Decision-making in a state cybersecurity

Abstract

Nowadays, the issue of cyber security as a component of information security of the state is extremely relevant for Ukraine and the World community. Even so, it should be taken into account that the use of cyberspace expands people's communication capabilities, promotes the development of information technologies, research and novelty, and stimulates the development of industry and the economy. Nevertheless, the advantages of modern cyberspace can lead to new threats to people, society, national and international security. Along with initiatives of natural (unintentional) origin, the number and power of cyberattacks is increasing. These cyberattacks are inspired by the interests of individuals, groups, states, and associations of states. Increasing the effectiveness of mathematical modeling of state cyber security information systems can be ensured by modeling both the complex system and the subsystems that are the essential part of it. It stimulates the progress of models and algorithms that allow solving complex problems of system management and processing of the information flow. Furthermore, it is necessary to limit the tolerance interval of the solution for each task of the complex system of cyber security information systems. The following steps should be taken into account: – assignment of directive terms for solving problems; – information related tasks of information processing and transmission. The analysis of the research shows the weakness of a conventional approach to the complex solution of the problem of the synthesis of mathematical models and algorithms for determining the time of decision-making in the system of both security and information cyber security; methods of countering threats, mathematical methods of modeling, creating and evaluating models of both cyberattacks and cybersecurity and solving the problem of synthesis of mathematical models and algorithms for determining the time of decision-making in the system of both security and cyber security information systems. The defined issue is an unperformed part of the general problem of ensuring information security in complex systems of technical protection and information cyber security. The tasks belong to the class of problems of nonlinear mathematical programming. Performing them, methods of the theory of nonlinear programming can be used. The main priority of the tasks is its large dimension, which has a number of tasks that are performed in the network and are introduced in the information correlation. One of the current approaches to perform non-linear programming problems of large dimensions is the use of approximation methods of the theory of non-linear programming, the essence is that the solution of the finite-dimensional nonlinear complementarity problem is carried out as a result of solving a sequence of problems of a simpler type, which require significantly optimization operating costs than the original problem. Linear approximation is not always effective as it allows to obtain only a necessarily approximate value. Lately, the new research has introduced an approach to eliminate this fault with the help of auxiliary quadratic equation. The minimization method takes a special place among these methods. Unlike other methods of this class, it converges to any initial approximation and does not require assumptions about the convexity of functions, does not require firm positive certainty of the matrix of second derivatives of Lagrange functions, and has a fairly simple structure of the auxiliary quadratic problem. Hence, the linearization method has a linear rate of ascent. However, there is a modification of the method that means that at a considerable distance from the extremum point, the speed of convergence is linear, and with sufficient proximity to it, it is quadratic. Solving quadratic problems is not exact and only those restrictions with the maxima acceptable limits can be taken into account. This feature minimizes the dimension of auxiliary problems and thereby minimizes the computer complexity of the original nonlinear problem. The described algorithm is implemented in the form of applied programs for evaluating the effectiveness of algorithms for determining the time of decision-making by cyber security information systems. Thus, the given results can be used in the development of effective decision-making time determination algorithms based on mathematical models for decision-making support systems of the cyber security information system, as well as for modeling complex technical systems and assessing the effective use of several computing information systems. Key words: cyber security, cyber defense, cyber attacks, cyber defense system, information protection, state protection, cyber space, communication channels.