CONCEPTUAL FRAMEWORK FOR ENHANCING CYBER RESILIENCE OF INFORMATION AND COMMUNICATION SYSTEMS IN THE CONTEXT OF EVOLUTION OF CYBER THREATS
DOI:
https://doi.org/10.28925/2663-4023.2025.28.856Keywords:
cyber resilience; information and communication system; level of functionality; cyber threats; artificial intelligence; principles of cyber resilience.Abstract
The article discusses the issue of ensuring the cyber resilience of critical information and communication systems in the context of the rapid evolution of cyber threats, in particular those created or controlled using artificial intelligence technologies. Based on an analysis of current standards, recommendations, and frameworks, it is proven that although existing cyber resilience strategies are conceptually valuable and contain progressive solutions, they have a number of limitations in the context of countering polymorphic, metamorphic, adaptive, competitive, and intellectually controlled cyber attacks. Among the key problems are the failure to take into account the evolutionary nature of cyber threats, the asynchrony of cyber events in the system, the complexity of interpreting the actions of decision-making modules, and the limited ability to accumulate and use knowledge in cyber defense processes. It has been established that, given the growing variability and unpredictability of cyberattacks, there is an objective need for new methodological principles capable of ensuring the stable functioning of ICS even under conditions of multi-level destructive influence. In order to eliminate these limitations, new principles of cyber resilience have been proposed: evolution, temporal relativity of events, situational awareness, and intelligent knowledge management. Each of the principles is justified in the context of its impact on the cyber resilience of ICS, and the mechanisms for implementation and possible tools for technical implementation are described. Particular attention is paid to combining the principle of evolution with methods of topological data analysis to identify structural patterns in the dynamics of cyber threats. The proposed principles are considered as a conceptual basis for building self-learning, adaptive, and transparent cyber defense architectures of the new generation, capable of dynamic updating in a changing and aggressive cyber environment.
Downloads
References
Gerasimov B.M., Subach I.Y., Khusainov P.V., & Mishchenko V.O. (2008). Analysis of the tasks of monitoring information networks and methods of increasing the efficiency of their functioning. Modern information technologies in the sphere of security and defense, 3(3), 24–27.
Kott, A., & Linkov, I. (2019). Cyber Resilience of Systems and Networks. Springer International Publishing. https://doi.org/10.1007/978-3-319-77492-3
Kostromina, M. O. (2022). Cyber Resilience and Cyber Security: What’s the Difference? Modern Information Security, 52(4). https://doi.org/10.31673/2409-7292.2022.040012
Korystyn, O., & Demediuk, S. (2023). Actualization of cyber resilience and historical origins of the concept of “resilience”. Analytical and Comparative Jurisprudence, (6), 708–713. https://doi.org/10.24144/2788-6018.2023.06.122
Ivanchenko, Ye., Korchenko, О., Zarytskyi, О., Zybin, S., & Vyshnevska, N. (2023). Analysis of the concept of cyber resilience of critical infrastructure. Ukrainian Information Security Research Journal, 25(4), 221–233. https://doi.org/10.18372/2410-7840.25.18228
Cyber resilience – what it is, how to ensure it, and how to manage it. (2018). Spilno. https://spilno.org/article/kiberstiikist-scho-tse-yak-zabezpechyty-ta-yak-upravlyaty.
Bagheri, S., & Ridley, G. (2017). Organisational Cyber Resilience: Research opportunities. In Australasian Conference on Information Systems.
Kyivstar is not working. What happened and can the problem be circumvented?. (2023). BBC News Ukraine. https://www.bbc.com/ukrainian/articles/cz92xrkklwro.
Melnyk, Т. (2023). How hackers broke into Kyivstar: explained by company director Alexander Komarov – Forbes. https://forbes.ua/innovations/pro-kiberataku-na-kiivstar-vidnovlennya-zvyazku-ta-dopomogu-microsoft-cisco-ericsson-blits-intervyu-prezidenta-kompanii-komarov-12122023-17855
Russian hackers broke into Ukraine’s state registries. What is known. (n. d.). BBC News Ukraine. https://web.archive.org/web/20241220165826/https:/www.bbc.com/ukrainian/articles/c7ve1298ndgo.amp
Restoration of the Unified State Register after a cyberattack. (2025). Ministry of Justice of Ukraine. https://minjust.gov.ua/news/ministry/vidnovlennya-roboti-edinogo-derjavnogo-reestru-pislya-kiberataki.
