Académique Documents
Professionnel Documents
Culture Documents
Prof. S. Tsiutsiura
Department of Information Technologies
National University of Construction and Architecture, Kyiv, Ukraine
Y. Ryndych
Department of Informative and Computer Systems,
Chernihiv National University of Technology, Chernihiv, Ukraine
A. Blozva
Department of Computer Systems and Networks,
National University of Life and Environmental Sciences of Ukraine, Kyiv, Ukraine
A.Desiatko
Department of Software Engineering and Cyber Security
National University of Trade and Economics, Kyiv, Ukraine
Y. Usov
Department of Cybersecurity and Mathematical Simulation,
Chernihiv National University of Technology, Chernihiv, Ukraine
S. Kaznadiy
Department of Informative and Computer Systems,
Chernihiv National University of Technology, Chernihiv, Ukraine
ABSTRACT
A modified algorithm for estimating the limits of the dual problem solution with
the branching order determination for solving the tasks of providing cyber security
and protection of information in information and communication transport systems
(ICTS) is proposed. Effective influence of the prior branching order determination of
http://www.iaeme.com/IJCIET/index.asp 1 editor@iaeme.com
Optimization of Information and Communication Transport Systems Protection Tasks
variables is experimentally tested. It is proved that the use of the algorithm improved
will increase the validity of the decisions made at the stages of ICTS design.
The proposed algorithm is universal and can be applied to solve a wide range of
optimization tasks.
Key words: Protection of Information, Information and Communication Systems,
Transport, Tasks Optimization.
Cite this Article: V. Lakhno, S. Tsiutsiura, Y. Ryndych, A. Blozva, A.Desiatko, Y.
Usov and S. Kaznadiy, Optimization of Information and Communication Transport
Systems Protection Tasks, International Journal of Civil Engineering and Technology
(IJCIET) 10(1), 2019, pp. 1–9.
http://www.iaeme.com/IJCIET/issues.asp?JType=IJCIET&VType=10&IType=1
1. INTRODUCTION
The peculiarity of the tasks for optimizing the complex of information security methods
(ISM) and its restorative redundancy is the presence of limitations, the feasibility of which is
verified by the analytical methods or by the method of simulation. To solve the problems of
such a class, two approaches are proposed: 1) inclusion the nonlinear constraints in the
scheme of branching; 2) solving the reduced task without taking into account nonlinear
constraints, and on the received set of admissible decisions, the feasibility checking of these
restrictions comes out.
When performing the task using the first approach, on the opinion of many experts [1,2],
it is advisable to use algorithms based on the ideas of the branches and limits method. In order
to determine the set of admissible solutions of the reduced task, the modified method of the
functional equations dynamic programming counter solution is proposed in the article. While
modifying the method, indicators characterizing the ratio of the information owner to the
potential risks associated with investing in ISM is taken into account, namely the variants in
which the owner can choose from the following options : 1) protection of all the nodes of
information and communication transport systems(ICTS); 2) selective protection of those
ICTS nodes that are in communication with public networks (PN); protection of nodes with
critically important information for business processes of the company; etc.
For the security subsystems synthesis, it is necessary to choose such a set which ensures
either the minimum probability of unauthorized access (UAA) with restrictions on the value,
time and other indicators, or the minimum total losses from overcoming protection and the
costs of development and operation of ISW, or the minimum costs for the development and
operation of the system with limitations on the likelihood of protection overcoming. These
factors led to the relevance of the chosen article topic.
http://www.iaeme.com/IJCIET/index.asp 2 editor@iaeme.com
V. Lakhno, S. Tsiutsiura, Y. Ryndych, A. Blozva, A.Desiatko, Y. Usov and S. Kaznadiy
considered do not contain the acceptable algorithm for estimating the limits of the dual
problem solution with the branching order determination for the problem solution of
providing information protection in information and communication transport systems in the
paradigm of object-oriented programming.
Therefore, in general, the task of the algorithm modification is to estimate the limits of the
dual problem solution with the branching order determination for solving the problems of
providing information security in ICTS, taking into account the results of the other authors
proposed in [1–6], as well as our own publications [7–14].
a
j 1
ij x j bi i 1,2,..., m.
