=Paper=
{{Paper
|id=Vol-3241/paper16
|storemode=property
|title=Prioritizing Cybersecurity Measures with Decision Support Methods Using Incomplete Data
|pdfUrl=https://ceur-ws.org/Vol-3241/paper16.pdf
|volume=Vol-3241
|authors=Hryhorii Hnatiienko,Nikolay Kiktev,Tatiana Babenko,Alona Desiatko,Larysa Myrutenko
|dblpUrl=https://dblp.org/rec/conf/its2/HnatiienkoKBDM21
}}
==Prioritizing Cybersecurity Measures with Decision Support Methods Using Incomplete Data==
https://ceur-ws.org/Vol-3241/paper16.pdf
Prioritizing Cybersecurity Measures with Decision Support
Methods Using Incomplete Data
Hryhorii Hnatiienko 1, Nikolay Kiktev 1,2, Tatiana Babenko 1, Alona Desiatko 3,
and Larysa Myrutenko 1
1
Taras Shevchenko National University of Kyiv, Volodymyrs’ka str., 64/13, Kyiv, 01601, Ukraine
2
National University of Life and Environmental Sciences of Ukraine, Heroiv Oborony str., 15, Kyiv, 03041,
Ukraine
3
Kyiv National University of Trade and Economics, Kioto str., 19, Kyiv, 02156, Ukraine
Abstract
Successful cybersecurity of any organizational system is based on the creation inadequacy
and implementation of an integrated multi-level system of measures that cover the main
aspects of the organization's functioning: organizational component, personnel management,
computer equipment, local networks, software, databases, and other. For continuous and
effective protection against threats, all of these aspects of cyber defense must interact in a
complex and complementary manner. In such a case, one should also take into account such
an attribute of a complex semi-structured system as incompleteness, which is a characteristic
feature of such systems, since they contain, if necessary, a subjective component. Incomplete
data is a characteristic feature of organizational systems. Despite this, an informed decision
must be made. In particular, a common practical task is the ranking of alternatives of
different nature. This is carried out by highly competent experts within the areas of
responsibility. Naturally, a situation arises when a decision is made based on incomplete data,
based on which it is necessary to find a complete resulting ranking of alternatives that best
approximates the information received from experts, that is, in a sense, it is closest to the
given incomplete expert rankings. To compare different ways of achieving the resulting
ranking of alternatives, the formalization of the problem in the classes of single-criterion and
multi-criteria models for the metrics of Cook, Hemming, Euclid, and Litvak is considered.
The concept of a modified Litvak median and a compromise Litvak median is introduced,
which is found using the minimax criterion.
Keywords 1
Organizational system, heuristic algorithm, information security, metric, distance, median,
group ordering of objects, incomplete expert ranking
1. Introduction
Incomplete expert information is a natural phenomenon and an attribute of many decision-making
situations. Incompleteness often occurs in practice and is a type of uncertainty - along with vagueness,
inaccuracy, unreliability, uncertainty, incorrectness, inadequacy, etc. Incomplete data and the inability
to supplement them naturally accompanies experts and decision-makers in their activities [1, 2].
The objects of ensuring corporate security or the security of the organization as a whole, as a rule,
include various resources that make up the organization and subsystems:
management of the organization;
the personnel of the organization;
company assets;
business processes that are used in the organization - formalized and non-formalized;
XXI International Scientific and Practical Conference "Information Technologies and Security" (ITS-2021), December 9, 2021, Kyiv, Ukraine
MAIL: g.gna5@ukr.net (H. Hnatiienko); nkiktev@ukr.net (N. Kiktev); babenko.tetiana.v@gmail.com (T. Babenko); desyatko@gmail.com
(A. Desiatko); myrutenko.lara@gmail.com (L. Myrutenko)
ORCID: 0000-0002-0465-5018 (H. Hnatiienko); 0000-0001-7682-280X (N. Kiktev); 0000-0003-1184-9483 (T. Babenko); 0000-0002-
2284-3418 (A. Desiatko); 0000-0003-1686-261X (L. Myrutenko)
© 2021 Copyright for this paper by its authors.
