Vladislav Yemanov*
| Vasyl Pasichnyk | Ihor Yevtushenko | Stanislav Larin | Olena Mykhailenko
© 2023 IIETA. This article is published by IIETA and is licensed under the CC BY 4.0 license (http://creativecommons.org/licenses/by/4.0/).
OPEN ACCESS
The main purpose of the study is to rank certain threats in order to establish further costs for ensuring the protecting of information in the cybersecurity system. Research methodology is a set of methods that form a methodological approach. The main ones are the ranking method through the theory of fuzzy relations and the expert-step method. As a result, due to the ranking of the threats of the selected object, the permissible intensity of the decrease in the level of security and the costs of its provision were determined using the proposed methodology. The results obtained implied the use of modern ranking methods according to the given parameters. In our case, the results obtained allowed us to rank the existing list of threats in the cybersecurity system. The benefit of such results lies in the formation of an information basis for the adoption and implementation of management decisions.The study is limited by selecting only one socio-economic system and its information. The results obtained out in the article have practical and scientific value through a methodical approach to form requirements for the security of the cybersecurity system itself and information of a single object. In the future, more complex socio-economic systems and their cybersecurity should be chosen to apply the methodological approach proposed in the article.
information, cybersecurity, threats, security, ranking
Important methods for analyzing the state of ensuring cybersecurity are methods of description and classification. To implement effective information protection, one should firstly describe and then classify various types of threats and dangers, risks and challenges and, accordingly, formulate a system of measures to manage them. As common methods for analyzing the level of ensuring cybersecurity, methods of studying causal relationships are used. Using these methods, causal relationships between threats and hazards are revealed; a search is made for the causes that have become the source and led to the actualization of certain hazard factors, and measures are being developed to neutralize them. The choice of methods for analyzing the state of ensuring cybersecurity depends on the specific level and scope of protection organization. Depending on the threat, it is possible to differentiate both different levels of threats and different levels of protection.
An important factor in the development of modern society is to ensure the protection of information and cybersecurity, which is a key element of any processes, regardless of the scope of public activity. At the same time, special attention is paid to the analysis of potential threats, the implementation of which leads to material, financial, reputational and other losses.
To counter cybersecurity threats, the necessary measures are taken both in the direction of exerting a certain influence on the source of the threat, and in the direction of reducing the vulnerabilities of the security object. Accordingly, two subject areas of counteraction are distinguished: one of them is formed by a combination of threat sources, and the other by a combination of measures to ensure cybersecurity. Therefore, we can conclude that information and cybersecurity cover technical, legal, organizational, psychological aspects and causes the extreme complexity and multi-level system links between its constituent elements. In turn, ensuring cybersecurity is a continuous process that is systemic in nature and is achieved by implementing the most rational methods and comprehensively using the necessary means (physical, hardware, software, cryptographic). Moreover, the best result is obtained when all the means and methods used are combined into an integral mechanism, the functioning of which must be monitored, updated and supplemented depending on changes in both the internal and external environment. In addition, it should be noted that this process must be accompanied by proper training of industry specialists, administration, employees, users and their compliance with all established rules.
The main purpose of the study is to rank certain threats in order to establish further costs for ensuring the protecting of information in the cybersecurity system. To do this, we need to properly structure our study. The existing literature should be reviewed for research. In detail, present the methods used. Present the results of the study. Compare the results of the study with existing ones on similar topics. Describe the findings and further scientific plans on this topic.
In general, according to our research agenda, scientists agree in the scientific literature that the modern information space is affected by a wide variety of threats, the implementation of which can lead to extremely negative consequences. Therefore, the study of the impact of threats on the level of security of systems is an urgent and important scientific task, characterized by a high degree of uncertainty and the complexity of rigorous formalization [1-3].
The rapid development of information technologies and their introduction into all spheres of public life determines the extreme importance of creating reliable information protection systems. The problem of the qualitative functioning of these systems, given the emergence of new and the growth of the level of existing threats in the information space, is becoming increasingly important. Moreover, an important practical problem is to establish the optimal balance between ensuring the security of the security system and the amount of costs for its support, given the rational distribution between individual areas of protection. In the vast majority of cases, this issue is solved with the help of statistical analysis methods that require consideration of a significant amount of information, complex calculations, and take a long time to process [4-6].
As most scientists note [7-9], in today's globalized world, information and databases are those unique resources without the use and preservation of which it is impossible to exist and develop both a modern state, as a socio-political entity, and the fulfillment of purely military tasks to preserve independence. and defense of the country. According to expert circles and analysts from the leading countries of the world, the hybrid nature of a modern armed conflict is determined precisely by the presence of a powerful information and cybernetic component. Access to information and protection of management processes are becoming the determining factors in achieving political goals and the troops of a new victory.
Most scientists [10-12] describe in the scientific literature, the practice that new destructive practices are developing in cyberspace, including the criminal use of the Internet (cybercrime), espionage for political or economic purposes, as well as attacks on critical infrastructure (transport, transport communications and etc.) for sabotage purposes. Coming from their governments or non-government players, these cyber attacks are: not limited by borders or distance; are anonymous and it is very difficult to really identify the real culprit, often operating under the guise of botnets or intermediaries; can be done with relative ease, at little cost or risk to the attacker. They aim to jeopardize the smooth functioning of information and communication systems used by citizens, businesses and administrations, as well as the physical integrity of infrastructure, which is critical to national security.
Since we are in our threat ranking study, the literature on this topic should be reviewed. In general, scientists agree [11-13] that threats characterize the possible actions that can be taken against the system and can lead to a violation of basic services, for example: integrity, confidentiality, availability, reliability of information. They appear in different forms.
