Method for calculating the computer information protection index under conditions of uncertainty

Authors

DOI:

https://doi.org/10.20535/2411-1031.2025.13.1.328898

Keywords:

information security indicator, computer, fuzzy sets, tuple, modeling, risks, aggregation, membership function

Abstract

The most striking property of human intelligence is the ability to make correct decisions under conditions of incomplete and uncertain information. Building models that replicate human thinking and applying them in computer systems is currently one of the most critical challenges in science. One of the key tasks in analyzing and managing information security in modern computers is the justified selection of the optimal set of system elements and determining their parameters in such a way as to ensure maximum functional efficiency under complex conditions of uncertainty. This task becomes particularly relevant due to the increasing complexity of computers and constantly changing operating conditions and potential security threats. A proper choice of information security system elements and their parameters allows for creating a flexible, adaptive, and reliable system capable of effectively countering risks, even in cases where complete information about the threats is unavailable. Therefore, determining the composition of elements and their parameters is one of the fundamental stages of ensuring information security, requiring the application of modern methods of analysis, modeling, and evaluation. This paper investigates the security system of a computer and its components under conditions of uncertainty. To achieve this, a tuple of fuzzy sets comprising computer components was constructed, modeled, and analyzed. Risk levels and computer security levels were calculated, along with the aggregation of results and membership functions. Trapezoidal and triangular methods were applied to calculate parameters. The calculations are illustrated with graphical material. The approach implemented in this study enables the visualization of an expert's confidence in the membership of values to the selected acceptable indicator of computer information security and represents this confidence through graphs and corresponding calculations. The proposed method for calculating the security indicator includes procedures for determining this indicator using triangular and trapezoidal metrics, reflecting the impact of computer components. The developed method can be effectively used for solving tasks related to assessing the information security indicator of a computer, as well as for further improving methods of information security analysis.

Author Biographies

Vadym Akhramovych, National academy of statistics, accounting and auditing, Kyiv

head of the computing center

Volodymyr Akhramovych, State University of Information and Communication Technologies, Kyiv

doctor of technical sciences, professor, professor at the academic department of information and cyber defense systems

References

V. M. Akhramovych, I. H. Batrak, V. P. Kolida, and K. V. Shvorak, “Indicator of information security for an individual computer”, Telecommunications and Information Technologies, no. 4 (73), pp. 62-77, 2021, doi: https://doi.org/10.31673/2412-4338.2021.046277.

А. Korchenko et al., “Development of a method for constructing linguistic standards for multicriteria assessment of honeypot efficiency”, Eastern European Journal of Enterprise Technologies, vol. 111, iss. 3 (9), pp. 63-83, 2021, doi: https://doi.org/10.15587/17294061.2021.225346.

S. P. Yevseiev, O. V. Shmatko, and N. V. Romashchenko, “Algorithm for assessing the degree of information security risk based on the fuzzy set approach”, Modern Information Systems, vol. 3, no. 2, pp. 73-79, 2019.

O. V. Kochetkov, T. O. Gaur, V. M. Mashin, “Enterprise information security risk assessment system based on fuzzy logic”, Proceedings of the O.S. Popov ОNAT, no. 1, pp. 97-104, 2019, doi: https://doi.org/10.33243/2518-7139-2019-1-1-97-104.

A. O. Korchenko, Methods for identifying anomalous states for intrusion detection systems, Monograph. Kyiv, Ukraine: CP “Komprint”, 2019.

Y. N. Imamverdiyev, and S. A. Derakshande, “Fuzzy Owa Model for Information Security Risk Management”, Automatic Control and Computer Sciences, vol. 45, no. 1, pp. 20-28. 2021. [Online]. Available: https://www.researchgate.net/publication/265520240_Fuzzy_Owa_Model_for_Information_Security_Risk_Management_YN_Imamverdiyev_SA_Derakshande_Automatic_Control_and_Computer_Sciences_45_1_20-28. Accessed on: Jan. 04, 2025.

M. Bagheri, A. Ebrahimnejad, S. Razavyan, F. Hosseinzadeh, and N. Malekmohammadi, “Solving fuzzy multi-objective shortest path problem based on data envelopment analysis approach”, Complex & Intelligent Systems, vol. 7, рр. 725-740, 2021, doi: https://doi.org/10.1007/s40747-020-00234-4.

V. N Sastry, T. N Janakiraman, and S. I. Mohideen, “New algorithms for multi objective shortest path problem”, Opsearch, vol. 40 (4), pp. 278-298, 2003. [Online]. Available: https://link.springer.com/article/10.1007/bf03398701. Accessed on: Jan. 04, 2025.

M. Mynuddin, M.I. Hossain, S.U. Khan, M.A. Islam, D.M.A. Ahad, and M.S. Tanvir, “Cyber Security System Using Fuzzy Logic”, Int. Conf. on Electrical, Computer, Communications and Mechatronics Engineering (ICECCME 2023), Tenerife, Spain, 2023, pp. 1-6 doi: https://doi.org/10.1109/ICECCME57830.2023.10252778.

E. Pricop, and S.F. Mihalache, “Fuzzy approach on modelling cyber attacks patterns on data transfer in industrial control systems”, in Proc. 7th Int. Conf. Elect., Comp. and AI (ECAI 2019), Bucharest, România, 2015, рр. 1-6. [Online]. Available: https://arxiv.org/pdf/1912.00234. Accessed on: Jan. 09, 2025.

S.D. Milić, “Fuzzy-Decision Algorithms for Cyber Security Analysis of Advanced SCADA and Remote Monitoring Systems. Chapter 7” in Cyber Security of Industrial Control Systems in the Future Internet Environment, M.D. Stojanović and S.V.Boštjančič Rakas, Eds. IGI Global Scientific Publishing Platform, doi: https://doi.org/10.4018/978-1-7998-2910-2.ch007.

Downloads

Published

2025-05-20

How to Cite

Akhramovych, V., & Akhramovych, V. (2025). Method for calculating the computer information protection index under conditions of uncertainty. Collection "Information Technology and Security", 13(1), 55–68. https://doi.org/10.20535/2411-1031.2025.13.1.328898

Issue

Vol. 13 No. 1 (2025)

Section

NETWORK AND APPLICATION SECURITY

License

Copyright (c) 2025 Collection "Information Technology and Security"

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

The authors that are published in this collection, agree to the following terms:

  1. The authors reserve the right to authorship of their work and pass the collection right of first publication this work is licensed under the Creative Commons Attribution License, which allows others to freely distribute the published work with the obligatory reference to the authors of the original work and the first publication of the work in this collection.
     
  2. The authors have the right to conclude an agreement on exclusive distribution of the work in the form in which it was published this anthology (for example, to place the work in a digital repository institution or to publish in the structure of the monograph), provided that references to the first publication of the work in this collection.
     
  3. Policy of the journal allows and encourages the placement of authors on the Internet (for example, in storage facilities or on personal web sites) the manuscript of the work, prior to the submission of the manuscript to the editor, and during its editorial processing, as it contributes to productive scientific discussion and positive effect on the efficiency and dynamics of citations of published work (see The Effect of Open Access).