Algorithms for Forming a Knowledge Base for Decision Support Systems in Cybersecurity Tasks

Lakhno, V. A.

doi:10.1007/978-3-030-16621-2_25

Algorithms for Forming a Knowledge Base for Decision Support Systems in Cybersecurity Tasks

V. A. Lakhno ORCID: orcid.org/0000-0001-9695-4543¹⁸

Conference paper
First Online: 29 March 2019

705 Accesses
1 Citations

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 938))

Abstract

The article proposes a general structure of the modular decision support system (DSS) in cybersecurity tasks. A model is described for the subsystem of fuzzy inference (FI). Based on the FI rules for input values that can be obtained from sensors, multi-agent systems, SIEM sensors that detect the presence of threats, cyberattacks, anomalies, it is suggested to determine the output values for estimating the protection degree of critical computer systems (CCS) using DSS. The model assumes that the input values for the FI subsystem were obtained as a result of the fuzzification procedure in the corresponding module. Each element of the output values characterizes the presence or absence of a sign of unforeseen situations associated with anomalies, attacks or other attempts to interfere with the work of the CCS without authorization. An algorithm is proposed for forming a knowledge base of unforeseen (emergency) and typical situations in CCS. The algorithm differs from the known ones in that it made it possible to form a set of cases of typical responses to threats, anomalies and attacks in CCS, as well as rules for the output for authentication of unforeseen situations which are primarily associated with a targeted destructive impact on CCS. The use of the “fuzzy logic output” module allows one to display the state of the most vulnerable components of CCS as a multiparameter “image”. The obtained multiparameter “image” can be applied in DSS for a qualitative assessment of the security of CCS.

This is a preview of subscription content, log in via an institution.

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 169.00; Price excludes VAT (USA)

