International Journal of Civil Engineering and Technology (IJCIET)
Volume 10, Issue 04, April 2019, pp. 280-291, Article ID: IJCIET_10_04_030
Available online at http://www.iaeme.com/ijciet/issues.asp?JType=IJCIET&VType=10&IType=04
ISSN Print: 0976-6308 and ISSN Online: 0976-6316
© IAEME Publication
Scopus Indexed
OPTIMIZATION OF DECISION-MAKING ON
FINANCING OF MEANS OF CYBER SECURITY IN
THE CONDITIONS OF THE FISSILE
COUNTERACTION TO THE ATTACKING PARTY
B. Akhmetov
Associate professor Yessenov University, Kazakhstan, Aktau
V. Lakhno
Professor Yessenov University, Kazakhstan, Aktau
L. Kydyralina
Doctoral Candidate, Kazakh National Pedagogical University named after Abay, Almaty,
Kazakhstan
V. Malyukov
Professor Department of Computer systems and networks, National University of Life and
Environmental Sciences of Ukraine, Kyiv, Ukraine
T. Kartbayev
Head of the Department of IT-engineering Almaty University of Power Engineering and
Telecommunications, Kazakhstan
B.Tussupova
Associate professor of the Department of IT-engineering Almaty University of Power
Engineering and Telecommunications, Kazakhstan
A.Doszhanova
Associate professor of the Department of IT-engineering, Almaty University of Power
Engineering and Telecommunications
ABSTRACT
The article is devoted to the current problem of acceptance of an optimal solution
on financing of means of cyber security in the conditions of the fissile counteraction to
the burglars of informatization objects. The model is developed for the decision support
system of financing process in the means of cyber security for informatization object.
http://www.iaeme.com/IJCIET/index.asp
280
editor@iaeme.com
B. Akhmetov, V. Lakhno, L. Kydyralina, V. Malyukov, T. Kartbayev, B. Tussupova and A.
Doszhanova
The model is based on use of tools of a game theory. The received decision gives the
chance to estimate efficiently the risks in processes of financing of means of cyber
security of informatization objects. The model differs from the existing approaches by
the decision of a bilinear multistep quality game with several terminal surfaces. There
was found a solution of a bilinear multistep quality game with the dependent
movements. On the basis of the decision of a single-step game received by application
of a method of the dominance developed for the infinite antagonistic games there were
made conclusion about the risks for players. Results of a computing experiment within
the program realization of decision support system in the sphere of financing of means
of cyber security of an informatization object are described. At the same time any ratios
of the parameters describing financing process are considered, despite the attacking
party (hackers) financial actions.
Key words: multistep quality game, cyber security, optimal strategy of investment,
risks of financing, decision support system
Cite this Article: B. Akhmetov, V. Lakhno, L. Kydyralina, V. Malyukov, T.
Kartbayev, B. Tussupova and A. Doszhanova, Optimization of Decision-Making on
Financing of Means of Cyber Security in the Conditions of the Fissile Counteraction to
the Attacking Party, International Journal of Civil Engineering and Technology, 10(04),
2019,pp. 280-291
http://www.iaeme.com/IJCIET/issues.asp?JType=IJCIET&VType=10&IType=04
1. INTRODUCTION
In the conditions of growth of quantity and complexity of the destructive impacts from
intruders (hackers) on various computerized systems (for example, information systems – IS)
of different objects of informatization [1] is one of the major tasks facing services of operation
the problem of ensuring their cyber protection. It demands the corresponding financial
investment. In turn the decision making on financing of systems and resources of cyber security
(RCS) of objects of informatization (OBI) has to be based on the procedures allowing to carry
out financing taking into account all factors inherent to the providing the problems of
information security. It is possible if the decision support system (DSS) allowing to make
rational decisions on an investment of financial means on development of tools of protection
of OBI or IS are developed and introduced. Core of the modern DSS in problems of cyber
security [2, 3] are various mathematical models and algorithms giving the chance to experts to
intellectualize decisions support.
The model for DSS according to the discrete procedure of financing of CS of OBI is
considered. The model is based on the decision of a bilinear multistep quality game with two
terminal surfaces.
2. FORMULATION OF THE PROBLEM
There are two players – the protector of OBI (for example, IS) and the intruder (hacker).
Respectively players 1 and 2. The simulated players operate dynamic system which is set by
the system of the bilinear discrete equations with the dependent movements. Sets of strategy