There are many cybersecurity threats that, according to certain characteristics, belong to one class or another. To prevent, eliminate or reduce the impact of these threats, it is necessary to analyze them and create a threat model. That is why the problem of ranking cybersecurity threats for a particular socio-economic system and its information support is relevant and kind of new.
In the beginning, it should be noted that any important scientific research should include a number of well-known theoretical methods, without which it is impossible to effectively investigate the problem. We also used theoretical methods of analysis, synthesis, abstract-logical, etc. All of them allowed a better understanding of the subject of research, but their detailed description is not necessarily here.
The main research method is the ranking method using the theory of fuzzy relations. The best description of a given method is through its practical application. Therefore, the work of the method will be presented below in the text of the article.
For our study, a real-life socio-economic system with its own cybersecurity system and information security elements is needed for a good example of the research results. The proposed research methodology will be difficult to present only in a theoretical form, which is why it should be applied in practice. It should be noted that the choice of Sigma Software is presented purely from subjective views, since it has all the elements necessary for analysis and meets all the parameters. The choice of other socio-economic systems is possible in further research.
Of course, in addition to the methods presented above, an expert method was applied with the involvement of experts from «Sigma Software» and specialists in information security and cybersecurity. All agreed experts were selected according to the criteria, however, their evaluation is purely subjective in order to help demonstrate the effectiveness of the methodology and our study as a whole.
With the assistance of the expert method, we can identify the most important from the subjective point of view of experts and our threat to information security in the Sigma Software cybersecurity system: natural phenomena and man-made negative impact (K1); military invasion (K2); terrorist impact (K3); industrial espionage (K4); hacker influence (K5); insider influence (K6); security of communication channels of the socio-economic system (K7); unreliability of the security components of service systems (K8); insecurity of databases and cloud services (K9); danger of Internet resources (K10); malware (K11); DoS attacks (K12).
But, the question arises what exactly these threats affect in the context of the cybersecurity and information protection system. Thus, the aforementioned threats are expressed in violation of the following Sigma Software information security criteria: information availability (C1), information integrity (C2), information confidentiality (C3), information reliability (C4). In total, they form a set of criteria, which we denote mathematically as Cj.
It is μij that is a value within the corridor interval from 0 to 1 and will characterize the level of impact of information security threats (Ki) determined by the expert method on failure to fulfill one of the criteria that were also presented above in the text of the methodology (Cj). That is, μij is a number from the interval [0, 1], which characterizes the degree of influence of Ki threats on non-fulfillment of the Cj criterion. The following equality (1) must be satisfied:
Ii={μi1/C1, μi2/C2,….., μim/Cm} (1)
The determination of μij will be carried out using the method of least impact, the description of which does not require detailing, which is well known in econometric scientific directions.
Thus, we will rank information security threats in the cybersecurity system («Sigma Software» based on the methods described above. To begin with, we will present the initial data for the least impact method according to expert comparisons of the impact powers fij with the lowest impact forces fil (Table 1).
Table 1. Initial data for the calculations made
|
Ki |
Сl |
fij /fil |
|||
|
C1 |
C2 |
C3 |
C4 |
||
|
K1 |
C3 |
$\frac{11}{13}=8$ |
$\frac{12}{13}=5$ |
$\frac{13}{13}=1$ |
$\frac{14}{13}=1$ |
|
K2 |
C4 |
$\frac{21}{24}=7$ |
$\frac{22}{24}=4$ |
$\frac{23}{24}=5$ |
$\frac{24}{24}=1$ |
|
K3 |
C4 |
$\frac{31}{34}=6$ |
$\frac{32}{34}=9$ |
$\frac{33}{34}=2$ |
$\frac{34}{34}=1$ |
|
K4 |
C1 |
$\frac{41}{41}=1$ |
$\frac{42}{41}=3$ |
$\frac{43}{41}=9$ |
$\frac{44}{41}=5$ |
|
K5 |
C4 |
$\frac{51}{54}=5$ |
$\frac{52}{54}=7$ |
$\frac{53}{54}=6$ |
$\frac{54}{54}=1$ |
|
K6 |
C1 |
$\frac{61}{61}=1$ |
$\frac{62}{61}=5$ |
$\frac{63}{61}=7$ |
$\frac{64}{61}=4$ |
|
K7 |
C2 |
$\frac{71}{72}=8$ |
$\frac{72}{72}=1$ |
$\frac{73}{72}=5$ |
$\frac{74}{72}=3$ |
|
K8 |
C3 |
$\frac{81}{83}=9$ |
$\frac{82}{83}=6$ |
$\frac{83}{83}=1$ |
$\frac{84}{83}=4$ |
|
K9 |
C1 |
$\frac{91}{91}=1$ |
$\frac{92}{91}=4$ |
$\frac{93}{91}=3$ |
$\frac{94}{91}=1$ |
|
K10 |
C4 |
$\frac{101}{104}=4$ |
$\frac{102}{104}=1$ |
$\frac{103}{104}=5$ |
$\frac{104}{104}=1$ |
|
K11 |
C4 |
$\frac{111}{114}=5$ |
$\frac{112}{114}=8$ |
$\frac{113}{114}=6$ |
$\frac{114}{111}=1$ |
|
K12 |
C3 |
$\frac{121}{123}=9$ |
$\frac{122}{123}=1$ |
$\frac{123}{123}=1$ |
$\frac{124}{123}=1$ |
By itself, Cj can contain all admissible and possible criteria, which, in turn, the threats to the security of information defined by us in the cybersecurity system Ki have one of the least influences. Then fij /fil represent a comparison of the impact powers fij with the lowest impact levels fil..
