ASSESSMENT OF THE EFFECTIVENESS OF THE CONFIDENTIAL INFORMATION PROTECTION SYSTEM OF DISTRIBUTED INFORMATION SYSTEMS
DOI:
https://doi.org/10.28925/2663-4023.2025.29.916Keywords:
information security; vulnerabilities; confidential data; secure operation; algorithms; data set.Abstract
The article proposes algorithms for assessing the effectiveness of security of confidential data of an enterprise in a distributed information system, based on a model for determining current threats to the security of confidential data in a distributed information system, on fuzzy inference algorithms and the theory of fuzzy neural systems, and on a method for assessing the effectiveness of security of confidential data in a distributed information system. Unlike known approaches, sufficient and necessary indicators are used, and expert errors are eliminated, the identification of current threats to the security of confidential enterprise data is increasing, the following factors are taken into account: the IT infrastructure of the distributed information system, the capabilities of attackers and their level of motivation in the enterprise's distributed information system.
The proposed approach to assessing the effectiveness of security of confidential data of an enterprise of a distributed information system differs from existing ones in the following: lack of involvement of highly qualified specialists in the field of information security; the process is automated, has low computational complexity; allows determining the list of current threats to information security in information systems of different classes and types.
The developed algorithms for assessing the effectiveness of information security will allow owners of distributed information systems to assess the effectiveness of the protection system in real time, reduce financial costs for developing a protection system.
The algorithms proposed in the research for assessing the effectiveness of the system for protecting confidential information of distributed information systems allow: to minimize unnecessary and redundant steps in assessing the protection system; to take into account all aspects of the process of assessing the effectiveness of the system for protecting distributed information systems; to take into account the requirements in the field of ensuring information security when assessing the effectiveness of the system for protecting protection; can be adapted to the conditions of the owners of distributed information systems.
Improving the quality of assessing the effectiveness of distributed information systems protection systems by determining sufficient and necessary evaluation indicators using promising information technologies will allow the following tasks to be most effectively solved: determining the operating parameters of adaptive production fuzzy neural systems, applying Data Science technologies in data processing, and fuzzy inference algorithms.
The results of the study on assessing the effectiveness of the distributed information systems protection system can be used to manage the life cycle of information systems, assess the state of IT infrastructure, and the fleet of automated workplaces - in order to assess the compliance of enterprises with approaches to information technology management.
Keywords: information security; vulnerabilities; confidential data; secure operation; algorithms; data set.
Downloads
References
Lenkov, S. V., та ін. (2023). Model vyznachennia aktualnykh zahroz bezpeky konfidentsiinykh danykh v rozpodilenii informatsiinii systemi. Underwater Technologies: Industrial and Civil Engineering, 4(13), 25–59.
Lenkov, S. V., Dzhulii, V. M., & Muliar, I. V. (2024). Metod otsinky efektyvnosti bezpeky konfidentsiinykh danykh rozpodilenoi informatsiinoi systemy. Underwater Technologies: Industrial and Civil Engineering, 1(14), 18–34.
Ukaz Prezydenta Ukrainy № 47/2017. (2017, Liutyi 25). Doktryna informatsiinoi bezpeky Ukrainy.
Derzhavnyi standart Ukrainy. (1996). DSTU 3396.0-96. Zakhyst informatsii. Tekhnichnyi zakhyst informatsii. Osnovni polozhennia. http://www.dsszzi.gov.ua/dsszzi/control/uk/publish/article?art_id=38883&cat_id=38836
Verkhovna Rada Ukrainy. (2017). Zakon Ukrainy “Pro osnovni zasady zabezpechennia kiberbezpeky Ukrainy” (zi zminamy). https://zakon.rada.gov.ua/laws/show/2163
Tsybulnyk, S. O., & Barandych, K. S. (2022). Tekhnolohii rozroblennia prohramnoho zabezpechennia. Chastyna 1. Zhyttievyi tsykl prohramnoho zabezpechennia: Pidruchnyk. Kyiv: KPI im. Ihoria Sikorskoho.
