期刊名称:Eastern-European Journal of Enterprise Technologies
印刷版ISSN:1729-3774
电子版ISSN:1729-4061
出版年度:2017
卷号:1
期号:2
页码:4-15
DOI:10.15587/1729-4061.2017.90506
语种:English
出版社:PC Technology Center
摘要:We devised a decision support system (DSS) for the weakly formalized problems of information protection and the provision of cybersecurity at the informatization objects. The system is based on the models that describe the tasks of information safety and cyberprotection in the conceptual and functional aspects. We described the process of compiling a knowledge base of DSS for the circumstances related to the detection of hard-to-explain attributes of anomalies and attacks. The DSS "Decision Support System of Management protection of information – DMSSCIS", which we designed, makes it possible to improve understanding of the analyzed situations that occur in the process of cyberprotection of mission critical computer systems. While tested at the enterprises, it was established that the "DMSSCIS" system enabled effective visualization and interpretation of results of current assessment of the revealed hard-to-explain attributes of anomalies and cyberattacks, as well as allowed us to describe current situation in the course of multistage targeted cyberattacks. It was established that the application of DSS "DMSSCIS" in the interaction with other systems for the intelligent recognition of illegitimate interference in the computer systems operations made it possible to improve efficiency of decision making on information security. While testing, it was found that the application of the "DMSSCIS" system allowed reducing the time required to inform persons, responsible for cybersecurity, about the incidents by 6.9–7.2 times.
关键词:decision support system;cybersecurity;weakly formalized problems;interpretation of situation