Published October 31, 2021
| Version v1
Journal article
Open
Development of a method for assessing the security of cyber-physical systems based on the Lotka–Volterra model
Creators
- 1. Simon Kuznets Kharkiv National University of Economics
- 2. Yaroslav Mudryi National Law University
- 3. Ternopil Ivan Puluj National Technical University
- 4. Taras Shevchenko National University of Kyiv
Description
The paper presents the results of the development of a method for assessing the security of cyber-physical systems based on the Lotka–Volterra model. Security models of cyber-physical systems are proposed: “predator–prey” taking into account the computing capabilities and focus of targeted cyberattacks, “predator–prey” taking into account the possible competition of attackers in relation to the “prey”, “predator–prey” taking into account the relationships between “prey species” and “predator species”, “predator–prey” taking into account the relationship between “prey species” and “predator species”. Based on the proposed approach, the coefficients of the Lotka–Volterra model α=0.39, β=0.32, γ=0.29, φ=0.27 were obtained, which take into account the synergy and hybridity of modern threats, funding for the formation and improvement of the protection system, and also allow determining the financial and computing capabilities of the attacker based on the identified threats.
The proposed method for assessing the security of cyber-physical systems is based on the developed threat classifier, allows assessing the current security level and provides recommendations regarding the allocation of limited protection resources based on an expert assessment of known threats. This approach allows offline dynamic simulation, which makes it possible to timely determine attackers' capabilities and form preventive protection measures based on threat analysis. In the simulation, actual bases for assessing real threats and incidents in cyber-physical systems can be used, which allows an expert assessment of their impact on both individual security services and security components (cyber security, information security and security of information).
The presented simulation results do not contradict the graphical results of the classical Lotka–Volterra model, which indicates the adequacy of the proposed approach for assessing the security of cyber-physical systems
Files
Development of a method for assessing the security of cyber-physical systems based on the Lotka–Volterra model.pdf
Files
(862.5 kB)
| Name | Size | Download all |
|---|---|---|
|
md5:91f1d2ab6bb6e684b3503b360035b92c
|
862.5 kB | Preview Download |
Additional details
References
- IoT Security Maturity Model: Description and Intended Use (2018). Available at: https://www.iiconsortium.org/pdf/SMM_Description_and_Intended_Use_2018-04-09.pdf
- IoT Security Maturity Model: Practitioner's Guide (2019). Available at: https://iiconsortium.org/pdf/IoT_SMM_Practitioner_Guide_2019-02-25.pdf
- Global'noe issledovanie tendentsiy informatsionnoy bezopasnosti na 2017. Available at: https://www.pwc.ru/ru/publications/gsiss-2017.html
- Otchet Antifishinga o zaschischennosti sotrudnikov v 2020 godu (2021). Available at: https://antiphish.ru/tpost/88km7s0a01-otchyot-antifishinga-o-zaschischennosti
- Gartner nazvala 10 glavnyh trendov v sfere kiberbezopasnosti v 2021 godu. Available at: https://www.tadviser.ru/index.php/%D0%A1%D1%82%D0%B0%D1%82%D1%8C%D1%8F:%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5_%D1%82%D0%B5%D0%BD%D0%B4%D0%B5%D0%BD%D1%86%D0%B8%D0%B8_%D0%B2_%D0%B7%D0%B0%D1%89%D0%B8%D1%82%D0%B5_%D0%B8%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%B8#.2AGartner_.D0.BD.D0.B0.D0.B7.D0.B2.D0.B0.D0.BB.D0.B0_10_.D0.B3.D0.BB.D0.B0.D0.B2.D0.BD.D1.8B.D1.85_.D1.82.D1.80.D0.B5.D0.BD.D0.B4.D0.BE.D0.B2_.D0.B2_.D1.81.D1.84.D0.B5.D1.80.D0.B5_.D0.BA.D0.B8.D0.B1.D0.B5.D1.80.D0.B1.D0.B5.D0.B7.D0.BE.D0.BF.D0.B0.D1.81.D0.BD.D0.BE.D1.81.D1.82.D0.B8_.D0.B2_2021_.D0.B3.D0.BE.D0.B4.D1.83
- Yevseiev, S., Ponomarenko, V., Laptiev, O., Milov, O., Korol, O., Milevskyi, S. et. al.; Yevseiev, S., Ponomarenko, V., Laptiev, O., Milov, O. (Eds.) (2021). Synergy of building cybersecurity systems. Kharkiv: РС ТЕСHNOLOGY СЕNTЕR, 188. doi: https://doi.org/10.15587/978-617-7319-31-2
- Hryshchuk, R., Yevseiev, S. (2016). The synergetic approach for providing bank information security: the problem formulation. Ukrainian Scientific Journal of Information Security, 22 (1), 64–74. doi: https://doi.org/10.18372/2225-5036.22.10456
- Hryshchuk, R. V. (2010). Teoretychni osnovy modeliuvannia protsesiv napadu na informatsiu metodamy teoriy dyferentsialnykh ihor ta dyferentsialnykh peretvoren. Zhytomyr: Ruta, 280.
