Russian Federation
Russian technological university MIREA (Institute of cybersecurity and digital technologies, professor of the department «Information and analytical systems of cybersecurity»)
Russian Federation
The article presents a comprehensive methodology for predicting data breaches and assessing the potential risks of harmful effects on critical information infrastructure, using the example of the transport industry. Statistical data on the number of restricted access data leaks in Russia from 2013 to 2022 are analyzed. Within the study, several numerical forecasting methods are compared: linear regression, moving average smoothing, and exponential smoothing. Linear regression was found to be the most accurate method for predicting restricted access data leaks in the transport sector for 2024 to 2028. Additionally, a cognitive model is proposed that allows for assessing the likelihood of data breaches and their potential consequences, considering factors such as attack vectors, system vulnerabilities, user behavior, and implemented security measures. The combined approach, which combines numerical methods and cognitive modeling, provides a comprehensive view of cybersecurity risks. This allows for more accurate predictions and better-informed decisions. The study's results emphasize the importance of considering both technical and human aspects in improving cybersecurity, and offer recommendations for future research that could refine the cognitive model by involving experts from not only the technical field, but also the economic and legal domains.
data leaks, cybersecurity, numerical forecasting, cognitive modeling, critical information infrastructure, risk assessment
1. O bezopasnosti kriticheskoj informacionnoj infrastruktury Rossijskoj Federacii: Feder. zakon Ros. Federacii ot 26 iyulya 2017 g. № 187-FZ (poslednyaya red.). Dostup iz inf.-pravovogo portala «Garant».
2. Safonova M.F., Ciplyaeva S.A. Kiberbezopasnost': problemy i resheniya // EGI. 2019. № 24 (2). S. 63–68.
3. Torosyan E.K., Toropchinova A.D. Voprosy upravleniya riskami IT-proektov pri perekhode na novoe programmnoe obespechenie v sovremennyh usloviyah // Peterburgskij ekonomicheskij zhurnal. 2018. № 3. S. 105–109.
4. Panin D.N., Bobkov E.O., Balashova E.A. Analiz kiberatak na kriticheskuyu informacionnuyu infrastrukturu s IoT tekhnologiyami // Avtonomiya lichnosti. 2020. № 2 (22). S. 55–64.
5. Bazylev V.V., Karnahin V.A. Sravnenie vozmozhnostej logisticheskoj regressii i iskusstvennyh nejronnyh setej v prognozirovanii rezul'tatov issledovaniya na maloj vyborke // Health, Food & Biotechnology. 2019. № 3. S. 11–20.
6. Staroverov B.A., Hamitov R.N. Realizaciya glubokogo obucheniya dlya prognozirovaniya pri pomoshchi ansamblya nejronnyh setej // Izvestiya TulGU. Tekhnicheskie nauki. 2023. № 4. 185–189.
7. Castro J.L., Delgado M. Fuzzy systems with defuzzification are universal approximators // IEEE Transactions on Systems, Man and Cybernetics. Part B (Cybernetics). 1996. Vol. 26. Iss. 1. P. 149–152.
8. Fuzzy cognitive mapping as a tool to define management objectives for complex ecosystems / B.F. Hobbs [et al.] // Ecol. Appl. 2002. № 12. P. 1548–1565.
9. Maksimova E.A. Kognitivnoe modelirovanie destruktivnyh zloumyshlennyh vozdejstvij na ob"ektah kriticheskoj informacionnoj infrastruktury // Trudy uchebnyh zavedenij svyazi. 2020. T. 6. № 4. S. 91–103.
10. Sadovnikova N.P., Ermoshchenko K. Obshchie voprosy primeneniya metodologii imitacionnogo modelirovaniya dlya ocenki ekologo-ekonomicheskoj effektivnosti proektov gradostroitel'noj deyatel'nosti // Izvestiya Volgogradskogo gosudarstvennogo tekhnicheskogo universiteta. 2011. № 9 (82). S. 94–97.
11. Sadovnikova N.P., Zhidkova N.P. Vybor strategij territorial'nogo razvitiya na osnove kognitivnogo analiza i scenarnogo modelirovaniya // Internet-vestnik VolgGASU. 2012. № 7 (21). S. 4.
12. Maksimova E.A., Sadovnikova N.A., Parygin D.S. Prognozirovanie destruktivnyh vozdejstvij na ob"ektah kriticheskoj informacionnoj infrastruktury // Informacionnye tekhnologii i tekhnologii kommunikacij. Sovremennye dostizheniya: materialy IV Mezhdunar. nauch. konf., posvyashch. 90-letiyu so dnya osnovaniya Astrahanskogo gos. tekhn. un-ta. Astrahan': Astrahanskij gos. tekhn. un-t, 2020. S. 25.
