Analysis and risk management of ICS information security risks based on cognitive modeling

The paper considers the problem of optimizing cognitive model parameters in the analysis of information security risks of industrial control systems (ICS), reflecting the optimal distribution of costs for the realization, implementation, and maintenance of countermeasures, taking into account their functional limitations. A genetic algorithm for optimizing the weight coefficients of cognitive models is used, which makes it possible to determine the optimal configurations of protection measures in the process of assessing ICS information security risks under the conditions of complex multi-step attacks. On the example of the oil delivery ICS and receipt point, the optimization of the countermeasure configuration is carried out to select the most effective options for the allocation of resources of means and information security systems to minimize information security risks. The proposed approach enabled the reduction of information security risk assessment by 85%, increase the assessment of the countermeasure operating efficiency, and reduce the assessment of the countermeasure operating cost. Analysis of the correlation between the obtained information security risk assessments within the allocated ICS zones and the costs of measures to reduce them helps to determine the mechanisms for managing the security of the system target resources and maintain its required level of security as well as to assess the costs required for the integration and maintenance of countermeasures. The result testifies to the effectiveness of the proposed approach to optimizing the configuration of the selected countermeasures with due regard for the multicriteria risk optimization and assessing the economic aspects of ensuring the information security of the object.

1. Zegzhda D.P. et al. Advanced production technologes security in the era of digital transformation. Voprosy kiberbezopasnosti. 2018;2(26):2–14. (In Russ.)

2. Alshamrani A. et al. A survey on advanced persistent threats: Techniques, solutions, challenges, and research opportunities. IEEE Communications Surveys & Tutorials. 2019;2(21):1851–1877.

3. Mashkina I.V. Information security management in the segment of the corporate information system based on intelligent technologies: dis.… dr. tech. sciences. Ufa: Publishing house of GOU VPO Ufa State Aviation Technical University. 2009. (In Russ.)

4. Vasilyev V.I., Vulfin A.M., Kirillova A.D., Kuchkarova N.V. Methodology for assessing current threats and vulnerabilities based on cognitive modeling technologies and Text Mining. Systems of Control, Communication and Security. 2021;3:110–134. (In Russ.)

5. Methodology for assessing information security risks. FSTEC of Russia, 2021 URL: https://fstec.ru/component/attachments/download/2919 (accessed on 13.05.2022) (In Russ.)

6. Vasilyev V.I., Kirillova A.D., Vulfin A.M. Cognitive modeling of the cyber attack vector based on CAPEC methods. Voprosy kiberbezopasnosti. 2021;2(42):2–16. (In Russ.)

7. Jamshidi A et al. Dynamic risk assessment of complex systems using FCM. International Journal of Production Research, vol. 2018;56(3):1070–1088.

8. Haritha K., Judy M.V. Fuzzy cognitive map-based genetic algorithm for community detection. Progress in advanced computing and intelligent engineering. Springer, Singapore. 2021:412–426.

9. Salmeron J.L. et al. Learning fuzzy cognitive maps with modified asexual reproduction optimisation algorithm. Knowledge-Based Systems. 2019;163:723–735.

10. Sivanandam S.N., Deepa S.N. Genetic algorithm optimization problems. Introduction to genetic algorithms. Springer, Berlin, Heidelberg. 2008:165–209.

11. Padmalatha E. et al. Feature Selection Optimization Using a Hybrid Genetic Algorithm. ICT Analysis and Applications. Springer, Singapore. 2021:411–421.

12. Kirillova A.D., Vulfin A.M., Yagafarov R.R. and Vasiliev V.I., Ziyazetdinova L.Yu. Certificate of state registration of a computer program No. 2021619894 Russian Federation. Program for the analysis and modeling of cyberattacks based on meta-templates in a fuzzy cognitive basis: Appl. 06/07/2021; publ. 06/18/2021. (In Russ.)

13. Bogdanov Y.M., Ogarok A.L., Selivanov S.M. Monitoring cybersecurity of complex information and control systems of critical infrastructure. Informatizaciya i svyaz'. 2021;1:142–150. (In Russ.)

14. Bakhtavar E. et al. Fuzzy cognitive maps in systems risk analysis: a comprehensive review. Complex & Intelligent Systems. 2021;7(2):621–637.

15. Amirkhani A., Nasiriyan-Rad H., Papageorgiou E.I. A novel fuzzy inference approach: neuro-fuzzy cognitive map. International Journal of Fuzzy Systems. 2020;22(3):859–872.

16. Selivanov S.A., Ogarok A.L. Providing cybersecurity of complex information and control systems. Informatization and Communication. 2020;1:28–33.

17. Arpishkin M.I. et al. Intelligent integrity monitoring system for technological process data. Journal of Physics: Conference Series. IOP Publishing. 2019;1368(5):052029.

18. Vulfin A.M., Vasilyev V.I., Kirillova A.D., Nikonov A.V. Cognitive security modeling of biometric system of neural network cryptography. Proceedings of the Information Technologies and Intelligent Decision Making Systems (ITIDMS2021). CEUR. 2021;2843.

19. Vulfin A.M., Vasilyev V.I., Kuharev S.N., Homutov E.V., Kirillova A.D. Algorithms for detecting network attacks in an enterprise industrial network based on data mining algorithms. International Scientific and Practical Conference "Information Technologies and Intelligent Decision Making Systems (ITIDMS-II 2021). Journal of Physics: Conference Series. 2021;2001:012004.