=Paper=
{{Paper
|id=Vol-2667/paper75
|storemode=property
|title=Definition of basic violators for critically important objects using the information probability method and cluster analysis
|pdfUrl=https://ceur-ws.org/Vol-2667/paper75.pdf
|volume=Vol-2667
|authors=Vladimir Kostin,Aleksandr Borovsky
}}
==Definition of basic violators for critically important objects using the information probability method and cluster analysis ==
https://ceur-ws.org/Vol-2667/paper75.pdf
Definition of basic violators for critically important
objects using the information probability method and
cluster analysis
Vladimir Kostin Aleksandr Borovsky
Orenburg State University Orenburg State University
Orenburg, Russia Orenburg, Russia
vladimirkostin5@mail.ru borovski@mail.ru
Abstract—One of the approaches to analyzing the based on the theory of fuzzy logic and fuzzy hypergraphs
relationships between the characteristics of critical objects and [3]. Recent methods do not allow us to estimate their
typical intruders using the information-probabilistic method is weight contribution to the formation of the hazard potential
considered. Categories of objects and typical intruders are of the object. In addition, sometimes when composing
described by many common heterogeneous characteristics. fuzzy membership matrices (performing disjunction and
The probabilistic information method ensured the conjunction operations) for certain data (if one of the
homogeneity of the entropy potential of the offender training characteristics is significantly small), fuzzy logic methods
characteristics and the characteristics of the consequences of
the offender actions according to the Pearson chi-square
show doubtfully low results.
criterion and on this basis the characteristics of the offenders II. FORMULATION OF THE PROPLEM
and critical objects are summarized in a common information
field in single six-point measurement scales. Using the On the basis of processing the combined general
information probabilistic method and the cluster analysis information field of the characteristics of violators and
method for the general information field, we obtained the basic categorized objects with an information probabilistic
type of intruder for each category of objects. The results can method and cluster analysis, it is necessary to determine
be used to determine the requirements for physical protection each category of CIO of the corresponding typical intruder,
systems of critical facilities.
that is, it is necessary to determine the degree of potential
Keywords—information-probability method; entropy; base impact of the i-type intruder on the j-th category of CIO, to
type of intruder solve the problem of determining ratios and on this basis to
propose the necessary amount of security for each category
I. INTRODUCTION of objects. The source [4] discusses the finding of
The analysis of the source [1] revealed that each correspondences on images presented in the form of graph
protected object has an attractive potential, which is formed models, but this problem has a limitation — the number of
by a hazard potential, in accordance with which the vertices in the image graphs must be the same. The source
necessary security potential is formed in the form of a [5] provides an in-depth analysis of clustering methods. A
physical protection system (PPS). In turn, each typical technique for clustering big data is proposed. The issues of
intruder has the potential for preparedness (danger), which graph clustering are considered, while the weight of the
is determined by the degree of his motivation. Thus, many signs of cluster analysis is not taken into account.
typical intruders have a definite impact on many categorized III. PROBLEM SOLVING
objects in accordance with their potential capabilities.
Typical violators and categorized objects have many To solve this problem, it is necessary to form a common
characteristics that determine their potential motivation information field in a unified scale for measuring the
(danger) and attractiveness, which intersect informationally. characteristics of violators and CIO.
Obviously, between the categories of critical objects (CIO) To assess the potential danger of the object from the
and typical intruders (threats) there must be a certain actions of violators, six private types of losses were
correspondence, which is based on the general introduced [4]:
commensurability or ratios of the characteristics of these - political (determined by a decrease in all levels of
sets (potentials). That is, each category of CIO must authority of the authorities and general instability);
correspond to a certain basic type or types of violators. - human (consists in the loss of people's lives and
The author of the article suggests, using the information health);
probabilistic method (IPM) and cluster analysis, to - financial (consists in the loss of material values);
determine the typical basic intruders for each category of - economic (take into account the costs of relocating
CIO, i.e. identify existing compliance. Based on the hazard people from the accident zone and the related
results of typical violators, an appropriate level of security compensation payments);
(safety) of objects is proposed. - environmental (loss of natural resources leading to
This problem is solved to differentiate the necessary environmental degradation in the region);
requirements when determining the required value of - informational (losses consisting in the loss of advanced
protection of categorized objects from basic typical technologies, confidential information and artistic
violators. values).
