НАЦИОНАЛЬНАЯ АКАДЕМИЯ НАУК АЗЕРБАЙДЖАНА
МЕТОД КОНСЕНСУСНОГО РАНЖИРОВАНИЯ УГРОЗ ИНФОРМАЦИОННОЙ БЕЗОПАСНОСТИ ЭЛЕКТРОННОГО ГОСУДАРСТВА (азерб.)
Имамвердиев Ядигар Н.

Угрозы информационной безопасности электронного государства нацелены на национальные интересы в информационной сфере. Существует множество угроз национальным интересам в информационной сфере, и для эффективного противодействия этим угрозам в условиях ограниченных ресурсов, выделяемых на киберзащиту, необходимо многокритериальное ранжирование этих угроз. В предлагаемой модели угрозы ранжируются на основе экспертных оценок, которые характеризуют уровни угроз, нацеленных на национальные интересы. Предложена оптимизационная модель для консенсусного ранжирования угроз (стр.34-45).

Ключевые слова: электронное государство, информационная безопасность, угрозы информационной безопасности, оценка угроз, ранжирование угроз, консенсусное ранжирование.
DOI : DOI: 10.25045/jpit.v09.i2.04
Литература
  • Libicki M. C. Conquest in cyberspace: National security and information warfare. Cambridge University Press, 2007, 336 p.
  • European Union Agency For Network and Information Security: ENISA Threat Landscape Report 2017 (ETL 2017). January 2018, 114 p.
  • Jang-Jaccard J., Nepal S. A survey of emerging threats in cybersecurity // Journal of Computer and System Sciences, 2014, vol.80, no.5, pp.973–993.
  • Sabillon R., Cavaller V., Cano J. National cyber security strategies: Global trends in cyberspace // International Journal of Computer Science and Software Engineering, 2016, vol.5, no.5, pp.67–81.
  • Jerman-Blažič B. An economic modelling approach to information security risk management // International Journal of Information Management, 2008, vol.28, no.5, pp.413–422.
  • Pierazzi F., Apruzzese G., Colajanni M., Guido A., Marchetti M. Scalable architecture for online prioritization of cyber threats / Proceedings of the 9th NATO International Conference on Cyber Conflicts, 2017, pp.1–22.
  • İmamverdiyev Y. N. E-dövlətin informasiya təhlükəsizliyinin idarə edilməsi üzrə tədqiqatların müasir vəziyyətinin analizi // İnformasiya cəmiyyəti problemləri, 2012, № 2(6), s.19–26.
  • Zavadskas E. K., Turskis Z., and Kildienė S. State of art surveys of overviews on MCDM/MADM methods //Technological and economic development of economy, 2014, vol.20, no.1, pp.165–179.
  • Доктрина информационной безопасности Российской Федерации: утв. Президентом РФ 9 сент. 2000 г. № Пр-1895.
  • Multi-State Information Sharing & Analysis Center (MSISAC).
  • http://msisac.cisecurity.org/alert-level/
  • Lundberg R., and Willis H. H. Deliberative risk ranking to inform homeland security strategic planning // Journal of Homeland Security and Emergency Management, 2016, vol.13, no.1, pp.3–33.
  • İmamverdiyev Y.N. Yeni nəsil milli kibertəhlükəsizlik strategiyaları // İnformasiya cəmiyyəti problemləri, 2013, №2, s.42–51.
  • Klimburg (Ed.), National Cyber Security Framework Manual, NATO CCD COE Publication,Tallinn 2012, 253 p.
  • OECD: National Risk Assessments: A Cross Country Perspective. OECD Publishing, Paris, 2018, 308 p. http://dx.doi.org/10.1787/9789264287532-en.
  • Robinson, Gribbon L., Horvath V., Robertson K., Cyber-security threat characterization: A rapid comparative analysis. RAND Corporation. 2013, 9 p.
  • Почуев С.И., Большаков В. П. Методический подход к решению задачи ранжирования степени угроз национальной безопасности // Информост, 2007, №6 (53), с.34–36. 
  • Changwen Q., and You H. A method of threat assessment using multiple attribute decision making / Proc. of the 6th IEEE International Conference on Signal Processing, 2002, vol.2, pp.1091–1095.
  • Saaty T.L. The analytic hierarchy process. New York: McGraw-Hill, 1980, 287 p.
  • Saaty T.L. Decision making with dependence and feedback: The analytic network process. Pittsburgh: RWS Publications, 1996, 370 p.
  • Hwang C.L. and Yoon K. Multiple attribute decision making: Methods and applications, vol.186. New York: Springer, 1981, 259 p.
  • Opricovic S. Multicriteria optimization of civil engineering systems. PhD Thesis, Faculty of Civil Engineering, Belgrade, 1998, 302 p.
  • Gabus A. and Fontela E. The DEMATEL observer. Battelle Geneva Research Center, Geneva, Switzerland, 1976.