The next step is to calculate the least possible degree of influence of certain threats (Ki) for the information protection system in cybersecurity «Sigma Software» (2):
μi1={fi1/fij, fi2/fij,…..,fim/fij}-1 (2)
Based on this (2) it is easy to calculate the desired degree of impact, which will correspond to each of the pairs (Кi ,Cj) (3):
μi1=μil(fi1/fij), μi2=μil(fi2/fij), ......, μim=μil(fim/fij), (3)
Based on the data from Table 1, we can determine the degrees of influence μij, and they in turn form a fuzzy relation as such (Table 2). For all tables, there is a certain standardization laid down by the chosen methodological approach, however, an individual approach is inherent in certain tables, according to the course of the study.
Thus, Table 2 should be normalized by dividing its elements in each row by the maximum of the allowed values and we will get Table 3.
Table 2. Determination of the degree of impact
|
I |
|||
|
8/15 |
5/15 |
1/15 |
1/15 |
|
7/17 |
4/17 |
5/17 |
1/17 |
|
6/18 |
9/18 |
2/18 |
1/18 |
|
1/18 |
3/18 |
9/18 |
5/18 |
|
5/19 |
7/19 |
6/19 |
1/19 |
|
1/17 |
5/17 |
7/17 |
4/17 |
|
8/17 |
1/17 |
5/17 |
3/17 |
|
9/20 |
6/20 |
1/20 |
4/20 |
|
1/9 |
4/9 |
3/9 |
1/9 |
|
4/11 |
1/11 |
5/11 |
1/11 |
Table 3. The ratio normalization
|
I |
|||
|
1.0 |
0.63 |
0.13 |
0.13 |
|
1.0 |
0.57 |
0.71 |
0.14 |
|
0.67 |
1.0 |
0.22 |
0.11 |
|
0,11 |
0.33 |
1.0 |
0.56 |
|
0.71 |
1.0 |
0.86 |
0.14 |
|
0.14 |
0.71 |
1.0 |
0.57 |
|
1.0 |
0.13 |
0.63 |
0.38 |
|
1.0 |
0.67 |
0.11 |
0.44 |
|
0.25 |
1.0 |
0.75 |
0.25 |
|
0.8 |
0.2 |
1.0 |
0.2 |
The next step involves the definition of a fuzzy similarity relation, which should be formed from the set of values of the very degree of similarity (rij) (4):
R=[rij/(Ki,Kj] (4)
It should be noted that rij =1-dij should hold, where dij is a kind of distance between the fuzzy set of threat impacts Ki and Kj (5):
Ii={μi1/K1, μi2/K2,….., μim/Km}
Ij={μj1/K1, μj2/K2,….., μjm/Km} (5)
Next, use the relative Euclid (dij(e)) and Hamming (dij(h)) to calculate dij (6):
dij(h)=1/n∑[μik-μjk]
dij(e)=1/n√∑(μik-μjk)2 (6)
Let's present the completed matrix of the fuzzy similarity relation with the corresponding properties of reflectivity and symmetry inherent in the research methodology (Table 4).
One of our tasks is to divide the selected set of threats into classes that, under no circumstances, do not intersect, but, in addition, must contain elements that are similar in degree of impact. To do this, let's give the original similarity relation R the so-called transitivity property. The calculation takes place through the maximum product of the corresponding matrices through the corresponding calculations. In order to divide the set of threats into non-overlapping classes and containing elements similar in degree of impact, it is necessary to give the initial non-transitive similarity relation R the property of transitivity. Such a transformation is provided by the operation of transitive closure of a fuzzy relation. As a result, we get Table 5 for R2, R3, R4.
Let's do the same for R5, R6 (Table 6).
Table 4. Filled matrix of fuzzy relation of similarity
|
R |
|||||||||||
|
1 |
0.84 |
0.81 |
0.38 |
0.65 |
0.44 |
0.69 |
0.91 |
0.53 |
0.61 |
0.59 |
0.86 |
|
0.84 |
1 |
0.68 |
0.54 |
0.76 |
0.57 |
0.81 |
0.75 |
0.67 |
0.76 |