Currently, the task of determining the basic threats for For each particular type of loss, one of the six scales of
various categories of objects is determined mainly by expert potential losses in the event of an emergency (ES) was
methods [2], where there is an element of subjectivity, or
Copyright © 2020 for this paper by its authors.
Use permitted under Creative Commons License Attribution 4.0 International (CC BY 4.0)
� Data Science
determined in the form of a six-point hazard scale, which To solve this problem, we describe typical intruders and
are presented in Table 1. objects in a single scale of measurement of characteristics.
The results of the hazard assessment (attractiveness) for Based on the data of Table 3 and expert evaluations of
the seven categories of CIO in case of emergencies on a six- specialists, a transition was made from qualitative to
point scale, obtained in article [7], are shown in table 2. quantitative characteristics of violators, which are
TABLE I. THE SCALE OF POTENTIAL LOSSES IN CASE OF summarized in table 4.
EMERGENCIES
TABLE IV. QUANTITATIVE CHARACTERISTICS OF TYPICAL VIOLATORS
Types of Emergencies
The of the of the of the of the of the Characteristics of violators
Indicators local municipal intermuni regional interregion federal
chara cipal characte Level of
cter character character character al character r A type Cold steel,
no more than over 50, but violator Objectiv Consequen informati Level of
firearms
Injured more no more no more 50, but no Numbers e of ces of on physical
no more over 500 (technical
people than than 50 than 50 more than than 500 action actions awarenes fitness
10 500 equipment)
s
Size of no more than more than 5,
property X1 11 10 0.8780 0.7 0.9 1
damage more no more no more 5, but not more
than than 5 than 5 more than but not more than 500 X2 4 9 0.5546 0.6 0.8 0.9
(million 0.1 500 than 500
rubles) X3 1 8 0.1731 0.4 0.7 0.8
The scale of the X4 1 2 0.0067 0.3 0.3 0.3
partial losses of 1 2 3 4 5 6
the six-point X5 1 2 0.1158 0.9 0.3 0.3
scale [13] X6 1 5 0.1731 1 1 0.6
TABLE II. CHARACTERISTICS OF THE CONSEQUENCES OF For a comparative assessment of the danger potentials of
EMERGENCIES AT FACILITIES ON A SIX-POINT SCALE
violators, an IWM was used, which allows one to reduce the
The scale of losses of categories of objects particular characteristics of the considered violators
Private types of loss of
1- 2- 3- 4- 5- 6- 7- (objects) to a complex potential in the form of an entropy
objects
cat cat cat cat cat cat cat
index. The essence of the method is as follows.
Political 5 4 4 3 2 2 1
Human 5 5 4 3 2 2 1
The decision to determine the entropy indicator is
Financial 5 5 4 3 3 2 1
Economic 6 5 4 3 3 2 1
associated with the definition of a vector that quantitatively
Environmental 6 5 4 4 3 2 2 displays the hazard potential of an emergency (intruder,
Informational 6 5 5 4 3 2 2 object).We will present the information display of a specific
situation in the form of the following scheme: there are
Characteristics of typical violators are determined by dangerous emergencies being compared (violators, objects);
order of the Minister of Industry and Energy of the Russian each emergency is associated with a set of characteristics
Federation N150 [8] and Government Resolution N875 [9], that determine its potential hazard. In this case, the
which are summarized in table 3. situation of assessing the potential of each emergency in a
TABLE III. CHARACTERISTICS OF TYPICAL VIOLATORS detailed form is characterized by table 5.
