Abstract
The article proposes a general structure of the modular decision support system (DSS) in cybersecurity tasks. A model is described for the subsystem of fuzzy inference (FI). Based on the FI rules for input values that can be obtained from sensors, multi-agent systems, SIEM sensors that detect the presence of threats, cyberattacks, anomalies, it is suggested to determine the output values for estimating the protection degree of critical computer systems (CCS) using DSS. The model assumes that the input values for the FI subsystem were obtained as a result of the fuzzification procedure in the corresponding module. Each element of the output values characterizes the presence or absence of a sign of unforeseen situations associated with anomalies, attacks or other attempts to interfere with the work of the CCS without authorization. An algorithm is proposed for forming a knowledge base of unforeseen (emergency) and typical situations in CCS. The algorithm differs from the known ones in that it made it possible to form a set of cases of typical responses to threats, anomalies and attacks in CCS, as well as rules for the output for authentication of unforeseen situations which are primarily associated with a targeted destructive impact on CCS. The use of the “fuzzy logic output” module allows one to display the state of the most vulnerable components of CCS as a multiparameter “image”. The obtained multiparameter “image” can be applied in DSS for a qualitative assessment of the security of CCS.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Cherdantseva, Y., Burnap, P., Blyth, A., et al.: A review of cyber security risk assessment methods for SCADA systems. Comput. Secur. 56, 1–27 (2016)
Abu Samra, A.A., Qunoo, H.N., Al Salehi, A.M.: Distributed malware detection algorithm (DMDA). Int. J. Comput. Netw. Inf. Secur. (IJCNIS) 9(8), 48–53 (2017). https://doi.org/10.5815/ijcnis.2017.08.07
Lakhno, V., Boiko, Y., Mishchenko, A., Kozlovskii, V., Pupchenko, O.: Development of the intelligent decision-making support system to manage cyber protection at the object of informatization. Eastern-Eur. J. Enterp. Technol. 2(9), 53–61 (2017). https://doi.org/10.15587/1729-4061.2017.96662
Hu, Z., Khokhlachova, Y., Sydorenko, V., Opirskyy, I.: Method for optimization of information security systems behavior under conditions of influences. Int. J. Intell. Syst. Appl. (IJISA) 9(12), 46–58 (2017). https://doi.org/10.5815/ijisa.2017.12.05
Hu, Z., Gnatyuk, S., Koval, O., Gnatyuk, V., Bondarovets, S.: Anomaly detection system in secure cloud computing environment. Int. J. Comput. Netw. Inf. Secur. (IJCNIS) 9(4), 10–21 (2017). https://doi.org/10.5815/ijcnis.2017.04.02
Akhmetov, B., Lakhno, V., Boiko, Y., et al.: Designing a decision support system for the weakly formalized problems in the provision of cybersecurity. Eastern-Eur. J. Enterp. Technol. 1(2(85)), 4–15 (2017). https://doi.org/10.15587/1729-4061.2017.90506
Hu, X., Xu, M., Xu, S., Zhao, P.: Multiple cyber attacks against a target with observation errors and dependent outcomes: characterization and optimization. Reliab. Eng. Syst. Saf. 159, 119–133 (2017)
Yang, Y., Xu, H.Q., Gao, L., Yuan, Y.B., McLaughlin, K., Sezer, S.: Multidimensional intrusion detection system for IEC 61850-based SCADA networks. IEEE Trans. Power Delivery 32(2), 1068–1078 (2017)
Wong, K., Dillabaugh, C., Seddigh, N., Nandy, B.: Enhancing Suricata intrusion detection system for cyber security in SCADA networks. In: IEEE 30th Canadian Conference on Electrical and Computer Engineering (CCECE), pp. 1–5 (2017)
Akhmetov, B., Lakhno, V., Akhmetov, B., Alimseitova, Z.: Development of sectoral intellectualized expert systems and decision making support systems in cybersecurity. In: Silhavy, R., Silhavy, P., Prokopova, Z. (eds.) Intelligent Systems in Cybernetics and Automation Control Theory. CoMeSySo 2018. Advances in Intelligent Systems and Computing, vol. 860, pp. 162–171 (2019). https://doi.org/10.1007/978-3-030-00184-1_15
Elhag, S., Fernández, A., Bawakid, A., Alshomrani, S., Herrera, F.: On the combination of genetic fuzzy systems and pairwise learning for improving detection rates on intrusion detection systems. Expert Syst. Appl. 42(1), 193–202 (2015)
Moustafa, N., Slay, J.: The evaluation of network anomaly detection systems: statistical analysis of the UNSW-NB15 data set and the comparison with the KDD99 data set. Inf. Secur. J.: Glob. Perspect. 25(1–3), 18–31 (2016)
Villaluna, J.A., Cruz, F.R.G.: Information security technology for computer networks through classification of cyber-attacks using soft computing algorithms. In: IEEE 9th International Conference on Humanoid, Nanotechnology, Information Technology, Communication and Control, Environment and Management (HNICEM), pp. 1–6 (2017)
Lakhno, V., Kazmirchuk, S., Kovalenko, Y., Myrutenko, L., Zhmurko, T.: Design of adaptive system of detection of cyber-attacks, based on the model of logical procedures and the coverage matrices of features. Eastern-Eur. J. Enterp. Technol. 3(9), 30–38 (2016). https://doi.org/10.15587/1729-4061.2016.71769
Lakhno, V., Tkach, Y., Petrenko, T., Zaitsev, S., Bazylevych, V.: Development of adaptive expert system of information security using a procedure of clustering the attributes of anomalies and cyber attacks. Eastern-Eur. J. Enterp. Technol. 6(9), 32–44 (2016). https://doi.org/10.15587/1729-4061.2016.85600
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Lakhno, V.A. (2020). Algorithms for Forming a Knowledge Base for Decision Support Systems in Cybersecurity Tasks. In: Hu, Z., Petoukhov, S., Dychka, I., He, M. (eds) Advances in Computer Science for Engineering and Education II. ICCSEEA 2019. Advances in Intelligent Systems and Computing, vol 938. Springer, Cham. https://doi.org/10.1007/978-3-030-16621-2_25
Download citation
DOI: https://doi.org/10.1007/978-3-030-16621-2_25
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-16620-5
Online ISBN: 978-3-030-16621-2
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)