An expert system of recommendations for combating cyber threats using CVSS metrics and game theory

Authors

  • Maksym V. Mishchenko Chernihiv Polytechnic National University, 95, Shevchenko Str. Chernihiv, 14035, Ukraine
  • Mariia S. Dorosh Chernihiv Polytechnic National University, 95, Shevchenko Str. Chernihiv, 14035, Ukraine

DOI:

https://doi.org/10.15276/hait.07.2024.20

Keywords:

Expert system, cybersecurity, game theory, Brown-Robinson method, CVSS

Abstract

This study is focused on the creation of an expert system for generating recommendations on cyber security. The developed
expert system uses a game-theoretic model as a inference engine to transform expert knowledge into recommendations for end-users,
who may be chief IT security officers (CISOs), system administrators, or cyber security engineers. Expert knowledge is presented in
the form of an estimate of the base group of CVSS metrics - Common Vulnerability Score System, for each type of attack and
adjusted values of CVSS in the case that the counterattack strategy is applied. Given a set of attacks and a base of expert attack
knowledge, the system generates a game matrix of zero-sum game with a cybercriminal and a cyberdefense expert as players. The
inference engine of the expert system is a game-theoretic model responsible for solving the game using the Brown-Robinson iterative
method and generating cyber protection recommendations. An experiment was conducted on the convergence of the BrownRobinson algorithm on the 2022 vulnerability dataset from the Cybersecurity and Infrastructure Security Agency database, as a result
of which it was determined that the convergence of the algorithm for solving the matrix game is achieved at a number of iterations of
1000. As a result of the work, expert system was designed and implemented along with the Web interface, which provides input by
experts of CVSS level assessments of collected threats, threats countermeasures and output of recommendations for combating cyber
threats.

Downloads

Download data is not yet available.

Author Biographies

Maksym V. Mishchenko, Chernihiv Polytechnic National University, 95, Shevchenko Str. Chernihiv, 14035, Ukraine

Postgraduate, Information Technology and Software Engineering Department

Mariia S. Dorosh, Chernihiv Polytechnic National University, 95, Shevchenko Str. Chernihiv, 14035, Ukraine

Doctor of Engineering Sciences, Professor, Information Technology and Software Engineering Department

Scopus Author ID: 56912183600

Downloads

Published

2024-09-16

How to Cite

Mishchenko, M. V. ., & Dorosh, M. S. . (2024). An expert system of recommendations for combating cyber threats using CVSS metrics and game theory. Herald of Advanced Information Technology, 7(3), 284–295. https://doi.org/10.15276/hait.07.2024.20