p-ISSN 1607-3274. PagioeneKTpomKa, rn^opMaTHKa, ynpaBmHHA. 2018. № 2 e-ISSN 2313-688X. Radio Electronics, Computer Science, Control. 2018. № 2
UDC 004.33(035)
Akhmetov B. B.1, Lakhno V. A.2, Malyukov V. P.3
PhD, Associate Professor, Rector of the Caspian State University of Technologies and Engineering named after Sh. Yessenov,
Aktau, Kazakhstan
2Dr. Sc., Professor, Head of Department of cybersecurity, European University, Kyiv, Ukraine 3Dr. Sc., Associate Professor, Professor, Department of Informatics Systems, Mathematics Disciplines, European University, Kyiv,
Ukraine
MODEL OF INVESTMENT STRATEGIES IN CYBER SECURITY _SYSTEMS OF TRANSPORT SITUATIONAL CENTERS_
Actuality. The actual task of finding the optimal strategy for control the procedure of mutual financial investments to the situation center for cyber security on transport.
The aim of the work - the development of a model for a decision support system on the continuous mutual investment in a cyber security situational center, which differs from the existing ones by solving a bilinear differential quality game with several terminal surfaces.
Method. In order to achieve the goal there was used a discrete-approximation method for solving a bilinear differential quality game with dependent motions. Application of this method in the developed decision support system, unlike existing ones, gives concrete recommendations ft choosing control decisions in the investment process.
Results - the proposed model gives concrete recommendations at choosing strategies in the investment process at the creation of a protected situational center. In the course of the computational experiment, there was considered a new class of bilinear differential games that allowed adequately to describe the process of investing in cyber security means of situational transport centers in Kazakhstan and Ukraine.
Conclusions. For the first time, there was proposed a model describing the process of mutual investment based on the solution of bilinear equations and a differential quality game with several terminal surfaces. Considered the peculiarity of the differential game on the example of mutual investment in the means of cyber security of the situational transport center. In this case, the right-hand side of the system of differential equations is represented in the form of bilinear functions with arbitrary coefficients. The model allows to predict the results of investment and to find strategies for managing the investment process in the protection and cyber security systems of the situational transport center.
Keywords: decision support system, model, bilinear functions, mutual investment, cyber security, situational transport center.
NOMENCLATURE
CICS - critically important computer systems;
CS - cyber security;
ISS - information security system;
DSS - decision support system;
SC - situational center;
ai - coefficient determining the interest payment for the financial resource of the second investor (2nd) to the first investor (1st);
a2 - coefficient determining the interest payment for the financial resource of the first investor (ind) to the second investor (1st);
g * - coefficient determining the beam balance;
kd - the dollar exchange rate in relation to the national currency (hryvnia, tenge, etc.);
Mo - terminal set, which determines the end of investment by the 2nd investor;
No - terminal set, which determines the end of investment by the 1st investor;
ri - coefficient determining the share of return of the financial resource of the 2nd investor to the 1st one;
r2 - coefficient determining the share of return of the
financial resource of the 1st investor to the 2st investor;
2 ■ ■
R+ - positive ortant;
t - time parameter;
u - control parameter of the 1st investor;
u* - optimal strategy of the 1st investor;
v - control parameter of the 2nd investor;
© Akhmetov B. B., Lakhno V. A., Malyukov V. P., DOI 10.15588/1607-3274-2018-2-9
2018
Wi - a set of preferences for the 1st investor;
W - a set of preferences for the 2nd investor;
Zi - the value of the financial resource of the 1st investor;
Z2 - the value of the financial resource of the 2nd investor;
ai - the growth rate of the financial resource of the 1st investor;
a2 - the growth rate of the financial resource of the 2nd investor
Pi - coefficient determining the share of repayment of the debt of the 1st investor to the 2nd investor;
P2 - coefficient determining the share of repayment of the debt of the 2nd investor to the 1st investor. INTRODUCTION
Nowadays, many projects in the field of transport control are developing in the direction of creating large situational cents (SC) that provide solutions to specific tasks, in particular, the protection of critically important computer systems (CICS) of the transport industry. Investing in innovative projects, for example, in the field of cyber security (CS) and information security, is characterized by a high degree of uncertainty and riskiness [1, 2]. In work [1] there is noted that many investors in the CS sector face to chaotic and uncertainty choosing an effective investment strategy and method of risk control. Many enterprises and companies engaged in servicing CICS, in particular, on transport, spending more on information security systems (ISS) and CS, do not feel confident that the chosen investment strategy
nPOrPECHBHt IHOOPMA^HHI TEXH0.n0ni
makes the infrastructure of information and communication systems really safe [2].
The last one, in particular, is connected with the lack of practically applicable models, taking into account the ways of finding different variants of strategies in mutual financial investment of CS objects [3, 4]. Similar problems arose at choosing mutual investment strategies in the SC for Kazakhstan, Ukraine, and other countries actively engaged in the development of ISS for CICS. In this regard, it is urgent to develop new models for intellectualized computer decision support systems (DSS) that adequately describe and evaluate investment strategies in the CS CICS.
