Management of information and security events of computer systems using logical-dynamic models

Authors

DOI:

https://doi.org/10.20535/2411-1031.2025.13.1.328764

Keywords:

management, information, event, security, logical-dynamic model, protection, computer system, information infrastructure

Abstract

The article discusses one of the possible approaches to the organization of information management and security events of computer systems. The analysis of the known research results shows that the existing information and security event management systems are characterized by a number of functional limitations that prevent the achievement of a given level of management quality. These limitations are associated with the impossibility of optimal interpretation of security events and ensuring the full adaptive management of these incidents, taking into account real changes in the behavior of threats. Therefore, the purpose of the article is to offer an effective approach to the synthesis of algorithmic and software for information and security event management systems, the implementation of which will expand their capabilities by forming, depending on the dynamics of threats, automatic scenarios for responding to incidents. To achieve this goal, the fundamental provisions of the theory of logical-dynamic systems are used in modeling the processes of organization of information management and security events of computer systems. Based on this theory, a logical-dynamic model of information and security event management has been proposed, which has differences from existing models (for example, Petri Nets, Markov Chains, Bayesian Networks). The use of this model makes it possible to formalize the collection, processing and analysis of information about incidents, as well as to develop algorithms for their compensation. It is noted that the use of logical-dynamic models allows taking into account the complexity and dynamism of processes in computer systems, as well as the incompleteness of information about security events. An algorithm is presented that synergizes information about various incidents of computer systems and their processing in arrays of security events in order to further respond to these destructive events. The proposed algorithm has a number of advantages, including adaptability and flexibility. The practical significance of the work lies in the possibility of implementing the obtained research results to improve the existing and develop promising systems for protecting computer systems, which are part of the structure of critical information infrastructure facilities. The novelty of the proposed approach lies in the combination of traditional signature and behavioral methods of threat identification with their logical-dynamic analysis. This allows you to increase the accuracy and efficiency of detecting dangerous anomalies in computer systems.

Author Biographies

Petro Pavlenko, National University “Kyiv Aviation Institute”, Kyiv

doctor of technical sciences, professor, professor of the department of air transportation organization

Іеvgen Samborskyі, National University “Kyiv Aviation Institute”, Kyiv

postgraduate student, department of air transportation organization

References

P. M. Hrytsyuk, O. I. Joshi, and O. M. Gladka, Fundamentals of System and Management Theory: Textbook. Rivne, Ukraine: NUWMNR Publ., 2021.

V. I. Yashchuk, “Design of Automated Information Systems for Managing Cybernetic Security of Critical Infrastructure Facilities of Ukraine”, in Proc. Scien. and Prac. Conf. Actual Problems of Information Security Management of the State, Kyiv, 2021, pp. 233-235.

A. M. Grebenyuk, and L.V. Rybalchenko, Fundamentals of Information Security Management: Textbook. Dnipro, Ukraine: DSUIA Publ., 2020.

I. P. Khavina, Y. V. Gnusov, and O. O. Mozhaev, “Development of a Multi-Agent Information Security Management System”, Law and Security, no. 4 (87), pp. 171-183, 2022, doi: https://doi.org/10.32631/pb.2022.4.14.

V. V. Mokhor, and V. V. Tsurkan, “Computer Model for the Development of Information Security Management Systems”, Information Technologies and Security, vol. 9 (1), pp. 80-90, 2021, doi: https://doi.org/10.20535/2411-1031.2021.9.1.249814.

V. V. Tsurkan, “Method of Synthesis of the Structure of the Information Security Management System”, Ukrainian Scientific Journal of Information Security, vol. 26, iss. 2, pp. 116-122, 2020, doi: https://doi.org/10.18372/2225-5036.26.14926.

V. V. Tsurkan, and O. M. Shapoval, “Analysis of Methods for Assessing Computer Network Security Risks”, Information Technologies and Security, vol. 10 (2), pp. 204-215, 2022, doi: https://doi.org/10.20535/2411-1031.2022.10.2.270437.

V. V. Mokhor, and V. V. Tsurkan, “Methodology for Building Information Security Management Systems”, Information Protection, vol. 23, no. 4, pp. 200-212, 2021, doi: https://doi.org/10.18372/2410-7840.23.16766.

V. V. Tsurkan, “Method of Functional Analysis of Information Security Management Systems”, El. Prof. Scien. Ed. Cybersecurity: Education, Science, Technology, no. 4 (8), pp. 192-201, 2020, doi: https://doi.org/10.28925/2663-4023.2020.8.192201.

O. O. Ushkarenko, “Method of Analysis of Data Conversion Processes in Computing Nodes of Digital Control Systems”, Scien. Notes of V.I. Vernadsky Taurida National University, series: Technical Sciences, vol. 32 (71), no. 4, pp. 162-168, 2021, doi: https://doi.org/10.32838/26635941/2021.4/25.

O. I. Skitsko, and R. O. Shirshov, “Information security management system as a tool for enhancing the protection and efficiency of critical infrastructure objects”, Inter. Scien. Journ. of Engin. & Agricul., vol. 2, no. 6, 2023, pp. 12-22, doi: https://doi.org/10.46299/j.isjea.20230206.02.

I. І. Samborskyі, Іе. І. Samborskyі, V. D. Hol, Y. V. Peleshok, and S. M. Sholokhov, “Synthesis of the model of management of complex dynamic objects taking into account the events of their security”, Information Technology and Security, vol. 1 iss. 22, рр. 4-16, 2024, doi: https://doi.org/10.20535/2411-1031.2024.12.1.

S. M. Sholokhov, P. M. Pavlenko, B. A. Nikolaienko, I. I. Samborsky, and E. I. Samborsky, “The method of optimizing the distribution of radio suppression means and destructive software influence on computer networks”, Radio Electronics, Computer Science, Control, no. 4 (67), рр. 16-29, 2024, doi: https://doi.org/10.15588/1607-3274-2023-4-2.

O. M. Krychevets, “Application of elements of the theory of finite state machines for the study of dynamic properties of computational components of measuring systems”, Measuring Engineering and Metrology, no. 77, 2016, pp. 121-126.

D. I. Rabchun, “Logical-dynamic model of the process of managing protection resources in the conditions of information confrontation”, Modern Information Protection, no. 3, 2016, pp. 62-67. [Online]. Available: https://journals.dut.edu.ua/index.php/dataprotect/article/view/707/654. Accessed on: Jan. 19, 2025.

K. D. Zhuk, “The Question of the Axiomatic Approach to the Construction of the Theory of Logical-Dynamic Control Systems”, Automation, no. 3-6, 1971, pp. 62-74.

M. V. Grayvoronsky, and O. M. Novikov, Security of Information and Communication Systems: Textbook. Kyiv, Ukraine: BHV Publishing Group, 2009.

Published

2025-05-20

How to Cite

Pavlenko, P., & Samborskyі І. (2025). Management of information and security events of computer systems using logical-dynamic models. Collection "Information Technology and Security", 13(1), 43–54. https://doi.org/10.20535/2411-1031.2025.13.1.328764

Issue

Section

NETWORK AND APPLICATION SECURITY