Characteri Type of violator TABLE V. MODIFIED MORPHOLOGICAL MATRIX
stics of
X1 X2 X3 X4 X5 X6
violators Name of Many dangerous emergencies (violators, objects)
Number 5 – 20 3–5 1 1 1 1 characteristics
{𝐴1 } … {𝐴𝑖 } … {𝐴𝑛 }
of of of
Theft,
The goal terror. terror. terror. Theft Theft 𝑋1 𝑋11 … 𝑋1𝑖 … 𝑋1𝑛
ter. Act
Act Act Act
Beyond Within Within 𝑋𝑗 𝑋𝑗1 … 𝑋𝑗𝑖 … 𝑋𝑗𝑛
Consequen federal,
ces of the regiona
the the the
Within Within … … … … … …
actions of l,
boundar boundar boundar
the the 𝑋𝑚 𝑋𝑚1 … 𝑋𝑚𝑖 … 𝑋𝑚𝑛
ies of ies of ies of
the territori facility facility
the the the
offender al The weight of parameters in the formation of the
facility facility facility
average low low high high estimated potential is characterized by a quantitative
The level is the
level of level of level of level of level of measure of the degree of confidence in the situation,
of general
awarene awarene awarene awarene awarene objectively existing uncertainty and is identified with the
awareness level
ss ss ss ss ss probability distribution Pji. Characteristics {Xji} are uniquely
Melee and set in various physical scales. Therefore, to bring the
high high high low low
firearms
weapons
probabi probabil probabil probabil probabil Armed characteristics {Xji} to a single common scale, we use the
lity ity ity ity ity natural normalization, carried out relative to the extreme
equipment
Level of values {Xji} of the components as without changing the
training to ingredient to the opposite:
High High Low Low medium
overcome High
level of level of level of level of level of 𝑟𝑗𝑖 = 𝑥𝑗𝑖 /𝑥𝑚𝑎𝑥 𝑗 (1)
barriers, level of and with the change of ingredient to the opposite:
preparat preparat preparat preparat preparat
willingness training
to engage
ion ion ion ion ion 𝑟𝑗𝑖 = 𝑥𝑚𝑖𝑛 𝑗 /𝑥 𝑗𝑖 (2)
in battle
VI International Conference on "Information Technology and Nanotechnology" (ITNT-2020) 344
�Data Science
with display in xji → r[0,1]. Dependencies (1) and (2) 𝑝̂𝑗 (𝑟) = ∑𝑛𝑖=1 𝑟𝑗𝑖 / ∑𝑚 𝑛
𝑗=1 ∑𝑖=1 𝑟𝑗𝑖 (4)
ensured the mapping of the sample space shown in Table 5 The principle of the potential probability distribution is
to another having the power of the continuum shown in based on the fact that it is preferable to choose with greater
table 6. probability those characteristics of the system whose
properties have a large contribution to the total value of the
TABLE VI. MODIFIED MORPHOLOGICAL MATRIX
estimated potential. At the same time, we note that for the
Name of Many dangerous emergencies (violators, principle of potential probability distribution, V.V.
characteristics objects) Khomenyuk, a priori information about the state of
{𝐴1 } … {𝐴𝑖 } … {𝐴𝑛 }
characteristics is based on the principle of insufficient
𝑋1 𝑟11 … 𝑟1𝑖 … 𝑟1𝑛
knowledge.
𝑋𝑗 𝑟𝑗1 … 𝑟𝑗𝑖 … 𝑟𝑗𝑛 However, the weight of various characteristics in the
… … … … … …
formation of the estimated potential is different. Obtaining
𝑋𝑚 𝑟𝑚1 … 𝑟𝑚𝑖 … 𝑟𝑚𝑛 estimates of the a priori distribution is related to the order
relation 𝑝𝑗 , which was studied in detail in the works of
Elements rji (continuum power spaces) in a single scale Fishborn [6]. For a simple linear relationship, the order of
will be identified with elementary events. Moreover, the the Fishborn estimates of a priori probabilities form a
measure defined on rji the normalized corresponds to the decreasing arithmetic progression of the form:
probability p(r), which is identified with the concept of the 𝑝̌𝑗 = 2 ∗ (𝑚 − 𝑗 + 1)/𝑚 ∗ (𝑚 + 1)
integral potential of a given complex of elementary events. Introducing an a priori probability based on Fishborn
The meaning of this measure is to appropriately interpret the estimates, we, setting the “input” to the method, take into
concept of probability. Moreover, probability, as a category account the different weight of the characteristics in the
of dialectics, combines both the measure of the objective formation of the estimated potential. Then, using the
possibility of an event and the degree of subjective principle of potential distribution (4) and the provisions of
confidence in the occurrence of events. In order to the Bayesian theorem, we obtain a logically justified “exit”
formalize the problem of choosing a solution, we identify from the model in the form of posterior conditional
many alternatives with the event space {A}, and many probabilities in the form:
attributes with events {x}. Then the connection between all 𝑝𝑗 = ∑𝑛𝑖=1 𝑟𝑗𝑖 ∗ 𝑝̌𝑗 / ∑𝑚 𝑛
𝑗=1 ∑𝑖=1 𝑝̌𝑗 (5)
the characteristics that form the estimated potential of the Thus, the benefit of introducing a priori probability is
emergency is carried out through the normalized measure that it provides an attachment of the information necessary
defined on these characteristics, which is identified with for analysis.