The object of the research is the process of mutual financial investment in the situational center for transport cyber security.
The aim of this work was to develop a model for decision support systems for continuous mutual investment in a cyber security situational center, which differs from existing ones by solving a bilinear differential quality game with several terminal surfaces.
1 PROBLEM STATEMENT
There is considered the model for the decision support systems on continuous mutual investment in means of the CS of the SC of transport. The model is based on solving a bilinear differential quality game with two terminal surfaces. Mathematical statement: there are two players that control a dynamic system, given by a system of bilinear differential equations with dependent motions. The sets of strategies of players U, V are determined, respectively. Two terminal surfaces are defined. The aim of the first player is to put the dynamic system using its control strategies on the terminal
surface Mq, despite the actions of the second player. The aim of the second player is to put the dynamic system through its control strategies to the terminal surface, no matter how the first player acts. The solution is to find a set of initial states of objects and their strategies that allow objects to put the system to that or another surface. The solution of such systems of differential equations can not be found using the Cauchy formula. For the right-hand sides of differential equations with arbitrary coefficients of results on bilinear differential games, particulaliy such differential equations are used in our model, it was not obtained.
2 LITERATURE REVIEW
The problem of effective financial investment in the CS systems and the protection of CICS is one of the most important in the security sphere of almost all states [1, 2]. A large number of researches have been devoted to this subject [3, 4]. However, it should be noted that the authors [4-6] did not offer any real recommendations on the development of mutual financial investment strategies in the CS CICS [4-6]. A separate direction of the researches in this area was the work devoted to the application of various expert systems [7-9] and DSS [10, 11] for the selection ofrational investment strategies in the ISS and CS. The approaches developed by the authors [12, 13] and [7, 8, 14] at solving this problem do not allow to find effective recommendations and investment control strategies in the CS. This circumstance necessitates the development of new models for DSS, which would
provide an opportunity to find optimal strategies for mutual financial investment in the means of protecting the CICS. This can be achieved, in particular, by applying methods of the differential quality games theory with several terminal surfaces [11, 15]. It should be noted that for such differential games the approaches outlined in works [1, 4, 5] are not applicable, because within the framework of decisions the enemy player can apply measurable controls, and in the work under consideration there are allowed any controls including non-measurable functions.
As the analysis of the latest researches in this area showed the problem of further development of DSS models in the tasks of continuous mutual investment in the ISS and CS CICS, in particular, the situational center on transport, remains relevant.
3 MATERIALS AND METHODS
An investor from a country, where the US dollar is in cash, having free capital, is trying to choose the most preferable options for his placement. In order to do this, he chooses a counterparty, i.e. an object for investing his own funds, for example, in Kazakhstan, where the tenge is in cash. The object of investment are ISS and CS of SC on transport, as one of the components of the critical infrastructure of the state. The investor wants to increase his capital, the counterparty - to improve their financial and economic level.
If such an objective for an investor arises regularly, it is advisable to use DSS in the decision-making process related to investing. The formalization of the investment process is given under the assumption that the investor is an investment company, a counterparty is a financial structure in another country. We call this structure a financial corporation.
An investment company, having some free resources (its investment capital), increases them by a^ times. Then it is necessary to decide what part of these resources it will invest in active operations. These operations are the allocation of resources in the investment projects of the corporation in the sphere of CS of the SC and in the repayment of the debt that the company has at that time. We will consider that the corporation does the same with respect to this investment company. The interaction between the company and the corporation will be described under the following assumptions: 1) the investment company controls financial resources z1 estimated in dollars (USD); 2) the corporation controls financial resources z2 estimated in national currency (for example, tenge (Kazakhstan) or hryvnia (Ukraine), 3) during the interaction, the ratio of the dollar to the national currency (dollar exchange rate) remains constant.
