ОПТИМІЗАЦІЯ МЕТОДУ ВИБОРУ СТРАТЕГІЇ ІНВЕСТУВАННЯ ЗАСОБІВ ЗАХИСТУ ІНФОРМАЦІЇ НА ОСНОВІ КОМБІНАЦІЇ ТЕОРІЇ ІГОР ТА ГЕНЕТИЧНОГО АЛГОРИТМУ
DOI:
https://doi.org/10.28925/2663-4023.2022.16.172184Ключові слова:
система підтримки прийняття рішень; засоби захисту інформації; стратегії інвестування; теорія ігор; генетичний алгоритмАнотація
Today, there is a tendency to increase financial income from criminal organizations and increase attacks on information systems. At the same time, new methods and models are being developed to support decision-making regarding the choice of financing strategy. Investments in innovative projects, for example, in the field of information technology and cyber security, in many cases are determined by a high probability of calculation inaccuracy and risk. Data analysis systems are often used to improve the efficiency and optimization of project evaluation procedures and to support investment decision-making. It is decision support systems that make it possible to optimize procedures related to the selection of strategies for financial investment of projects based on a combination of game theory with the help of a genetic algorithm. The lack of standardization of the information field and limited access to structured information regarding the degree of cyber security of a specific informatization object is one of the main problems in the field of information protection and cyber security of many states. The only option for solving the problem of finding a rational strategy for investing in cyber security is only to involve the potential of the decision support system. The article describes a method for a decision-making support system based on a genetic algorithm and a combination of game theory, which contribute to ensuring the continuous and effective functioning of the information resource protection system of the informatization object of any scale. In the developed genetic algorithm, the so-called quality index or degree of achievement of the desired goals for a specific information protection tool is adopted as an integral indicator of information protection tools. The presented method can be applied to reduce the time in solving the problem of finding rational (optimal) strategies of investors based on game models in combination with a genetic algorithm, in particular, in the conditions of dynamic opposition to an attacker, when the evaluation of a rational investment strategy is extremely important for the defense side.
Завантаження
Посилання
Cui, M., Wang, J., Yue, M. (2019). Machine Learning-Based Anomaly Detection for Load Forecasting Under Cyberattacks. IEEE Transactions on Smart Grid, 10(5), 5724–5734. https://doi.org/10.1109/tsg.2018.2890809
Yulianto, S., Lim, C., Soewito, B. (2016). Information security maturity model: A best practice driven approach to PCI DSS compliance. IEEE Region 10 Symposium (TENSYMP), 65-70. https://doi.org/10.1109/TENCONSpring.2016.7519379
Akdeniz, E., Bagriyanik, M. (2016). A knowledge based decision support algorithm for power transmission system vulnerability impact reduction. International Journal of Electrical Power & Energy Systems, 78, 436–444. https://doi.org/10.1016/j.ijepes.2015.11.041
Akhmetov, B., Lakhno, V., Akhmetov, B., Alimseitova, Z. (2018). Development of Sectoral Intellectualized Expert Systems and Decision Making Support Systems in Cybersecurity. У Intelligent Systems in Cybernetics and Automation Control Theory (с. 162–171). Springer International Publishing. https://doi.org/10.1007/978-3-030-00184-1_15
Weishäupl, E., Yasasin, E., Schryen, G. (2018). Information security investments: An exploratory multiple case study on decision-making, evaluation and learning. Computers & Security, 77, 807–823. https://doi.org/10.1016/j.cose.2018.02.001
Akhmetov, B., Lakhno, V., Akhmetov, B., Alimseitova, Z. (2018). Development of Sectoral Intellectualized Expert Systems and Decision Making Support Systems in Cybersecurity. У Intelligent Systems in Cybernetics and Automation Control Theory (с. 162–171). Springer International Publishing. https://doi.org/10.1007/978-3-030-00184-1_15
