Optimization of the cyber security system structure based on accounting of the prevented damage cost
Authors: 
Igor Kotenko, Igor Saenko, Yury Sineshchuk, Valery Kuvatov, Oleg ChudakovAuthors Info & Claims
Article No.: 7, Pages 1 - 8
Abstract
Searching the optimum structure of cyber security systems is an important problem which should be solved to realize security mechanisms (means) in computing systems, especially when there are significant resource restrictions (small enterprises, built-in systems, cyber-physical systems, etc.). The complexity of this problem is caused by its uncertain, probabilistic, and nonlinear character. The paper proposes a mathematical model for determination of the cost of the damage prevented by cyber security means and the costs of installation and maintenance of the cyber security system under analysis. The optimization criterion is the minimal cost of the prevented damage. The variables of the problem are the quantities of the security means of various types installed in the security system. The paper considers a method to solve the problem and the features of its implementation. The possibilities of using various methods to increase the accuracy of initial data for the proposed model are analyzed.
References
[1]
David Elliott Bell and Leonard J. LaPadula. 1973. Secure Computer Systems: Mathematical Foundations and Model. Technical Report M74-244. The MITRE Corporation, Bedford, MA.
[2]
DOD 5200.28-STD. DOD Trusted Computer System Evaluation Criteria (Orange Book), https://csrc.nist.gov/csrc/media/publications/conference-paper/1998/10/08/proceedings-of-the-21st-nissc-1998/documents/early-cs-papers/dod85.pdf.
[3]
Chris Dalton and Tse Huong Choo. 2001. An Operating System Approach to Securing E-Services. Communications of the ACM, 44(2), 58--64.
[4]
Charlie Kaufman, Radia Perlman, and Mike Speciner. 1995. Network Security: Private Communication in a Public World. PTR Prentice Hall, Englewood Cliffs, New Jersey.
[5]
Information Technology Code of Practice for Information Security Management: BS ISO 17799. 2005. BSI Standards.
[6]
Peter A. Loscocco, Stephen D. Smalley, Patrick A. Muckelbauer, Ruth C. Taylor, S. Jeff Turner, and John F. Farrell. 1998. The Inevitability of Failure: The Flawed Assumption of Security in Modern Computing Environments, In Proceedings of the 21st National Information Systems Security Conference, 1998, pp. 303--314.
[7]
Igor Saenko, Sergey Ageev, and Igor Kotenko. 2015. Countermeasure Security Risks Management in the Internet of Things based on Fuzzy Logic Inference, In: Proceedings of the 14th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom-2015), 2015, pp. 655--659 (2015).
[8]
Igor Saenko, Sergey Ageev, and Igor Kotenko. 2016. Detection of traffic anomalies in multi-service networks based on a fuzzy logical inference. In Proceeding of the 10th International Symposium on Intelligent Distributed Computing (IDC 2016), 2016, pp. 79--88.
[9]
Anthony Luvanda, Stephen Kimani, and Micheal Kimwele. 2014. Identifying Threats Associated With Man-In-The Middle Attacks during Communications between a Mobile Device and the Back End Server in Mobile Banking Applications. IOSR Journal of Computer Engineering (IOSR-JCI), 12(2), 35--42.
[10]
Vladimir A. Chobanyan, Igor Yu. Shahalov. 2013. Analysis and synthesis of the requirements for safety systems of objects of critical information infrastructure. Issues of cybersecurity, 1(1), 7--27.
[11]
Peter W. Singer and Allan Friedman. 2014. Cybersecurity and Cyberwar: What Everyone Needs to Know. Oxford University Press.
[12]
James P.G. Sterbenz, Egemen Kemal Çetinkaya, Mahmood Hameed, Abdul Jabbar, and Justin P. Rohrer. 2011. Modelling and Analysis of Network Resilience. In Proceedings of the Third IEEE International Conference on Communication Systems and Networks (COMSNETS), 2011, pp. 1--10.
[13]
James P. G. Sterbenz, David Hutchison, Egemen K. Çetinkaya, Abdul Jabbar, Justin P. Rohrer, Marcus Schöller, and Paul Smith. 2010. Resilience and survivability in communication networks: Strategies, principles, and survey of disciplines. Comput. Netw., 54(8), 1245--1265.
[14]
Paul Smith, David Hutchison, James P.G. Sterbenz, Marcus Schöller, Ali Fessi, Merkouris Karaliopoulos, Chidung Lac, and Bernhard Plattner. 2011. Network resilience: a systematic approach. IEEE Communications Magazine, 49(7), 88--97.
[15]
Alexander A. Ganin, Emanuele Massaro, Alexander Gutfraind, Nicolas Steen, Jeffrey M. Keisler, Alexander Kott, Rami Mangoubi, and Igor Linkov. 2010. Operational resilience: Concepts, design and analysis. Scientific Reports 6 Article 19540.
[16]
Bernard P. Zeigler, Tag Gon Kim, and Herbert Praehofer. 2000. Theory of Modeling and Simulation (2nd ed.). Academic Press, Inc., Orlando, FL, USA.
[17]
Abdullah Konak, David W. Coit, and Alice Smith. 2006. Multi-objective optimization using genetic algorithms: a tutorial. Reliability Engineering and Systems Safety, 91(9), 992--1007.