After that, the investment company and the counterparty identified the share of resources allocated for mutual active operations, their interaction is determined through the following system of differential equations:
dzl (t) / dt = - zl(t) + ax (t) • zl (t) + [(1 - Pj ((() • ( (() + ri(t)) -1] x x u(t)-al(t)-z!(()+ [ - ( (()+ r?(())(1 - P2 ((()]x x v(()a2 (() Z2 (()/kd; ©
p-ISSN 1607-3274. PagioeneKTpomKa, rn^opMaTHKa, ynpaBmHHA. 2018. № 2 e-ISSN 2313-688X. Radio Electronics, Computer Science, Control. 2018. № 2
dz2(t)/ dt = -Z2(y)+«2(t)• Z2(t)+[(1 -P2(t))-(a2(t)+ r2(t))- 1]x x v(t )• a2 (t )• Z2 (t )+ [1 - ((( )+ n(t ))• (1 - P1(( ))]x x u(t)a1(t) Z1 (t)/kd. (2)
Therefore, at time t the company's value dz1(t)/dt (in dollars - $) will be equal to the sum of the following values: a^t)-Z1 ((); percents a1 (()(l — P1 (())"utt)■ultf)■ z^t) for invested financial resources (1 — P1 (t ))• u (t )a1(t )• z^t ) of
the company; /1 (t ) (1 — P1 (t )) " u(()-a1(()- Z1(t) - share of the "returned" investment resource
(1 — P1 (t))-u(t)-a1tt)-Z1 (t) of the company; "unreturned" asset (investment) -
{(1 — //2 (M — P2())kd}vt)a2t) Z2t) of the corporation (in $); {2 (())kd }• v(t) • a2 (()• Z2 (t) - the repayment of the corporation debt to the company, from which (out of the amount) there is deducted: financial
resource Z1 (t); the value u(t) • P1 (t)a1(()• z^t), allocated to repay the debt that the company had at time t to the corporation, as well as the amount
u (t) • (1 — P1 (t)) • a1 (t) • Z1 (t), allocated for investment at time
t; {a2 (t )(1 — P2(0))kd} vO^t) Z2 (t ) - interest payment for investment resources
{(1 — P2 (t ))/kd }v(t ) •a2 • Z2 (t) of the corporation.
The value dZ2 (t)) dt (national currency, tenge, hryvnia, etc.) at time t will be equal to the sum of the following terms of the quantities: a2(()•Z2(t) ; percents
a2 (t ) (1 — P2 (())' v(t)a2 (()• Z2 (t) for invested financial resources (1 — P2(())• v(t)-a2(()•Z2(t) of the corporation;
/2 (t )'t — P2 (t ))-v(t )a2 (t )• Z2 (t ) - share of the "returned" investment resource of the company (1 — P2(())'v(t)-a2(()• Z2(t) ; "unreturned" asset -(1—/1 (()) - (1—P1 (()) - u(() kd •a1(t)-z^t) of the corporation; the
values u(t) P1 (t)• kd •a1(t) Z1 (t), characterized the repayment of the company debt from which there is deducted: financial resource Z2 (t ) ; the sum v(t ) • P2 (t ) • a2 (t ) • Z2 (t ), allocated to repay the debt of the corporation to the company at time t; (1 — P2 (t )) • v(t ) • a2 (t ) • Z2 (t ) - the corporation's funds for conducting active operations (investments); a1 (t) • (1 — P1 (t)) • kd • u (t) a1 (t) • Z1 (t) - interest payment for
investment resources (1 — P1 (t))-u(()-a1(()-z^t) of the company.
Interaction ends when the conditions are fulfilled:
(Z1((), Z2((Mo, (3)
((t), Z2(t))e No. (4)
It is assumed that
Mo = {Z1, z2) : (Z1, Z2)e R+, Z1 > 0, Z2 = 0^ (5)
No = {z1, z2): (z1, z2)e R+, Z1 = 0, z2 > 0} (6)
The following options are considered: 1) loss of investment resources of the corporation, but the investment company multiplied its capital (for example, with a decrease of the national currency exchange rate); 2) loss of the capital of the investment company, but the corporation multiplied its capital (for example, with improper selection of hardware and software ISS and CS). If the conditions (3) and (4) are not fulfilled, the investor interaction continues.
Further we accept: the investment company - the player (I); the corporation - the player (II). Interaction of players is considered within the framework of a positional differential game with complete information [8, 11, 13]. Within the framework of this scheme, the interaction "generates" two tasks - from the point of view of the first confederate player and from the point of view of the second confederate player. Because of symmetry, it suffices to consider one of them. For example, from the point of view of the first confederate player. For this, we will define the pure strategies of the first confederate player. Denote by T = [0, M ] - the time segment, i.e. a set characterizing the area of the time parameter; M - a positive real number.
Definition. The pure strategy of the first confederate
player is the function u : T-[0,1]-[0,1] [0,1], which designate the state of information (position) (t, (z1 (0), z2(0))) as the value
u(t, (z1 (0),Z2(0))): 0 <u(t, (z1(0),Z2(0)))< 1.
