_{1}

^{*}

The article is dedicated to the development of software application with graphical user interface for analyzing of the operation of Integrated System of Data Defense from cyber-threats (ISDD) which includes subsystems of detection and elimination of vulnerabilities existing in the system, as well as Requests of Unauthorized Access (RUA). In the subsystems of eliminations of vulnerabilities and queues of unauthorized access considered as multichannel queueing systems with corresponding servers and queues, at random times there come requests to fix threats detected by the system. It is supposed that flows of requests demanding to eliminate threats coming to the mentioned subsystems of queueing systems are described with the Poisson distribution of probabilities, but processes of their elimination obey exponential law. For the system described above, there has been developed software realization of graphical interface which allows easily to change input parameters and observe graphical reflection of changes of the output indicators of the system.

On the current level of development of information and communication technologies (ICT), struggling for information ownership, reaching and maintaining information dominance take prominent place in geopolitical competition of countries. States developing potential in the information space get number of competitive advantages and are able to use it as a factor of power to the disadvantage of the rest of participants of international processes.

In this connection, the use of Information and communication technologies (ICT) for the military and political purposes by the states is becoming especially relevant. Such characteristics of information space as being cross-border, openness, availability and anonymousness have brought about information infrastructure attractive from the point of view possibility to fulfill illegal actions with criminal and terrorist goals. Counteracting these types of threats is becoming an important part of array of actions to provide information security on the national, as well as on the global level.

Cyberspace consists of different computer systems connected to the net and integrated telecommunication systems. It has become one of distinguishing features of modern society providing with and enlarging fast communication, operation of distributed systems of command and control, storing and passing huge data files and operation of highly distributed systems. Today, all of these things are taken for granted by the society. It has become necessary for business, everyday life and service activities.

Such ubiquitousness and addiction of the cyberspace can be observed even in the military area where communication, control and administration, elements of intelligence and delivering precision guided blows rely on a large number of “cyber systems” and connected with their communication systems. Ubiquitousness of these interconnected systems causes some kind of dependence and vulnerability of separate sectors of industry and governments that are difficult to predict, weaken, prevent and control.

Some countries consider this vulnerability and dependence as new problems in the domains of national security and national defense and put forward a task for appropriate structures of their security forces to react, while other counties are setting up absolutely new organizations whose purpose is to manage and coordinate national strategies in the domain of cybersecurity. Cybersecurity has become an important interdisciplinary issue that demands the reaction of individuals, private organizations, nongovernmental organizations, “the whole government” and a number of international agencies and organs [

In accordance with abovementioned, one of the most demanded and future oriented trends of research in the domain of providing cybersecurity is development of models of cyber space and main factors influencing its operation. Among the number of different approaches and trends used for modelling cyberspace, significant role is given to creating mathematical and imitation models that enable to get numerical data of the degree of information security (degree of threat of information security, analysis of information security risks, estimation of effectiveness of protection measures etc.).

In the following sections of the article are given: statement of the research problem, justification of the choice of the analytical model and a software model with a graphical user interface, developed using the Graphical User Interface Development Environment (GUIDE), that is part of Matlab/Simulink.

This article offers a user model adapted to the scopes of providing cyber security and completed with graphical interface abilities of user options, the model which is a version of complex technical system discussed in the article [

The subsystem of detection of vulnerabilities at random time, distributed according to Exponential law, carry out the scanning of information system in order to discover abovementioned destabilizing factors, in case they are discovered, they are passed to corresponding subsystem of elimination, that happens at random time too, distributed according to exponential law. For modelling the system that has been described, approaches of queuing theory is used, the theory of Markov processes, in particular [

It is supposed that complex security system (CSS) shown in

It is expected that the flow of arrivals coming from the subsystem of detecting vulnerabilities on the subsystem is Poisson and its total intensity equals to О = O1 + O2, where O1 is intensity of discovery of functional vulnerabilities, and О2- is the intensity of detecting structural vulnerabilities.

Elimination of vulnerabilities coming into corresponding subsystem happens according to the exponential law with total intensity V = V1 + V2, where V1—intensity of removal of functional vulnerabilities, but V2—intensity of removal of structural vulnerabilities. In the above-described system there comes Poisson probable flow of requests for unauthorized access with collective intensity M = M1 – M2, where M1 and M2 are intensities of flow of requests for unauthorized access with the use of vulnerabilities existing correspondingly in the functional and structural parts of computer system of information security (CSIS).

Security system fulfills neutralizing attempts of unauthorized access discovered while appropriate scanning. Neutralizing time is distributed according to exponential law with total intensity L = L1 + L2, where L1—neutralization intensity of UA attempts into the functional part of CSDD, and L2 is neutralization intensity of attempts UA into the structural part of ISDD.

