DEVELOPMENT OF A SUPPORT SYSTEM FOR MANAGING THE CYBER SECURITY
DOI:
https://doi.org/10.15588/1607-3274-2017-2-12Keywords:
Information safety, information security management, decision support system, morphological approachAbstract
Context. In this paper the urgent problem of development of software of decision making support systems in information security is solved. Approach is based on a choice of rational options of response to events taking into account operational state-of-health data of a subject to protection.
Objective. Goal of the research is developing a cyber-threats counterwork model using decision support system, choosing rational variants of reactions on the occurrences in cybersecurity, and taking into account current operational data.
Method. The information object cyber security operational management system and the formation of the protection methods rational sets model which is based on a morphological approach is developed. It is proposed to find an optimal variant of the information security perimeter sets using an object function that maximizes the correlation of a consolidated figure of “information security” to consolidated figure “costs”.
Results. A model for the operational management of cyber security-critical computer systems was developed. This model allows us to generate different variants of protection sets that are compliant with a computer system taking into account morphological matrices for each security perimeter prepared with the intelligent decision support system. It is proved that the use of the developed decision support systems can significantly reduce the costs planned for the complex means of cyber defense, as well as reduce the time to inform decisionmakers
on how to counter the identified information security incidents.
Conclusions. Scientific novelty of research consists that the model of operational management of cyber security of an information objects and formation of a rational complex of security features based on morphological approach is for the first time offered. The practical value of the developed methods and instruments is that they allow: to reduce time of development of systems of cyber security, to increase efficiency of planning of rational modular composition of security features due to creation of information and software environment in case of design; to increase validity of the made decisions on operational and to organizational technical control by protection
References
Zhang Y., Wang L., Sun W., Green R. C., Alam M. Distributed Intrusion Detection System in a Multi-Layer Network Architecture of Smart Grids, IEEE Transactions on Smart Grid, 2011, Vol. 2, No. 4, pp. 796–808. DOI:10.1109/TSG.2011.2159818
Al-Jarrah O., Arafat A. Network Intrusion Detection System using attack behavior classification, Information and Communication Systems (ICICS), 2014 5th International Conference, 2014, pp. 1–6. DOI: 10.1109/IACS.2014.6841978
Louvieris P., Clewley N., Liu X. Effects-based feature identification for network intrusion detection, Neurocomputing, 2013, Vol. 121, Iss. 9, P. 265–273. DOI:10.1016/j.neucom.2013.04.038
Lakhno V. Creation of the adaptive cyber threat detection system on the basis of fuzzy feature clustering, Eastern-European Journal of Enterprise Technologies, 2016, Vol. 2, No. 9(80): Information and controlling system, pp. 18–25. DOI: 10.15587/1729- 4061.2016.66015
Panaousis E., Fielder A., Malacaria P., Hankin C., Smeraldi F. Cybersecurity Games and Investments: A Decision Support Approach, Chapter Decision and Game Theory for Security of the series Lecture Notes in Computer Science, 2014, Vol. 8840, pp. 266–286. DOI: 10.1007/978-3-319-12601-2_15
Cavusoglu H., Srinivasan R., Wei T. Y. Decision-theoretic and game-theoretic approaches to IT security investment, Journal of Management Information Systems, 2008, Vol. 25(2), pp. 281–304.
Li-Yun, Chang, Zne-Jung Lee Applying fuzzy expert system to information security risk Assessment – A case study on an attendance system, 2013 International Conference on Fuzzy Theory and Its Applications, 2013, pp. 346–351. DOI: 10.1109/iFuzzy.2013.6825462
Atymtayeva L., Kozhakhmet K., Bortsova G. Building a Knowledge Base for Expert System in Information Security, Chapter Soft Computing in Artificial Intelligence, 2014, Vol. 270, pp. 57–76. DOI:10.1007/978-3-319-05515-2_7
Kanatov M., Atymtayeva L., Yagaliyeva, B. Expert systems for information security management and audit. Implementation phase issues, Soft Computing and Intelligent Systems (SCIS), Joint 7th International Conference on and Advanced Intelligent Systems (ISIS), 15th International Symposium on 3–6 Dec. 2014, pp. 896–900. DOI:10.1109/SCIS-ISIS.2014.7044702
Yu-Ping Ou Yanga, How-Ming Shieha, Gwo-Hshiung Tzeng A VIKOR technique based on DEMATEL and ANP for information security risk control assessment, Information Sciences, 2013, Vol. 232, pp. 482–500. http://dx.doi.org/10.1016/ j.ins.2011.09.012
Bulgurcu B., Cavusoglu H. and Benbasat I. Information security policy compliance: An empirical study of rationality-based beliefs and information security awareness, MIS Quarterly, 2010, No. 34(3), pp. 523–548.
