financial investment.In turn, the decision-making on ICTS means investing should be based on procedures that allow financing taking into account all the factors inherent to CS.This is possible if the DSS is developed and implemented, allowing to make optimal (rational) decisions on investing financial resources for the development of ICTS protection tools.There is considered a model for a DSS on a continuous procedure for financing of IS and CS of ICTS in LSC from the penetration of intruders (hackers) into them.The model is based on solving a bilinear differential quality game with two terminal surfaces.Mathematical statement: there are two players that control a dynamic system, given by a system of bilinear differential equations with dependent motions.The sets of strategies of the players U and V are determined accordingly.Two terminal surfaces 0 0 , N M are defined.The aim of the first player is to put the dynamic system using its control strategies to the terminal surface , 0 M despite the second player actions.The aim of the second player is to put the dynamic system using its control strategies to the terminal surface 0 N , despite the first player actions.The solution is to find a set of initial states of objects and their strategies that allow objects to put the system to that or another surface.

LITERATURE REVIEW
In recent years, there has been a tendency to replenish traditional mathematical approaches to the selection of compatible hardware and software systems for CS and IS [4,5].In the context of the problem there was carried out the analysis of the literature data for works using the games theory [6] choosing the means of CS.A general approach to the use of TI for the analysis of interactions between participants of the protection process and attackers was presented in [7,8].The authors did not cover all the interests of the decision-making parties.In work [9] there was proposed the TI apparatus for the problems of selecting the protection means against unauthorized access.The work was not implemented in the format of completed recommendations.In work [10] there was carried out a review and analysis of gametheoretic methods in the problems of IS and CS providing.The authors were limited by simulating the total cost of ISS without taking into account the behavioral strategies of the parties.In work [11] there were considered the models of step games in cases of incomplete information prior to the construction of protection mechanisms from DoS / DDoS attacks.A certain disadvantage of the work is the fact that in order to find a successful strategy for the player 1 (an information protector) it requires experimentally to collect statistics on the types of ISS.In work [12] there was considered a final non-cooperative game with at least one balance situation with mixed strategies of the parties.The authors do not give any data on how to find the balance situation by standard TI methods.
As the performed analysis of the latest researches in the field of TI application for determining the strategies of parties 1 and 2 has shown the problem of further development of models for the ISS in the tasks of financing process control in the means of the IS and CS of LSC transport and its protected information and communication systems remains relevant.

MATERIALS AND METHODS
Here is a mathematical model for the ICTS protection means financing.In task 1 the confederate player is treated for the protector, the enemy player is treated for the hacker.And vice versa -in task 2, the confederate player is treated for the hacker, and the enemy player is treated for the protector.The first player seeks to protect his ICTS for LSC [13].The second -to hack the ICTS.For this purpose, both players need financial resources.We assume that for a given (T is a real positive number) the first player has ( ) financial resources, while the second player has ( ) 0 y .These parameters determine the predicted, at 0 = t , amount of financial resources that players 1 and 2 have to achieve their goals.At the initial moment of time t the first player multiplies the value ( ) by the coefficient (rate of change, growth) ( ) t α .Then, the player 1 selects a value ( ) that determines the share of the resource ( ) ( ) of the 1st player allocated by him at the CS at time t .Similarly, at time t the player 2 multiplies the value ( ) t y by the coefficient (rate of change, growth) ( ) Next, the player 2 selects a value ( ) determines the share of the resource ( ) ( ) of the second player's allocated by him for ICTS hacking at time t .
Let denote by 1 r the effectiveness of financial resources investment in the means IS and CS of ICTS.In fact, 1 r -coefficient that shows how much financial resources a hacker will need to hack the IS (in our case, ICTS), for the protection of which there was expended the unit of financial resource of the first player.Let designate by 2 r the effectiveness of financial resources investment in IS hacking tools (ICTS).Or 2 r -coefficient that shows how much financial resources an ICTS protector will need if there was expended the resource unit on hacking.Then the dynamics of financial resources changes of the first and second players is given by the following system of differential equations: Then at the moment t it is possible to fulfill one of three conditions: 1) ( ) If the first condition is fulfilled, then we will say that the financing procedure for the CS systems is completed.And the ICTS hacker has not enough financial means to overcome the protection.If the second condition is fulfilled, then we will say that the procedure for financing the CS systems is completed and the protection side did not have enough financial resources for its efficient organization.If the third condition is fulfilled, the procedure for CS financing systems CRB continues further.
The values ( ) ( ) show the CS systems financing result on the planned interval [ ] The IS and CS financing systems process is considered within the framework of a positional differential game with complete information.[14] In this case, the process generates two tasks: from the point of view of the first confederate player and the second confederate player [2].Because of the symmetry we confine the problem statement from the point of view of the first confederate player.The second problem is solved that puts the state of the position ( ) ( ) Therefore, the pure strategy of the first confederate player is the function (rule) that puts the state of information (position) at the moment t the value ( ) ( ).