of players U, V are respectively defined. Two M 0 , N 0 terminal surfaces are set. The aim of 1
player (hereinafter – protector) to move a dynamic system by means of the control strategy on
a terminal surface M 0 , despite how financially the player 2 (then – hacker) acted. The purpose
of the hacker is to move a dynamic system by means of the control strategy on a terminal
http://www.iaeme.com/IJCIET/index.asp
281
editor@iaeme.com
Optimization of Decision-Making on Financing of Means of Cyber Security in the Conditions of
the Fissile Counteraction to the Attacking Party
surface N 0 , despite how financially the protector acted. The decision consists in finding of a
set of initial states of objects and their strategy which allow objects to move system on that, or
other surface [4]. By consideration of restriction for interaction time with one step we will
receive the decision of a single-step game in a class of the mixed strategy. The solution is found
by means of dominance methods for the infinite multistep games [5]. As a result of comparison
of decisions of two games – multistep and single-step is come into coincidence of sets of initial
states of financial resources with the following property. Property: the set of preference of the
player proceeding from which he achieves the objectives for steps coincides with a set of
reference states of financial resources from which he achieves the objectives for one step at
application of optimal mixed strategy at optimal counteraction to it by other player in a class
of the mixed strategy with probability 1 . It means that time restriction "is compensated" by
T
expansion of a class of the used strategy, namely, instead of pure strategy it is necessary to use
the mixed strategy. Let's note that sets of reference states from which the player achieves the
objectives for one step with probability 1 are sets of preference for the player for T of steps.
T
That is the probability 1
T
means that from such states the player can achieve the objectives
with probability 1 for T of steps. Besides, sets of reference states from which the player
achieves the objectives for one step with probability 1 are sets of risk for players. The
T
probability 1
T
means risk of achievement of the goal by one player and, on the other hand,
for other player – risk not to achieve the goal by other player. On the language of "finance" it
is interpreted as risk of loss of financial resources by players 1 and 2 (the protector and the
hacker.
3. REVIEW OF LITERATURE
Assessment of effectiveness of financing of RCS of OBI is one of the most important in the
sphere of digitalization of economy. Rather large number of researches is devoted to this
subject [6, 7]. A lack of many works is the lack of actual recommendations about development
of strategy of financing of RCS of OBI. The works devoted to application various expert [8, 9]
and the decision support systems [10-12] making the choice of strategy of financing of RCS
became the self-contained direction of researches. This circumstance causes need of
development of new models for DSS which would give the chance, in particular, to estimate
risk of loss of financial resources at financing RCS. Such option is possible if the party of
protection inaccurately chose incompatible or unefficient RCS. The solution of similar tasks is
possible, in particular, for the account application of methods of the theory of differential and
multistep quality games with several terminal surfaces [15, 16]. For such differential and
multistep games the approaches explained in works [4, 5] are not used as within the scheme of
positional differential and multistep games which the player opponent can apply not any
managements, for example, no measurable functions, and, at least, measurable functions.
As the analysis of the last researches in this area showed, a relevant problem is the further
development of models for DSS in problems of financing of various RCS, and first of all,
objects of critical informational infrastructure.
4. MODELS AND METHODS
Both players need financial resources for the decision of the task. For example, hacker may
buy some special software for hacking or bribe stuff. We suppose, that for the given period of
http://www.iaeme.com/IJCIET/index.asp
282
editor@iaeme.com
B. Akhmetov, V. Lakhno, L. Kydyralina, V. Malyukov, T. Kartbayev, B. Tussupova and A.
Doszhanova
time 1,...,T  (Т–natural number) the 1 player have x 0  financial resources and the 2player have
– y 0  . These resources define expected, in an instant, value of financial resources which are
possessed by players on achievement of the purposes. At initial time point t a protector
multiplies value x 0  by the coefficient (rate of change, rising)  t  and sets value u t 
u t   0,1, which define protectors’ resource percentage  t   xt  , allocated by 1 player, at