Linda O., Manic M., Vollmer T., Wright J. Fuzzy logic based anomaly detection for embedded network security cyber sensor, Computational Intelligence in Cyber Security (CICS), IEEE Symposium on 11–15 April 2011, 2011, pp. 202–209. DOI: 10.1109/CICYBS.2011.5949392
Demetz L., Bachlechner D. To Invest or Not to Invest? Assessing the Economic Viability of a Policy and Security Configuration Management Tool, The Economics of Information Security and Privacy, Springer, Heidelberg, 2013, pp. 25–47. DOI:10.1007/ 978-3-642-39498-0_2
Oglaza A., Laborde R., Zarate P. Authorization Policies: Using Decision Support System for Context-Aware Protection of User’s Private Data, Trust, Security and Privacy in Computing and Communications (TrustCom), 12th IEEE International Conference on 16–18 July 2013, 2013, pp. 1639–164. DOI: 10.1109/TrustCom.2013.202.
Lakhno V., Kazmirchuk S., Kovalenko Y., Myrutenko L., Zhmurko T. Design of adaptive system of detection of cyberattacks, based on the model of logical procedures and the coverage matrices of features, Eastern-European Journal of Enterprise Technologies, 2016, No. 3/9 (81), pp. 30–38. DOI: 10.15587/1729-4061.2016.71769
Gamal, M. M., Hasan, B., Hegazy, A.F. A Security Analysis Framework Powered by an Expert System, International Journal of Computer Science and Security, 2011, Vol. 4, No. 6, pp. 505–527.
Goztepe, K. Designing Fuzzy Rule Based Expert System for Cyber Security, International Journal of Information Security Science, 2012, Vol. 1, No. 1, pp. 13–19.
Robert S. Gutzwiller, Sarah M. Hunt, Douglas S. Lange A task analysis toward characterizing cyber-cognitive situation awareness (CCSA) in cyber defense analysts, Cognitive Methods in Situation Awareness and Decision Support (CogSIMA), IEEE International Multi-Disciplinary Conference on 21–25 March 2016, 2016. DOI: 10.1109/COGSIMA.2016.7497780.
Loren Paul Reesa, Jason K. Deanea, Terry R. Rakesa, Wade H. Bakerb Decision support for Cybersecurity risk planning, Decision Support Systems, 2011, Vol. 51, Iss. 3, рр. 493–505. DOI.org/10.1016/j.dss.2011.02.013
Paliwal, S., Gupta, R. Denial-of-Service, Probing & Remote to User (R2L) Attack Detection using Genetic Algorithm, International Journal of Computer Applications, 2012, Vol. 60, No. 19, pp. 57–62.
Ben-Asher N., Gonzalez C. Effects of cyber security knowledge on attack detection, Computers in Human Behavior, 2015, Vol. 48, pp. 51–61. DOI: 10.1016/j.chb.2015.01.039
Burachok, V. Algorithm for evaluating the degree of protection of special information and telecommunication systems, Information Security, 2011, No. 3, pp. 19–27.
Valenzuela J., Wang J., Bissinger N. Real-Time Intrusion Detection in Power System Operations, IEEE Transactions on Power Systems, 2013, Vol. 28, No. 2, pp. 1052–1062. DOI:10.1109/ TPWRS.2012.2224144
Potij O. V., Ljenshyn A. V. Doslidzhennja metodiv ocinky ryzykiv bezpeci informacii’ ta rozrobka propozycij z i’h vdoskonalennja na osnovi systemnogo pidhodu, Zbirnyk naukovyh prac’ Harkivs’kogo universytetu Povitrjanyh Syl, 2010, Vyp. 2(24), pp. 85–91.
Downloads
How to Cite
Issue
Section
License
Copyright (c) 2017 V. A. Lakhno
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
Creative Commons Licensing Notifications in the Copyright Notices
The journal allows the authors to hold the copyright without restrictions and to retain publishing rights without restrictions.
The journal allows readers to read, download, copy, distribute, print, search, or link to the full texts of its articles.
The journal allows to reuse and remixing of its content, in accordance with a Creative Commons license СС BY -SA.
Authors who publish with this journal agree to the following terms:
-
Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License CC BY-SA that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
-
Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
-
Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work.