(3)
where РА – is the number of possible offender targets in ICTS; c j – the cost of m - ISM
at the j -th line of defense; aij the corresponding threat number for ICTS; bi number of
ICTS threats, which are implemented by the offender in achieving the ultimate goal of the
attack; n – is a set of security numbers that can potentially be used to counter a hacker.
To estimate the solution limits, condition (2) is weakened and replaced by the condition:
0 xj 1 j 1, n.
Then it is a dual problem for tasks (1) and (2)
m mn
ZL min bi yi yi , (4)
i 1 i m 1
with restrictions:
http://www.iaeme.com/IJCIET/index.asp 3 editor@iaeme.com
Optimization of Information and Communication Transport Systems Protection Tasks
a
i 1
ij y i y m j c j , j 1,2 ,..., n , (5)
yi 0, i = 1,2,...,m + n.
(6)
In the research works, the probabilistic probability of overcoming protection i , j ( t ) for
D i as a means (method) of protection, belonging to the turning point j and fixed by the
object pa has been determined, when the levels are to overcome j - 1, j - 2,...,1 .
We denote Qmatrix qei ,e 0,1,..., n, i 1,2,..., m n – a matrix, k-th line
contains the dual problem solution (4) – (6), but with j i1 , i 2 ,..., i k ;
KS KS1 KS 0 –the set of variables indexes, included in КS – is a partial solution (here
KS1 j \ x j 1, KS0 j \ x j 0 ; KU j : j 1,2,...,n – the set of the
variable main task indexes.
Then, an approximate algorithm for estimating the limits of the dual problem solution
with the branching order determination includes the following steps, described in Table 1.
Table 1 Algorithm for estimating the limits of the dual problem solution with the branching order
determination for solving the tasks of providing information security in ICTS
№ of step
Calculated parameter
Action Note
dependence
i 1,2,...,m n,
performed I 1,2,..., n
1
b m j 1, j 1,2,..., n
3 Choose the
d r min d i
k k
k i
variable yr
http://www.iaeme.com/IJCIET/index.asp 4 editor@iaeme.com
V. Lakhno, S. Tsiutsiura, Y. Ryndych, A. Blozva, A.Desiatko, Y. Usov and S. Kaznadiy
circle of the
branches tree i 1 t 1
yi 0,
0
i 1,2,..., m n
5 Determine the
qki qk 1,i yr ,
k
elements value of
the k-th matrix
line i 1,2,..., m n,
q0i 0,
where
i 1,2,..., m n.
6 Exclude from the m Check the condition k n , if the
plural I
k
aij y i ym j c j ,
i 1
condition is not fulfilled, then put
k=k+1 and go to step 2, otherwise–
equation index,
for which to step 7.
j 1,2 ,..., n
7 k When solving the task (2 –3)
Calculate yi yi yi ,
j
variables branching order is
j 1 determined by the massif
5. SIMULATION EXPERIMENT
In order to increase the efficiency of a counter solution functional equations dynamic
programming method, while solving the problem of optimizing the composition of ISM
complexes, as well as the volume of restorative PA and IA reserves, it is proposed to use a
way to streamline restrictions on rigidity based on the application of the duality theory.
It is assumed that losses can be caused not only by the fact of security violation protection
object pa, but also by the penetration of the j -th protection level by overcoming D j -th
means (method) of protection. Thus, the offender receives the opportunity to use information
that is determined by the level j and D j -th means, to the detriment of the system. If at the j -
http://www.iaeme.com/IJCIET/index.asp 5 editor@iaeme.com
Optimization of Information and Communication Transport Systems Protection Tasks
x j 1,2,...Aj j 1,2,..., N,
, (9)
On the basis of the dynamic programming method optimality principle, two functional
equations can be made:
n N
where Dmpin d ij(x j ), D in0 d ij(x j ), i 1,2,...m.
