V. Lakhno, D. Kasatkin, Maksym Misiura, Borys Husiev
{"title":"DESIGN OF KNOWLEDGE BASE FOR CYBER SECURITY SYSTEMS ON THE BASIS OF SUBJECT IDENTIFICATION METHOD","authors":"V. Lakhno, D. Kasatkin, Maksym Misiura, Borys Husiev","doi":"10.28925/2663-4023.2020.8.135148","DOIUrl":null,"url":null,"abstract":"The article presents the results of research performed in the process of designing an expert system (ES) designed to assess the threats to information security (IS) of critical information facilities (CIF). The approach to designing of expert system on the basis of syllogisms and logic of predicates, and also a method of meaningful identification of objects of knowledge base (KB) is offered. The essence of the method is that each object of the database of the projected EU, is matched by a tuple of keywords (ToK), the significance of which is determined by experts. Thus, each database object is placed in accordance with the element of the finite fuzzy topological space of the database objects. Meaningful identification takes place on the distance between the objects of the database. The approach proposed in the work, in comparison with the decisions of other authors, has a number of advantages. Namely, it allows: to model different variants of cyber threat scenarios for CIF and their consequences; determine the contribution of each of the factors or components of the architecture of the IS CIF to the overall picture of the probability of a cyber threat to the CIF; model the interaction of all IS factors and, if necessary, visualize this interaction; calculate and further rank the values of cyber threat probabilities for CIF for specific threat scenarios; automate the processes of threat modeling through the use of developed software and significantly reduce the time for audit of threats. It is shown that the use of the method of meaningful identification allows to increase the adequacy of the models of the selected subject area, as well as to prevent erroneous introduction of the same judgments of experts and goals in the EU database, in particular by combining hierarchies of goals formed by different expert groups. It is shown that the method can also be used to find the goals of the hierarchy, the exact wording of which, according to keywords, is unknown.","PeriodicalId":198390,"journal":{"name":"Cybersecurity: Education, Science, Technique","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Cybersecurity: Education, Science, Technique","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.28925/2663-4023.2020.8.135148","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 1
Abstract
The article presents the results of research performed in the process of designing an expert system (ES) designed to assess the threats to information security (IS) of critical information facilities (CIF). The approach to designing of expert system on the basis of syllogisms and logic of predicates, and also a method of meaningful identification of objects of knowledge base (KB) is offered. The essence of the method is that each object of the database of the projected EU, is matched by a tuple of keywords (ToK), the significance of which is determined by experts. Thus, each database object is placed in accordance with the element of the finite fuzzy topological space of the database objects. Meaningful identification takes place on the distance between the objects of the database. The approach proposed in the work, in comparison with the decisions of other authors, has a number of advantages. Namely, it allows: to model different variants of cyber threat scenarios for CIF and their consequences; determine the contribution of each of the factors or components of the architecture of the IS CIF to the overall picture of the probability of a cyber threat to the CIF; model the interaction of all IS factors and, if necessary, visualize this interaction; calculate and further rank the values of cyber threat probabilities for CIF for specific threat scenarios; automate the processes of threat modeling through the use of developed software and significantly reduce the time for audit of threats. It is shown that the use of the method of meaningful identification allows to increase the adequacy of the models of the selected subject area, as well as to prevent erroneous introduction of the same judgments of experts and goals in the EU database, in particular by combining hierarchies of goals formed by different expert groups. It is shown that the method can also be used to find the goals of the hierarchy, the exact wording of which, according to keywords, is unknown.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