  • Roy B. and Bertier B. La méthode ELECTRE II: une méthodede classement en presence de critèresmultiples. Note de Travail 142, Groupe Metra, Direction Scientifique, 1971.
  • Brans J. P. and Vincke P. A preference ranking organisation method: the PROMETHEE method for MCDM // Management Science, 1985, vol.31, no.6, pp.647–656.
  • Zadeh L. A. Fuzzy sets // Information and Control, 1965, vol.8, no.3, pp.338–353.
  • Buckley J. J., Feuring T., and Hayashi Y., Fuzzy hierarchical analysis revisited // European Journal of Operational Research, 2001, vol.129, no.1, pp.48–64.
  • Torfi F., Farahani R. Z., and Rezapour S. Fuzzy AHP to determine the relative weights of evaluation criteria and Fuzzy TOPSIS to rank the alternatives // Applied Soft Computing, 2010, vol.10, no.2, pp.520–528.
  • Alguliyev R. M., Aliguliyev R. M., and Mahmudova R. S. Multicriteria personnel selection by the modified fuzzy VIKOR method // The Scientific World Journal, 2015, vol.2015, Article ID 612767, pp.1–16.
  • Büyüközkan G., and Çifçi G. A novel hybrid MCDM approach based on fuzzy DEMATEL, fuzzy ANP and fuzzy TOPSIS to evaluate green suppliers // Expert Systems with Applications, vol.39, no.3, pp.3000–3011.
  • Alguliyev R. M., Aliguliyev R. M., and Mahmudova R. S. A fuzzy TOPSIS+ Worst-case model for personnel evaluation using information culture criteria // International Journal of Operations Research and Information Systems, 2016, vol.7, no.4, pp.38–66.
  • Deng Y. A threat assessment model under uncertain environment // Mathematical Problems in Engineering, 2015, vol. 2015, Article ID 878024, 12 pages. http://dx.doi.org/10.1155/2015/878024
  • Ou Yang Y. P., Shieh H. M., Leu J. D., & Tzeng G. H. A VIKOR-based multiple criteria decision method for improving information security risk // International Journal of Information Technology & Decision Making, 2009, vol.8, no.2, pp.267–287.
  • Yang Y. P. O., Shieh H. M., & Tzeng, G. H. A VIKOR technique based on DEMATEL and ANP for information security risk control assessment // Information Sciences, 2013, vol.232, pp.482–500.
  • Shameli-Sendi A., Shajari M., Hassanabadi M., Jabbarifar M., & Dagenais M. Fuzzy multi-criteria decision-making for information security risk assessment // The Open Cybernetics & Systemics Journal, 2012, vol.6, no.1, pp.26–37.
  • Syamsuddin I., and Hwang J. A new fuzzy MCDM framework to evaluate e-government security strategy / Proc. of the 4th International Conference on Application of Information and Communication Technologies, 2010, pp.1–5.
  • Yu L., and Lai K. K. A distance-based group decision-making methodology for multi-person multi-criteria emergency decision support // Decision Support Systems, 2011, vol.51, no.2, pp.307–315.
  • Alfares H.K., Duffuaa S.O. Determining aggregate criteria weights from criteria rankings by a group of decision makers // International Journal of Information Technology & Decision Making, 2008, vol.7, no.4, pp.769–781.
  • Cabrerizo F.J., Alonso S., Herrera-Viedma E. A consensus model for group decision making problems with unbalanced fuzzy linguistic information // International Journal of Information Technology & Decision Making, 2009, vol.8, no.1, pp.109–131.
  • Manmatha R., Rath T., and Feng F. Modeling score distributions for combining the outputs of search engines / Proc. of the 24th Annual International ACM SIGIR Conference on Research and Development in Information Retrieval, 2001, pp.267–275.
  • Van Erp M., and Schomaker L. Variants of the Borda count method for combining ranked classifier hypotheses / Proc. of the 7th International Workshop on Frontiers in Handwriting Recognition, 2000, pp.443–452.
  • Liu Y.-T., Liu T.-Y., Qin T., Ma Z.-M., and Li H. Supervised rank aggregation / Proc.of the 16th International Conference on World Wide Web, 2007, pp.481–490.
  • Klementiev A., Roth D., and Small K. An unsupervised learning algorithm for rank aggregation / Proc. of the European Conference on Machine Learning, 2007, pp.616–623.
  • Imamverdiyev Y. N. Consensus ranking method of information security threats of a nation state / ІІ Міжнародна науково-практична конференція "Інформаційна безпека та комп’ютерні технології", 2017, pp.12–13.
  • Wang D., and Li T. Weighted consensus multi-document summarization // Information Processing & Management, 2012, vol.48, no.3, pp.513-523.
  • Duchi J., Shalev-Shwartz S., Singer Y., and Chandra T. Efficient projections onto the l1-ball for learning in high dimensions / Proc. of the 25th International Conference on Machine Learning, 2008, pp.272–279.