[18]
Paolo Di Barba. 2014. Basic principles of optimal design of electromagnetic devices and multi-objective optimization. ASM Handbook, Induction Heating and Heat Treatment, 4C, 359--365.
[19]
Paolo Di Barba, Maria Evelina Mognaschi, D.A. Lowther, Fabrizio Dughiero, Michele Forzan, S. Lupi, and Elisabetta Sieni. 2016. A benchmark problem of induction heating analysis. International Journal of Applied Electromagnetics and Mechanics, 53, 1--11.
[20]
Yuliya Pleshivtseva, Edgar Rapoport, Bernard Nacke, Alexander Nikanorov, Paolo Di Barba, Michele Forzan, Sergio Lupi, and Elisabetta Sieni. 2017. Design concepts of induction mass heating technology based on multiple-criteria optimization. Intern. Journal for Computation and Mathematics in Electrical and Electronic Engineering, 36(2), 386--400.
[21]
Elisabetta Sieni, Michele Forzan, and Paolo Di Barba. 2016. Migration NSGA: Method to Improve a Non-Elitist Searching of Pareto front with Application in Magnetics. Inverse Problems in Science and Engineering, 24(1), 543--566.
[22]
Christer Carlsson, and Robert Fuller. 1995. Multiple Criteria Decision Making: The Case for Interdependence. Computers and Operations Research, 22(3), 251--260.
[23]
Denis Y. Minkin, Yuri I. Sineshchuk, Sergey N. Terekhin, and Konstantin S. Yusherov. 2017. A method of constructing a structured database of the typical objects of protection on the basis of cluster analysis. Journal of Theoretical and Applied Information Technology, 95(20), 5331--5339.
[24]
Jose Fran Ruiz, Rajesh Harjani, Antonio Mana, Vasily Desnitsky, Igor Kotenko, and Andrey Chechulin. 2012. A Methodology for the Analysis and Modeling of Security Threats and Attacks for Systems of Embedded Components. In The 20th Euromicro International Conference on Parallel, Distributed and Network-Based Computing (PDP2012), 2012, pp. 261--268.
[25]
Helena V. Popova. 2014. Selection of information protection system by ensuring the competitiveness of enterprises. Scientific and Technical Journal of Information Technologies, Mechanics and Optics, 2(90), 155--160.
[26]
Darrell Whitley. 2001. An Overview of Evolutionary Algorithms: Practical Issues and Common Pitfalls. Journal of Information and Software Technology, 43, 817--831.
[27]
Lawrence A. Gordon and Martin P. Loeb. 2002. The economics of information security investment. ACM Transactions on Information and System Security, 5, 438--457.
[28]
Daniel Guinier. 1992. Object-oriented software for auditing information systems security following a methodology for IS risk analysis and optimization per level. ACM SIGSAC Review, 10, 22--30.
[29]
Bev Littlewood, Sarah Brocklehurst, Norman Fenton, Peter Mellor, Stella Page, David Wright, John Dobson, John McDermid, and Dieter Gollmann. 1993. Towards Operational Measures of Computer Security. J. Comput. Secur. 2(2--3), 211--229.
[30]
Wolfgang Boehmer. 2009. Cost-benefit trade-off analysis of an ISMS based on ISO 27001. In The Forth International Conference on Availability, Reliability and Security (ARES 2009), 2009, pp. 392--399.
Index Terms
- Optimization of the cyber security system structure based on accounting of the prevented damage cost
Recommendations
Government regulations in cyber security: Framework, standards and recommendations
AbstractCyber security refers to the protection of Internet-connected systems, such as hardware, software as well as data (information) from cyber attacks (adversaries). A cyber security regulation is needed in order to protect information ...
Highlights- We list and discuss the cyber attacks, security requirements and measures. We then discuss the cyber security incident management framework and its various ...
Cyber security framework for Internet of Things-based Energy Internet
AbstractWith the significant improvement in deployment of Internet of Things (IoT) into the smart grid infrastructure, the demand for cyber security is rapidly growing. The Energy Internet (EI) also known as the integrated internet-based smart grid and ...
Highlights- The security and privacy of components, data and events in the Energy Internet.
- The framework relies on an identity-based security mechanism.
- A secure communication protocol that provides secure data exchange.
- An Intelligent ...
CBR (Case-Based Reasoning) Evaluation Modeling for Security Risk Analysis in Information Security System
SECTECH '08: Proceedings of the 2008 International Conference on Security TechnologyInformation society is rapidity developing in the various fields of banking, trade, medical service, energy, and education using information system. Evaluation for security Risk analysis should be done before security management for information system ...
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
September 2019
179 pages
ISBN:9781450372428
DOI:10.1145/3357613
Copyright © 2019 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 12 September 2019
Check for updates
Author Tags
Qualifiers
- Research-article
Conference
SIN 2019
SIN 2019: The 12th International Conference on Security of Information and Networks
September 12 - 15, 2019
Sochi, Russia
Acceptance Rates
Overall Acceptance Rate 102 of 289 submissions, 35%
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 124Total Downloads
- Downloads (Last 12 months)8
- Downloads (Last 6 weeks)4
Reflects downloads up to 09 Jan 2025
Other Metrics
Citations
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in