Modeling of the decision-making procedure for financing of cyber security means of cloud services by the medium of a bilinear multistep quality game with several terminal surfaces

Authors

  • Valery Lakhno European University
  • Berik Akhmetov Caspian State University of Technologies and Engineering named after Sh. Yessenov
  • Volodimir Malyukov European University
  • Timur Saatdinovich Kartbayev Almaty University of Power Engineering and Telecommunication

Abstract

The model is developed for the intellectualized
decision-making support system on financing of cyber security
means of transport cloud-based computing infrastructures, given
the limited financial resources. The model is based on the use of
the theory of multistep games tools. The decision, which gives
specialists a chance to effectively assess risks in the financing
processes of cyber security means, is found. The model differs
from the existing approaches in the decision of bilinear multistep
quality games with several terminal surfaces. The decision of
bilinear multistep quality games with dependent movements is
found. On the basis of the decision for a one-step game, founded
by application of the domination method and developed for
infinite antagonistic games, the conclusion about risks for players
is drawn. The results of a simulation experiment within program
implementation of the intellectualized decision-making support
system in the field of financing of cyber security means of cloudbased
computing infrastructures on transport are described. Confirmed
during the simulation experiment, the decision assumes
accounting a financial component of cyber defense strategy at
any ratios of the parameters, describing financing process.

Author Biographies

Valery Lakhno, European University

Head of the Department of cybersecurity

Berik Akhmetov, Caspian State University of Technologies and Engineering named after Sh. Yessenov

Rector

Volodimir Malyukov, European University

Department of Information Systems and
Mathematical Disciplines

Timur Saatdinovich Kartbayev, Almaty University of Power Engineering and Telecommunication

Head of the Department "IT-engineering"

References

K. Sagar, A. Kumar, G. Ankush, T. Harika, M. Saranya,and D. Hemanth.

”Implementation of IoT based railway calamity avoidance system using

cloud computing technology”, Indian Journal of Science and Technology

(17), 1–5 (2016).

S. Ramgovind, M. Eloff,and E. Smith, ”The management of security in

cloud computing”,In Information Security for South Africa (ISSA), 1–7

(2010).

A. Sajid, H. Abbas,and K. Saleem,”Cloud-assisted iot-based scada

systems security: A review of the state of the art and future challenges”,

IEEE Access 4, 1375-1384 (2016).

O. Petrov, B. Borowik, M. Karpinskyy, O. Korchenko,and V. Lakhno,

”Immune and defensive corporate systems with intellectual identification

of threats, Pszczyna : lska Oficyna Drukarska”, 222 p. ISBN: 978–83–

–68–8 (2016).

V. Lakhno, ”Development of a support system for managing the cyber

security, Radio Electronics, Computer Science, Control”, No. 2, 109-116

(2017).

V. Malyukov, ”A differential game of quality for two groups of objects”,

Journal of Applied Mathematics and Mechanics,Vol. 5 (55), 596–

(1991).

I. Krass, V. Malyukov, ”O sushhestvovanii optimal’nyh smeshannyh

strategij dlja nekotoryh antagonisticheskih igr, Optimizacija” 20

(37),135–146 (1978).

M. Manshaei, Q. Zhu, T. Alpcan, ”Game theory meets network security

and privacy”,ACM Computing Surveys, 3 (45), 1-39, (2013).

N. BenAsher, C. Gonzalez, ”Effects of cyber security knowledge on

attack detection”,Computers in Human Behavior, (48), 51-61, (2015).

J. Grossklags, N. Christin, J. Chuang, ”Secure or insure?: a gametheoretic

analysis of information security games”,(Conferense) 17th

international conference on World Wide Web, Beijing, China, 21-25

April 2008 : proceedings. New York, ACM, 2008. 209-218.

H. Cavusoglu, B. Mishra, S. Raghunathan, ”A model for evaluating IT

security investments”,Communications of the ACM,7 (47), 87-92 (2004).

A. Fielder, E. Panaousis, P. Malacaria, Decision support approaches for

cyber security investment, Decision Support Systems, Vol. 86, 13-23

(2016).

P. Meland, I. Tondel, B. Solhaug, ”Mitigating risk with cyberinsurance”,

IEEE Security and Privacy, 13 (6), 38-43 (2015).

A. Fielder, S. Konig, E. Panaousis, S. Schauer, and S. Rass, Uncertainty

in Cyber Security Investments. arXiv preprint arXiv:1712.05893 (2017).

A. Fielder, E. Panaousis, P. Malacaria, ”Game theory meets information

security management”, IFIP International Information Security Conference,

Marrakech, Morroco, 2-4 June 2014 : proceedings, Berlin,

Springer, 15-29 (2014).

X. Gao, W. Zhong, S. Mei, ”A game-theoretic analysis of information

sharing and security investment for complementary firms”, Journal of

the Operational Research Society, 11 (65), 1682-1691 (2014).

V. Malyukov, ”Discrete-approximation method for solving a bilinear

differential game”, Cybernetics and Systems Analysis, Vol. 6 (29), 879

(1993).

V. Lakhno, V. Malyukov, N. Gerasymchuk, ”Development of the

decision making support system to control a procedure of financial

investment”, Eastern-European Journal of Enterprise Technologies, 3

(6), 24-41 (2017).

F. Smeraldi, P. Malacaria, ”How to spend it: optimal investment for cyber

security”, 1st International Workshop on Agents and CyberSecurity,

Paris, France, 0608 May 2014 : proceedings, New York, ACM, 2014,

B. Akhmetov, B, V. Lakhno, Y. Boiko, A. Mishchenko, ”Designing

a decision support system for the weakly formalized problems in the

provision of cybersecurity”, Eastern-European Journal of Enterprise

Technologies, 1(2(85)), 4-15 (2017).

M. Chronopoulos, E. Panaousis, and J. Grossklags, ”An options approach

to cybersecurity investment”, IEEE Access (2017).

S. Rass, S. Knig, and S. Schauer, ”Uncertainty in games: Using

probability-distributions as payoffs”, In International Conference on

Decision and Game Theory for Security (pp. 346-357). Springer, Cham.

Y. Lee, R. Kauffman, and R. Sougstad, ”Profit-maximizing firm investments

in customer information security”, Decision support systems, 51

(4), 904-920 (2011).

T. Moore, S. Dynes, and F. Chang, Identifying how firms manage

cybersecurity investment. Available: Southern Methodist University.

Available at: http://blog.smu.edu/research/files/2015/10/SMU-IBM. pdf

(Accessed 2015-12-14), 32 (2015).

Downloads

Published

2018-10-28

Issue

Section

Security, Safety, Military