Use permitted under Creative Commons License Attribution 4.0 International (CC BY 4.0).
CEUR Workshop Proceedings (CEUR-WS.org)
169
� information resources of the organization;
financial resources that ensure the functioning of the organization;
technologies used by the organization;
the brand of the company;
goodwill - the reputation of the company and other.
In this regard, the activities of organizations are characterized by a clear delineation of the areas of
responsibility of managers and the competence of the leaders of the organization in different areas of
activity is not a constant value. Therefore, information concerning the organization is usually
incomplete, fuzzy, heterogeneous, and its aggregation requires the development, justification and
proper application of new methods.
2. Review of research literature
To model practical situations of decision-making in various subject areas, the formalism of
problems of group ordering of objects is often used [3, 4]. Moreover, a feature of the generally
accepted formulations of such problems is the set of objects fixed for all members of the expert group.
Such a rigid binding of the objects set in many cases significantly reduces the quality of the
examination. Sometimes it is possible to specify incomplete rankings in collective ranking problems
[2, 5].. But at the same time, classical selection rules are applied to determine the collective decision.
To date, algebraic methods for calculating the median have not been applied to such problems.
When planning and implementing measures aimed at improving information security, it should
always be borne in mind that they are multifaceted, and their importance, sequence of
implementation, level of funding, etc., from the point of view of various services of the organization,
may differ significantly. Therefore, it is logical to formalize the development of a sequence for
performing these activities in the class of group choice problems, focused on determining a subset of
equivalent solutions or ordering several selected alternatives [5, 6]. Such a flexible approach to the
ordering of objects, in which each expert can offer his own partial ordering of the selected subset of
alternatives, and the search for the complete resulting ranking of objects by algebraic methods is
relevant and promising.
The generally accepted methodology used in the creation and study of complex socio-economic
and technical systems is systems analysis. Most of its stages are based on expert assessments and the
use of expert assessments, in particular, when choosing the structure of the system, its optimization
and solving problems of diagnostics, classification, forecasting, and other. It is also known that when
solving many practical problems, the importance of correct obtaining and processing of expert
information is underestimated [6, 7]. But the adequate use of expert knowledge requires a preliminary
analysis of the features of human decision-making [2, 8, 9] because the study of complex,
multifaceted and contradictory objects involves the use of significant analytical efforts [10-12].
According to the selected approaches, the nature of the problems formulation and the form of
feedback when conducting expert assessments, the following main directions are distinguished [6, 13-
15]:
absolute estimates;
point estimates;
metric estimates of the relative weight of alternatives, their parameters, criteria or the relative
competence of experts [16, 17];
binary relations reflecting the results of pairwise comparisons of alternatives;
ranking of alternatives.
This article deals with the last two approaches and it will describe the tasks associated with these
areas. Note that the relation is one of the basic concepts of modern mathematics, and the language of
relations is successfully used to describe the relationship between alternatives. A relationship is also
often used to represent complex data structures. In particular, binary relations are the theoretical basis
of decision-making theory, since the properties of binary relations are used to assess the advantages of
alternatives in pairwise comparisons and are adequately interpreted in terms of the expert preference
system. An important way of presenting expert information, which is closely related to binary
170
�relations, is the ranking of alternatives [6, 13, 14]. Often, the sequence of steps in making a decision is
a significant factor, both in protection and in ensuring the functional stability of the system and
eliminating threats. The incomplete ranking was investigated, for example, in works [2, 8]. Moreover,
in the monographs [2], the classical methods of the voting theory were applied to the problems of
determining the generalized ranking of alternatives. However, in such cases, it is the use of algebraic
methods for calculating the median that reflects the collective opinion of experts that is promising. In
the article [18], only the general scheme for constructing the median is considered based on
incomplete rankings of alternatives given by experts.
