USE OF MATHEMATICAL OPTIMIZATION METHODS TO INCREASE THE EFFICIENCY OF INFORMATION SECURITY SYSTEMS
DOI:
https://doi.org/10.28925/2663-4023.2025.28.778Keywords:
information security, information risks, mathematical model, optimization methods, information threatAbstract
Ensuring information security is a pressing task of our time, as the problem of information risks and finding ways to reduce damage from cyberattacks is becoming increasingly acute. In this paper, we analyzed methods for ensuring information security. Among the economic methods of information protection, information risk insurance occupies an important place. However, such insurance continues to remain a rare occurrence due to insurance companies' concerns about the need to pay policyholders significant amounts of compensation for losses in the event of a mass occurrence of insured events. The use of mathematical modeling methods allows to convincingly prove managers that investing in an information security system contributes to increasing the company's profits, and also, in conditions of limited resources allocated to the development and operation of a cyber defense system, to choose the optimal set of protection tools and, based on a mathematical model, convincingly prove how effective the created information security system is in the fight against the most common threats. The purpose of the work is mathematical modeling of maximizing the effectiveness of information protection tools against unauthorized access with restrictions on the amount of costs. The application of optimization methods to mathematical modeling of quantitative assessments of the quality of functioning of a cybersecurity system allows us to assess the cost-effectiveness of using information protection tools to increase the level of reliability of the information security system. We proposed a mathematical model for maximizing the effectiveness of information protection tools under cost constraints, the use of which can be an argumentative factor for motivating underwriters. Prospects for further research may consist in detailing the criteria for the optimality of creating an enterprise information security system to protect against possible information threats, as well as in studying more complex cases of combined information threats that are interconnected.
Downloads
References
Sageman, M. (2004). Understanding Terror Networks. University of Pennsylvania Press.
Information technology. Security techniques. Information security risk management: BS ISO/IEC 27005:2008.
Kopytin, Yu.V. (2010). Information security risk insurance model. Digital technologies, (8), 97–109.
Ksyonzhyk, I., Zhovta, N., & Pavlina, A. (2021). Insurance of cybersecurity risks of business entities in the modern information space. Economy and Society, (34). https://doi.org/10.32782/2524-0072/2021-34-90
Goodman, M., & Brenner, S. (2012). The Emerging Consensus on Criminal Conduct in Cyberspace. UCLA J.L. & Tech., 3.
Zamulyanets, K.V. (2012). Insurance of information security risks. In VIII International Scientific and Practical Conference “Socio-economic Reforms in the Context of Ukraine’s Integration Choice”. http://www.confcontact.com/2012_11_29/6_zamulyanets.htm
Hu, Z., Khokhlachova, Y., Sydorenk, V., & Opirskyy, I. (2017). Method for Optimization of Information Security Systems Behavior under Conditions of Influences. International Journal of Intelligent Systems and Applications, 9(12), 46–58. https://doi.org/10.5815/ijisa.2017.12.05
Barrett, C., Eubank, S., & Marathe, M. (2006). Modeling and simulation of large biological, information and socio-technical systems: An interaction based approach. In Interactive Computation, 353–392. Springer Berlin Heidelberg.
Maevsky, D. A., Maevskaya, E. J., Jekov, O. P., & Shapa, L. N. (2014). Verification of the software reliability models. Reliability: Theory & Applications, 9(3(34)), 14–23.
Global PwC. (n. d.) https://www.pwc.com/gx/en.html
Hladka, O., Karpovich, I., & Buryan, D. (2022). Modeling technologies for assessment of information security risks in e-commerce. In International Conference on Innovative Solutions in Software Engineering (ICISSE), 78–82.
Karpovich, I., Hladka, O., & Bukhalo, Y. (2021). Technologies of modeling and assessment of the information security risk. Technical Sciences and Technologies, (1(23)), 62–68. https://doi.org/10.25140/2411-5363-2021-1(23)-62-68
Karpovich, I. M., Hladka, O. M., & Kalashnikov, V. I. (2022). Modeling of information security risk analysis processes as a way of cost optimization. Scientific Notes of Taurida National V.I. Vernadsky University. Series: Technical Sciences, (5), 93–99. https://doi.org/10.32782/2663-5941/2022.5/13
Lazarovych, I., Kozlenko, M., Kuz, M., Tkachuk, V., Dutchak, M., Savka, I., & Pikuliak, M. (2021). Software implemented enhanced efficiency BPSK demodulator based on perceptron model with randomization. In 2021 IEEE 3rd Ukraine Conference on Electrical and Computer Engineering (UKRCON). IEEE. https://doi.org/10.1109/ukrcon53503.2021.9575458
Published
How to Cite
Issue
Section
License
Copyright (c) 2025 Іван Карпович, Олена Гладка, Андрій Паламарчук
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
