Оцінювання ефективності рішень в системах захисту інформації
Вантажиться...
Дата
2020
Автори
Тітова, В.Ю.
Андрощук, О.С.
Орленко, В.С.
Шевчук, І.М.
Даценко, В.С.
Titova, V.
Androshchuk, O.
Orlenko, V.
Shevchuk, I.
Datsenko, V.
Назва журналу
Номер ISSN
Назва тому
Видавець
Хмельницький національний університет
Анотація
В даній статті розглянуто відомі методи оцінювання ефективності рішень. Проаналізовано
можливість їх використання для оцінювання ефективності рішень, що приймаються системами захисту
інформації стосовно класифікації та визначення загроз. На основі визначених переваг та недоліків існуючих
методів запропоновано власний метод оцінювання ефективності рішень, який дозволяє підвищити відсоток
прийнятих правильних рішень та оптимізувати ефективність системи захисту інформації в цілому.
The functioning of most information security systems is reduced to the recognition of many active processes, their classification in order to identify malicious and dangerous processes and make decisions to respond to them. The decision-making process is based on taking into account a large number of conflicting requirements and evaluating decision options according to many criteria. The inconsistency of the characteristics of the processes, the ambiguity of the evaluation of the process, the incompleteness of the information obtained greatly complicate the final decision and significantly affect its quality. To increase the efficiency of the final decision, it is necessary to develop a method of multi-objective optimization of decisions, which is why this work was devoted. To evaluate the efficiency of decisions in information security systems, the method was proposed that includes the advantages of the analytic hierarchy process and the Pareto efficiency. It is based on three matrices. Two of these matrices contain normalized values of threat characteristics, one - a set of decisions that need to be optimized, ranked on the analytic hierarchy process scale of preferences. Criteria for optimization are also calculated using pairwise comparisons of analytic hierarchy process preference scale values. The proposed method provides increasing the percentage of identified correct decisions and has the following advantages: the result is always a single and effective decision; the possibility of compensation of values of partial criteria is eliminated. The method was implemented and tested in the subsystem for evaluating the decision efficiency of intrusion detection system based on in-depth learning networks and was used as the tools of multi-objective optimization of decisions for computer systems protection system.
The functioning of most information security systems is reduced to the recognition of many active processes, their classification in order to identify malicious and dangerous processes and make decisions to respond to them. The decision-making process is based on taking into account a large number of conflicting requirements and evaluating decision options according to many criteria. The inconsistency of the characteristics of the processes, the ambiguity of the evaluation of the process, the incompleteness of the information obtained greatly complicate the final decision and significantly affect its quality. To increase the efficiency of the final decision, it is necessary to develop a method of multi-objective optimization of decisions, which is why this work was devoted. To evaluate the efficiency of decisions in information security systems, the method was proposed that includes the advantages of the analytic hierarchy process and the Pareto efficiency. It is based on three matrices. Two of these matrices contain normalized values of threat characteristics, one - a set of decisions that need to be optimized, ranked on the analytic hierarchy process scale of preferences. Criteria for optimization are also calculated using pairwise comparisons of analytic hierarchy process preference scale values. The proposed method provides increasing the percentage of identified correct decisions and has the following advantages: the result is always a single and effective decision; the possibility of compensation of values of partial criteria is eliminated. The method was implemented and tested in the subsystem for evaluating the decision efficiency of intrusion detection system based on in-depth learning networks and was used as the tools of multi-objective optimization of decisions for computer systems protection system.
Опис
Ключові слова
системи захисту інформації, багатокритеріальна оптимізація, метод аналізу ієрархій, метод Парето, information security system, multi-objective optimization, analytic hierarchy process, Pareto efficiency
Бібліографічний опис
Оцінювання ефективності рішень в системах захисту інформації / В. Ю. Тітова, О. С. Андрощук, В. С. Орленко, І. М. Шевчук, В. С. Даценко // Вісник Хмельницького національного університету. Технічні науки. – 2020. – № 5. – С. 307-309.