The pure strategy of the first confederate player is the function (rule) which designate the state of information at
the moment t the value u(t, (z1 (0), Z2 (0))), that determines the amount of the resource (capital) value of the first player that he allocated to "invest" the second player, in our case ISS and CS SC on transport. With regard to the knowledge of the enemy player (within the framework of the positional game scheme), there are made no assumptions, which is equivalent to the fact that the enemy player chooses his
control effect u(t ) based on any information. After defining the strategies in task 1 it is necessary to determine the set of preference for the first player. Considering the fact that for the description of the proposed approach it is enough to confine with a qualitative description, the set of preferences
W1 of the first player. We assume that W - a set of such
initial resources (z1 (0),Z2(0)) of players that have the property: for such initial states there is a strategy of the first player, which, for any realizations of the strategy of the second player, "leads", at one of the moments of time t, the
state of the system (z1 (t ), Z2 (t )) when will be fulfilled the condition (3). Moreover, the second player does not have a strategy that can "lead" to the fulfillment of condition (4), at one of the preceding moments of time t. The strategy of the
nPOrPECHBHt IHOOPMA^ËHI TEXH0.n0nï
first player with this property is called optimal. Suppose that for any moment of time t the following conditions are
fulfilled: a1(() = a1; a2 (()=a2; Pi(() = Pi; P2 (t) = P2; ri(() = ri; r2 (()= r2- Accept: qi =(1 -Pi)- («i + ri)-1; q2 = (i — P2 )-(a2 + r2 )-i- The following cases are possible: a) qi > 0; q2 > 0; b) qi X 0; q2 X 0; c) qi ^ 0; q2 < 0; d) qi < 0; q2 ^ 0. Different ratios of other interaction parameters are possible, for example, ai, a2. We give the solution of the game, i.e. the sets of preferences and optimal strategies for the first player. For the case a) we will obtain:
Wi = {((0),z2(0)): (,z2) intR+, z2(0)< w* - zi(0)j (7)
for
{— [2 -a2 + a2 — qi -ai — aj/[2q2 -a2]+ 1
\iife ■ a2 + a2— qi ■ ai— ai]/2q2 ■ a2}2 + (qi ■ ai)/(q2 ■ a2¿J (8)
and is not
U* (z\, Z2 )= {-, Z2 < W • Z1, (z\, Z2 )e int R+ } defined otherwise}.
In cases b) and c) a set is empty.
In case c) and a2 > a1 + •a! we will obtain
W1 = {z1 (0), z2 (0)): ((0), z2 (0)) e int R+, z2 (0) < 8 • z1 (0)} (9)
for 8 = (qi •a1))(a2 - q\ -a1),
u*(z1,z2) = 1,z2 <8^z1, (z1,z2)e intR+ }, and is not defined otherwise}.
In case c) and a2 < a1 + q1 • a1 we obtain:
W1 = int R+, u*(z1, z2 )=1, (z1, z2 )e int R+ } (10)
and is not defined otherwise.
The task 2 is solved symmetrically (from the point of view of the second confederate player).
4 EXPERIMENTS
A computational experiment was performed in the PTC Mathcad 4 environment. The model was also implemented as a separate software module on the Java language, 4. The module is available for cross-platform use as an independent software product, or as a plug-in to the DSS "SSDMI" [15].
The axis z1 - corresponds to the currency "tenge" (or another national currency, for example, hryvnia). The axis z2 - corresponds to the currency "dollar". The areas of preference from the point of view of the second player are "adjacent" to the areas of preference of the first player. These areas are divided among themselves by the balance beams. The beams have the following property: if a pair of states ( z1(0), z2(0)) belongs to the balance beam, then the players have strategies that allow them to be on the balance beam for all subsequent moments of time t. In the course of the
computational experiment, in the space of variables (z^ z2) there are balance beams. Therefore, if the interaction starts
from these states, then players have strategies that allow them to stay on the balance beam. Consequently, for given
values (z1 (0), z2 (0)), we can find a relation to the parameters
interaction, at which the pair (((), z2 (()) will be on the balance beam. If the initial states (resources) are not on the interaction balance beam, then during the computational experiment you can try to change the interaction parameters. It is required for the initial resources to be on a balance beam. The last will allow for players to continue the interaction as long as they want. 5 RESULTS
Fig. 1-3 shows the results for the 3 test calculations of the investment estimation in the CS system of the Situational Center for Railway Transport of the Republic of Kazakhstan.
0,006.^1
SO ÏGO isn 20G 260 300 3SO 400 4HU 500
Figure i - Computational experiment results i
Figure 2 - Computational experiment results 2
w
p-ISSN i607-3274. PagioeneKTpomKa, rn^opMaTHKa, ynpaBmHHA. 20i8. № 2 e-ISSN 23i3-688X. Radio Electronics, Computer Science, Control. 20i8. № 2
The first calculation for the case when the start point ((0), z2 (0)) belongs to the preference area of the 1st player ("Kazakhstan", the variable x denotes the amount of tenge, the variable y denotes the number of dollars, the exchange rate is 1 $ - 335 "tenge"). The second calculation is for the
case when the start point ((0),z2(0)) belongs to the preference area of the 2nd players (the counterpart of "Kazakhstan"). The third calculation is for the case when
the start point ((0), z2 (0)) belongs to the "balance beam", i.e. to the beam which shares the areas of the players' preference. The results of the computational experiment are presented in Table 1.
Fig. 4 presents a form for interpretation the results of decision-making support received using the DSS "SSDMI". The balance beam is shown with markers for the choice of strategies for mutual investment in the means of the CS SC of the railway transport of the Republic of Kazakhstan.