probability p(a). The probability distribution p(a) provides After introducing the a priori probability into the
an estimate of entropy Hi. decision-making method and calculating the a posteriori
Information in probabilistic-statistical theory acts as a
value of the conditional probability 𝑝𝑗 , we proceed to the
removable, diminished uncertainty. Therefore, further
next modeling stage, which is associated with obtaining
construction of the method is associated with the study of
probabilistic estimates of the influence of the j-th
the laws of transformation of the information field of the
characteristic of the i-th emergency on the hazard potential.
Cartesian product of two sets (emergency situations and
To this end, we use the Bayesian theorem, in which we are
their characteristics) into quantitative components of
talking about reversing the order of statements in
information. For this purpose, we introduce concepts such
conditional probability, that is, in the notation we have
as a priori, a posteriori, and conditional probabilities into the
adopted 𝑝𝑗𝑖 (𝑟) and are related 𝑝𝑗 . Then the probability
logic diagram, apply the Bayesian theorem and the formula
for the total probability, and introduce the concept of the 𝑝(𝑎) in the considered information situation is determined
conditional p probability of the j-th characteristic in the by the dependence:
formation of the estimated potential, provided that the 𝑝𝑗𝑖 (𝑎) = 𝑝𝑗𝑖 (𝑟) ⋅ 𝑝𝑗 / ∑𝑛𝑖=1 ∑𝑚 𝑗=1 𝑝𝑗𝑖 (𝑟) ⋅ 𝑝𝑗 (6)
events that form the estimated potential have occurred. Then the significance level of the emergency (intruder,
To obtain the dependence of determining the quantity object) is estimated through the uncertainty function:
p(r), which is a normalized measure on elementary events 𝐻𝑖 (𝑝) = − ∑𝑚 𝑗=1 𝑝𝑗𝑖 (𝑎) 𝑙𝑔 𝑝𝑗𝑖 (𝑎) .
{r}, we use the fact that the concept of the estimated For the data in Table 4, the entropy potential of each
potential of a given complex of elementary events can be type of intruder was evaluated using an IVM. The results
identified with the membership function, which associates are presented in Figure 1.
each r with a real number in the interval [0,1]. Moreover,
Entropy
without violating the generality of reasoning, the desired
dependence of the membership function is represented in 0,8
the form: 0,6
𝑝𝑗𝑖 (𝑟) = 𝑟𝑗𝑖 / ∑𝑛𝑖=1 𝑟𝑗𝑖 (3)
0,4
One of the methods for calculating the probability of
manifestation of the j-th characteristic of the compared 0,2
emergency situations (violators, objects) to the formation of 0 Types of intruders
the estimated potential is based on the input V. Khomenyuk Х1 Х2 Х3 Х4 Х5 Х6
concept of the potential probability distribution, which is
determined by the formula: Fig. 1. Entropic training potential of violators.