Dysa, Y., & Balmforth, T. (2025). Ukraine sees Russian effort to sow chaos as cyberattack hits rail service. Reuters. https://www.reuters.com/world/europe/ukraine-railway-says-its-online-systems-targeted-large-scale-cyberattack-2025-03-24/
The Ukrzaliznytsia failure was caused by an “enemy cyberattack.” Online services are down, tickets are available at ticket offices. (2025). BBC News Ukraine. https://www.bbc.com/ukrainian/articles/ce98ex5jem1o
Fesokha, V. (2024). Features of the confrontation between defensive and offensive artificial intelligence in cyberspace. International Science Journal of Engineering & Agriculture, 3(4), 105–114. https://doi.org/10.46299/j.isjea.20240304.11
Toliupa, S., Samokhvalov, Y., Khusainov, P., & Shtanenko, S. (2023). Self-diagnosis as a way to increase the cyber resistance of terminal components of a technological system. Cybersecurity: Education, Science, Technique, 2(22), 134–147. https://doi.org/10.28925/2663-4023.2023.22.134147
Lukova-Chuiko, N. (2018). Methodological foundations for ensuring the functional stability of distributed information systems against cyber threats [Doctoral dissertation]. State University of Telecommunications.
Kott, A., & Linkov, I. (2021). To Improve Cyber Resilience, Measure It. Computer, 54(2), 80–85. https://doi.org/10.1109/mc.2020.3038411
Segovia-Ferreira, M., Rubio-Hernan, J., Cavalli, A. R., & Garcia-Alfaro, J. (2024). A Survey on Cyber-Resilience Approaches for Cyber-Physical Systems. ACM Computing Surveys. https://doi.org/10.1145/3652953
Ross, R., Pillitteri, V., Graubart, R., Bodeau, D., & McQuaid, R. (2021). Developing cyber-resilient systems: A systems security engineering approach. National Institute of Standards and Technology, 2(1). https://doi.org/10.6028/NIST.SP.800-160v2r1.
Lunhol, O. (2024). Overview of cybersecurity methods and strategies using artificial intelligence. Cybersecurity: Education, Science, Technique, 1(25), 379–389. https://doi.org/10.28925/2663-4023.2024.25.379389
Huang, Y., Huang, L., & Zhu, Q. (2022). Reinforcement Learning for feedback-enabled cyber resilience. Annual Reviews in Control. https://doi.org/10.1016/j.arcontrol.2022.01.001
Improving cyber resilience with Fidelis Elevate. (n. d.). Wise IT. https://wiseit.com.ua/building-cyber-resilience/.
Key strategies for building cyber resilience in 2024. (2024). World Economic Forum. https://www.weforum.org/stories/2024/04/cybersecurity-key-strategies-cyber-resilience-2024/
State Special Communications Service and eGA launch project to improve cyber resilience of critical infrastructure. (2025). State Service for Special Communications and Information Protection of Ukraine. https://cip.gov.ua/ua/news/ssscip-and-ega-to-enhance-cyber-resilience-of-ukrainian-critical-infrastructure
On the decision of the National Security and Defense Council of Ukraine dated May 14, 2021, “On the Cybersecurity Strategy of Ukraine,” Decree of the President of Ukraine № 447/2021 (2021) (Ukraine). https://zakon.rada.gov.ua/laws/show/447/2021#Text
Bodeau, D. J., Graubart, R. D., McQuaid, R. M., & Woodill, J. (2018). Cyber resiliency metrics, measures of effectiveness, and scoring (MITRE Technical Report No. MTR180314). The MITRE Corporation. https://www.mitre.org/sites/default/files/2021-11/prs-18-2579-cyber-resiliency-metrics-measures-of-effectiveness-and-scoring.pdf.
International Organization for Standardization. (2022). ISO/IEC 27001:2022 – Information security, cybersecurity and privacy protection – Information security management systems. ISO. https://www.iso.org/standard/82875.html
European Union Agency for Cybersecurity. (2021). ENISA Threat Landscape 2021. https://www.enisa.europa.eu/publications/enisa-threat-landscape-2021.