Calculations: 1-g* = 0.006; 2-g* = 0.012; 3-g* = 0.018.
The obtained results demonstrate the effectiveness of the proposed approach. During the testing of the model in the PTC Mathcad 4 environment, as well as in the DSS "SSDMI", there was established the correctness of the results.
z2
S.E lï KILE 34 42.S iil S9.B 6B ÏB.Ë 8E
Figure 3 - Computational experiment results 3
P
Qaiiji
\<S>\
B xy-rpafjjHK m
350.8
Balance beam y
262.5 W2 y
175.D / •
87.5 / Wl
0.0 /
0.0 ¡2.6' 25.o' 37.S' 50.1)' 62.5 75.01 B7.S 100.0
Figure 4 - General view of the DSS module for the selection of strategies for mutual investment the means of CS SC
Approbation of DSS "SSDMI" was also carried out for real investment projects in the field of cyber security of Ukraine and Kazakhstan [14-16].
6 DISCUSSION
The prediction data obtained during the computational experiment and practical approbation of the DSS "SSDMI" module did not always coincide with the actual data [14, 15]. This is a certain disadvantage of the approach outlined in the article. We can only try to reduce the discrepancies, in particular, through the intellectual analysis of data in DSS, and also improving the toolkit for prediction the investment processes in the CS means. It is also necessary to take into account the specifics of the investment objects, because even at the similarity of procedures there are specific features at investing in the CS means, for example, the situational center of aviation and railway transport. If this toolkit is reasonably replenished with the above-mentioned IT, then an attempt will be made more efficient for the investment process. This approach allows to do this, because it allows to select the parameters variables for the balance. The comparison of the results of the computational experiment and the practical data of investment project evaluation is compared with the results described in [5, 9, 13, 14]. In the
Calculations Modeling results
i ( Zi(0), Z2 (0)) = (335, i.5); ( Zi(i), Z2 (i)) = (370, i.2); ( Zi(2), Z2 (2)) = (405, 0.8); ( Z^3\ Z2(3)) = (440, 0.6); ( Zi (4), Z2 (4)) = (475, 0.3)
2 ( Zi (0), Z2 (0)) = (75, i.0); ( Zi (i), Z2 (i)) = (60, i.2); ( Zi (2), Z2 (2)) = (45, i.3); ( Zi (3), Z2 (3)) = (30, i.4); ( Zi (4), Z2 (4)) = (i5, i.5)
3 ( Zi (0), Z2 (0)) = (83.33, i.5); ( Zi (i), Z2 (i)) = (66.67,i.2); ( Zi (2), Z2 (2)) = (55.56, i.0); ( Zi (3), Z2 (3)) = (44.44, 0.8); ( Zi(4), Z2(4)) = (27.77, 0.5)
Table i - The results of the computational experiment on the choice of the mutual investment strategy in the means of the CS SC of
transport (on the example of the Republic of Kazakhstan)
ПРОГРЕСИВН1 ЩФОРМАЦГЙШ ТЕХНОЛОГА
course of the comparative analysis it was found that the proposed toolkit allows the participants of the investment process significantly to improve the effectiveness and predictability of their activities, on average by 12-16% [15]. APPRECIATION
The work was carried out within the framework of the grant competition for scientific and and technical projects for 2018-2020 of the Republic of Kazakhstan, registration number AP05132723 "Development of adaptive expert systems in the field of cyber security of critically important information objects".
CONCLUSIONS
There was proposed a model for the decision support system module for mutual investment in cyber security systems of a situational transport center. Unlike the existing solutions, the proposed model gives concrete recommendations at choosing strategies in the investment process of the creation of a protected situational center. If the forecast is unsatisfactory, it is possible to flexibly adjust the parameters of the investment process in the CS systems in order to achieve an acceptable financial result by the parties.
The scientific novelty of the results obtained in the article is that there was firstly considered a new class of bilinear differential games that allowed to describe adequately the process of investing in the means of the CS of situational transport centers in Kazakhstan and Ukraine. A distinctive feature of this approach, in particular, tested during the computational experiment, is the use of a solution based on a bilinear differential quality game with several terminal surfaces. The peculiarity of this differential game is that the right-hand side of the differential equations system is a bilinear function with arbitrary coefficients.
The practical significance of the obtained results is that a cross-platform software product was developed in the form of an independent module for the decision support system - SSDMI. The "SSDMI" module implements the proposed model, based on the application of methods of the differential games theory. The SSDMI module allows to reduce the discrepancies between the forecast data and the real return on investment in the funds of the CS of CICS.
Further perspectives of the development of this research is the transfer of the accumulated experience at the development of the DSS on the Android platform. This will increase the mobility of decision-making on mutual investment.
REFERENCES
1.