time point t . Similarly, at time point t , 2 player multiplies value y t  by the coefficient (rate of
change, rising)  t  and sets value vt  vt   0,1, which define hacker’s resource percentage
 t   yt  , allocated by him to hacking OBI at time point t . r1 is efficiency of investments of
financial resources to RCS. I.e. this is a coefficient, which shows, how many financial resources
are needed to the hacker, to hack OBI, the secure of which spent a unit of protectors’ financial
resource. r2 is efficiency of investments of financial resources to the software which hacks OBI.
I.e. this is a coefficient, which shows, how many financial resources needed defender to secure
OBI, to hacking of which spent a unit of hacker’s financial resource. Then the dynamics of
changes in financial resources of the first and second players is defined by the following
systems of discrete equations:
xt  1   t   xt   ut    t   xt   r2  vt    t   yt ;
(1)
yt  1   t   yt   vt    t   yt   r1  ut    t   xt .
(2)
Then at time point it is possible implementation of one of four conditions:
1) xt   0, y t   0; 2) xt   0, y t   0;
3) xt   0, y t   0; 4) xt   0, y t   0.
If the first condition is satisfied, then we will say that the procedure of financing of RCS is
complete and the attacker of OBI didn't have enough financial resources to hack security.
If the second condition is satisfied, then we will say that the procedure of financing of RCS
is complete and the defender of OBI didn't have enough financial resources for his protection.
If the third condition is satisfied, then we will say that the procedure of financing of RCS
is complete both at the defender of OBI and the attacker didn't have enough financial resources
for achievement of the purposes. If the fourth condition is satisfied, then the procedure of
financing of RCS continues further.
Values xT , yT  show result of financing of RCS OBI on a planned interval 0, T .
The given process of financing of RCS will be considered within the scheme of a multistep
game with full information [4, 5].Within this scheme, this process creates two tasks. The first
task is from the point of view of the first player-ally. The second task is from the point of view
of the second player-ally [4, 5]. Because of symmetry, we confine ourselves to the task from
the point of view of the first ally player. The second problem is solved similarly.
We denote by T * multiplicity 0,1,...,T .
Definition. Strategy of the first player ally is function u : T  0,1  0,1  0,1 , which puts
the state of information t , x, y  value u t , x, y  : 0  u t , x, y   1.
*
Thus, the strategy of the first ally player is a function (rule), which puts the state of
information at the time t value u t , x, y  . This value determines the share of the financial
resource of the defense party, which she planned to spend on RCS at the time point t .
http://www.iaeme.com/IJCIET/index.asp
283
editor@iaeme.com
Optimization of Decision-Making on Financing of Means of Cyber Security in the Conditions of
the Fissile Counteraction to the Attacking Party
Concerning notice of the player opponent (within the scheme of a positional multistage game)
no assumptions become. It is equivalent to assumption that the player opponent chooses the
operating influence on the basis of any information.Having defined strategy in a task 1, we will
define a set of "preference" of the first player. Also, W1 – is a set of such reference states
x0, y0 financial resources of the party of protection and the hacker which have below the
formulated property. Property: for reference states W1 there is a strategy of the defender OBI,
which, for any realization of strategy of the hacker, "brings", into one of instants t , condition
of system x0, y0 in it at which the condition will be satisfied (1). At the same time, the
second player has no strategy which can "lead" to realization of conditions (2) or (3), in one of
the previous instants. We will call the strategy (a financial component) of the defender having
the specified property optimum. The solution of a task 1 consists in finding of a set of
preference of the first player and his optimum strategy. The task from the point of view of the
second player ally is similarly set. Owing to symmetry of statement of tasks, it is enough to be
limited to the solution of a task 1 as the solution of a task 2 is found in the same way. The
solution of 1 task is found by tools of the theory of multistage plays of quality with the complete
information [4, 5, 16, 17]. These tools allow to find the solution at any ratios of parameters of
a game.
The decision, i.e. sets of "preference" W1 and optimum strategy u* .,. is provided in article
at all ratios of parameters of a game.
Case а)    .
x0, y0: k i  1    y0  
i 
W 
, i  1,..
1  r    x0  k i  2    y0
 1