Fesokha, V., & Subach, І. (2025, April). Principles of ensuring cyber resilience of information and communication systems based on artificial intelligence technologies. Cybersecurity issues in information and communication systems: abstracts of reports from the VIII International Scientific and Practical Conference, 56–57.
National Institute of Standards and Technology. (2024). Cybersecurity Framework 2.0. https://www.nist.gov/cyberframework.
Ross, R., Pillitteri, V., Graubart, R., Bodeau, D., & McQuaid, R. (2021). Developing cyber-resilient systems: A systems security engineering approach. National Institute of Standards and Technology, 2(1). https://doi.org/10.6028/NIST.SP.800-160v2r1.
International Organization for Standardization & International Electrotechnical Commission. (2025). ISO/IEC 27031:2025 – Cybersecurity – Information and communication technology readiness for business continuity. ISO. https://www.iso.org/standard/27031.html.
European Union Agency for Cybersecurity. (2016). National Cyber Security Strategy Good Practice Guide. ENISA. https://www.enisa.europa.eu/publications/ncss-good-practice-guide.
Symantec Corporation. (2014). The Cyber Resilience Blueprint: A New Perspective on Security. Symantec. https://www.ten-inc.com/presentations/Symantec-The-Cyber-Resilience-Blueprint.pdf.
European Insurance and Occupational Pensions Authority. (n. d.). Digital Operational Resilience Act (DORA). https://www.eiopa.europa.eu/digital-operational-resilience-act-dora_en.
Cybersecurity and Infrastructure Security Agency. (n. d.). Cyber Resilience Review (CRR). U.S. Department of Homeland Security. https://www.cisa.gov/resources-tools/services/cyber-resilience-review-crr.
Fesokha, V., Kysylenko, D., & Nesterov, O. (2023). Analysis of the capacity of existing anti-virus protection systems and their based methods for detecting new malware in military information systems. Communication, informatization and cybersecurity systems and technologies, 3(3). https://doi.org/10.58254/viti.3.2023.16.143
AI-Generated Cyber Threats the Rise of Autonomous Hacking Systems. (2024). IJARCCE, 13(12). https://doi.org/10.17148/ijarcce.2024.131263
Oh, S. H., Kim, J., Nah, J. H., & Park, J. (2024). Employing Deep Reinforcement Learning to Cyber-Attack Simulation for Enhancing Cybersecurity. Electronics, 13(3), 555. https://doi.org/10.3390/electronics13030555
Kim, M.-S. (2024). Deep Reinforcement Learning-Based Adversarial Attack and Defense in Industrial Control Systems. Mathematics, 12(24), 3900. https://doi.org/10.3390/math12243900
Duy, P. T., Tien, L. K., Khoa, N. H., Hien, D. T. T., Nguyen, A. G.-T., & Pham, V.-H. (2021). DIGFuPAS: Deceive IDS with GAN and function-preserving on adversarial samples in SDN-enabled networks. Computers & Security, 109, 102367. https://doi.org/10.1016/j.cose.2021.102367
Lin, C., Chen, S., Zeng, M., Zhang, S., Gao, M., & Li, H. (2022). Shilling Black-Box Recommender Systems by Learning to Generate Fake User Profiles. IEEE Transactions on Neural Networks and Learning Systems, 1–15. https://doi.org/10.1109/tnnls.2022.3183210
Zhang, C., Costa-Perez, X., & Patras, P. (2022). Adversarial Attacks Against Deep Learning-Based Network Intrusion Detection Systems and Defense Mechanisms. IEEE/ACM Transactions on Networking, 1–18. https://doi.org/10.1109/tnet.2021.3137084
Vugrin, E. D., & Turgeon, J. T. (2012). Advancing Cyber Resilience Analysis with Performance-Based Metrics (SAND2012-2427). Sandia National Laboratories. https://www.sandia.gov/app/uploads/sites/141/2022/02/cyber_resil_102212.pdf
Published
How to Cite
Issue
Section
License
Copyright (c) 2025 Віталій Фесьоха, Ігор Субач
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