0.76 |
0.73 |
|
0.81 |
0.68 |
1 |
0.38 |
0.82 |
0.48 |
0.53 |
0.72 |
0.73 |
0.55 |
0.85 |
0.67 |
|
0.38 |
0.54 |
0.38 |
1 |
0.54 |
0.88 |
0.59 |
0.44 |
0.66 |
0.7 |
0.53 |
0.39 |
|
0.65 |
0.76 |
0.82 |
0.54 |
1 |
0.64 |
0.59 |
0.58 |
0.83 |
0.73 |
0.95 |
0.51 |
|
0.44 |
0.57 |
0.48 |
0.88 |
0.64 |
1 |
0.5 |
0.52 |
0.76 |
0.61 |
0.63 |
0.3 |
|
0.69 |
0.81 |
0.53 |
0.59 |
0.59 |
0.5 |
1 |
0.72 |
0.53 |
0.76 |
0.6 |
0.8 |
|
0.91 |
0.75 |
0.72 |
0.44 |
0.58 |
0.52 |
0.72 |
1 |
0.52 |
0.55 |
0.59 |
0.78 |
|
0.53 |
0.67 |
0.73 |
0.66 |
0.83 |
0.76 |
0.53 |
0.52 |
1 |
0.59 |
0.87 |
0.39 |
|
0.61 |
0.76 |
0.55 |
0.7 |
0.73 |
0.61 |
0.76 |
0.55 |
0.59 |
1 |
0.68 |
0.68 |
|
0.59 |
0.76 |
0.85 |
0.53 |
0.95 |
0.63 |
0.6 |
0.59 |
0.87 |
0.68 |
1 |
0.52 |
|
0.86 |
0.73 |
0.67 |
0.39 |
0.51 |
0.3 |
0.8 |
0.78 |
0.39 |
0.68 |
0.52 |
1 |
Table 5. The results of the calculations for R2, R3, R4
|
R2 |
|||||||||||
|
1 |
0.84 |
0.81 |
0.61 |
0.81 |
0.64 |
0.81 |
0.91 |
0.73 |
0.76 |
0.81 |
0.86 |
|
0.84 |
1 |
0.81 |
0.7 |
0.76 |
0.67 |
0.76 |
0.84 |
0.76 |
0.76 |
0.76 |
0.84 |
|
0.81 |
0.81 |
1 |
0.66 |
0.85 |
0.73 |
0.85 |
0.81 |
0.85 |
0.73 |
0.85 |
0.81 |
|
0.61 |
0.7 |
0.66 |
1 |
0.7 |
0.88 |
0.7 |
0.59 |
0.76 |
0.7 |
0.68 |
0.68 |
|
0.81 |
0.76 |
0.85 |
0.7 |
1 |
0.76 |
1 |
0.75 |
0.87 |
0.76 |
0.95 |
0.73 |
|
0.64 |
0.67 |
0.73 |
0.88 |
0.76 |
1 |
0.61 |
0.59 |
0.76 |
0.7 |
0.76 |
0.61 |
|
0.81 |
0.81 |
0.72 |
0.7 |
0.76 |
0.61 |
0.59 |
0.78 |
0.67 |
0.76 |
0.76 |
0.8 |
|
0.91 |
0.84 |
0.81 |
0.59 |
0.75 |
0.59 |
0.76 |
1 |
0.72 |
0.75 |
0.75 |
0.86 |
|
0.73 |
0.76 |
0.85 |
0.76 |
0.87 |
0.76 |
0.67 |
0.72 |
1 |
0.73 |
0.87 |
0.67 |
|
0.76 |
0.76 |
0.73 |
0.7 |
0.76 |
0.7 |
0.76 |
0.75 |
0.73 |
1 |
0.76 |
0.76 |
|
0.81 |
0.76 |
0.85 |
0.68 |
0.95 |
0.76 |
0.76 |
0.75 |
0.87 |
0.76 |
1 |
0.73 |
|
0.86 |
0.84 |
0.81 |
0.68 |
0.73 |
0.61 |
0.8 |
0.86 |
0.67 |
0.76 |
0.73 |
1 |
|
R3 |
|||||||||||
|
1.0 |
0.84 |
0.81 |
0.7 |
0.81 |
0.73 |
0.81 |
0.91 |
0.81 |
0.76 |
0.81 |
0.86 |
|
0.84 |
1.0 |
0.81 |
0.7 |
0.81 |
0.76 |
0.81 |
0.84 |
0.76 |
0.76 |
0.81 |
0.84 |
|
0.81 |
0.81 |
1.0 |
0.73 |
0.85 |
0.76 |
0.81 |
0.81 |
0.85 |
0.76 |
0.85 |
0.81 |
|
0.7 |
0.7 |
0.73 |
1.0 |
0.76 |
0.88 |
0,7 |
0.7 |
0.76 |
0.7 |
0.76 |
0,7 |
|
0.81 |
0.81 |
0.85 |
0.76 |
1.0 |
0.76 |
0.76 |
0.81 |
0.87 |
0.76 |
0.95 |
0.81 |
|
0.73 |
0.76 |
0.76 |
0.88 |
0.76 |
1.0 |
0.7 |
0.72 |
0.76 |
0.73 |
0.76 |
0.68 |
|
0.81 |
0.81 |
0.81 |
0.7 |
0.76 |
0.7 |
1.0 |
0.81 |
0.76 |
0.76 |
0.76 |
0.81 |
|
0.91 |
0.84 |
0.81 |
0.7 |
0.81 |
0.72 |
0.81 |
1.0 |
0,75 |
0.76 |
0.81 |
0.86 |
|
0.81 |
0.76 |
0.85 |
0.76 |
0.87 |
0.76 |
0.76 |
0,75 |
1.0 |
0.76 |
0.87 |
0.73 |
|
0.76 |
0.76 |
0.76 |
0.7 |
0.76 |
0.73 |
0.76 |
0.76 |
0.76 |
1.0 |
0.76 |
0.76 |
|
0.81 |
0.81 |
0.85 |
0.76 |
0.95 |
0.76 |
0.76 |
0.81 |
0.87 |
0.76 |
1.0 |
0.81 |
|
0.86 |
0.84 |
0.81 |
0.7 |
0.81 |
0.68 |
0.81 |
0.86 |
0.73 |
0.76 |
0.81 |
1.0 |
|
R4 |
|||||||||||
|
1.0 |
0.84 |
0.81 |
0.73 |
0.81 |
0.76 |
0.81 |
0.91 |
0.81 |
0.76 |
0.81 |
0.86 |
|
0.84 |
1.0 |
0.81 |
0.76 |
0.81 |
0.76 |
0.81 |
0.84 |
0.81 |
0.76 |
0.81 |
0.84 |
|
0.81 |
0.81 |
1.0 |
0.76 |
0.85 |
0.76 |
0.81 |
0.81 |
0.85 |
0.76 |
0.85 |
0.81 |
|
0.73 |
0.76 |
0.76 |
1.0 |
0.76 |
0.88 |
0.7 |
0.72 |
0.76 |
0.73 |
0.76 |
0,7 |
|
0.81 |
0.81 |
0.85 |