It should be taken into consideration that in the system is provided/is able to react to the existence of queues for requests coming from appropriate subsystems ISDD at the moment when equipment eliminating threats is busy with eliminating previously received requests. The total number of requests, being simultaneously in the system, is limited., and it equals to K = K1 + K2 + K0, where K1 is the number of requests on the servers for removing vulnerabilities, K2 is the number of requests on the servers for preventing attempts of unauthorized access and K0 is a total number of both type of requests in the appropriate queues.

For description of the states of the system there are introduced probability functions P i ( t ) , which characterize the transition from one state into another, being under influence of the different flows happening in the system (flows of detection and elimination of threats), and are determined as product probability of the i-state from which the transition to the corresponding intensity takes place [

The use of Kolmogorov’s mnemonic rule of setting up equations in the abovementioned system enables to write down the system of differential equations determining probabilities of transition between its states in the form of:

d P i ( t ) d t = a P i ( t ) + b P i − 1 ( t ) + c P i + 1 ( t ) , (1)

where P i ( t ) = P i ( m 1 , m 2 ; K 1 , K 2 , K 0 ; L 1 , L 2 ; M 1 , M 2 ; O 1 , O 2 ; V 1 , V 2 ; t ) - event probability whereby/wherein at the moment t in the system in case of fixed values of parameters m 1 , m 2 ; K 1 , K 2 , K 0 ; L 1 , L 2 ; M 1 , M 2 ; O 1 , O 2 ; V 1 , V 2 there are i-requests, but coefficient in case of unknown functions correspond to tridiagonal matrix with values being estimated by the following formulae:

a = i ∗ L ∗ ( 1 − ( M − O − V ) ) ; b = − ( a + ( i − 1 ) ∗ ( 1 − ( M − O − V ) ) ) ; c = i ∗ M ∗ ( 1 − ( M − O − V ) ) ; (2)

For solving this system of equations with the help of software environment Matlab, the function ODE23 was used which is supposed for numerical integration of systems of homogenous differential equations (HDE). It is applicable for both: solving simple differential equations and modelling of complex dynamic systems.

As it is known any system of nonlinear homogenous differential equations (HDE) can be represented as the system of differential equations of the first order in the explicit form of Cauchy: d x / d t = f ( x , t ) , where x is state vector, t is time, f - nonlinear vector-function from the variables x, t.

Functions [t, X] = ode23(‘ ’, t0, tf, x0, tol, trace) integrates the systems HDE using the Runge-Kutta method of the second and forth orders that have the parameters: inputs parameters: , that is the name of M-file in which the right parts of system HDE are being calculated; t0 is the initial value of time, t final is the final value of time; x0—the vector of initial states, tol—given precision (by default to ode23, tol = 1.e-3); trace—a flag regulating the output of intermediary results (by default equals to zero that suppresses the output of intermediary results); outputs parameters: t—a current time, X—two-dimensional array where every column corresponds to one variable [

function varargout = MMmK_19_06_2019(varargin)

function pushbutton1_Callback(hObject, eventdata, handles)

% hObject handle to pushbutton1 (see GCBO)

% eventdata reserved - to be defined in a future version of MATLAB

% handles structure with handles and user data (see GUIDATA)

m1 = str2double(get(handles.m1,'string')); % The number of homogeneous means of protection designed to detect and eliminate functional type vulnerabilities (FZ-functional protection);

m2 = str2double(get(handles.m2,'string')); % The number of homogeneous means of protection designed to detect and eliminate structural type vulnerabilities (SZ - structural protection);

K0 = str2double(get(handles.K0,'string')); % The total number of requests of both types in the corresponding queues;

K1 = str2double(get(handles.K1,'string')); % The number of requests located on the servers to eliminate vulnerabilities;

K2 = str2double(get(handles.K2,'string')); % The number of requests on servers to prevent unauthorized access attempts;

L1 = str2double(get(handles.L1,'string')); % The intensity of the neutralization of attempts to tamper with the functional part of IISS (Integrated information security system);

L2 = str2double(get(handles.L2,'string')); % The intensity of the neutralization of attempts to unauthorized access to the structural part of the IISS;

M1 = str2double(get(handles.M1,'string')); % The intensity of the flow of applications for unauthorized access using vulnerabilities existing in the functional parts of the IISS;

M2 = str2double(get(handles.M2,'string')); % The intensity of the flow of applications for unauthorized access using vulnerabilities existing in the structural parts of the IISS;

O1 = str2double(get(handles.O1,'string')); % The intensity of detection of functional vulnerabilities;

O2 = str2double(get(handles.O2,'string')); % The intensity of detection of structural vulnerabilities;

V1 = str2double(get(handles.V1,'string')); % The intensity of functional vulnerability removal;