- Hryshchuk, R. V., Danyk, Yu. H.; Danyk, Yu. H. (Ed.) (2016). Osnovy kibernetychnoi bezpeky. Zhytomyr: ZhNAEU, 636.
- Petrov, O., Lahno, V. (2016). Povyshenie informatsionnoy bezopasnosti avtomatizirovannyh sitsem obrabotki dannyh na transporte. Information Technology in Selected Areas of Management. Krakow, 65–78.
- Model' zrelosti bezopasnosti interneta veschey: tolchok k razvitiyu bezopasnyh sistem. Available at: https://ics-cert.kaspersky.ru/reports/2019/08/14/the-internet-of-things-security-maturity-model-a-nudge-for-iot-cybersecurity/
- Trubetskov, D. I. (2011). Phenomenon of Lotka–Volterra mathematical model and similar models. Izvestiya VUZ. Applied Nonlinear Dynamics, 19 (2), 69–88. doi: https://doi.org/10.18500/0869-6632-2011-19-2-69-88
- Bratus', A. S., Novozhilov, A. S., Platonov, A. P. Dinamicheskie sistemy i modeli biologii. Available at: https://avmaksimov.ucoz.ru/_ld/1/109_-Bratus_A-Novoz.pdf
- Dormidontov, A. V., Mironova, L. V., Mironov, V. S. (2018). Possibility of the mathematical model of counteraction application to the assessment of transport infrastructure security level. Civil Aviation High Technologies, 21 (3), 67–77. doi: https://doi.org/10.26467/2079-0619-2018-21-3-67-77
- Kononovich, I. V. (2014). Dynamics of the number of information security incidents. Informatics and Mathematical Methods in Simulation, 4 (1), 35–43. Available at: http://immm.opu.ua/files/archive/n1_v4_2014/n1_v4_2014.pdf
- Kononovich, І., Mayevskiy, D., Podobniy, R. (2015). Models of system of the cibersecurity providing with delay of reaction on incidents. Informatics and Mathematical Methods in Simulation, 5 (4), 339–346. Available at: http://immm.opu.ua/files/archive/n4_v5_2015/n4_v5_2015.pdf
- Lippert, K. J., Cloutier, R. (2021). Cyberspace: A Digital Ecosystem. Systems, 9 (3), 48. doi: https://doi.org/10.3390/systems9030048
- Mazurczyk, W., Drobniak, S., Moore, S. (2016). Towards a Systematic View on Cybersecurity Ecology. Combatting Cybercrime and Cyberterrorism, 17–37. doi: https://doi.org/10.1007/978-3-319-38930-1_2
- Gorman, S. P., Kulkarni, R. G., Schintler, L. A., Stough, R. R. A Predator Prey Approach to the Network Structure of Cyberspace. Available at: https://www.researchgate.net/publication/255679706_A_predator_prey_approach_to_the_network_structure_of_cyberspace
- Crandall, J. R., Ensafi, R., Forrest, S., Ladau, J., Shebaro, B. (2008). The ecology of Malware. Proceedings of the 2008 Workshop on New Security Paradigms - NSPW '08. doi: https://doi.org/10.1145/1595676.1595692
- Fink, G. A., Haack, J. N., McKinnon, A. D., Fulp, E. W. (2014). Defense on the Move: Ant-Based Cyber Defense. IEEE Security & Privacy, 12 (2), 36–43. doi: https://doi.org/10.1109/msp.2014.21
- Wu, L., Wang, Y. (2011). Estimation the parameters of Lotka–Volterra model based on grey direct modelling method and its application. Expert Systems with Applications, 38 (6), 6412–6416. doi: https://doi.org/10.1016/j.eswa.2010.09.013