 



2
u*  u* 0, x, y ,...,u* i  1, x, y  , u* t , x, y   1  r2    y /   x  , at  x, y   R ,
  x  r2    y, not defined – otherwise; t  0,1,..., i  1.
There



k i   1  r1  r2  r1     /   k i  1; k 1  0, k 0  1  r1  r2 ; W1   W1i .
i 1
0.5


 1  r  r 2   


 / 2    y0
Beam r1  2  x0   1  r1  r2   1 2

 4  r  r  /   


 1 2
 


will be a barrier [4-5]. Barrier – case when from states
x0, y0 : r1    x0 
0.5


 1  r  r 2   



1 2







 1  r1  r2  
/
2



y
0



 4  r1  r2 
 


  




the first player cannot achieve the objectives in some instant.
Case b)    , r1  r2  1.
http://www.iaeme.com/IJCIET/index.asp
284
editor@iaeme.com
B. Akhmetov, V. Lakhno, L. Kydyralina, V. Malyukov, T. Kartbayev, B. Tussupova and A.
Doszhanova
In this case set of preference of the first player W1 will be join of a finite number of sets W1i
, exactly  N  2 sets,
where N : k i   r1  r2 


, i  0,..., N  1; k N   r1  r2 


,
i  x0 , y 0  : k i  1    y 0   
W1  
, i  1,..., N  1
  r1    x0  k i  2    y0
 x0, y0 : r1  r2    y0  
N 2 
W1
 
.
  r1    x0  k N     y0
Optimal strategy u*  u* 0, x, y ,..., u* N  1, x, y  is defined as:
2
u* 0, x, y   0, at x, y   R ,   x  r2    y , not defined – otherwise},
u* t , x, y   1  r2    y  /   x , at x, y   R ,   x  r2    y, not defined – otherwise;
t  1,..., N  1}.
2
Case c)    , r1  r2  1.
In this case set of preference of the first player W1 also will be join of a finite number of


sets W1i . Exactly N  i*  2 sets,
where N : k i  


, i  0,..., N  1; k N  

; i  the minimum integral nonnegative number
 *
determined by inequality k N    /   *  r1  r2 .
i 1
Then
 x0, y0 : k i  1    y0  
i 
W1  
, i  1,..., N  1
  r1    x0  k i  2    y0
If i*  0, then
 x0, y0 : r1  r2    y0  
i  1,..., N  1; W1N  2  
.
 r1    x0  k N     y0
Record of optimum strategy in this case just the same, as well as in a case b).
If i*  0, then
i  x0 , y 0  : k i  1    y 0   
W1  
,
  r1    x0  k i  2    y0
N 1 j
W1
j




 x0 , y 0  : k N        y 0   

 

 
,
j 1



  r1    x0   k N         y 0 
 


i  1,..., i* ;
http://www.iaeme.com/IJCIET/index.asp
285
editor@iaeme.com
Optimization of Decision-Making on Financing of Means of Cyber Security in the Conditions of
the Fissile Counteraction to the Attacking Party
N 1 i*
W1

x0 , y0  : r1  r2    y0  



i*

.

 






 r1    x 0  k N       y 0 
 


Optimal strategy
u*  u* 0, x, y ,..., u* N  1  i* , x, y  in this case is defined as follows:
u* i, x, y   0, at x, y   R ,   x  r2    y,
2
not defined – otherwise; i  0,..., i* ,
u* i , x, y  
1  r2    y /   x , at x, y   R2 ,   x  r2    y,
i  i*  1
not defined – otherwise; t  1,..., N  1.
In the same way, the task 2 from the point of view of the second player ally is solved. It
allows to present a positive orthant to the planes x0, y0 in the form of three sets (cones with
top in a point 0,0  ). One set (cone) adjoining an axis 0 X , is a set preferable to the defender.
The second set (cone) is a set preferable to the hacker. The third set (cone) is a set neutral, from
the point of view of both players. Actually this set characterizes property of balance for the
players occupied with financing of protection and breaking. That is players, for the states
belonging to this set have strategy allowing players to continue somehow long financings RCS
and hacking OBI. That is conditions will be satisfied xt   0, yt   0 for any instant t . Let's note
that the beams which are borders of cones are set by means of coefficients, representing a
combination of the parameters setting dynamics of the budgetary process on RCS and hacking.
Therefore, if initial sizes are set x0, y0 financial resources of the parties of protection OBI
and hacking, that can be varied, for example, these parameters. In particular, to demand that
the parameters setting dynamics of change of financial resources were that that, a point
x0, y0 was in area of balance. Or, on a balance beam if the cone dividing two sets of
preference is a beam. If, some parameters defining dynamics of change of financial resources
are recorded, then it is possible to demand that values x0, y0 and a part of unstable
parameters were that that a point x0, y0 got to the area of balance. It, in turn, can influence
both process of financing, and recommendations at the choice of strategy of financing RCS
OBI. If it is impossible to change anything, then the above-stated decision of a game in a task
1, or the decision of a game in a task 2, will point out possible result of carrying out financing
RCS and hacking, within assumptions at which tasks 1 and 2 were considered.
In case of restriction for time of "interaction" of the defender and the hacker, for example
one step, a multistage game is transformed to the infinite antagonistic game on a simple square
with a payoff function K :
1, at xt   0, yt   0;

K  x, y    1, at xt   0, y t   0;
0, in other cases.