0.76 |
1.0 |
0.76 |
0.81 |
0.81 |
0.87 |
0.76 |
0.95 |
0.81 |
|
0.76 |
0.76 |
0.76 |
0.88 |
0.76 |
1.0 |
0.76 |
0,75 |
0.76 |
0.76 |
0.76 |
0.73 |
|
0.81 |
0.81 |
0.81 |
0,7 |
0.81 |
0.76 |
1.0 |
0.81 |
0.76 |
0.76 |
0.81 |
0.81 |
|
0.91 |
0.84 |
0.81 |
0.72 |
0.81 |
0,75 |
0.81 |
1.0 |
0.81 |
0.76 |
0.81 |
0.86 |
|
0.81 |
0.81 |
0.85 |
0.76 |
0.87 |
0.76 |
0.76 |
0.81 |
1.0 |
0.76 |
0.87 |
0.81 |
|
0.76 |
0.76 |
0.76 |
0.73 |
0.76 |
0.76 |
0.76 |
0.76 |
0.76 |
1.0 |
0.76 |
0.76 |
|
0.81 |
0.81 |
0.85 |
0.76 |
0.95 |
0.76 |
0.81 |
0.81 |
0.87 |
0.76 |
1.0 |
0.81 |
|
0.86 |
0.84 |
0.81 |
0.7 |
0.81 |
0.73 |
0.81 |
0.86 |
0.81 |
0.76 |
0.81 |
1.0 |
Table 6. The results of the calculations for R5, R6
|
R5 |
|||||||||||
|
1.0 |
0.84 |
0.81 |
0.76 |
0.81 |
0.76 |
0.81 |
0.91 |
0.81 |
0.76 |
0.81 |
0.86 |
|
0.84 |
1.0 |
0.81 |
0.76 |
0.81 |
0.76 |
0.81 |
0.84 |
0.81 |
0.76 |
0.81 |
0.84 |
|
0.1 |
0.81 |
1.0 |
0.76 |
0.85 |
0.76 |
0.81 |
0.81 |
0.85 |
0.76 |
0.85 |
0.81 |
|
0.76 |
0.76 |
0.76 |
1.0 |
0.76 |
0.88 |
0.76 |
0.75 |
0.76 |
0.76 |
0.76 |
0.73 |
|
0.81 |
0.81 |
0.85 |
0.76 |
1.0 |
0.76 |
0.81 |
0.81 |
0.87 |
0.76 |
0.95 |
0.81 |
|
0.76 |
0.76 |
0.76 |
0.88 |
0.76 |
1.0 |
0.76 |
0.76 |
0.76 |
0.76 |
0.76 |
0.76 |
|
0.81 |
0.81 |
0.81 |
0.76 |
0.81 |
0.76 |
1.0 |
0.81 |
0.81 |
0.76 |
0.81 |
0.81 |
|
0.91 |
0.84 |
0.81 |
0.75 |
0.81 |
0.76 |
0.81 |
1.0 |
0.81 |
0.76 |
0.81 |
0.86 |
|
0.81 |
0.81 |
0.85 |
0.76 |
0.87 |
0.76 |
0.81 |
0.81 |
1.0 |
0.76 |
0.87 |
0.81 |
|
0.76 |
0.76 |
0.76 |
0.76 |
0.76 |
0.76 |
0.76 |
0.76 |
0.76 |
1.0 |
0.76 |
0.76 |
|
0.81 |
0.81 |
0.85 |
0.76 |
0.95 |
0.76 |
0.81 |
0.81 |
0.87 |
0.76 |
1.0 |
0.81 |
|
0.86 |
0.84 |
0.81 |
0.73 |
0.81 |
0.76 |
0.81 |
0.86 |
0.81 |
0.76 |
0.81 |
1.0 |
|
R6 |
|||||||||||
|
1.0 |
0.84 |
0.81 |
0.76 |
0.81 |
0.76 |
0.81 |
0.91 |
0.81 |
0.76 |
0.81 |
0.86 |
|
0.84 |
1.0 |
0.81 |
0.76 |
0.81 |
0.76 |
0.81 |
0.84 |
0.81 |
0.76 |
0.81 |
0.84 |
|
0.81 |
0.81 |
1.0 |
0.76 |
0.85 |
0.76 |
0.81 |
0.81 |
0.85 |
0.76 |
0.85 |
0.81 |
|
0.76 |
0.76 |
0.76 |
1.0 |
0.76 |
0.88 |
0.76 |
0.76 |
0.76 |
0.76 |
0.76 |
0.76 |
|
0.81 |
0.81 |
0.85 |
0.76 |
1.0 |
0.76 |
0.81 |
0.81 |
0.87 |
0.76 |
0.95 |
0.81 |
|
0.76 |
0.76 |
0.76 |
0.88 |
0.76 |
1.0 |
0.76 |
0.76 |
0.76 |
0.76 |
0.76 |
0.76 |
|
0.81 |
0.81 |
0.81 |
0.76 |
0.81 |
0.76 |
1.0 |
0.81 |
0.81 |
0.76 |
0.81 |
0.81 |
|
0.91 |
0.84 |
0.81 |
0.76 |
0.81 |
0.76 |
0.81 |
1.0 |
0.81 |
0.76 |
0.81 |
0.86 |
|
0.81 |
0.81 |
0.85 |
0.76 |
0.87 |
0.76 |
0.81 |
0.81 |
1.0 |
0.76 |
0.87 |
0.81 |
|
0.76 |
0.76 |
0.76 |
0.76 |
0.76 |
0.76 |
0.76 |
0.76 |
0.76 |
1.0 |
0.76 |
0.76 |
|
0.81 |
0.81 |
0.85 |
0.76 |
0.95 |
0.76 |
0.81 |
0.81 |
0.87 |
0.76 |
1.0 |
0.81 |
|
0.86 |
0.84 |
0.81 |
0.76 |
0.81 |
0.76 |
0.81 |
0.86 |
0.81 |
0.76 |
0.81 |
1.0 |
Our calculations led to the fact that R3= R4…..= Rn. Thus, the ratio R will be in the following form (7):
R=R$\cup$R2$\cup$R3$\cup$….$\cup$Rk $\cup$….=R6 (7)
Next, the ranks of threats to information security in the cybersecurity system should be determined ($\rho_i=\sum_{i=1}^m \mu_{i j}$). Everything is simple. The value of the rows from Table 3 should be summed up, and we will find the ranks of the threats: ρ1=1.89; ρ2=ρ6=2.42; ρ3=ρ4=2; ρ5=2.71; ρ7=2.14; ρ8=2.22; ρ9=2.25; ρ10=2.2; ρ11=2.51; ρ12=1.33.