Softcover Book: USD 219.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

Cherdantseva, Y., Burnap, P., Blyth, A., et al.: A review of cyber security risk assessment methods for SCADA systems. Comput. Secur. 56, 1–27 (2016)
Article Google Scholar
Abu Samra, A.A., Qunoo, H.N., Al Salehi, A.M.: Distributed malware detection algorithm (DMDA). Int. J. Comput. Netw. Inf. Secur. (IJCNIS) 9(8), 48–53 (2017). https://doi.org/10.5815/ijcnis.2017.08.07
Article Google Scholar
Lakhno, V., Boiko, Y., Mishchenko, A., Kozlovskii, V., Pupchenko, O.: Development of the intelligent decision-making support system to manage cyber protection at the object of informatization. Eastern-Eur. J. Enterp. Technol. 2(9), 53–61 (2017). https://doi.org/10.15587/1729-4061.2017.96662
Article Google Scholar
Hu, Z., Khokhlachova, Y., Sydorenko, V., Opirskyy, I.: Method for optimization of information security systems behavior under conditions of influences. Int. J. Intell. Syst. Appl. (IJISA) 9(12), 46–58 (2017). https://doi.org/10.5815/ijisa.2017.12.05
Article Google Scholar
Hu, Z., Gnatyuk, S., Koval, O., Gnatyuk, V., Bondarovets, S.: Anomaly detection system in secure cloud computing environment. Int. J. Comput. Netw. Inf. Secur. (IJCNIS) 9(4), 10–21 (2017). https://doi.org/10.5815/ijcnis.2017.04.02
Article Google Scholar
Akhmetov, B., Lakhno, V., Boiko, Y., et al.: Designing a decision support system for the weakly formalized problems in the provision of cybersecurity. Eastern-Eur. J. Enterp. Technol. 1(2(85)), 4–15 (2017). https://doi.org/10.15587/1729-4061.2017.90506
Article Google Scholar
Hu, X., Xu, M., Xu, S., Zhao, P.: Multiple cyber attacks against a target with observation errors and dependent outcomes: characterization and optimization. Reliab. Eng. Syst. Saf. 159, 119–133 (2017)
Article Google Scholar
Yang, Y., Xu, H.Q., Gao, L., Yuan, Y.B., McLaughlin, K., Sezer, S.: Multidimensional intrusion detection system for IEC 61850-based SCADA networks. IEEE Trans. Power Delivery 32(2), 1068–1078 (2017)
Article Google Scholar
Wong, K., Dillabaugh, C., Seddigh, N., Nandy, B.: Enhancing Suricata intrusion detection system for cyber security in SCADA networks. In: IEEE 30th Canadian Conference on Electrical and Computer Engineering (CCECE), pp. 1–5 (2017)
Google Scholar
Akhmetov, B., Lakhno, V., Akhmetov, B., Alimseitova, Z.: Development of sectoral intellectualized expert systems and decision making support systems in cybersecurity. In: Silhavy, R., Silhavy, P., Prokopova, Z. (eds.) Intelligent Systems in Cybernetics and Automation Control Theory. CoMeSySo 2018. Advances in Intelligent Systems and Computing, vol. 860, pp. 162–171 (2019). https://doi.org/10.1007/978-3-030-00184-1_15
Elhag, S., Fernández, A., Bawakid, A., Alshomrani, S., Herrera, F.: On the combination of genetic fuzzy systems and pairwise learning for improving detection rates on intrusion detection systems. Expert Syst. Appl. 42(1), 193–202 (2015)
Article Google Scholar
Moustafa, N., Slay, J.: The evaluation of network anomaly detection systems: statistical analysis of the UNSW-NB15 data set and the comparison with the KDD99 data set. Inf. Secur. J.: Glob. Perspect. 25(1–3), 18–31 (2016)
Google Scholar
Villaluna, J.A., Cruz, F.R.G.: Information security technology for computer networks through classification of cyber-attacks using soft computing algorithms. In: IEEE 9th International Conference on Humanoid, Nanotechnology, Information Technology, Communication and Control, Environment and Management (HNICEM), pp. 1–6 (2017)
Google Scholar
Lakhno, V., Kazmirchuk, S., Kovalenko, Y., Myrutenko, L., Zhmurko, T.: Design of adaptive system of detection of cyber-attacks, based on the model of logical procedures and the coverage matrices of features. Eastern-Eur. J. Enterp. Technol. 3(9), 30–38 (2016). https://doi.org/10.15587/1729-4061.2016.71769
Article Google Scholar
Lakhno, V., Tkach, Y., Petrenko, T., Zaitsev, S., Bazylevych, V.: Development of adaptive expert system of information security using a procedure of clustering the attributes of anomalies and cyber attacks. Eastern-Eur. J. Enterp. Technol. 6(9), 32–44 (2016). https://doi.org/10.15587/1729-4061.2016.85600
Article Google Scholar

Download references

Author information

Authors and Affiliations

Department of Computer Systems and Networks, National University of Life and Environmental Sciences of Ukraine, Kyiv, Ukraine
V. A. Lakhno

Authors

V. A. Lakhno
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to V. A. Lakhno .

Editor information

Editors and Affiliations

School of Educational Information Technology, Central China Normal University, Wuhan, Hubei, China
Zhengbing Hu
Mechanical Engineering Research Institute of the Russian Academy of Sciences, Moscow, Russia
Sergey Petoukhov
“Igor Sikorsky Kiev Polytechnic Institute”, National Technical University of Ukraine, Kiev, Ukraine
Ivan Dychka
Halmos College of Natural Sciences and Oceanography, Nova Southeastern University, Ft. Lauderdale, FL, USA
Matthew He

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Lakhno, V.A. (2020). Algorithms for Forming a Knowledge Base for Decision Support Systems in Cybersecurity Tasks. In: Hu, Z., Petoukhov, S., Dychka, I., He, M. (eds) Advances in Computer Science for Engineering and Education II. ICCSEEA 2019. Advances in Intelligent Systems and Computing, vol 938. Springer, Cham. https://doi.org/10.1007/978-3-030-16621-2_25

Download citation

DOI: https://doi.org/10.1007/978-3-030-16621-2_25
Published: 29 March 2019
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-16620-5
Online ISBN: 978-3-030-16621-2
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)

Publish with us

Policies and ethics