OPTIMIZATION OF THE METHOD OF CHOOSING THE INVESTMENT STRATEGY OF INFORMATION SECURITY EQUIPMENT BASED ON THE COMBINATION OF GAME THEORY AND THE GENETIC ALGORITHM

Authors

DOI:

https://doi.org/10.28925/2663-4023.2022.16.172184

Keywords:

decision support system; information protection tools; investment strategies; game theory; genetic algorithm

Abstract

Today, there is a tendency to increase financial income from criminal organizations and increase attacks on information systems. At the same time, new methods and models are being developed to support decision-making regarding the choice of financing strategy. Investments in innovative projects, for example, in the field of information technology and cyber security, in many cases are determined by a high probability of calculation inaccuracy and risk. Data analysis systems are often used to improve the efficiency and optimization of project evaluation procedures and to support investment decision-making. It is decision support systems that make it possible to optimize procedures related to the selection of strategies for financial investment of projects based on a combination of game theory with the help of a genetic algorithm. The lack of standardization of the information field and limited access to structured information regarding the degree of cyber security of a specific informatization object is one of the main problems in the field of information protection and cyber security of many states. The only option for solving the problem of finding a rational strategy for investing in cyber security is only to involve the potential of the decision support system. The article describes a method for a decision-making support system based on a genetic algorithm and a combination of game theory, which contribute to ensuring the continuous and effective functioning of the information resource protection system of the informatization object of any scale. In the developed genetic algorithm, the so-called quality index or degree of achievement of the desired goals for a specific information protection tool is adopted as an integral indicator of information protection tools. The presented method can be applied to reduce the time in solving the problem of finding rational (optimal) strategies of investors based on game models in combination with a genetic algorithm, in particular, in the conditions of dynamic opposition to an attacker, when the evaluation of a rational investment strategy is extremely important for the defense side.

Downloads

Download data is not yet available.

References

Cui, M., Wang, J., Yue, M. (2019). Machine Learning-Based Anomaly Detection for Load Forecasting Under Cyberattacks. IEEE Transactions on Smart Grid, 10(5), 5724–5734. https://doi.org/10.1109/tsg.2018.2890809

Yulianto, S., Lim, C., Soewito, B. (2016). Information security maturity model: A best practice driven approach to PCI DSS compliance. IEEE Region 10 Symposium (TENSYMP), 65-70. https://doi.org/10.1109/TENCONSpring.2016.7519379

Akdeniz, E., Bagriyanik, M. (2016). A knowledge based decision support algorithm for power transmission system vulnerability impact reduction. International Journal of Electrical Power & Energy Systems, 78, 436–444. https://doi.org/10.1016/j.ijepes.2015.11.041

Akhmetov, B., Lakhno, V., Akhmetov, B., Alimseitova, Z. (2018). Development of Sectoral Intellectualized Expert Systems and Decision Making Support Systems in Cybersecurity. У Intelligent Systems in Cybernetics and Automation Control Theory (с. 162–171). Springer International Publishing. https://doi.org/10.1007/978-3-030-00184-1_15

Weishäupl, E., Yasasin, E., Schryen, G. (2018). Information security investments: An exploratory multiple case study on decision-making, evaluation and learning. Computers & Security, 77, 807–823. https://doi.org/10.1016/j.cose.2018.02.001

Akhmetov, B., Lakhno, V., Akhmetov, B., Alimseitova, Z. (2018). Development of Sectoral Intellectualized Expert Systems and Decision Making Support Systems in Cybersecurity. У Intelligent Systems in Cybernetics and Automation Control Theory (с. 162–171). Springer International Publishing. https://doi.org/10.1007/978-3-030-00184-1_15

Fu, Y., Zhu, J., Gao, S. (2017). CPS Information Security Risk Evaluation System Based on Petri Net. У 2017 IEEE Second International Conference on Data Science in Cyberspace (DSC). IEEE. https://doi.org/10.1109/dsc.2017.65

Diesch, R., Pfaff, M., Krcmar, H. (2020). A comprehensive model of information security factors for decision-makers. Computers & Security, 92, 101747. https://doi.org/10.1016/j.cose.2020.101747