, , y x t u
The value ( ) ( ) determines the share of the financial resource of the player -ICST protector, which he planned to spend for the protection at a time t .
Regarding the awareness of the enemy player (within the framework of the positional differential game scheme), no assumptions are made.This is equivalent to the fact that the confederate player chooses his controlling influence based on any information.After defining the strategies in task 1, it is necessary to determine the set of preferences 1 Z for the first player.Therefore, 1 Z -this set of such initial states of financial resources of the defender and the hacker, which has the following property.The property of financial resources of the players: for the initial states there is a strategy of the first player, which for any realizations of the second player strategies put the state of the system in ( ) ( ) ( ) 0 , 0 y x at which the condition 1) will be fulfilled.However, the second player does not have a strategy that can lead to the fulfillment of conditions 2) or 3).The strategy ( ) .,. * u of the protector-player that possesses to the states2) or 3) is called optimal.The solution of Problem consists in finding the sets of "preferences" of the protector and his optimal strategies.Similarly, the problem is posed from the point of view of the second confederate player.
The solution of the problem 1 is found using the tools of the differential quality games theory with complete information [14,15], which allows to find it at any ratio of game parameters.We give the solution of the game, i.e. sets of preference 1 Z and optimal strategies for the first player.
The case 1. ., 1 Then we will receive: and is not defined otherwise.
The case 2. ., 1 Then we will receive: , and is not defined otherwise.
The case 3. ., 1 . Z u are defined in the same way as in Case 1.
The case 4. ., 1 ≺ Then we will receive: and is not defined otherwise.
The case 5.
The case 6.
. , 1 Then we will receive: , and is not defined otherwise.
The case 9. ., 1 . Z u are defined in the same way as in Case 8.
The task from the point of view of the second confederate player is solved similarly.
The sets of preference (cones) from the point of view of the second confederate player "join" to the sets of "preference" of the first confederate player.These sets are divided among themselves by the balance beams.The balance beams have the property if the pair ( ) ( ) ( ) 0 , 0 y x belongs to the beam, then the players have strategies that enable them to be on the balance beam for all subsequent moments of time.This can allow, at given ( ) ( ) ( ) , to find the relations to the interaction parameters, under which the pair ( ) ( ) ( ) will be located on the balance beam.
4 EXPERIMENTS The computational experiment was conducted in the PTC Mathcad 4 environment.The software module for the DSS «SSDMI» is also implemented in the RadStudio (Delphi) environment, see Fig. 1 [16].As the initial data there was accepted the technical task data for the development of protected LSC transport of Ukraine and the Republic of Kazakhstan.

RESULTS
Table 1 and Fig. 2-5 show the results for 4-x test calculations during the computational experiment.There were considered situations when two players control a dynamic system.The purpose of the experiment is to determine the set of strategies of the players U and V .There are also considered the cases when the players' strategies deduce them on the corresponding terminal surfaces 0 0 , N M .In the course of the experiment, there are found sets of initial states of objects and their strategies that allow objects to bring the system to one or another terminal surface.On the plane, the axis X is the financial resources of the 1st player.Axis Y -financial resources of the 2nd player.The area under the beam -1 Z (the "preference" area of the first player).The area above the beam -2 Z (the "preference" area of the second player).