13. Grzhibovskij A.M. Odnofaktornyj linejnyj regressionnyj analiz // Ekologiya cheloveka. 2008. № 10. S. 55–64.
14. Utenkova M.A. Chislennoe prognozirovanie utechek dannyh ogranichennogo dostupa // Aktual'nye problemy prikladnoj matematiki, informatiki i mekhaniki: sb. trudov Mezhdunar. nauch. konf. Voronezh: OOO «Velborn»; Izd-vo «Nauchno-issledovatel'skie publikacii», 2024. S. 721–725. EDN CZBTNX.
15. Maksimova E.A., Utenkova M.A. Prognozirovanie razvitiya sobytij v hode informacionnogo protivoborstva // Studencheskaya nauka dlya razvitiya informacionnogo obshchestva: materialy XV Vseros. nauch.-tekhn. konf. s priglasheniem zarubezhnyh uchenyh. Stavropol': Severo-Kavkazskij feder. un-t, 2024. S. 209–218. EDN NUSUUD.
16. Marimuthu K., Gopinath M. Production of Sugarcane Forecasting using ARIMAX Model // Scopus. International Journal of Innovative Technology and Exploring Engineering. 2019. Vol. 8. Iss. 12-S.
17. Gardner Everette. Exponential smoothing: the state of the art – Part II // International Journal of Forecasting. 2006. № 22. P. 637–666.
18. Hwang S.H., Chen H.T., Chang C.T. An exponentially weighted moving average method for identification and monitoring of stochastic systems // Industrial and Engineering Chemistry Research. № 47 (21). P. 8239–8249. DOI:https://doi.org/10.1021/ie0707218.
19. Utenkova M.A., Maksimova E.A. Nechetkoe modelirovanie scenarnogo razvitiya gibridnoj vojny // Cifrovaya transformaciya nauki i obrazovaniya: sb. nauch. trudov IV Vseros. nauch.-prakt. konf. s mezhdunar. uchastiem. Nal'chik: Kabardino-Balkarskij gos. un-t im. H.M. Berbekova, 2023. S. 355–360.
20. Vatankhah G., Tarafdar H., Ghassem Z. Fermat-curve based fuzzy inference system for the fuzzy logic controller performance optimization in load frequency control application // Fuzzy Optim Decis Making. 2023. № 22. P. 555–586. DOI: 1007/s10700-022-09402-2.
21. An agile FCM for real-time modeling of dynamic and reallife systems, evolving systems / O. Motlagh [et al.] // Special issue on temporal aspects in fuzzy cognitive maps. 2013. P. 137–145.
22. Obiedat M., Samarasinghe S. Fuzzy representation and aggregation of fuzzy cognitive maps // 20th International Congress on Modelling and Simulation. Adelaide, Australia, 2013. P. 690–694.
23. Utechki informacii v mire, 2022–2023 gody: analiticheskij otchet. URL: https://www.infowatch.ru/sites/default/files/analytics/files/issledovaniye-utechek-informatsii-v-mire-za-2022-2023-gody.pdf (data obrashcheniya: 03.05.2024).
24. Analiticheskie otchety. URL: https://www.infowatch.ru/sites/default/files/analytics/files/InfoWatch_RossiyaUtechki_za2019.pdf (data obrashcheniya: 03.05.2024).
25. Issledovanie utechek informacii ogranichennogo dostupa v 2019 godu: analiticheskij otchet. URL: https://www.infowatch.ru/sites/default/files/analytics/files/InfoWatch_MirUtechki_za2019.pdf (data obrashcheniya: 03.05.2024).
26. Rossiya: utechki informacii ogranichennogo dostupa, 2020 god: analiticheskij otchet. URL: https://www.infowatch.ru/sites/default/files/analytics/files/c_IW_Rossiya_2020_utechki_v%201%207%201pp%20%282%29.pdf (data obrashcheniya: 03.05.2024).
27. Issledovanie utechek informacii ogranichennogo dostupa v 2020 godu: analiticheskij otchet. URL: https://www.infowatch.ru/sites/default/files/analytics/files/InfoWatch_Mir_Utechki_2020_v.1.17.pdf (data obrashcheniya: 03.05.2024).
28. Rossiya: utechki informacii ogranichennogo dostupa, 2022–2023 gody: analiticheskij otchet. URL: https://www.infowatch.ru/sites/default/files/analytics/files/utechki-informatsii-ogranichennogo-dostupa-v-rossii-za-2022-2023.pdf (data obrashcheniya: 03.05.2024).
