Development of multi-agent information security management system
Abstract
The issue of creating an information security system is very relevant in the world today. One of the urgent tasks is to solve the issues of effective protection of information from both external and internal threats through the creation and implementation of information security management systems in automated systems of enterprises, which, among other things, requires the formalization of the task of protecting information for its subsequent implementation by software and other means. Now there are security analysis systems, for example, that examine the security elements settings of workstations and servers operating systems, analyze the network topology, look for unprotected network connections, examine the settings of firewalls. The disadvantage of these systems is that they are not suitable for monitoring large volumes of network traffic. The solution to this problem is the use of monitoring tools capable of analyzing large amounts of data in real time. Therefore, a significant place in the article is given to the review of developments based on artificial intelligence technologies, namely multi-agent systems, review of information security models, threat risk assessment in automated systems.
The functional architecture of the information security management system based on a multi-agent system has been proposed to search in real time for information security optimal solutions through the selection of such coalitions of protection mechanisms agents that will allow to build the optimal protection of the automated system according to the selected criteria. The model with complete overlapping of threats has been substantiated and adopted as a basis, which allows to analyze the overall situation and choose strategically important decisions directly during the organization of information security. The essence of of multi-agent systems functioning that implement a decentralized control system based on the work of autonomous agents that can be implemented programmatically has been revealed. The role of threat agents, resource agents, agents of protection mechanisms and their functional purpose have been defined. The problem of searching a set of protection mechanisms agents coalition for the current state of the automated system as a problem of optimal search by the criterion of protection cost, taking into account the value of information, has been generalized. Due to the modularity of the multi-agent system, the further work will be aimed at detailing its components and perfection.
Downloads
References
Arafa, M., & Tahoun, A. (2021). Cooperative control for cyber-physical multi-agent networked control systems with unknown false data-injection and replay cyber-attacks. ISA Trans, 110. https://doi.org/10.1016/j.isatra.2020.10.002.
Buryachok, V. L. (2013). Modern systems of intrusion detection in information and telecommunication systems and networks. The selection model of rational variant of responding to the occurrence of extraneous influence cybernetic. Informational Security, 1(9), 33-40.
Cheng, Z., Yue, D., Hu, S., Ge, H., & Chen, L. (2020). Distributed event-triggered consensus of multi-agent systems under periodic DoS jamming attacks. Neurocomputing, 400, 458-466.
Dovbeshko, S. V., Toliupa, S. V., Shestak, Ya. V. (2019). Application of intelligent data analysis methods for building attack detection systems. Modern Information Protection, 1, 56-62. https://10.31673/2409-7292.2019.010615.
Han, J., Zhang, H., Liang, X., & Wang, R. (2019). Distributed impulsive control for heterogeneous multi-agent systems based on event-triggered scheme. Journal of the Franklin Institute, 356(16), 9972-9991. https://doi.org/10.1016/j.jfranklin.2019.01.055.
Hapon, A. O., Fedorchenko, V. M., & Polyakov, A. O. (2020). Approaches to the construction of the threat model for analysis of security of the open software code. Information Processing Systems, 1(160), 128-135. https://doi.org/10.30748/soi.2020.160.17.
Hedin, Ya., & Moradian, E. (2015). Security in Multi-Agent Systems. Procedia Computer Science, 60, 1604-1612. https://doi.org/10.1016/j.procs.2015.08.270.
Hvozdov, R. Yu., Sievierinov, O. V., & Karavaiev, V. M. (2021, April 8-9). Methodology of formal design of complex information protection systems in information and telecommunication systems [Conference presentation abstract]. XI international scientific and technical conference “Modern trends in the development of information and communication technologies and management tools”, Kharkiv, Ukraine.
Khavina, I. P., & Lymarenko, V. V. (2019). DSS controlling a machine manufacturing. In General and complex problems of technical sciences: experience of EU countries and implementation in the practice of Ukraine (pp. 319-337). Baltija Publishing.
Kozhedub, Yu. (2018). Functional model of the information security system. Information Technology and Security, 6(2), 29-42.
Koziura, V. D., Khoroshko, V. O., Shelest, M. Ye. et al. (2019). Complex information protection systems in information and telecommunication systems. Orchid.
Maslova, N. O. (2008). Methods for evaluating the effectiveness of systems for protection of information systems. Artificial Intelligence, 4, 253-264.
Ni, H., Xu, Z., & Cheng, J. (2019). Robust Stochastic Sampled-data-based Output Consensus of Heterogeneous Multi-agent Systems Subject to Random DoS Attack: A Markovian Jumping System Approach. International Journal of Control, Automation and Systems, 17, 1687-1698. https://doi.org/10.1007/s12555-018-0658-9.
Nosenko, K. M., Pivtorak, O. I., & Likhouzova, T. A. (2014). Overview of systems for detecting attacks in network traffic. Interdepartmental scientific and technical collection. Adaptive Automatic Control Systems, 1(24), 67-75.
Opirsky, I. R. (2015). Classification models of information security in information networks of the state. Scientific Bulletin of UNFU, 25(10), 329-335. https://doi.org/10.15421/40251050.
Poddubnyi, V. O., & Sievierinov, O. V. (2020). Vulnerability management using a formalized description. Radio Engineering, 203, 121-125. https://doi.org/10.30837/rt.2020.4.203.11.
Sathishkumar, M., & Liu, Ye.-C. (2022). Resilient Memory Event-triggered Consensus Control for Multi-agent Systems with Aperiodic DoS Attacks. International Journal of Control, Automation and Systems, 20(6), 1800-1813. https://doi.org/10.1007/s12555-021-0380.
Severinov, O. V, & Khrenov, A. G. (2013). Analysis of modern intrusion detection systems. Information Processing Systems, 6(122), 122-124.
Tian, Yu., Tian, S., Li, H., Han, Q., & Wang, X. (2022). Event-Triggered Security Consensus for Multi-Agent Systems with Markov Switching Topologies under DoS Attacks. Energies, 15(15). https://doi.org/10.3390/en15155353.
Tolyupa, S. V., Parkhomenko, I. I., & Shtanenko, S. S. (2021). Model of intrusion detection system in information system. Information and communication technologies, electronic engineering, 1(1), 39-50. https://doi.org/10.23939/ictee2021.01.039.
Yang, Yi., Liu, F., Yang, H., Li, Yu., & Liu, Yu. (2021). Distributed Finite-Time Integral Sliding-Mode Control for Multi-Agent Systems with Multiple Disturbances Based on Nonlinear Disturbance Observers. Journal of Systems Science and Complexity, 34, 995-1013.
Zamula, A. A., Severinov, A. V., & Kornienko, M. A. (2014). Analysis of information security risk assessment models for building a data protection system Development of Radio Technical Support, ACS and Communication of the Air Force, 2, 133-138.
Copyright (c) 2022 I. P. Khavina, Yu. V. Hnusov, O. O. Mozhaiev
This work is licensed under a Creative Commons Attribution 4.0 International License.