Development of multi-agent information security management system

I. P. Khavina; Yu. V. Hnusov; O. O. Mozhaiev

doi:10.32631/pb.2022.4.14

Право і безпека (Dec 2022)

Development of multi-agent information security management system

I. P. Khavina,
Yu. V. Hnusov,
O. O. Mozhaiev

Affiliations

I. P. Khavina: Kharkiv National University of Internal Affairs
Yu. V. Hnusov: Kharkiv National University of Internal Affairs
O. O. Mozhaiev: Kharkiv National University of Internal Affairs

DOI: https://doi.org/10.32631/pb.2022.4.14
Journal volume & issue: Vol. 87, no. 4
pp. 171 – 183

Abstract

Read online

The issue of creating an information security system is very relevant in the world today. One of the urgent tasks is to solve the issues of effective protection of information from both external and internal threats through the creation and implementation of information security management systems in automated systems of enterprises, which, among other things, requires the formalization of the task of protecting information for its subsequent implementation by software and other means. Now there are security analysis systems, for example, that examine the security elements settings of workstations and servers operating systems, analyze the network topology, look for unprotected network connections, examine the settings of firewalls. The disadvantage of these systems is that they are not suitable for monitoring large volumes of network traffic. The solution to this problem is the use of monitoring tools capable of analyzing large amounts of data in real time. Therefore, a significant place in the article is given to the review of developments based on artificial intelligence technologies, namely multi-agent systems, review of information security models, threat risk assessment in automated systems. The functional architecture of the information security management system based on a multi-agent system has been proposed to search in real time for information security optimal solutions through the selection of such coalitions of protection mechanisms agents that will allow to build the optimal protection of the automated system according to the selected criteria. The model with complete overlapping of threats has been substantiated and adopted as a basis, which allows to analyze the overall situation and choose strategically important decisions directly during the organization of information security. The essence of of multi-agent systems functioning that implement a decentralized control system based on the work of autonomous agents that can be implemented programmatically has been revealed. The role of threat agents, resource agents, agents of protection mechanisms and their functional purpose have been defined. The problem of searching a set of protection mechanisms agents coalition for the current state of the automated system as a problem of optimal search by the criterion of protection cost, taking into account the value of information, has been generalized. Due to the modularity of the multi-agent system, the further work will be aimed at detailing its components and perfection.

Published in Право і безпека

ISSN: 1727-1584 (Print); 2617-2933 (Online)
Publisher: Kharkiv National University of Internal Affairs
Country of publisher: Ukraine
LCC subjects: Law: Law in general. Comparative and uniform law. Jurisprudence
Website: http://pb.univd.edu.ua

About the journal

Abstract

Keywords