VI International Conference on "Information Technology and Nanotechnology" (ITNT-2020) 345
� Data Science
In Table 7, the characteristics of the damage caused by 5 - state (damage to the limits of more than two
typical violators of the CIO on the same six-point scale constituent entities of the Russian Federation) -H= 0.621;
were formed in such a way that the entropy assessment of 6 - interstate (damage extends beyond the borders of the
the potentials of preparation (danger) of violators coincided Russian Federation) - H = 0.878.
with the entropy assessment of the potentials of the
The transition from the six-point scale to the entropy
consequences of the target implementation of violators.
hazard potentials is justified by the requirement to increase
That is, the entropy estimates in Figures 1 and 2 are uniform
the reliability of the damage assessment scale [1].
according to the Pearson chi-square criterion.
Applying ICM to the data in Table 8, we obtained the
TABLE VII. ASSESSMENT OF THE CONSEQUENCES OF THE TARGET entropy potentials of typical intruders and categorized
IMPLEMENTATION OF VIOLATORS WITH A SIX-POINT SCALE
objects (shown in the bottom row of Table.8 and in fig. 3).
Private types of losses from The scale of losses from the type of
the actions of violators violator
X1 X2 X3 X4 X5 X6 1
Political 6 5 4 1 2 3
Human 6 5 4 1 2 3
Financial 3 2 2 3 5 4
Economic 6 5 4 2 2 3
Environmental 6 5 4 1 3 2
Informational 3 2 1 2 5 5 0 Model violators and categories of
X1 X2 X3 X4 X5 X6 1-к 2-кCIOC
3-к 4-к 5-к 6-к 7-к
Fig. 3. Graph of the entropy potential of the CIOC and typical violators.
0,8
Having solved the problem of combining homogeneous
0,6 potentials into clusters by the agglomerative method using
Entropy
0,4 Statistika 10.0 SPP, we obtained the results of combining
typical intruders and categorized KBO into clusters -
0,2 categories (Table 9). An analysis of Table 9 and Figure 3
Types of intruders shows that the first type of intruder is lower in potential
0
capabilities than an object of the first category, so he needs
X1 X2 X3 X4 X5 X6 to combine with internal intruders X5 or X6.
Fig. 2. Entropy potentials of the target implementation of violators.
TABLE VIII. CHARACTERISTICS OF CATEGORIES OF CIO AND TABLE IX. THE TABLE OF CORRESPONDENCE OF THE BASIC
VIOLATORS AND CATEGORIES OF OBJECTS
TYPICAL VIOLATORS ON THE ENTROPY SCALE
Typical Category CIO Entropy probability of a
Private Typical violators and categories of objects
breaker danger H safe condition
types of
X1 X2 X3 X4 X5 X6 1-c 2-c 3-c 4-c 5-c 6-c 7-c X1+(X5,X6) 1- st category 0.733 0.98
losses
X1 2 - nd category 0.633 0.96
Political .878 .621 .555 .007 .116 .173 .621 .555 .173 .173 .116 .116 .007
X2 3 - category 0.497 0.93
Human .878 .621 .555 .007 .116 .173 .621 .555 .555 .173 .116 .116 .007
X3 3, 4– category 0.446 0.85
Financial .173 .116 .116 .173 .621 .555 .621 .621 .555 .173 .116 .116 .007
X4 4, 5 - category 0.375 0.60
Economic .878 .621 .555 .116 .116 .173 .878 .621 .555 .173 .116 .116 .007 X5 4, 5– category 0.368 0.64
Environmen X6 5, 6, 7 - category 0.160 0.68
.878 .621 .555 .007 .173 .116 .878 .621 .555 .173 .116 .116 .116
tal
Information .173 .116 .007 .116 .621 .621 .878 .621 .555 .173 .173 .116 .116 It should be noted that the preparedness potential is
Entropy consistent with the hazard potential of the consequences of
.633 .497 .446 .160 .368 .375 .733 .629 .547 .269 .219 .210 .122
potential the actions of violators and with their capabilities to
overcome the PPS of objects, i.e. each potential of the
On this basis, information on violators and CWS (tables intruder can be assigned the corresponding protection
2 and 7) should be combined into one information field. As potential of the object (PPS potential) - for example, the
a result, we get table 8 with a common information field in a probability of a safe state of the object. That is, it is
single measurement scale. In table 8, we replace the six- required to determine the necessary probability of the safe
point scale with the entropy scale of the danger of state of the object depending on the hazard potential of the
emergency consequences, which was determined using the base intruder for the corresponding hazard category of the
IWM to the data of table 1 [9] (H is the corresponding object. Obviously, there should be a correspondence
entropy value of damage): between the danger potential of a typical intruder and the
1 - local (damage within the territory of the facility) - H degree of protection from his actions, i.e. the nature of the
= 0.007; change in the dependencies of the potentials of violators and
2 - local (damage within the territory of the settlement) their counteraction should be similar functions.