Lysenko, S. M., & Shchuka, R. V. (2020). Analiz metodiv vyiavlennia shkidlyvoho prohramnoho zabezpechennia v kompiuternykh systemakh. Visnyk Khmelnytskoho natsionalnoho universytetu, 2(283), 101–107.
Lenkov, S., та ін. (2023). Metod prohnozuvannia vrazlyvostei informatsiinoi bezpeky na osnovi analizu danykh tematychnykh internet-resursiv. Zbirnyk naukovykh prats Viiskovoho instytutu KNU im. T. Shevchenka, 78, 123–134.
Lenkov, S. V., Dzhulii, V., & Solodieieva, L. V. (2022). Metod protydii poshyrenniu ta vyiavlennia shkidlyvoi informatsii v sotsialnykh merezhakh. Zbirnyk naukovykh prats Viiskovoho instytutu KNU im. T. Shevchenka, 77, 103–117.
Lenkov, S., та ін. (2020). Model bezpeky poshyrennia zaboronenoi informatsii v informatsiino-telekomunikatsiinykh merezhakh. Zbirnyk naukovykh prats Viiskovoho instytutu KNU im. T. Shevchenka, 68, 53–64.
Krepych, S. Ya., & Spivak, I. Ya. (2020). Yakist prohramnoho zabezpechennia ta testuvannia: Bazovyi kurs. Ternopil: FOP Palianytsia V. A.
Zolotukhina, O. A., та ін. (2020). Iakist ta testuvannia informatsiinykh system: Navchalnyi posibnyk dlia samostiinoi roboty studentiv. Kyiv: NNIIT DUT.
Vyshnia, V. B., Ryzhkov, E. V., & Havrysh, O. S. (2020). Osnovy informatsiinoi bezpeky: Navchalnyi posibnyk. Dnipro: Dnipropetrovskyi derzh. un-t vnutrish. sprav.
OGO.ua. (2025, Lypen 4). Cotsialni merezhi – realni zahrozy virtualnoho svitu. http://ogo.ua/articles/view/011–02–23/26490.htm
Ostapov, S., Korol, O., & Yevseiev, S. (2016). Tekhnolohii zakhystu informatsii: Navchalnyi posibnyk. Kharkiv: Vyd-vo KhNEU.
Lienkov, S., та ін. (2017). Analiz isnuiuchykh metodiv ta alhorytmiv vyiavlennia atak v bezdrotovykh merezhakh peredachi danykh. Zbirnyk naukovykh prats Viiskovoho instytutu KNU im. T. Shevchenka, 56, 124–132.
Buriachok, V. L., & Toliupa, S. V. (2016). Informatsiinyi ta kiberprostory: Problemy bezpeky, metody ta zasoby borotby: Posibnyk. Kyiv: DUT-KNU.
Rybalchenko, L., & Kosychenko, O. (2019). Problemy bezpeky personalnykh danykh v Ukraini. Rehionalna ekonomika, 2, 57–62.
Dzhulii, V. M., Miroshnichenko, O. V., & Solodieieva, L. V. (2022). Metod klasyfikatsii dodatkiv trafika kompiuternykh merezh na osnovi mashynnoho navchannia v umovakh nevyznachenosti. Zbirnyk naukovykh prats Viiskovoho instytutu KNU im. T. Shevchenka, 74, 73–82.
Lavrov, Ye. A., Perkhun, L. P., & Shendryk, V. V. (2017). Matematychni metody doslidzhennia operatsii: Pidruchnyk. Sumy: SumDU.
Honchar, S. F. (2019). Otsiniuvannia ryzykiv kiberbezpeky informatsiinykh system obiektiv krytychnoi infrastruktury: Monohrafiia. Kyiv.
Yemchuk, L., Zhylinska, O., Chornyi, A., & Dzhulii, V. (2020). Organizational network analysis as a tool for leadership assessment in software development team. In 2020 International Conference on Advanced Computer Information Technologies (ACIT). IEEE. https://doi.org/10.1109/ACIT49673.2020
Published
How to Cite
Issue
Section
License
Copyright (c) 2025 Сергій Лєнков, Володимир Джулій, Ігор Муляр, Євген Лєнков , Руслан Кольцов
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