Systems. - 2016. - Vol. 86. - P. 13-23. DOI: org/10.1016/ j.dss.2016.02.012
3. Meland P. H. Mitigating risk with cyberinsurance / P. H. Meland, I. A. Tondel, B. Solhaug // IEEE Security & Privacy. - 2015. -Vol. 13, № 6. - P. 38 - 43. DOI: 10.1109/MSP.2015.137
4. Smeraldi F. How to spend it: optimal investment for cyber security / F. Smeraldi, P. Malacaria // 1st International Workshop on Agents and CyberSecurity, Paris, France, 06-08 May 2014 : Proceedings. - New York : ACM, 2014. - P. 8. DOI: 10.1145/ 2602945.2602952
5. Cyber-investment and cyber-information exchange decision modeling / [D. K. Tosh, M. Molloy, S. Sengupta et al.] // High Performance Computing and Communications IEEE 7th International Symposium on Cyberspace Safety and Security (CSS), New York, 24-26 August 2015 : Proceedings. - New York : IEEE, 2015. - P. 1219-1224.
6. Alpcan T. Modeling dependencies in security risk management / T. Alpcan, N. Bambos // Risks and Security of Internet and Systems Fourth International Conference, Toulouse, France, 1922 October 2009 : Proceedings. - France : IEEE, 2009. - P. 113116. DOI : 10.1109/CRISIS.2009.5411969
7. Peppard J. The Strategic Management of Information Systems: Building a Digital Strategy / J. Peppard, J. Ward. - U.K. : Wiley, 2016. - 504 p.
8. Malyukov V.P. A differential game of quality for two groups of objects / V.P. Malyukov // Journal of Applied Mathematics and Mechanics. - 1991. - Vol. 55, № 5. - P. 596-606.
9. Cassidy A. A practical guide to information systems strategic planning / A. Cassidy. - New York : CRC press, 2016. - 395 p.
10.Bonczek R. H. Foundations of decision support systems / R. H. Bonczek, C. W. Holsapple, A. B. Whinston. - USA : Academic Press, 2014. - 412 p.
11. Malyukov V.P. Discrete-approximation method for solving a bilinear differential game / V.P. Malyukov // Cybernetics and Systems Analysis. - 1993. - Vol. 29, № 6. - P. 879-888.
12. Assessing survivability to support power grid investment decisions / [A. Koziolek, A. Avritzer, S. Suresh et al.] // Reliability Engineering & System Safety. - 2016. - Vol. 155. - P. 30-43. DOI: 10.1016/j.ress.2016.05.015
13. Lakhno V. Development of a Support System for Managing the Cyber Security of Information and Communication Environment of Transport / V. Lakhno, Al. Petrov, Ant. Petrov // Information Systems Architecture and Technology : 38th International Conference on Information Systems Architecture and Technology (ISAT 2017), Wroclaw, 17-19 September 2017 : proceedings. -Wroclaw : Springer, 2017. - P. 113-127. DOI: 10.1007/978-3-319-67229-8_11
14. Lakhno V. A. Development of a support system for managing the cyber security / V. A. Lakhno // Radio Electronics, Computer Science, Control. - 2017. - № 2. - P. 109-116. DOI: 10.15588/ 1607-3274-2017-2-12
15. Development of the decision making support system to control a procedure of financial investment / [V. Lakhno, V. Malyukov, N. Gerasymchuk et al.] // Eastern-European Journal of Enterprise Technologies. - 2017. - Vol. 6, № 3. - P. 34-41. DOI: 10.15587/ 1729-4061.2017.119259
Designing a decision support system for the weakly formalized problems in the provision of cybersecurity / [B. Akhmetov, V. Lakhno, Y. Boiko et al.] // Eastern-European Journal of Enterprise Technologies. - 2017. - Vol. 1, № 2. - P. 4-15. DOI: 10.15587/1729-4061.2017.90506
Article was submitted 30.12.2017. After revision 25.01.2018.
16
Externalities and the magnitude of cyber security underinvestment by private sector firms: a modification of the Gordon-Loeb model / [L. A. Gordon, M. P. Loeb, W. Lucyshyn et al.] // Journal of Information Security. - 2015. - Vol. 6, № 1. - P. 24-30. DOI: 10.4236/j is. 2015.61003 2. Decision support approaches for cyber security investment / [A. Fielder, E. Panaousis, P. Malacaria et al.] // Decision Support
Ахметов Б. Б.1, Лахно В. А.2, Малюков В. П.3
'Канд. техн. наук, доцент, ректор Каспшського державного ушверситету технологш та шжишрингу îm. стан
2Д-р техн. наук, професор, зав. кафедри юбербезпеки та управлшня захистом шформацшних систем, Свропейський ушверситет, Кшв, Украша
3Д-р ф.-м. наук, доцент, професор кафедри шформацшних систем та математичних дисциплш, европейський ушверситет, Кшв, Украша
МОДЕЛЬ СТРАТЕГ1Й 1НВЕСТУВАННЯ В СИСТЕМИ КИБЕРБЕЗПЕКИ СИТУАЦ1ЙНИХ ЦЕНТР1В ТРАНСПОРТУ Актуальшсть. Реалiзована актуальна задача пошуку оптимально!' стратеги управлшня процедурою взаемного фшансового шве-стування в ситуацшний центр з юбербезпеки на транспорта
Ш. Есенова, Актау, Казах-
p-ISSN 1607-3274. Радюелектронжа, шформатика, управлiння. 2018. № 2 e-ISSN 2313-688X. Radio Electronics, Computer Science, Control. 2018. № 2
Мета роботи - розробка модел1 для системы шдтримки р1шень по безперервному взаемному швестуванню в ситуацшний центр з юбербезпеки, яка вщр1зняеться вщ наявних ршень, застосуванням бшшшно1 диференцшно!' гри з кшькома термшальними поверхнями.