- Diz-Pita, É., Otero-Espinar, M. V. (2021). Predator–Prey Models: A Review of Some Recent Advances. Mathematics, 9 (15), 1783. doi: https://doi.org/10.3390/math9151783
- Minaev, V. A., Sychev, M. P., Vayts, E. V., Gracheva, Yu. V. (2016). Matematicheskaya model' "hischnik-zhertva" v sisteme informatsionnoy bezopasnosti. Informatsiya i bezopasnost', 19 (3), 397–400. Available at: https://elibrary.ru/item.asp?id=27186929
- Yevseiev, S., Laptiev, O., Lazarenko, S., Korchenko, A., Manzhul, I. (2021). Modeling the protection of personal data from trust and the amount of information on social networks. EUREKA: Physics and Engineering, 1, 24–31. doi: https://doi.org/10.21303/2461-4262.2021.001615
- Yevseiev, S., Melenti, Y., Voitko, O., Hrebeniuk, V., Korchenko, A., Mykus, S. et. al. (2021). Development of a concept for building a critical infrastructure facilities security system. Eastern-European Journal of Enterprise Technologies, 3 (9 (111)), 63–83. doi: https://doi.org/10.15587/1729-4061.2021.233533
- Ya dogonyayu, ty ubegaesh'. Chto takoe model' Lotki-Vol'terry i kak ona pomogaet biologam. Available at: https://nplus1.ru/material/2019/12/04/lotka-volterra-model
- Shmatko, O., Balakireva, S., Vlasov, A., Zagorodna, N., Korol, O., Milov, O. et. al. (2020). Development of methodological foundations for designing a classifier of threats to cyberphysical systems. Eastern-European Journal of Enterprise Technologies, 3 (9 (105)), 6–19. doi: https://doi.org/10.15587/1729-4061.2020.205702
- ISO/IEC 27001:2013. Information technology – Security techniques – Information security management systems – Requirements. Available at: https://www.iso.org/standard/54534.html
- An Introduction to Factor Analysis of Information Risk (FAIR). Available at: https://www.yumpu.com/en/document/read/7271140/an-introduction-to-factor-analysis-of-information-risk-fair
- Chen, L., Jordan, S., Liu, Y.-K., Moody, D., Peralta, R., Perlner, R., Smith-Tone, D. (2016). Report on Post-Quantum Cryptography. NISTIR. doi: https://doi.org/10.6028/nist.ir.8105
- Lohachab, A., Lohachab, A., Jangra, A. (2020). A comprehensive survey of prominent cryptographic aspects for securing communication in post-quantum IoT networks. Internet of Things, 9, 100174. doi: https://doi.org/10.1016/j.iot.2020.100174
- Ugrozy bezopasnosti yadra paketnoy seti 4G (2017). Available at: https://www.ptsecurity.com/ru-ru/research/analytics/epc-2017/
- Uyazvimosti protokola Diameter v setyah 4G (2018). Available at: https://www.ptsecurity.com/ru-ru/research/analytics/diameter-2018/
- Godovoy otchet o podverzhennosti kiberatakam sotrudnikov kompaniy v Rossii i SNG. Available at: https://welcome.tiger-optics.ru/антифишинг-годовой-отчет?_ga=2.171180576.1827066423.1631692491-524698473.1631692491