By itself, we arrange the fuzzy relation R according to α - levels and get (8):
R=$\cup$αRα=0.76R0.76$\cup$0.81R0.81$\cup$0.84R0.84$\cup$
0.85R0.85$\cup$0.86R0.86$\cup$0.87R0.87$\cup$0.88R0.88$\cup$0.91R0.91$\cup$0.95R0.95$\cup$R1 (8)
Level α relations with graphs are presented in Table 7.
As a result, we have the fact that the ratio a-level forms the classes of information protection threats in the cyber security system that are equivalent in importance to us (Table 8).
Table 7. Level α relations with graphs
|
α |
Rα |
Graph |
|
0.76 |
1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 |
|
|
0.81 |
1 1 1 0 1 0 1 1 1 0 1 1 1 1 1 0 1 0 1 1 1 0 1 1 1 1 1 0 1 0 1 1 1 0 1 1 0 0 0 1 0 1 0 0 0 0 0 0 1 1 1 0 1 0 1 1 1 0 1 1 0 0 0 1 0 1 0 0 0 0 0 0 1 1 1 0 1 0 1 1 1 0 1 1 1 1 1 0 1 0 1 1 1 0 1 1 1 1 1 0 1 0 1 1 1 0 1 1 0 0 0 0 0 0 0 0 0 1 0 0 1 1 1 0 1 0 1 1 1 0 1 1 1 1 1 0 1 0 1 1 1 0 1 1 |
|
|
0.84 |
1 1 0 0 0 0 0 1 0 0 0 1 1 1 0 0 0 0 0 1 0 0 0 1 0 0 1 0 1 0 0 0 1 0 1 0 0 0 0 1 0 1 0 0 0 0 0 0 0 0 1 0 1 0 0 0 1 0 1 0 0 0 0 1 0 1 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 1 1 0 0 0 0 0 1 0 0 0 1 0 0 1 0 1 0 0 0 1 0 1 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 1 0 1 0 0 0 1 0 1 0 1 1 0 0 0 0 0 1 0 0 0 1 |
|
|
0.85 |
1 0 0 0 0 0 0 1 0 0 0 1 0 1 0 0 0 0 0 0 0 0 0 0 0 0 1 0 1 0 0 0 1 0 1 0 0 0 0 1 0 1 0 0 0 0 0 0 0 0 1 0 1 0 0 0 1 0 1 0 0 0 0 1 0 1 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 1 0 0 0 0 0 0 1 0 0 0 1 0 0 1 0 1 0 0 0 1 0 1 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 1 0 1 0 0 0 1 0 1 0 1 0 0 0 0 0 0 1 0 0 0 1 |
|
|
0.86 |
1 0 0 0 0 0 0 1 0 0 0 1 0 1 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 1 0 1 0 0 0 0 0 0 0 0 0 0 1 0 0 0 1 0 1 0 0 0 0 1 0 1 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 1 0 0 0 0 0 0 1 0 0 0 1 0 0 0 0 1 0 0 0 1 0 1 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 1 0 0 0 1 0 1 0 1 0 0 0 0 0 0 0 0 0 0 1 |
|
|
0.87 |
1 0 0 0 0 0 0 1 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 1 0 1 0 0 0 0 0 0 0 0 0 0 1 0 0 0 1 0 1 0 0 0 0 1 0 1 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 1 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 1 0 0 0 1 0 1 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 1 0 0 0 1 0 1 0 0 0 0 0 0 0 0 0 0 0 0 1 |
|
|
0.88 |
1 0 0 0 0 0 0 1 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 1 0 1 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 1 0 0 0 0 1 0 1 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 1 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 1 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 1 |
|
|
0.91 |
1 0 0 0 0 0 0 1 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 1 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 1 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 1 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 1 |
|
|
0.95 |
1 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 1 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 1 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 1 |
|
|
1 |
1 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 1 |
Table 8. Threat classes are equivalent in weight
|
Level |
№ |
Threat classes |
|
α = 0.76 |
1 |
{K1, K2, K3, K4, K5, K6, K7, K8, K9, K10, K11, K12} |
|
α = 0.81 |
2 |
{K1, K2, K3, K4, K5, K6, K7, K8, K9, K11, K12}, {K10} |
|
α = 0.84 |
3 |
{K1, K2, K3, K4, K5, K6, K8, K9, K11, K12} {K7}, {K10} |
|
α = 0.85 |
4 |
{K1, K3, K4, K5, K6, K8, K9, K11, K12} {K2}, {K7}, {K10} |
|
α = 0.86 |
5 |
{K1, K4, K5, K6, K8, K9, K11, K12} {K2}, {K3}, {K7}, {K10} |
|
α = 0.87 |
6 |
{K1, K4, K5, K6, K8, K9, K11} {K2}, {K3}, {K7}, {K10}, {K12} |
|
α = 0.88 |
7 |
{K1, K5, K6, K8, K11} {K2}, {K3}, {K4}, {K7}, {K9}, {K10}, {K12} |
|
α = 0.91 |
9 |
{K1, K5, K8, K11} {K2}, {K3}, {K4}, {K6},{K7}, {K9}, {K10}, {K12} |
|
α = 0.95 |
11 |
{K5, K11} {K1}, {K2}, {K3}, {K4}, {K6}, {K7}, {K8}, {K9}, {K10}, {K12} |
|
α = 1 |
12 |
{K1}, {K2}, {K3}, {K4}, {K5}, {K6}, {K7}, {K8}, {K9}, {K10}, {K11}, {K12} |
On Figure 1 we will reflect the decomposition tree of the set of threats to information in the cybersecurity system chosen by us for research, the socio-economic system, into non-overlapping equivalence classes. We tried to describe all the calculations in the most accessible and simple way and present them in a form that is understandable to the reader. Figure 1 presented as the result of the study, in our opinion, better copes with the task.