Метод. Для досягнення мети був застосований дискретний-апроксимацшний метод вир1шення бшшшно!' диференщально!' гри якост 1з залежними рухами. Використання даного методу у розробленш систем1 шдтримки р1шень, на вщмшу вщ наявних, дае конкретш рекомендацп при вибор1 управлшських ршень в швестицшному процесс
Результати. Запропонована модель дае конкретш рекомендацп при вибор1 стратеги в швестицшному процес побудови захище-ного ситуацшного центру В ход1 обчислювального експерименту розглянуто новий клас бшшшних диференцшних 1гор, що дозволило адекватно описати процес швестування в засоби юбербезпеки ситуацшних центр1в транспорту в Казахстан та Украш1.
Висновки. Вперше запропонована модель, що описуе процес взаемного швестування, що базуеться на вир1шенш бшшшних вщношень та диференцшнш гр1 з кшькома термшальними поверхнями. Розглядаеться особливкть диференщально!' гри на приклад1 взаемного швестування в засоби юбербезпеки ситуацшного центру транспорту. При цьому права частина системи диференщальних р1внянь, представлена у вигляд1 бшшшних функцш з будь-якими коефщентами. Модель дозволяе прогнозувати результати швестицш та пошуку стратегш управлшня швестицшним процесом у системах захисту та юбербезпеки ситуацшного центру транспорту.
Ключов1 слова: система шдтримки вир1шення, модель, бшшшш функцп, взаемне швестування, юбербезпека, ситуацшний центр транспорту.
Ахметов Б. Б.1, Лахно В. А.2, Малюков В. П.3
'Канд. техн. наук, доцент, ректор Каспийского государственного университета технологий и инжиниринга им. Ш. Есенова, Актау, Казахстан
2Д-р техн. наук, профессор, зав. кафедры кибербезопасности и управления защитой информационных систем, Европейский университет, Киев, Украина
3Д-р ф.-м. наук, доцент, профессор кафедры информационных систем и математических дисциплин, Европейский университет, Киев, Украина
МОДЕЛЬ СТРАТЕГИЙ ИНВЕСТИРОВАНИЯ В СИСТЕМЫ КИБЕРБЕЗОПАСНОСТИ СИТУАЦИОННЫХ ЦЕНТРОВ ТРАНСПОРТА Актуальность. Решена актуальная задача нахождения оптимальной стратегии управления процедурой взаимного финансового инвестирования в ситуационный центр по кибербезопасности на транспорте.
Цель работы - разработка модели для системы поддержки решений по непрерывному взаимному инвестированию в ситуационный центр по кибербезопасности, отличающаяся от существующих решением билинейной дифференциальной игры качества с несколькими терминальными поверхностями.
Метод. Для достижения цели был использован дискретно-апроксимационный метод решения билинейной дифференциальной игры качества с зависимыми движениями. Применение данного метода в разработанной системе поддержки решений, в отличие от существующих, дает конкретные рекомендации при выборе управленческих решений в инвестиционном процессе.
Результаты. Предложенная модель дает конкретные рекомендации при выборе стратегий в инвестиционном процессе построения защищенного ситуационного центра. В ходе вычислительного эксперимента рассмотрен новый класс билинейных дифференциальных игр, который позволил адекватно описать процесс инвестирования в средства кибербезопасности ситуационных центров транспорта в Казахстане и Украине.
Выводы. Впервые предложена модель, описывающая процесс взаимного инвестирования, основанная на решении билинейных уравнений и дифференциальной игры качества с несколькими терминальными поверхностями. Рассмотрена особенность дифференциальной игры на примере взаимного инвестирования в средства кибербезопасности ситуационного центра транспорта. При этом правая часть системы дифференциальных уравнений представлена в виде билинейных функций с произвольными коэффициентами. Модель позволяет спрогнозировать результаты инвестирования и найти стратегии управления инвестиционным процессом в системы защиты и кибербезопасности ситуационного центра транспорта.
Ключевые слова: система поддержки решений, модель, билинейные функции, взаимное инвестирование, кибербезопасность, ситуационный центр транспорта.
REFERENCES 9. Cassidy A. A practical guide to information systems strategic
planning, New York, CRC press, 2016, 395 p.
