Modeling of the Decision-making Procedure for Financing of Cyber Security Means of Cloud Services by the Medium of a Bilinear Multistep Quality Game with Several Terminal Surfaces

• Autorzy: Lakhno V. , Akhmetov B. , Malyukov V. , Kartbaev T.

Identyfikatory

DOI

10.24425/123547

• Języki publikacji: EN

Abstrakty

EN

The model is developed for the intellectualized decision-making support system on financing of cyber security means of transport cloud-based computing infrastructures, given the limited financial resources. The model is based on the use of the theory of multistep games tools. The decision, which gives specialists a chance to effectively assess risks in the financing processes of cyber security means, is found. The model differs from the existing approaches in the decision of bilinear multistep quality games with several terminal surfaces. The decision of bilinear multistep quality games with dependent movements is found. On the basis of the decision for a one-step game, founded by application of the domination method and developed for infinite antagonistic games, the conclusion about risks for players is drawn. The results of a simulation experiment within program implementation of the intellectualized decision-making support system in the field of financing of cyber security means of cloudbased computing infrastructures on transport are described. Confirmed during the simulation experiment, the decision assumes accounting a financial component of cyber defense strategy at any ratios of the parameters, describing financing process.

Słowa kluczowe

EN

cloud infrastructures; cyber security; multistep quality game; optimum financing strategy; risks; decision-making support system

• Wydawca: Polish Academy of Sciences, Committee of Electronics and Telecommunication
• Czasopismo: International Journal of Electronics and Telecommunications
• Rocznik: 2018
• Tom: Vol. 64, No. 4
• Strony: 467--472
• Opis fizyczny: Bibliogr. 24 poz., tab., wykr.

Twórcy

autor

Lakhno V.

• Department of Cybersecurity, European University, Kyiv, Ukraine

autor

Akhmetov B.

• Caspian State University of Technologies and Engineering named after Sh. Yessenov, Aktau, Republic of Kazakhstan

autor

Malyukov V.

• Department of Information Systems and Mathematical Disciplines, European University, Kyiv, Ukraine

autor

Kartbaev T.

• Department IT-engineering, Almaty University of Power Engineering and Telecommunications, Almaty, Republic of Kazakhstan

Bibliografia

• [1] K. Sagar, A. Kumar, G. Ankush, T. Harika, M. Saranya,and D. Hemanth. ”Implementation of IoT based railway calamity avoidance system using cloud computing technology”, Indian Journal of Science and Technology 9 (17), 1–5 (2016).
• [2] S. Ramgovind, M. Eloff,and E. Smith, ”The management of security in cloud computing”,In Information Security for South Africa (ISSA), 1–7 (2010).
• [3] A. Sajid, H. Abbas,and K. Saleem,”Cloud-assisted iot-based scada systems security: A review of the state of the art and future challenges”, IEEE Access 4, 1375-1384 (2016).
• [4] O. Petrov, B. Borowik, M. Karpinskyy, O. Korchenko,and V. Lakhno, ”Immune and defensive corporate systems with intellectual identification of threats, Pszczyna : lska Oficyna Drukarska”, 222 p. ISBN: 978–83–62674–68–8 (2016).
• [5] V. Lakhno, ”Development of a support system for managing the cyber security, Radio Electronics, Computer Science, Control”, No. 2, 109-116 (2017).
• [6] V. Malyukov, ”A differential game of quality for two groups of objects”, Journal of Applied Mathematics and Mechanics,Vol. 5 (55), 596–606 (1991).
• [7] I. Krass, V. Malyukov, ”O sushhestvovanii optimal’nyh smeshannyh strategij dlja nekotoryh antagonisticheskih igr, Optimizacija” 20 (37),135–146 (1978).
• [8] M. Manshaei, Q. Zhu, T. Alpcan, ”Game theory meets network security and privacy”,ACM Computing Surveys, 3 (45), 1-39, (2013).
• [9] N. BenAsher, C. Gonzalez, ”Effects of cyber security knowledge on attack detection”,Computers in Human Behavior, (48), 51-61, (2015).
• [10] J. Grossklags, N. Christin, J. Chuang, ”Secure or insure?: a gametheoretic analysis of information security games”,(Conferense) 17th international conference on World Wide Web, Beijing, China, 21-25 April 2008 : proceedings. New York, ACM, 2008. 209-218.
• [11] H. Cavusoglu, B. Mishra, S. Raghunathan, ”A model for evaluating IT security investments”,Communications of the ACM,7 (47), 87-92 (2004).
• [12] A. Fielder, E. Panaousis, P. Malacaria, Decision support approaches for cyber security investment, Decision Support Systems, Vol. 86, 13-23 (2016).
• [13] P. Meland, I. Tondel, B. Solhaug, ”Mitigating risk with cyberinsurance”, IEEE Security and Privacy, 13 (6), 38-43 (2015).
• [14] A. Fielder, S. Konig, E. Panaousis, S. Schauer, and S. Rass, Uncertainty in Cyber Security Investments. arXiv preprint arXiv:1712.05893 (2017).
• [15] A. Fielder, E. Panaousis, P. Malacaria, ”Game theory meets information security management”, IFIP International Information Security Conference, Marrakech, Morroco, 2-4 June 2014 : proceedings, Berlin, Springer, 15-29 (2014).
• [16] X. Gao, W. Zhong, S. Mei, ”A game-theoretic analysis of information sharing and security investment for complementary firms”, Journal of the Operational Research Society, 11 (65), 1682-1691 (2014).
• [17] V. Malyukov, ”Discrete-approximation method for solving a bilinear differential game”, Cybernetics and Systems Analysis, Vol. 6 (29), 879-888 (1993).
• [18] V. Lakhno, V. Malyukov, N. Gerasymchuk, ”Development of the decision making support system to control a procedure of financial investment”, Eastern-European Journal of Enterprise Technologies, 3 (6), 24-41 (2017).
• [19] F. Smeraldi, P. Malacaria, ”How to spend it: optimal investment for cyber security”, 1st International Workshop on Agents and CyberSecurity, Paris, France, 0608 May 2014 : proceedings, New York, ACM, 2014, 8.
• [20] B. Akhmetov, B, V. Lakhno, Y. Boiko, A. Mishchenko, ”Designing a decision support system for the weakly formalized problems in the provision of cybersecurity”, Eastern-European Journal of Enterprise Technologies, 1(2(85)), 4-15 (2017).
• [21] M. Chronopoulos, E. Panaousis, and J. Grossklags, ”An options approach to cybersecurity investment”, IEEE Access (2017).
• [22] S. Rass, S. Knig, and S. Schauer, ”Uncertainty in games: Using probability-distributions as payoffs”, In International Conference on Decision and Game Theory for Security (pp. 346-357). Springer, Cham.
• [23] Y. Lee, R. Kauffman, and R. Sougstad, ”Profit-maximizing firm investments in customer information security”, Decision support systems, 51 (4), 904-920 (2011).
• [24] T. Moore, S. Dynes, and F. Chang, Identifying how firms manage cybersecurity investment. Available: Southern Methodist University. Available at: http://blog.smu.edu/research/files/2015/10/SMU-IBM. pdf (Accessed 2015-12-14), 32 (2015).

Uwagi

1. The work is performed within grant financing of the AP05132723 project ”Development of Adaptive Expert Systems in the field of Cyber Security of Crucial Objects of Informatization” (Republic of Kazakhstan).

2. Opracowanie rekordu w ramach umowy 509/P-DUN/2018 ze środków MNiSW przeznaczonych na działalność upowszechniającą naukę (2019).