Fu, Y., Zhu, J., Gao, S. (2017). CPS Information Security Risk Evaluation System Based on Petri Net. У 2017 IEEE Second International Conference on Data Science in Cyberspace (DSC). IEEE. https://doi.org/10.1109/dsc.2017.65
Diesch, R., Pfaff, M., Krcmar, H. (2020). A comprehensive model of information security factors for decision-makers. Computers & Security, 92, 101747. https://doi.org/10.1016/j.cose.2020.101747
Haqaf, H., Koyuncu, M. (2018). Understanding key skills for information security managers. International Journal of Information Management, 43, 165–172. https://doi.org/10.1016/j.ijinfomgt.2018.07.013
Silva, M. M., de Gusmão, A. P. H., Poleto, T., Silva, L. C. e., Costa, A. P. C. S. (2014). A multidimensional approach to information security risk management using FMEA and fuzzy theory. International Journal of Information Management, 34(6), 733–740. https://doi.org/10.1016/j.ijinfomgt.2014.07.005
Safa, N. S., Von Solms, R. (2016). An information security knowledge sharing model in organizations. Computers in Human Behavior, 57, 442–451. https://doi.org/10.1016/j.chb.2015.12.037
Lakhno, V., Malyukov, V., Gerasymchuk, N., Shtuler, I. (2017). Development of the decision making support system to control a procedure of financial investment. Eastern-European Journal of Enterprise Technologies, 6(3 (90)), 35–41. https://doi.org/10.15587/1729-4061.2017.119259
Dor, D., Elovici, Y. (2016). A model of the information security investment decision-making process. Computers & Security, 63, 1–13. https://doi.org/10.1016/j.cose.2016.09.006
Lakhno, V., Malyukov, V., Akhmetov, B., Kasatkin, D., Plyska, L. (2021). Development of a model for choosing strategies for investing in information security. Eastern-European Journal of Enterprise Technologies, 2(3 (110)), 43–51. https://doi.org/10.15587/1729-4061.2021.228313
Jin, X., Liu, Q., Long, H. (2021). Impact of cost–benefit analysis on financial benefit evaluation of investment projects under back propagation neural network. Journal of Computational and Applied Mathematics, 384, 113172. https://doi.org/10.1016/j.cam.2020.113172.
Malyukov, V. P. (1994). Discrete-approximation method for solving a bilinear differential game. Cybernetics and Systems Analysis, 29(6), 879–888. https://doi.org/10.1007/bf01122741.
Malyukov, V. P., Linder, N. V. (1994). A multistep game of kind between two economic systems under complete information. Cybernetics and Systems Analysis, 30(4), 545–554. https://doi.org/10.1007/bf02366564
Malyukov, V.P. (1993). On a method of information specification in conflict interaction between economic dynamics models. Cybernetics and Systems Analysis, 29(5), 705-715.
Malyukov, V.P. (1993). On one method of information specification in conflict interaction between economic dynamics models. Kibernetika i Sistemnyj Analis, (5), 92-104.
Malyukov, V.P. (1992). A game between two dynamical economic models with incomplete information. Cybernetics and Systems Analysis, 28(1), 45-54.
Malyukov, V.P. (1992). Game of the quality of two models of economic dynamics with incomplete information. Kibernetika i Vychislitel'naya Tekhnika, (1), 58-67.
Malyukov, V.P. (1991). A differential game of quality for two groups of objects. Journal of Applied Mathematics and Mechanics, 55(5), 596-606.
Malyukov, V.P. (1990). Game of quality for two groups of objects. Cybernetics, 26(5), 698-710.
Lakhno, V., Malyukov, V., Akhmetov, B., Kasatkin, D., Plyska, L. (2021). Development of a model for choosing strategies for investing in information security. Eastern-European Journal of Enterprise Technologies, 2(3), 110.
Lakhno, V., Malyukov, V., Mazur, N., Kuzmenko, L., Akhmetov, B., Hrebeniuk, V. (2020). Development of a model for decision support systems to control the process of investing in information technologies. Eastern-European Journal of Enterprise Technologies, 1(3), 74-81.