Haqaf, H., Koyuncu, M. (2018). Understanding key skills for information security managers. International Journal of Information Management, 43, 165–172. https://doi.org/10.1016/j.ijinfomgt.2018.07.013

Silva, M. M., de Gusmão, A. P. H., Poleto, T., Silva, L. C. e., Costa, A. P. C. S. (2014). A multidimensional approach to information security risk management using FMEA and fuzzy theory. International Journal of Information Management, 34(6), 733–740. https://doi.org/10.1016/j.ijinfomgt.2014.07.005

Safa, N. S., Von Solms, R. (2016). An information security knowledge sharing model in organizations. Computers in Human Behavior, 57, 442–451. https://doi.org/10.1016/j.chb.2015.12.037

Lakhno, V., Malyukov, V., Gerasymchuk, N., Shtuler, I. (2017). Development of the decision making support system to control a procedure of financial investment. Eastern-European Journal of Enterprise Technologies, 6(3 (90)), 35–41. https://doi.org/10.15587/1729-4061.2017.119259

Dor, D., Elovici, Y. (2016). A model of the information security investment decision-making process. Computers & Security, 63, 1–13. https://doi.org/10.1016/j.cose.2016.09.006

Lakhno, V., Malyukov, V., Akhmetov, B., Kasatkin, D., Plyska, L. (2021). Development of a model for choosing strategies for investing in information security. Eastern-European Journal of Enterprise Technologies, 2(3 (110)), 43–51. https://doi.org/10.15587/1729-4061.2021.228313

Jin, X., Liu, Q., Long, H. (2021). Impact of cost–benefit analysis on financial benefit evaluation of investment projects under back propagation neural network. Journal of Computational and Applied Mathematics, 384, 113172. https://doi.org/10.1016/j.cam.2020.113172.

Malyukov, V. P. (1994). Discrete-approximation method for solving a bilinear differential game. Cybernetics and Systems Analysis, 29(6), 879–888. https://doi.org/10.1007/bf01122741.

Malyukov, V. P., Linder, N. V. (1994). A multistep game of kind between two economic systems under complete information. Cybernetics and Systems Analysis, 30(4), 545–554. https://doi.org/10.1007/bf02366564

Malyukov, V.P. (1993). On a method of information specification in conflict interaction between economic dynamics models. Cybernetics and Systems Analysis, 29(5), 705-715.

Malyukov, V.P. (1993). On one method of information specification in conflict interaction between economic dynamics models. Kibernetika i Sistemnyj Analis, (5), 92-104.

Malyukov, V.P. (1992). A game between two dynamical economic models with incomplete information. Cybernetics and Systems Analysis, 28(1), 45-54.

Malyukov, V.P. (1992). Game of the quality of two models of economic dynamics with incomplete information. Kibernetika i Vychislitel'naya Tekhnika, (1), 58-67.

Malyukov, V.P. (1991). A differential game of quality for two groups of objects. Journal of Applied Mathematics and Mechanics, 55(5), 596-606.

Malyukov, V.P. (1990). Game of quality for two groups of objects. Cybernetics, 26(5), 698-710.

Lakhno, V., Malyukov, V., Akhmetov, B., Kasatkin, D., Plyska, L. (2021). Development of a model for choosing strategies for investing in information security. Eastern-European Journal of Enterprise Technologies, 2(3), 110.

Lakhno, V., Malyukov, V., Mazur, N., Kuzmenko, L., Akhmetov, B., Hrebeniuk, V. (2020). Development of a model for decision support systems to control the process of investing in information technologies. Eastern-European Journal of Enterprise Technologies, 1(3), 74-81.

Downloads


Abstract views: 294

Published

2022-06-30

How to Cite

Plyska, L., & Maliukov, V. (2022). OPTIMIZATION OF THE METHOD OF CHOOSING THE INVESTMENT STRATEGY OF INFORMATION SECURITY EQUIPMENT BASED ON THE COMBINATION OF GAME THEORY AND THE GENETIC ALGORITHM. Electronic Professional Scientific Journal «Cybersecurity: Education, Science, Technique», 4(16), 172–184. https://doi.org/10.28925/2663-4023.2022.16.172184