Figure 1. Decomposition tree of the set of information threats in the «Sigma Software» cybersecurity system into equivalence classes
According to the results presented in Figure 1, we can note that with the maximum certainty (which is equal to 1), each information threat in the cybersecurity system constitutes a universal weight cluster. At the same time, taking into account quantitative estimates of the significance of threats, we will choose the level of uncertainty α = 0.95, since it is at this level that all threats do not differ in ranks. At this level of uncertainty, we get: ρ1=1.89; ρ2=ρ6=2.42; ρ3=ρ4=2; ρ7=2.14; ρ8=2.22; ρ9=2.25; ρ10=2.2; ρ12=1.33. ρ5=ρ11=2.61.
At the same time, let S0 imagine the costs of ensuring the protection of information in the «Sigma Software» cybersecurity system, which are acceptable and possible. In this case, these costs should be divided in proportion to certain ranks of cybersecurity threats (9):
∑Si=S0, S1=0.072S0 , S2=S6=0.093S0 , S3=S4=0.077S0 , S5=S11=0.1S0 , S7= 0.082S0 , S8=0.085S0 , S9= 0.086S0 , S10=0.084S0 , S12=0.051S0 , (9)
Otherwise, we denote by λ0 the level of permissible intensity of the reduction of the information security system «Sigma Software» (10):
∑λi=λ0, λ1=0.072λ0, λ2=λ6=0.093λ0, λ3=λ4=0.077λ0, λ5=λ11=0.1λ0, λ7= 0.082λ0, λ8=0.085λ0, λ9= 0.086λ0, λ10=0.084λ0, λ12=0.051λ0, (10)
So, the results of the study made it possible to rank the information security threats identified for the article in the cybersecurity system of the object we have chosen («Sigma Software»). It is possible that the ranking results are not quite accurate and have a certain amount of inaccuracy, but along with the above, the main thesis that runs through our study is to demonstrate the effectiveness and efficiency of the presented approaches for solving such problems. In general, this made it possible to determine the permissible intensity of reducing the level of information security in the Sigma Software cybersecurity system. In addition, the costs of ensuring the security of information in the «Sigma Software» cybersecurity system were also determined. The practical effect will be that this can contribute to the timely introduction of effective mechanisms to counter threats, the rational redistribution of forces and means to neutralize them.
We should discuss the differences between the results of our study and similar ones. Firstly, for example, some scientists [14-16] consider methods for assessing the impact of threats on the level of cybersecurity associated with qualitative, quantitative and mixed assessment of information risks. Highlight their advantages and disadvantages. A number of models are considered for assessing the risks of a cybersecurity system based on fuzzy logic. As a result, it is established that most of the above methods and models require complex calculations and a long time to process the necessary data, while risk assessment is most often carried out only to the level of assets, and their impact on the functioning of the system under study is not taken into account. But our study does not focus on the analysis of all existing methods, but uses one, specific methodological approach for one, specific socio-economic system and its cybersecurity.
Other scientists, in similar studies, propose [17] a model for assessing the level of information security based on a cognitive approach that simplifies calculations and reduces the processing time of incoming information. Others [18] improve the visibility of the input data to ensure cybersecurity protection. Scenario modelling is carried out, as a result of which the level of security of the system itself is determined [19, 20]. However, in our case, the focus is on ranking information threats in the cybersecurity system in order to determine the level of protection and the costs of this.
Discussing the results of the study, one should also talk about the shortcomings. The main disadvantage is that we have chosen only one socio-economic system and its information.
Summing up the results of our study, the ranking of information threats in the cybersecurity system of a single object selected for research was carried out using the theory of fuzzy relations. On the basis of certain ranks, the set of threats is divided into classes that do not intersect and are equivalent to weight. To ensure the security of the systems under study, the distribution of allowable costs in proportion to the ranks of threats is proposed, which will contribute to the rational use of resources and means to prevent, eliminate or reduce the impact of possible cybersecurity threats. In addition, based on the ranking of threats, the permissible intensity of reducing the level of protection of the cybersecurity system was determined, which will allow timely implementation of effective mechanisms to counter threats, rationally redistribute forces and means to neutralize them.
It should be noted that the results obtained allow us to predict the development of the situation in order to make timely and effective management decisions aimed at increasing the security of the information itself in the cybersecurity system. Attention should be paid to determining the influence of the most significant concepts of a fuzzy cognitive map on the security of information as such in the cybersecurity system of the selected object. The results of which make it possible to determine and compare the levels of influence of the studied threats on the security of a given object at different points in time.