1. Gordon L. A., Loeb M. P., Lucyshyn W. et al. Externalities and the . „ „ , „ TT TT . . ... .... . . . „ „ ... „
''■>■> 10. Bonczek R. H., Holsapple C. W., Whinston A. B. Foundations of magnitude of cyber security underinvestment by private sector firms: , ■ ■ . . тюд д л ■ r> mi л лп
w J J J r decision support systems, USA, Academic Press, 2014, 412 p. a modification of the Gordon-Loeb model, Journal of Information iihîii imrv » ■ f »ujî i' J J 11. Malyukov V.P. Discrete-approximation method tor solving a Security, 2015, No. 6(1), pp. 24-30. DOI: 10.4236/jis.2015.61003 , ... , n , , ~ , л i ■ ' v " J bilinear differential game, Cybernetics and Systems Analysis,
2. Fielder A., Panaousis E., Malacaria P. et al. Decision support 1993 Vol 29 No 6 879-888
approaches for cyber security investment, Decision Support Systems, ,,, „ ■ , . -, c , c . , . ■ ■ , r, .
J J ' rr J ' 12. Koziolek A., Avritzer A., Suresh S. et al. Assessing survivability to
2016, No. 86, pp. 13-23. DOI: org/10.1016/j.dss.2016.02.012 . ■ . . , ■ ■ „ ,1 „ .
' ' vv ь j support power grid investment decisions, Reliability Engineering
3. Meland P. H., Tondel L A., Solhaug B. Mitigating risk with & System Safety, 2016, Vol. 155, pp. 30-43. DOI: 10.1016/ cyberinsurance, IEEE Security & Privacy, 2015, No. 13(6), j ress 2016 05 015
pp. 38 43. DOI: 10.1109/MSP.2015.137 13. Lakhno V., Petrov Al., Petrov Ant. Development of a Support
4. Smeraldi F., Malacaria P. How to spend it: optimal investment for c, phi -tu/^uo vîtî f л
System for Managing the Cyber Security of Information and
cyber security, 1st International Workshop on Agents and „ ■ ,, 4 ^ т г г » с»
■» ft, Communication Environment of Transport, Information Systems
CyberSecurity, Paris, France, 06-08 May 2014 : proceedings. , , .. . , „ , , T t ( > n r
J -1 r b Architecture and technology : 38th International Conference on
New York, ACM, 2014, pp. 8. DOI: 10.1145/2602945.2602952 Jf .. „ . , , t . пглт^т-г,
' ' ' Information Systems Architecture and technology (ISAt 2017),
5. Tosh D. K., Molloy M., Sengupta S. et al. Cyber-investment and ,,, , ,-, ,n c . , mn j- \tr 1 о ■
' or j Wroclaw, 17-19 September 2017 : proceedings. Wroclaw, Springer,
cyber-information exchange decision modeling, High Performance 2017 pp 113-127 DOI 10 1007/978-3-319-67229-8 11
Computing and Communications (HPCC), IEEE 7th 1,1т1и'дгдт^1 »f » r -tu
fa 14. Lakhno V. A. Development of a support system for managing the
International Symposium on Cyberspace Safety and Security
J r ^ J cyber security, Radio Electronics, Computer Science, Control, 2017,
ICESE, New Y-orft , 24-26 ^uggust 2015 : proceedings. New York, No. 2, pp. 109-116. DOI: 10.15588/1607-3274-2017-2-12
, , pp. . 15. Lakhno V., Malyukov V., Gerasymchuk N. et al. Development of
6. Alpcan T., Bambos N. Modeling dependencies in security risk
the decision making support system to control a procedure of
management, Risks and Security of Internet and Systems (CRiSIS),
ь ' J J financial investment, Eastern-European Journal of Enterprise
Fourth International Conference, Toulouse, France, 19-22 „ , , inn \r 1 ^ лт i пл лл m 1550-7;
J ' Technologies, 2017, Vol. 6, No. 3, pp. 24-41. DOI: 10.15587/
October 2009: proceedings. France, IEEE, 2009. pp. 113-116. 1729 4061 2017 119259
DOT : 10.1109 CRISIS.2009.5411969 16. Akhmetov B., Lakhno V., Boiko Y. et al. Designing a decision
7. Peppard J., Ward J. The Strategic Management of Information . . 1 1 p i- j ui ■
support system for the weakly formalized problems in the Systems: Building a Digital Strategy, U.K. Wiley, 2016, 504 p. -ru c" t с r 1 f
provision of cybersecurity, Eastern-European Journal of
8. Malyukov V.P A differential game of quality for two groups of Enterprise Technologies, 2017, Vol. 1, No. 2, pp. 4-15. DOI: objects, Journal of Applied Mathematics and Mechanics, 1991, ю 15587/1729 4061 2017 90506
Vol. 55, No.5, pp. 596 - 606. . - . . 89