The solution of such game is found by means of the methods of dominance developed in
[4]. In a class of clear strategy such game has no decision. The decision exists in a class of the
mixed strategy. In [4] the algorithm of finding of optimum mixed strategy is developed.
http://www.iaeme.com/IJCIET/index.asp
286
editor@iaeme.com
B. Akhmetov, V. Lakhno, L. Kydyralina, V. Malyukov, T. Kartbayev, B. Tussupova and A.
Doszhanova
Optimum mixed strategy represent probability measures, the concentrated in a finite number
of points, and probabilities of realization of each such point identical. For example, for
conditions of the players who are in a set in which the probability of achievement of the goal
is equal 1 / N , the optimum strategy of the player represents a probability measure. According
to this measure, are available points from a simple segment, the probability of realization of
each of which is equal 1 / N . At the decision of such antagonistic game there are sets having
property: for the financial resources belonging to such sets there are optimum mixed strategy
of players at which application achieves the objectives. For example, the first player with
probability 1/N, at application of optimum mixed strategy by it. It turns out that such sets
coincide with sets of financial resources from which in a multistage game, for example the first
player, achieves the objectives exactly for N steps. Thus, one may say, use of tools of a game
theory gives the chance to efficiently solve problems of estimation of risk in processes of
financing of means of cyber security of objects of informatization.
5. RESULTS OF COMPUTING EXPERIMENTS
The computing experiment was made in the environment of Mathcad. The model was also
realized in the program module for the system of support of a decision making [3, 16]. Three
test computing experiments, see fig. 1-3 are executed.
During the experiment situations when two players operate dynamic system were
considered. The purpose of an experiment to define sets of strategy of players – the defender
and the hacker and, respectively, to simulate scratches of loss of financial resources of players.
Cases when the strategy of players bring them to the corresponding terminal surfaces are
considered M 0 , N 0 . During the experiment there are sets of reference states of objects and their
strategy which allow objects to give system on that, or other terminal surface. On the plane an
axis X – financial resources of the defender. Axis Y – financial resources of the hacker. Area
under a beam – area of "preference" of the defender. Area over a beam – area of "preference"
of the hacker. The beam of balance is shown by a solid line with round markers. Values of
points are received during the experiment. The trajectory of movements of players is shown by
a dashed line with triangular markers. Trajectories are in area of preference of players.
The received results show effectiveness of the offered approach. During testing of model
the correctness of the received results is established.
Approbation «SSDMI» it is executed also for actual investment projects in the sphere of
cyber security of various objects of informatization of Ukraine and Kazakhstan [3, 16, 17].
Figure 1. Results of a computing experiment. A path of motion of the first player (defender of an
information system)
http://www.iaeme.com/IJCIET/index.asp
287
editor@iaeme.com
Optimization of Decision-Making on Financing of Means of Cyber Security in the Conditions of
the Fissile Counteraction to the Attacking Party
Figure 2. Results of a computing experiment 2. A path of motion of the second player (the hacker
attacking object of informatization)
Figure 3. Results of a computing experiment 3. ("stability" of system)
The figure 1 illustrates a situation when the first player has advantage in the ratio of initial
financial resources, i.e. they are in a set of preference of the first player. In this case the first
player, applying the optimum strategy, will achieve the objectives, namely reduction of a
condition of system on "the" terminal surface. The positive orthant on the plane undertakes.
Further, in this orthant the set of beams, coming from points is considered (0,0). These beams
are set by a ratio: y  1.5  1 / n   x. These beams set sets of preference of the first player for n
of steps.
For example, set W1n this set:
x0, y0 : x0, y0  R2 , 1.5  1 /n  1  x0  y0  1.5  1 / n x0.
For example, at n=1 will be
http://www.iaeme.com/IJCIET/index.asp
288
editor@iaeme.com
B. Akhmetov, V. Lakhno, L. Kydyralina, V. Malyukov, T. Kartbayev, B. Tussupova and A.
Doszhanova