[1] Ilchenko, O.V., Chumak, V.V., Kuzmenko, S., Shelukhin, O., Dobrovinskyi, A.V. (2019). Fishing as a cybercrime in the Internet banking system: economic and legal aspects. Journal of Legal, Ethical and Regulatory, 22(2): 6.
[2] Chowdhury, N., Nystad, E., Reegård, K., Gkioulos, V. (2022). Cybersecurity training in Norwegian critical infrastructure companies. International Journal of Safety and Security Engineering, 12(3): 299-310. https://doi.org/10.18280/ijsse.120304
[3] Yemelyanov, V., Nikonenko, U., Sytnyk, Y., Okhrimenko, I., Shulga, A. (2022). A model for countering the information and technical threats of intellectual capital management of innovation-oriented systems in the engineering sector. Ingénierie des Systèmes d’Information, 27(5): 799-806. https://doi.org/10.18280/isi.270513
[4] Kryshtanovych, M., Filippova, V., Huba, M., Kartashova, O., Molnar, O. (2020). Evaluation of the implementation of the circular economy in EU countries in the context of sustainable development. Business: Theory and Practice, 21(2): 704-712. https://doi.org/10.3846/btp.2020.12482
[5] Kryshtanovych, M., Petrovskyi, P., Khomyshyn, I., Bezena, I., Serdechna, I. (2020) Peculiarities of implementing governance in the system of social security. Business, Management and Education, 18(1): 142-156. https://doi.org/10.3846/bme.2020.12177
[6] Kryshtanovych, S., Lyubomudrova, N., Tymofeev, S., Shmygel, O., Komisarenko, A. (2022). Modeling ways of counteraction to external threats to corporate security of engineering enterprises in the context of COVID-19. International Journal of Safety and Security Engineering, 12(2): 217-222. https://doi.org/10.18280/ijsse.120210
[7] Magruk, A. (2016). Uncertainty in the sphere of the Industry 4.0 – potential areas to research. Business, Management and Economics Engineering, 14(2): 275-291. https://doi.org/10.3846/bme.2016.332
[8] Gordieiev, O., Kharchenko, V., Illiashenko, O., Morozova, O., Gasanov, M. (2021). Concept of using eye tracking technology to assess and ensure cybersecurity, functional safety and usability. International Journal of Safety and Security Engineering, 11(4): 361-367. https://doi.org/10.18280/ijsse.110409
[9] Lainjo, B. (2020). Network security and its implications on program management. International Journal of Safety and Security Engineering, 10(6): 739-746. https://doi.org/10.18280/ijsse.100603
[10] Jing, Q., Vasilakos, A.V., Wan, J., Lu, J., Qiu, D. (2014). Security of the Internet of Things: Perspectives and challenges. Wireless Networks, 20: 2481-2501. https://doi.org/10.1007/s11276-014-0761-7
[11] Sylkin, O., Shtangret, A., Ogirko, O., Melnikov, A. (2018). Assessing the financial security of the engineering enterprises as preconditions of application of anti-crisis management: practical aspect. Business and Economic Horizons, 14(4): 926-940. https://doi.org/10.15208/beh.2018.63
[12] Sylkin, O., Kryshtanovych, M., Zachepa, A., Bilous, S., Krasko, A. (2019). Modeling the process of applying anti-crisis management in the system of ensuring financial security of the enterprise. Business: Theory and Practice, 20: 446-455. https://doi.org/10.3846/btp.2019.41
[13] Musman, S., Turner, A.J. (2018). A game oriented approach to minimizing cybersecurity risk. International Journal of Safety and Security Engineering, 8(2): 212-222. https://doi.org/10.2495/SAFE-V8-N2-212-222
[14] Dumchykov, M., Utkina, M., Bondarenko, O. (2022). Cybercrime as a threat to the national security of the Baltic States and Ukraine: The comparative analysis. International Journal of Safety and Security Engineering, 12(4): 481-490. https://doi.org/10.18280/ijsse.120409
[15] Leukfeldt, E.R., Lavorgna, A., Kleemans, E.R. (2017). Organised cybercrime or cybercrime that is organised? An assessment of the conceptualisation of financial cybercrime as organised crime. European Journal on Criminal Policy and Research, 23(3): 287-300. https://doi.org/10.1007/s10610-016-9332-z
[16] Martínez, J., Durán, J.M. (2021). Software supply chain attacks, a threat to global cybersecurity: SolarWinds’ case study. International Journal of Safety and Security Engineering, 11(5): 537-545. https://doi.org/10.18280/ijsse.110505
[17] Fakiha, B. (2021). Business organization security strategies to cyber security threats. International Journal of Safety and Security Engineering, 11(1): 101-104. https://doi.org/10.18280/ijsse.110111
[18] Singh, J., Pasquier, T., Bacon, J., Ko, H., Eyers, D. (2016). Twenty security considerations for cloud-supported Internet of Things. IEEE Internet of Things Journal, 3(3): 269-284. https://doi.org/10.1109/JIOT.2015.2460333
[19] Haddon, D.A.E. (2020). Zero Trust networks, the concepts, the strategies, and the reality. Strategy, Leadership, and AI in the Cyber Ecosystem: The Role of Digital Societies in Information Governance and Decision Making, 195-216. https://doi.org/10.1016/B978-0-12-821442-8.00001-X
[20] Tamburri, D.A., Miglierina, M., Di Nitto, E. (2020). Cloud applications monitoring: An industrial study. Information and Software Technology, 127: 106376. https://doi.org/10.1016/j.infsof.2020.106376