- H = 0.116;
3 - territorial (damage to the territory of the constituent If the function of changing the entropy potentials of the
entity of the Russian Federation) - H = 0.173; type of intruder is related to the required probability of a
4 - regional (damage on the scale of two constituent safe state according to the first type of intruder (the highest
entities of the Russian Federation) - H = 0.555; estimate is the probability of protection 0.98 - the value is
close to the limit), and the weakest type of intruder (the
VI International Conference on "Information Technology and Nanotechnology" (ITNT-2020) 346
�Data Science
sensitivity of the detection sensor is 0.7 and the probability [3] A.S. Borovskiy and A.D. Tarasov, “Automated design and
assessment of physical protection systems for potentially hazardous
of timely arrival - 0.9 gives a value of a safe state of 0.6),
(structurally complex) objects. Part 1. System analysis of the
i.e. we associate with each type of intruder the required problem of design and assessment of physical protection systems,”
value of the object's security (the probability of a safe state) Samara, Orenburg: SamGUPS, 2012, 155 p.
from its actions. The results of the probabilities of the safe [4] A.A. Zakharov, A.L. Zhiznyakov and V.S. Titov, “A method for
feature matching in images using descriptor structures,” Computer
state of the PPS, as similar values to hazards (typical
Optics, vol. 43, no. 5, pp. 810-817, 2019. DOI: 10.18287/2412-
violators), are shown in table 9. 6179-2019-43-5-810-817.
[5] A.A. Agafonov, A.S. Yumaganov and V.V. Myasnikov, “Big data
CONCLUSION analysis in the geoinformation problem of short-term forecasting of
traffic flow parameters based on the method of k nearest neighbors,”
The basic typical violators for each category of CIO are Computer Optics, vol. 42, no. 6, pp. 1101-1111, 2018. DOI:
defined, which are shown in table 9. The results obtained do 10.18287 /2412-6179-2018-42-6-11-11-1-111.
not contradict the physical meaning. The results of the [6] V.N. Kostin, “Assessment of the magnitude of the significance of
probabilities of the safe state of categorized objects (Table emergency situations based on the information probabilistic model,”
Information security problems. Computer systems, vol. 3, pp. 21-32,
9) can be used to justify the requirements for the 2019.
effectiveness of the PPS CIO. [7] V.N. Kostin and A.K. Ponomarev, “Informational probabilistic
method of forming a category of potentially dangerous objects,”
REFERENCES Bulletin of Computer and Information Technologies, vol. 6, pp. 34-
42, 2015.
[1] V.N. Kostin, “Assessment of the danger potential of violators based [8] Order of the Minister of Industry and Energy of the Russian
on the informational probabilistic method and the method of Federation 04.05.2007 No 150 “On the approval of
principal components,” Information technology and computing recommendations on anti-terrorist security of industry and energy,”
systems, vol. 3, pp. 74-81, 2016. 2007, 72 p.
[2] A.V. Boyarintsev, A.N. Brazhnik and A.G. Zuyev, “Antiterrorism [9] Decree of the Government of the Russian Federation 08/29/2014
Issues: Categorization and Vulnerability Analysis of Objects,” SPb.: No. 875 "On anti-terrorist protection of facilities of the federal
“ISTA–Sistems”, 2006, 252 p. service for technical and export control of territorial bodies and
subordinate organizations, 2014, 64 p.
VI International Conference on "Information Technology and Nanotechnology" (ITNT-2020) 347