Calculations
x(0),y(0) x( 1), y( 1   The obtained results demonstrate the effectiveness of the proposed approach.During the testing of the model in the PTC Mathcad 4 environment, as well as in the DSS "SSDMI" [16] there was established the correctness of the results.
Approbation of DSS "SSDMI" was carried out for real investment projects in the field of cyber security of Ukraine and Kazakhstan [15,16].

DISCUSSION
Fig. 2 illustrates the situation where the first player has an advantage in the ratio of the initial financial resources, i.e. they are in the set of preferences of the 1st player.In this case, the 1st player, using his optimal strategy, will achieve his goal, particularly, put the state of the system to its "own" terminal surface.Fig. 3 shows a situation in which the 2nd player, using the non-optimal behavior of the first player at the initial moment of time, put the state of the system to the "own" terminal surface.Figure 4 corresponds to the case when the initial state of the system is on a balance beam.And the players, applying their optimal strategies, "move" along this beam.This "satisfies" both players simultaneously and illustrates the "stability" of the system.At small deviations choosing the implementation of the optimal strategy by the 1st player (see the section on which the round and triangular markers coincided) he will reach his goal, but somewhat later.Fig. 5 shows the acceptable accuracy of the software module DSS "SSDMI" in relation to the results of computational experiments in PTC Mathcad 4. The discrepancy does not exceed 2-6%.The proposed model is the process of predicting the results of CS ICTS LSC means investing.The disadvantage of the model is the fact that the data of the forecast estimate obtained through the DSS at the selection investing strategies in CS means do not always coincide with the actual data.
In the course of computational experiments and practical data approbation [15,16] it was established that the proposed model allows adequately to describe the dependent motions by means of bilinear functions.This provides an effective tool for the participants of the investment process in the CS ICTS LSC means.In comparison with existing models, the proposed solution improves the efficiency and predictability for the investor by an average of 11-15% [8,9,11,17,18].CONCLUSIONS There is proposed a model for the decisions support system of the financing process in the information and cyber security means of the LSC transport, in conditions of active counteraction to the attacking side.The model differs from existing ones by solving a bilinear differential quality game with several terminal surfaces.
The scientific novelty of the results obtained in the article is that for the first time there was considered a new class of bilinear differential games that allowed adequately to describe the process and to find the optimal financing strategies by the cyber security means protection side.The solution was carried out on the example of optimizing the financial components of the strategies for protecting the information and communication systems of the LSC transport at any parameters ratio describing the financing process, no matter how financially acts the party which tries to hack the security perimeters was.A special feature of this approach was the use of a solution based on a bilinear differential quality game with several terminal surfaces.
The practical significance of the results is that there was developed a module in the RadStudio programming environment for the decision support system -SSDMI.In "SSDMI" module there is implemented the proposed model, based on the application of methods of the theory of differential games.The developed module, allows to reduce the discrepancies between the forecast data and the real return from investing in CS means.The solution allows to obtain optimal financing strategies by the protection side of cyber security means for ICTS of LSC transport.The software implementation of the DSS module allows to choose the optimal financial component of the protection side strategy at any parameters ratio that describe the financing process, no matter how financially the second party acts, trying to hack the security perimeters.
Further perspectives for the development of this research are the transfer of accumulated experience to the real practice of optimizing investment policy in protected LSC in Ukraine and the Republic of Kazakhstan.

* g -coefficient determining the balance beam; 0 M -terminal surface for the 1st player; 0 N -terminal surface for the 2nd player; 1 r 2 r
-efficiency of financial resources investments in the means of IS and CS ICTS; -efficiency of financial resources investments in the means of overcoming the boundaries of ICST protection; similarly.Let denote * T by the set [ ] T , 0 .Definition.The pure strategy of the first confederate player is the function

Figure 1 -
Figure 1-General view of the DSS module of the CS means financing process for the bilinear differential game quality scheme