Management of information and security events of computer systems using logical-dynamic models
DOI:
https://doi.org/10.20535/2411-1031.2025.13.1.328764Keywords:
management, information, event, security, logical-dynamic model, protection, computer system, information infrastructureAbstract
The article discusses one of the possible approaches to the organization of information management and security events of computer systems. The analysis of the known research results shows that the existing information and security event management systems are characterized by a number of functional limitations that prevent the achievement of a given level of management quality. These limitations are associated with the impossibility of optimal interpretation of security events and ensuring the full adaptive management of these incidents, taking into account real changes in the behavior of threats. Therefore, the purpose of the article is to offer an effective approach to the synthesis of algorithmic and software for information and security event management systems, the implementation of which will expand their capabilities by forming, depending on the dynamics of threats, automatic scenarios for responding to incidents. To achieve this goal, the fundamental provisions of the theory of logical-dynamic systems are used in modeling the processes of organization of information management and security events of computer systems. Based on this theory, a logical-dynamic model of information and security event management has been proposed, which has differences from existing models (for example, Petri Nets, Markov Chains, Bayesian Networks). The use of this model makes it possible to formalize the collection, processing and analysis of information about incidents, as well as to develop algorithms for their compensation. It is noted that the use of logical-dynamic models allows taking into account the complexity and dynamism of processes in computer systems, as well as the incompleteness of information about security events. An algorithm is presented that synergizes information about various incidents of computer systems and their processing in arrays of security events in order to further respond to these destructive events. The proposed algorithm has a number of advantages, including adaptability and flexibility. The practical significance of the work lies in the possibility of implementing the obtained research results to improve the existing and develop promising systems for protecting computer systems, which are part of the structure of critical information infrastructure facilities. The novelty of the proposed approach lies in the combination of traditional signature and behavioral methods of threat identification with their logical-dynamic analysis. This allows you to increase the accuracy and efficiency of detecting dangerous anomalies in computer systems.
References
P. M. Hrytsyuk, O. I. Joshi, and O. M. Gladka, Fundamentals of System and Management Theory: Textbook. Rivne, Ukraine: NUWMNR Publ., 2021.
V. I. Yashchuk, “Design of Automated Information Systems for Managing Cybernetic Security of Critical Infrastructure Facilities of Ukraine”, in Proc. Scien. and Prac. Conf. Actual Problems of Information Security Management of the State, Kyiv, 2021, pp. 233-235.
A. M. Grebenyuk, and L.V. Rybalchenko, Fundamentals of Information Security Management: Textbook. Dnipro, Ukraine: DSUIA Publ., 2020.
I. P. Khavina, Y. V. Gnusov, and O. O. Mozhaev, “Development of a Multi-Agent Information Security Management System”, Law and Security, no. 4 (87), pp. 171-183, 2022, doi: https://doi.org/10.32631/pb.2022.4.14.
V. V. Mokhor, and V. V. Tsurkan, “Computer Model for the Development of Information Security Management Systems”, Information Technologies and Security, vol. 9 (1), pp. 80-90, 2021, doi: https://doi.org/10.20535/2411-1031.2021.9.1.249814.
V. V. Tsurkan, “Method of Synthesis of the Structure of the Information Security Management System”, Ukrainian Scientific Journal of Information Security, vol. 26, iss. 2, pp. 116-122, 2020, doi: https://doi.org/10.18372/2225-5036.26.14926.
V. V. Tsurkan, and O. M. Shapoval, “Analysis of Methods for Assessing Computer Network Security Risks”, Information Technologies and Security, vol. 10 (2), pp. 204-215, 2022, doi: https://doi.org/10.20535/2411-1031.2022.10.2.270437.
V. V. Mokhor, and V. V. Tsurkan, “Methodology for Building Information Security Management Systems”, Information Protection, vol. 23, no. 4, pp. 200-212, 2021, doi: https://doi.org/10.18372/2410-7840.23.16766.
V. V. Tsurkan, “Method of Functional Analysis of Information Security Management Systems”, El. Prof. Scien. Ed. Cybersecurity: Education, Science, Technology, no. 4 (8), pp. 192-201, 2020, doi: https://doi.org/10.28925/2663-4023.2020.8.192201.
O. O. Ushkarenko, “Method of Analysis of Data Conversion Processes in Computing Nodes of Digital Control Systems”, Scien. Notes of V.I. Vernadsky Taurida National University, series: Technical Sciences, vol. 32 (71), no. 4, pp. 162-168, 2021, doi: https://doi.org/10.32838/26635941/2021.4/25.
O. I. Skitsko, and R. O. Shirshov, “Information security management system as a tool for enhancing the protection and efficiency of critical infrastructure objects”, Inter. Scien. Journ. of Engin. & Agricul., vol. 2, no. 6, 2023, pp. 12-22, doi: https://doi.org/10.46299/j.isjea.20230206.02.
I. І. Samborskyі, Іе. І. Samborskyі, V. D. Hol, Y. V. Peleshok, and S. M. Sholokhov, “Synthesis of the model of management of complex dynamic objects taking into account the events of their security”, Information Technology and Security, vol. 1 iss. 22, рр. 4-16, 2024, doi: https://doi.org/10.20535/2411-1031.2024.12.1.
S. M. Sholokhov, P. M. Pavlenko, B. A. Nikolaienko, I. I. Samborsky, and E. I. Samborsky, “The method of optimizing the distribution of radio suppression means and destructive software influence on computer networks”, Radio Electronics, Computer Science, Control, no. 4 (67), рр. 16-29, 2024, doi: https://doi.org/10.15588/1607-3274-2023-4-2.
O. M. Krychevets, “Application of elements of the theory of finite state machines for the study of dynamic properties of computational components of measuring systems”, Measuring Engineering and Metrology, no. 77, 2016, pp. 121-126.
D. I. Rabchun, “Logical-dynamic model of the process of managing protection resources in the conditions of information confrontation”, Modern Information Protection, no. 3, 2016, pp. 62-67. [Online]. Available: https://journals.dut.edu.ua/index.php/dataprotect/article/view/707/654. Accessed on: Jan. 19, 2025.
K. D. Zhuk, “The Question of the Axiomatic Approach to the Construction of the Theory of Logical-Dynamic Control Systems”, Automation, no. 3-6, 1971, pp. 62-74.
M. V. Grayvoronsky, and O. M. Novikov, Security of Information and Communication Systems: Textbook. Kyiv, Ukraine: BHV Publishing Group, 2009.
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2025 Collection "Information Technology and Security"

This work is licensed under a Creative Commons Attribution 4.0 International License.
The authors that are published in this collection, agree to the following terms:
- The authors reserve the right to authorship of their work and pass the collection right of first publication this work is licensed under the Creative Commons Attribution License, which allows others to freely distribute the published work with the obligatory reference to the authors of the original work and the first publication of the work in this collection.
- The authors have the right to conclude an agreement on exclusive distribution of the work in the form in which it was published this anthology (for example, to place the work in a digital repository institution or to publish in the structure of the monograph), provided that references to the first publication of the work in this collection.
- Policy of the journal allows and encourages the placement of authors on the Internet (for example, in storage facilities or on personal web sites) the manuscript of the work, prior to the submission of the manuscript to the editor, and during its editorial processing, as it contributes to productive scientific discussion and positive effect on the efficiency and dynamics of citations of published work (see The Effect of Open Access).