EVALUATION OF QUALITY INDICATORS OF FUNCTIONING CYBER PROTECTION MANAGEMENT SYSTEMS OF INFORMATION SYSTEMS

Computer systems and information technologies Pub Date : 2022-06-30 DOI:10.31891/csit-2022-2-6

V. Khoroshko, Vadym Kudinov, M. Kapustian

{"title":"EVALUATION OF QUALITY INDICATORS OF FUNCTIONING CYBER PROTECTION MANAGEMENT SYSTEMS OF INFORMATION SYSTEMS","authors":"V. Khoroshko, Vadym Kudinov, M. Kapustian","doi":"10.31891/csit-2022-2-6","DOIUrl":null,"url":null,"abstract":"Evidence of the complexity of the cybersecurity problem is the rapid increase in the number of information security breaches and losses on cybersecurity threats combined with an increase in the average loss from each of the breaches. Therefore, it is necessary to create requirements for a cybersecurity system that could provide more opportunities in the choice of methods in the management of the protection of automated information systems. \nThe task of determining the optimal quality indicators of information resource management systems of automated systems is one of the most important problems in designing integrated information security systems. This is due to the complexity of such systems, the presence of many variable parameters, and the complexity of calculating quality indicators. In addition, the determined quality indicators should not only ensure the optimality of the target function, but also the stability of the protection system in a wide range of external adverse effects. The problem is that the existing methods of calculating integrated quadratic estimates (IQE) do not take into account errors in determining quality indicators, as well as the vector nature of these indicators. \nThe aim of this work is to solve problems (development of algorithms), which are a problem of optimization of stable protection management systems using vector objective functions. Based on the model of information management system protection of information resources in the form of an automatic control system, the method of forming integrated quadratic estimates (IQE) of control error is proposed. This method takes into account the weights of the estimates at the desired installation time and standard transfer functions. Algorithms for calculating IQE according to the modified Katz formula and Ostrom's method for arbitrary order control systems are developed, including vector representation of the objective function of the protection system. The vector penalty function is proposed and the algorithm of its calculation is developed to display the degree of infringement of conditions of stability of parameters of the system of protection by the Rauss-Hurwitz criterion.","PeriodicalId":353631,"journal":{"name":"Computer systems and information technologies","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-06-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computer systems and information technologies","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.31891/csit-2022-2-6","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

Abstract

Evidence of the complexity of the cybersecurity problem is the rapid increase in the number of information security breaches and losses on cybersecurity threats combined with an increase in the average loss from each of the breaches. Therefore, it is necessary to create requirements for a cybersecurity system that could provide more opportunities in the choice of methods in the management of the protection of automated information systems. The task of determining the optimal quality indicators of information resource management systems of automated systems is one of the most important problems in designing integrated information security systems. This is due to the complexity of such systems, the presence of many variable parameters, and the complexity of calculating quality indicators. In addition, the determined quality indicators should not only ensure the optimality of the target function, but also the stability of the protection system in a wide range of external adverse effects. The problem is that the existing methods of calculating integrated quadratic estimates (IQE) do not take into account errors in determining quality indicators, as well as the vector nature of these indicators. The aim of this work is to solve problems (development of algorithms), which are a problem of optimization of stable protection management systems using vector objective functions. Based on the model of information management system protection of information resources in the form of an automatic control system, the method of forming integrated quadratic estimates (IQE) of control error is proposed. This method takes into account the weights of the estimates at the desired installation time and standard transfer functions. Algorithms for calculating IQE according to the modified Katz formula and Ostrom's method for arbitrary order control systems are developed, including vector representation of the objective function of the protection system. The vector penalty function is proposed and the algorithm of its calculation is developed to display the degree of infringement of conditions of stability of parameters of the system of protection by the Rauss-Hurwitz criterion.

查看原文本刊更多论文

信息系统网络保护管理系统运行质量指标评价

信息安全漏洞数量的迅速增加以及网络安全威胁造成的损失，以及每次漏洞造成的平均损失的增加，都证明了网络安全问题的复杂性。因此，有必要为网络安全系统创建要求，以便在自动化信息系统保护的管理中提供更多选择方法的机会。确定自动化系统信息资源管理系统的最优质量指标是集成信息安全系统设计中的重要问题之一。这是由于这种系统的复杂性，许多可变参数的存在，以及计算质量指标的复杂性。此外，所确定的质量指标不仅要保证目标函数的最优性，还要保证保护系统在大范围的外部不利影响下的稳定性。问题是，现有的计算综合二次估计(IQE)的方法没有考虑到确定质量指标时的误差，以及这些指标的矢量性质。本工作的目的是解决问题(算法的开发)，这是一个使用矢量目标函数优化稳定保护管理系统的问题。在信息管理系统以自动控制系统的形式保护信息资源的模型基础上，提出了形成控制误差积分二次估计(IQE)的方法。该方法考虑了期望安装时间和标准传递函数的估计权值。根据改进的Katz公式和Ostrom方法，提出了计算任意阶控制系统IQE的算法，包括保护系统目标函数的矢量表示。提出了矢量惩罚函数，并给出了矢量惩罚函数的计算算法，以表示保护系统参数不符合Rauss-Hurwitz准则的稳定条件的程度。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Computer systems and information technologies

自引率

0.00%

发文量