j 1 j n
The functional equations (10) and (11) differ from the usual functional equations in that
the number of restrictions in them is not constant, they can be solved at different values
m 1,2,...,MI. To complete the dual problem, the joint task (7) – (9) is given in the form
of a linear task with additional constraints:
N Aj
http://www.iaeme.com/IJCIET/index.asp 6 editor@iaeme.com
V. Lakhno, S. Tsiutsiura, Y. Ryndych, A. Blozva, A.Desiatko, Y. Usov and S. Kaznadiy
N Aj
d
j 1 k 1
x Dmpi ,
ikj kj i 1,2,...,MI
(12)
Aj
x
k 1
kj 1, j 1,2,..., N. (13)
MI MI N
ZL min Dmpi yi yi , (14)
i 1 i MI 1
MI
d
i 1
ikj yi y MI j rkj , (15)
k 1,2,..., Aj , j 1,2,..., N,
y i 0, i 1,2,...,MI N. (16)
where MI is the number of threats for ICTS.
The task (14) – (16) is used to rearrange the restrictions on stiffness. From the economic
interpretation of the dual task, it follows that the greater the value of the variable, the more
restrictive it is to it. In view of this, the restriction of the original task must be arranged in a
manner i1 ,i2 ,..., iMI , that satisfies the condition y i1 y i2 ... y iMI .
Experimental verification results of the preliminary determination variables branching
order effect are shown in Fig. 1.
Figure 1. Comparative characteristics of the branches and limits method for different restrictions
stiffness values
http://www.iaeme.com/IJCIET/index.asp 7 editor@iaeme.com
Optimization of Information and Communication Transport Systems Protection Tasks
The analysis of the results showed that the use of the preliminary determination variables
branching order method together with estimation decision limits simple-method can reduce
the time of solving tasks in 5 – 20 times.
7. GRATITUDES
The research and the article were done within the framework of promising scientific and
technical programs of the Department of Computer Systems and Networks of the National
University of Life and Environmental Sciences of Ukraine, as well as the grant of the
Republic of Kazakhstan, registration number AP05132723 “Development of adaptive expert
systems in the area of cybersecurity of critical objects of informatization”.
8. CONCLUSIONS
The article proposes the modified algorithm for estimating the limits of the dual problem
solution with the branching order determination for solving the problems of providing
information security in ICTS.
Under the computing experiment, the effectiveness influence of the previous
determination branching order of variables is checked. The use of the improved algorithm, as
well as the complex of models and methods developed for its optimization in the information
computing process is proved and ensuring the security of the information, allows to increase
the validity of the decisions taken at the stages of the ICTS designing, exploitation and
reconstruction of ICTS with distributed processing.
The proposed methods and algorithms are universal and can be applied to solve a wide
range of optimization tasks.
REFERENCES
[1] Gordon, L. A., & Loeb, M. P. (2002). The Economics of Information Security Investment.
ACM Transactions On Information and System Security (TISSEC), 5(4), pp. 438–457.
[2] Lakhno, V.A., Kravchuk, P.U., Malyukov, V.P., Domrachev, V.N., Myrutenko, L.V.,
Piven, O.S. (2017). Developing of the cyber security system based on clustering and
formation of control deviation signs, Journal of Theoretical and Applied Information
Technology, Vol. 95, Iss. 21, pp. 5778–5786.
[3] Cavusoglu, H., Mishra, B., & Raghunathan, S. (2004). A Model for Evaluating IT
Security Investments.Communications of The ACM,47(7), pp. 87–92.
[4] Campbell, K., Gordon, L. A., Loeb, M. P., & Zhou, L. (2003). The Economic Cost of
Publicly Announced Information Security Breaches: Empirical Evidence from The Stock
Market.Journal of Computer Security,11(3), 431–448.
[5] Osobennosti zashchity informacii v raspredelennyh sistemah telekommunikacij i
korporativnyh sistemah svyazi. V 3-h tomah [Tekst] / O.V. Esikov, R.N. Akinshin, A.S.
Kislicyn // Obespechenie informacionnoj bezopasnosti v ehkonomicheskoj i
http://www.iaeme.com/IJCIET/index.asp 8 editor@iaeme.com
V. Lakhno, S. Tsiutsiura, Y. Ryndych, A. Blozva, A.Desiatko, Y. Usov and S. Kaznadiy
http://www.iaeme.com/IJCIET/index.asp 9 editor@iaeme.com