n
2
W1  x0 , y 0  : x0 , y 0   R  , 0  y 0   0.5  x0  .
Beam: y 0   1.5  x0  will be a balance beam. Set W1n are sets of conditions of the players
having property that if a game begins from them, then the first player for one step will achieve
the objectives for one step with probability of 1 / n  at application by players of the optimum
mixed strategy.
The figure 2 shows a situation in which the second player (hacker), using non-optimum
behavior of the defender in an initial instant, tries to obtain that the condition of system on
"the" terminal surface "brings". The positive orthant on the plane is accepted. In this orthant
the set of beams, coming from points is considered (0,0). These beams are set by a ratio:
y  2  1 / n   x. These beams set sets of preference of the second player (hacker) for n of steps.
x0, y0 : x0, y0  R2 ,

n
.
For example, set W1 is set: 










2

1
/
n

1

x
0

2

1
/
n

x
0


2
1 x0 , y 0  : x0 , y 0   R , 
.
At n=1 we have: W1  




0

y
0

3

x
0


Beam y0  2  x0 will be a balance beam. Set W1n are sets of conditions of the players
having property that if a game begins from them, then the first player for one step will achieve
the objectives for one step with probability of 1 / n  at application by players of the optimum
mixed strategy.
The figure 3 corresponds to a case when the reference state of system is on a balance beam.
And players, applying the optimum strategy "move" on this beam. It "satisfies" at the same
time both players. In [3, 16] acceptable accuracy of operation of the SPR program module in
the ratio with results of computing experiments in Mathcad is confirmed. The divergence did
not exceed 6–7%.
Let's notice that the offered model describes process of prediction of results of investment
into RCS for OBI. The revealed lack of model, the fact that the obtained investments into RCS,
given projection at the choice of strategy, not always coincide with actual data is.
During the computing experiments and data of practical approbation [3, 16], it is
established that the offered model within the scheme of a bilinear differential play of quality
for SSDR during management of financing in RCS, allows to describe adequately the
dependent movements by means of bilinear functions. It gives efficient tools for players of
investment process in means of CS. In comparison with the available models, the proposed
solution improves efficiency factors and predictability for the investor on average for 11–15%
[2, 3, 6, 18, 19].
The further prospects of development of this research is transferring of the accumulated
experience to actual investment projects on perfecting of systems of cyber security of various
objects of informatization, in particular information systems of transport in Ukraine and the
Republic of Kazakhstan.
Work is performed within the competition on grant financing on scientific and scientific
and technical projects for 2018-2020 of the Republic of Kazakhstan the registration number
AP05132723 "Development of Adaptive Expert Systems in the field of Cyber Security of
Crucial Objects of Informatization".
http://www.iaeme.com/IJCIET/index.asp
289
editor@iaeme.com
Optimization of Decision-Making on Financing of Means of Cyber Security in the Conditions of
the Fissile Counteraction to the Attacking Party
6. CONCLUSION
In article the following results are received: the model is developed for the system of support
of a decision making in the course of financing in means of cyber security for object of
informatization. The model is based on use of tools of a game theory and gives the chance to
efficiently estimate risks in processes of financing of means of cyber security of objects of
informatization. The novelty motels is that it differs from the existing approaches in the
decision of a bilinear multistage play of quality with several terminal surfaces. The solution of
a bilinear multistage play of quality with the dependent movements is found. On the basis of
the decision of a single-step game received by application of a method of the dominance
developed for the infinite antagonistic games it is concluded scratches for players;
The results of a computing experiment are given. During the experiment various ratios of
the parameters describing financing process were considered, kind of the attacking party
(hackers) financially did not work.
The class of games considered in work, allows to describe adequately process and to find
