A multicriterial analysis of the efficiency of conservative information security systems
Journal Title: Восточно-Европейский журнал передовых технологий - Year 2019, Vol 3, Issue 9
Abstract
<p class="AnotEEJ">The paper addresses the task on a multicriterial analysis of the effectiveness of conservative information security systems whose structure and components do not change over a certain period of time. The principal scheme of such systems includes a protected object, vulnerabilities ‒ channels for attacks, threats, and protection tools.</p><p class="AnotEEJ">Based on the assumption about the independence of attacks and protection tools, we have developed a discrete probabilistic model of damage to a protected object. For a random variable of the amount of damage over a fixed period of time, we have derived a representation in the form of a sum of binomially-distributed random variables, dependent on the parameters for attacks and protection. We have described in a similar manner the random variables for economic losses, recovery time, as well as recovery costs, for which mathematical expectations and variances have been obtained in the analytical form. To ensure the high statistical confidence, it has been proposed to determine the risk indicators using a Cantelli’s inequality. On this basis, we have defined performance indicators for a protection system, which characterize the probability of protected object’s safety, residual losses, conditionally saved costs, survivability, and the cost of recovery.</p><p class="AnotEEJ">By using a Pareto optimality theory, we have devised a procedure for multi-criteria analysis and rational design of conservative systems of information protection. Verification has been carried out for the audio information protection systems. A Pareto frontier has been investigated according to the criteria of economic benefit and investment costs for 66 variants of protection. We have examined the influence of protection level on the Cantelli’s measure for conditional savings, as well as the contribution of various types of protection devices to it.</p><p class="AnotEEJ">The research results have confirmed the saturation law by Gordon-Loeb for the case when over-protection does not improve the effectiveness of protection systems.</p>
Authors and Affiliations
Valeriy Dudykevych, Ivan Prokopyshyn, Vasyl Chekurin, Yuriy Lakh, Taras Kret, Yevheniia Ivanchenko, Ihor Ivanchenko
Keywords
Related Articles
- EP ID EP666458
- DOI 10.15587/1729-4061.2019.166349
- Views 87
- Downloads 0
Effect of plasticizers on the qualitative indicators of filmforming coatings for the protection of chilled meat
<p class="a">The result of theoretical research into protection and prolonging the duration of meat and meat products storage has demonstrated that one of the promising directions is the application of protective coating...
Analytical method for compiling and applying a ballast map for the traction unit PE2U
<p>Under practical operation, electric locomotive traction units of series PE2U quite often require, especially in recent decades, various kinds of repair, necessitating the restoration of fleet of these machines that ar...
Material selection for the mesh electrode of electrochromic device based on Ni(OH)2
<p class="1">In this study, we propose changes to the cell design in order to reduce the cost of electrochromic devices. The modification lies in the replacement of the second electrochromic layer along with its conducti...
An integrated website of electronic data interchange and computer-aided process planning in production outsourcing
<p>The assembly industry implements production outsourcing to meet the needs of assembly product components. The outsourcing of assembly product components is based on a relationship model between the contractor and the...
Development of method of multifactor classification of transport and logistic processes
<p class="a">A method of classification of a set of objects and/or processes in transport and logistics systems on the basis of a multifactor analysis was proposed.</p><p class="a">Combination of the methods of statistic...