Priorities evaluation of cyber defense mechanisms of national utilities payment system through the use of the analytic hierarchy process

Authors

  • Мирослава Станіславівна Стремецька National Technical University of Ukraine «Igor Sikorsky Kyiv Polytechnic Institute»

DOI:

https://doi.org/10.18372/2410-7840.21.13704

Keywords:

Analytic Hierarchy Process (AHP), pairwise comparison matrix, score vector, Coherence Ratio (CR), National Utilities Payment System, Security Management System (SeMS)

Abstract

The article is devoted to the problem of evaluation of the influence of cyber defense mechanisms on the reaching security of national utilities payment system. With growing demand for the development of communication systems aimed at satisfying public needs, implementing e-government services, e-commerce and electronic document management there is an urgent need to construct organizational and technical cybersecurity models as a complex of measures, forces and means for their cyber defense. It was important that the proposed approach to the development of such models was not only one-size-fits-all to all objects of cyber defense and, most crucially, took into account very specific features of each individual system functioning. The Security Management System (SeMS) hierarchical model of national utilities payment system that included both the technological features of the individual subsystems and the guidelines for interaction between them in terms of the main objective - to achieve a safety state of the system, in general, was designed. The priorities evaluation of cyber defense mechanisms through the use of The Analytic Hierarchy Process (AHP) was performed based on the designed model. The results of evaluation showed that the first and foremost attention should be focused on e-mail and web security (29,9%), while computer network security (25,6%) got the second place, mobile security (19,53%) the third place, cyber defense mechanisms for endpoint protection (12,25%) the fourth place, data centers security (7,99%) the fifth place and cloud security (4,73%) the last place respectively. The methodology allows to implement a system approach to the construction of organizational and technical models of complex hierarchical systems; makes it possible to obtain quantitative scores of the decisions priorities, based on which it is possible to formalize the procedure of choosing the various scenarios for the work of the SeMS; helps to develop the appropriate mathematical apparatus for the study on number of other complex objects of cyber defense within the national cyber security system of Ukraine.

Author Biography

Мирослава Станіславівна Стремецька, National Technical University of Ukraine «Igor Sikorsky Kyiv Polytechnic Institute»

PhD Student, Department of Information Security, Institute of Physics and Technology, National Technical University of Ukraine «Igor Sikorsky Kyiv Polytechnic Institute»

References

Katrenko A.V., Pasіchnik V.V., Pasko V.P. (2009), Theory decision making. [Teoriya pryynyattya rishenʹ]., BHV, Kyiv, 448 p. [In Ukrainian].

Kachinskiy, A.B. (2017), Safety of Complex Systems [Bezpeka skladnykh system]., Vydavnytstvo «Yuston», Kyiv, 498 p. [In Ukrainian].

Matviyenko, V.Ya. (2000), Prognostics: forecasting of social and economic processes: theory, methodology, practice. [Prohnostyka: prohnozuvannya sotsial’nykh ta ekonomichnykh protsesiv: teoriya, metodyka, praktyka]., Ukrayinsʹki propileyi, Kyiv, 520 p.

O’Connor, J. and & McDermott, I. (2018), The Art of Systems Thinking: Essential Skills for Creativity and Problem Solving ; translated from English by Sysyuk, N. [Systemne myslennya. Poshuk neordynarnykh tvorchykh rishenʹ]., Nash Format, Kyiv, 240 p. [in Ukrainian].

Pankratova, N.D. and Nedashkivska, N.I. (2010), Models and Methods of Hierarchy Analysis: Theory. Application [Modeli i metody analizu iyerarkhiy. Teoriya. Zastosuvannya]., NTUU «KPI», Kyiv, 372 p. [In Ukrainian].

Sierіkov, A.V. and Bіlotserkіvskiy, O.V. (2006), The hierarchy analysis method in decision making. [Metod analіzu iyerarkhіy u pryinyattі rіshen]., Burun Kniga, Kharkіv, 144 p. [in Ukrainian].

Stremetska M.S. (2017), “Modelling of Intensive Branched Information Flows Processing System”, XV All-Ukrainian scientific and practical conference of students, postgraduates and young scientists “Theoretical and applied problems of physics, mathematics and informatics”, Vol. 2, pp. 71-74.

Stremetska M.S., Kachinskiy A.B. (2018), “Modern Security Means of Electronic Payment Systems for Critical State Services Maintenance”, І International Scientific and Practical Conference “Problems of Cyber Security of Information and Telecommunication Systems”, Vol. 1, pp. 174-177.

Association agreement between the European Union and the European Atomic Energy Community and their Member States, of the one part, and Ukraine, of the other part. [Uhody pro astsiatsiyu mizh Ukrainoyu, z odniyei storony, ta Yevropeyskym Soyuzom, Yevropeyskym Spivtovarystvom z atomnoi enerhii I ikhnimy derzhavamy-chlenamy, z inshoi storony] [Electronic resource]: [Union ratified by the Law No. 1678-VII of 16.09.2014] - Available at: https://zakon.rada.gov.ua/laws/show/984_011 (accessed 9June2019) [In Ukrainian].

S. Hare. (2018), «Cisco’s Attack Continuum», Ironshare, 22April, аvailable at: https://www.ironshare.co.uk/technical/ciscos-attack-continuum/ (accessed 9June2019).

Published

2019-06-27

Issue

Section

Articles