Особенности оценки вредоносной активности в инфраструктуре Умного города на основе гранулирования информации и гранулярных моделей вычислений

Abstract

The object of the research is a new methodological approach to information granulation and fuzzy granular calculations, as a mathematical and methodological tool for improving the reliability of assessing the level of information security of the Smart City infrastructure. The proposed approach is one of the options for the practical application of elements of the theory of fuzzy sets in the tasks of search, identification and current assessment of signs of time-bearing activity. A detailed analysis of the features of this approach has been carried out, determining the expediency and conditions of its application for assessing malicious activity in the infrastructure of a Smart City. The theoretical aspects of the application of information granulation and fuzzy granular computing to the assessment of malicious activity combining various signs for various categories of potential threats to the infrastructure and subjects of a Smart City - the categories “cyberattack”, “malicious virus threat” or “data leakage (loss)” are studied and described. The analysis of the features of the proposed approach is carried out, which allows taking into account the opinions of experts and eliminating the vagueness associated with noise, disorder and lack of formalization of surveillance data collected and pre-processed in the interests of assessing threats and consequences of negative manifestations of malicious activity. A sequence of calculations and analytical expressions for calculating the estimated values of signs of harmful activity for various categories of potential threats to the infrastructure and subjects of a Smart City has been developed and described in detail. The approach assumes the practical possibility of evaluating signs of malicious activity using information granules formed on the basis of a minimum numerical distance between the values of membership functions characterizing vaguely specified data on the presence or absence of observed signs (attributes) of malicious activity, as well as granular summation and determination of the trace function of the granular sum. At the same time, the proposed approach makes it possible to obtain estimates of signs of malicious activity that are adequate to the tasks of monitoring the Smart City security policy and, ultimately, provides increased reliability of proactive threat control and analysis of the possible consequences of a negative manifestation of suspicious activity.