V2 = str2double(get(handles.V2,'string')); % The intensity of functional vulnerability removal;

global A

syms m n k i a b c A L N

L=L1+L2; % The total intensity of the exponential distribution of time to neutralize threats;

set(handles.L,'string',L);

M=M1+M2; % The total intensity of the Poisson flow of unauthorized access;

set(handles.M,'string',M);

O=O1+O2; % The total intensity of the request flow from the vulnerability detection subsystem to the vulnerability removal subsystem;

set(handles.O,'string',O);

V=V1+V2; % The total intensity of the exponential vulnerability elimination flow;

set(handles.V,'string',V);

K=K1+K2+K0; % The total number of requests simultaneously located in the system;

set(handles.K,'string',K);

for i=1:K

a=i*L;

b=-(a+(i-1)*(M-O-V));

c=i*M;

A=full(gallery('tridiag',K,a,b,c));

set(handles.a,'string',a);

set(handles.b,'string',b);

set(handles.c,'string',c);

%%Numerical solution of differential equations

P0 = [1;zeros(length(A)-1,1)];

T = [0,0.01];

[t,P] = ode23(@cmo, T, P0);

end

%% Constructing of diagrams of states probabilities

line(t,P,'linew',2)

line(t,P(:,K),'linew',2, 'color','r') %% P(K-1)

grid on

N = length(A)-1;

arr = [0:N]';

str = num2str(arr);

legend(strcat('\bf\itP\rm\bf_', str, '(\itt\rm\bf)'));

title(sprintf('%s Probabilities of system states M/M/%d/%d', '\bf\fontsize{12}',i, K));

xlabel('\bf\it\fontsize{12} Model Time ')

ylabel('\bf\fontsize{12}\itProbabilities of states P\rm\bf(\itt\rm\bf)');

set(gca,'fontweight','bold','fontsize',10);

fprintf('\n Stationary probabilities:\n');

for J = 1 : length(A);

fprintf('\tP%d = %f\n', J-1, P(end,J));

fprintf('Probabilities P = %f\n', P(end,J));

QQ(J)= P(end,J); set(handles.QQ,'string',QQ); P0=P(end,1); set(handles.P0,'string',P0);

P1=P(end,2); set(handles.P1,'string',P1); P2=P(end,3); set(handles.P2,'string',P2); P3=P(end,4);

set(handles.P3,'string',P3);P4=P(end,5);set(handles.P4,'string',P4);P5=P(end,6);

set(handles.P5,'string',P5); P6=P(end,7); set(handles.P6,'string',P6); P7=P(end,8);

set(handles.P7,'string',P7); P8=P(end,9); set(handles.P8,'string',P8); P9=P(end,10);

set(handles.P9,'string',P9); P10=P(end,11); set(handles.P10,'string',P10); P11=P(end,12);

set(handles.P11,'string',P11);

end

Pnot = P(end,end); set(handles.Pnot,'string',Pnot); Q = 1 - Pnot; set(handles.Q,'string',Q);

Ab = L*Q; set(handles.Ab,'string',Ab); Pq = sum(P(end, i+1:end)); set(handles.Pq,'string',Pq);

Ps = sum(P(end, i:end)); set(handles.Ps,'string',Ps); Ns = [0:length(A)-1]*P(end,:)';

set(handles.Ns,'string',Ns); Nq = [0:(K-i)]*P(end,i:K)'; set(handles.Nq,'string',Nq);

Ts=Ns/L; set(handles.Ts,'string',Ts); Tq=Nq/L; set(handles.Tq,'string',Tq);

function f = cmo(t,P)

%% Functions describing the right-hand sides of differential equations

global A

f = A*P;

%Results of program execution

%Stationary probabilities

%The diagram of states probabilities of the system

The figures below (Figures 2-4) show the appearance of the graphical user interface corresponding to various values of the input parameters.

The article presents with the software development of application with graphical interface for Integrated Security System from cyber-threats that consists of detection and elimination subsystems for existing in the system vulnerabilities as well as for unauthorized access requests (UA).

In the subsystems of vulnerability elimination and requests for unauthorized access, considered as multichannel queueing systems with corresponding queues, at random time, there come requests for elimination of threats detected by the system.

It is supposed that the request flow coming into the mentioned queueing system for elimination of threats is Poisson, but the flow of their elimination is exponential. The graphical interface developed in the research enables to watch the graphical reflection of changes of output indicators depending on the change of input parameters of the system.

The author declares no conflicts of interest regarding the publication of this paper.

Shamugia, R.R. (2019) Development of the Software Application with Graphical User Interface for One Model Cyber Security. Int. J. Communications, Network and System Sciences, 12, 199-208. https://doi.org/10.4236/ijcns.2019.1212014