the optimum investment strategy of cyber defense by the party (any object of informatization)
in means of information protection. The decision assumes accounting of financial components
of strategy of protection at any ratios of the parameters describing financing process. At the
same time the choice of financial strategy by the party which tries to overcome perimeters of
cyber security of a subject to protection does not influence achievement of the goal by the party
defender and also is concluded scratches for players to lose the resources, respectively at the
expense of cyber defense and breaking.
REFERENCES
[1]
[2]
[3]
[4]
[5]
[6]
[7]
[8]
[9]
[10]
[11]
Petrov, O., Borowik, B., Karpinskyy, M., Korchenko, O., and Lakhno, V. Immune and
defensive corporate systems with intellectual identification of threats, Pszczyna : Śląska
Oficyna Drukarska, 2016, 222 p. ISBN: 978-83-62674-68-8.
Goztepe, K. Designing Fuzzy Rule Based Expert System for Cyber Security, International
Journal of Information Security Science, 1, 1, 2012, 13–19.
Lakhno, V. A. Development of a support system for managing the cyber security, Radio
Electronics, Computer Science, Control, 2, 2017, 109–116.
Krass, I. A., and Malyukov, V. P. O sushhestvovanii optimal'nyh smeshannyh strategij dlja
nekotoryh antagonisticheskih igr, Optimizacija 20 (37), Novosibirsk, 1978, 135 – 146.
Malyukov, V. P. A differential game of quality for two groups of objects, Journal of
Applied Mathematics and Mechanics, 55, 5, 1991, 596 – 606.
Manshaei, M. H., Zhu Q., and Alpcan T. et al. Game theory meets network security and
privacy, ACM Computing Surveys, 45, 3, 2013, 1–39.
Ben–Asher, N., and Gonzalez, C. Effects of cyber security knowledge on attack detection,
Computers in Human Behavior, 48, 2015, 51–61.
Grossklags J., Christin N., and Chuang J. Secure or insure?: a game-theoretic analysis of
information security games, 17th international conference on World Wide Web, Beijing,
China, 21 – 25 April 2008 : proceedings. New York, ACM, 2008, 209–218.
Cavusoglu, H., Mishra, B., and Raghunathan, S. A model for evaluating IT security
investments, Communications of the ACM, 47, 7, 2004, 87–92.
Fielder, A., Panaousis, E., and Malacaria, P. et al. Decision support approaches for cyber
security investment, Decision Support Systems, 86, 2016, 13–23.
Meland, P. H., Tondel, I. A., and Solhaug B. Mitigating risk with cyberinsurance, IEEE
Security & Privacy, 13(6), 2015, 38–43.
http://www.iaeme.com/IJCIET/index.asp
290
editor@iaeme.com
B. Akhmetov, V. Lakhno, L. Kydyralina, V. Malyukov, T. Kartbayev, B. Tussupova and A.
Doszhanova
[12]
[13]
[14]
[15]
[16]
[17]
[18]
[19]
Fielder, A., Konig, S., Panaousis, E., Schauer S., and Rass, S. Uncertainty in Cyber Security
Investments. arXiv preprint arXiv:1712.05893. 2017.
Fielder, A., Panaousis, E., and Malacaria, P. et al. Game theory meets information security
management, IFIP International Information Security Conference, Marrakech, Morroco,
2–4 June 2014: proceedings, Berlin, Springer, 2014, 15–29.
Gao, X., Zhong, W., and Mei, S. A game-theoretic analysis of information sharing and
security investment for complementary firms, Journal of the Operational Research Society,
65, 11, 2014, 1682–1691.
Malyukov, V.P. Discrete-approximation method for solving a bilinear differential game,
Cybernetics and Systems Analysis, 29, 6, 1993,879 – 888.
Lakhno, V., Malyukov, V., and Gerasymchuk N. et al. Development of the decision making
support system to control a procedure of financial investment, Eastern-European Journal
of Enterprise Technologies, 6, 3, 2017, 24–41.
Akhmetov, B., Lakhno, V., Boiko, Y., and Mishchenko, A. Designing a decision support
system for the weakly formalized problems in the provision of cybersecurity, EasternEuropean Journal of Enterprise Technologies, 1(2 (85)), 2017, 4-15.
Smeraldi, F., and Malacaria, P. How to spend it: optimal investment for cyber security, 1st
International Workshop on Agents and CyberSecurity, Paris, France, 06–08 May 2014:
proceedings, New York, ACM, 2014, 8.
Tosh, D.K., Molloy, M., and Sengupta, S. et al. Cyber-investment and cyber-information
exchange decision modeling, High Performance Computing and Communications IEEE
7th International Symposium on Cyberspace Safety and Security (CSS), New York, 24–26
August 2015 : proceedings, New York, IEEE, 2015, 1219–1224.
http://www.iaeme.com/IJCIET/index.asp
291
editor@iaeme.com