A Multicriterial Analysis of the Efficiency of Conservative Information Security Systems

The paper addresses the task on a multicriterial analysis of the effectiveness of conservative information security systems whose structure and components do not change over a certain period of time. The principal scheme of such systems includes a protected object, vulnerabilities ‒ channels for attacks, threats, and protection tools.Based on the assumption about the independence of attacks and protection tools, we have developed a discrete probabilistic model of damage to a protected object. For a random variable of the amount of damage over a fixed period of time, we have derived a representation in the form of a sum of binomially-distributed random variables, dependent on the parameters for attacks and protection. We have described in a similar manner the random variables for economic losses, recovery time, as well as recovery costs, for which mathematical expectations and variances have been obtained in the analytical form. To ensure the high statistical confidence, it has been proposed to determine the risk indicators using a Cantelli's inequality. On this basis, we have defined performance indicators for a protection system, which characterize the probability of protected object's safety, residual losses, conditionally saved costs, survivability, and the cost of recovery.By using a Pareto optimality theory, we have devised a procedure for multi-criteria analysis and rational design of conservative systems of information protection. Verification has been carried out for the audio information protection systems. A Pareto frontier has been investigated according to the criteria of economic benefit and investment costs for 66 variants of protection. We have examined the influence of protection level on the Cantelli's measure for conditional savings, as well as the contribution of various types of protection devices to it.The research results have confirmed the saturation law by Gordon-Loeb for the case when over-protection does not improve the effectiveness of protection systems

Development of A Method for Assessing Forecast of Social Impact in Regional Communities

The development of the social aspect of the world community is closely related to the expansion of the range of digital services in cyberspace. A special place in which social networks occupy. The world's leading states are conducting information operations in this environment to achieve geopolitical goals. Such processes are reflected in real social and political life. This makes it possible to influence not only the social groups of society, but also to ensure manipulation in political "games" in the conduct of hybrid wars. The simultaneous interaction of social factors, influencing factors, the presence of communities in social networks forms a full-fledged socio-cyber-physical system capable of integrating real and virtual interactions to manage regional communities. The article proposes a method for predicting the assessment of social mutual influence between “formal” and “informal” leaders and regional societies. The proposed models make it possible to form not only a forecast of the influence of agents, but also the interaction of various agents, taking into account their formal and informal influences, the use of administrative resources, political moods of the regional society. This approach allows dynamic modeling based on impact and relationship analysis. The presented results of simulation modeling do not contradict the results of opinion polls and make it possible to form a set of measures that can be aimed at overcoming the negative impact on the regional society of both individual “leaders” and political parties. Analysis of the simulation results allows to increase both the political and social stability of the regional society, helps to prevent conflict moods and contradictions

Development of Methodology for Modeling the Interaction of Antagonistic Agents in Cybersecurity Systems

The basic concepts that form the basis of integrated modeling of the behavior of antagonistic agents in cybersecurity systems are identified. It is shown that the emphasis is largely on modeling the behavior of one of the cyber conflict parties only. In the case when the interaction of all parties to the conflict is considered, the approaches used are focused on solving particular problems, or they model a simplified situation.A methodology for modeling the interaction of antagonistic agents in cybersecurity systems, focused on the use of a multi-model complex with elements of cognitive modeling, is proposed. For this objective, the main components of cyber conflict are highlighted, the models of which must be developed. Modeling the interaction of antagonistic agents is proposed to be implemented as a simulation of situations. The concept of a situation is formulated and its components are presented.In the proposed methodology, traditional methods and modeling tools are not opposed, but are considered together, thus forming a unified methodological basis for modeling the antagonistic agents' behavior.In the proposed multi-model complexes, the individual elements and functions of the entities under study are described using various classes of models at a certain level of detail. Coordinated use of various models allows improving the quality of modeling by compensating for the shortcomings of some models by the advantages of others, in particular, reflecting the dynamics of interaction in system-dynamic and agent-based models, which is difficult in classical models of game theory.Multi-model complexes allow stating the concept of «virtual modeling». This concept allows simulation using models of various classes. The choice of a class of models should correspond to the goals and objectives of modeling, the nature and structure of the source data.As a result of research, a methodology is proposed for modeling the interaction of antagonistic agents in cybersecurity systems using methods based on the proposed models of the reflective behavior of antagonistic agents under modern hybrid threats condition

Development of the Model of the Antagonistic Agents Behavior Under a Cyber Conflict

The results of the development of the model of the antagonistic agents behavior in a cyber conflict are presented. It is shown that the resulting model can be used to analyze investment processes in security systems, taking into account the assumption that investment processes are significantly influenced by the behavior of parties involved in a cyber conflict.General approaches to model development are presented. First of all, the system of concepts, assumptions and limitations is formed, within the framework of which a mathematical model of behavior must be developed. Taking this into account, the mathematical model of the conflicting agents behavior, presented in the form of algebraic and differential equations, is developed. The developed model presents both the technical characteristics of the security system and the psychological characteristics of the participants in the cyber conflict, which affect the financial characteristics of the investment processes in cybersecurity systems. A distinctive feature of the proposed model is the simultaneous consideration of the behavior of the parties to a cyber conflict not as independent parties, but as agents mutually interacting with each other. The model also makes it possible to simulate the destabilizing effect of the confrontation environment disturbances on the behavior of the conflicting parties, changing the degree of vulnerability of the cybersecurity system along various attack vectors and the level of their success.Using the developed model, simulation modeling of the interacting agents behavior in a cyber conflict is performed. The simulation results showed that even the simplest behavior strategies of the attacking side (“the weakest link”) and the defense side (“wait and see”) make it possible to ensure information security of the business process loop.The developed model of interaction between the attacker and the defender can be considered as a tool for modeling the processes of the conflicting parties behavior when implementing various investment scenarios. The simulation results enable decision-makers to receive support regarding the direction of investment in the security of the business process loop