3. The Purpose of the Study
The study involves the development of approaches and methods for improving the adequacy of
modeling decision-making situations that arise when creating an integrated system for increasing the
reliability of an organization's cybersecurity. Such a task is a complex combinatorial task. Moreover,
this task is further complicated when, in the process of developing an integrated system of security
measures, divisions are involved in various areas of activity and areas of responsibility, which only
partially overlap. The approach proposed in this work a priori increases the adequacy and
professionalism of the individual opinions of the participants in the examination since experts have
the opportunity to make their judgments within their high on a set of criteria, they are undoubted
specialists, and not within the strict framework of determining priorities on the entire set of security
measures set for all members of the expert group.
The article aims to develop directions and algorithms for solving the problem of the resulting
ranking based on the incomplete rankings of alternatives specified by experts and an experimental
study of these approaches.
Based on the proposed approaches, it is necessary to develop algorithms for calculating the
resulting ranking of alternatives, consistent with the given incomplete rankings of experts, taking into
account various metrics and various criteria [5, 19].
To create algorithms for comparing incomplete rankings of alternatives, mathematical models
should be developed that will contain tools that allow determining the distances between incomplete
rankings. Thus, it becomes possible to apply the algebraic approach, which is devoid of many
disadvantages typical for other approaches [14, 20, 21].
4. Models and methods
The main methods used in this work are the methods of decision theory [8, 14], expert
technologies [6, 7], heuristic algorithms [5]. The methods of decision theory [13, 14] originate from
the theory of operations research. Expert technologies are widely used in various fields of human life
and have been actively developing in recent decades. One of the key concepts of expert technologies
is heuristics [5], which can be axioms, postulates, assumptions, presumptions, paradigms, hypotheses,
additions, sentences, and other. Heuristics are rules of thumb that can help to find a solution and
contribute to the certainty of incorrectly posed problems. With the help of heuristic algorithms,
variants of solutions close to optimal are generated, but they do not guarantee to find the optimal
solution to the problem [22].
5. Main Material
For many practical situations, it is the sequence of steps taken when making a decision that is an
essential factor in both protection [23-25] and ensuring the reliability of the system's operation and
prompt elimination of threats [26-28].
Let the problem of determining the sequence of implementation of information security measures
of some complex semi-structured system be solved. For this, various departments prepare and
substantiate decisions on the sequence or priority of integrated security measures for a large and
multidisciplinary organization. As a result, representatives of various departments and services
171
�included in the expert group, within their competence and ideas about the importance of activities,
provide individual (partially ordered) proposals on the sequence of measures they propose to improve
the quality of cybersecurity in the form of incomplete rankings R i , i 1,..., k .
Thus, each of the experts establishes a partial order on the subset of Ai , i I 1,..., k , the set of
objects A, Ai A, i I , where he is competent, and within his sphere of influence or
responsibility. The partial orders set by the experts will be denoted as experts will be denoted
1 2 ki
R i a j a j ... a j , i I 1,..., k , k i k , i I . It is necessary to find some resultant
(aggregated, collective) ordering n of tasks R* (a i ,..., a i ) , i j J , j I , built according to
1 n
logic, characterizing the processes of functioning and ensuring the protection of some organizational
system.
At the first stage of solving the problem, the subsets of the security measures specified by the
experts are combined into a single set A, which includes all the measures proposed by the experts
ai A, i J . The set of all security measures specified by experts in the area of admissible
*
solutions for determining the resulting ranking of the organization's security measures R .
To determine the distances between the rankings of objects, the following are used: Cook's metric
of mismatching ranks of objects in individual rankings, the Hamming metric, and sometimes the
Euclidean metric. The most common and reasonable method for finding the resulting ranking [6, 7] of
objects is to calculate the median of the given rankings. It should be noted that the logic of building a
cyber defense system in an organization can admit and even require that experts assign an advantage
in the form of non-strict rankings [5]. In the same class of problems, calculations of a single resulting
ranking should also be performed R * .
One of the important requirements for such problems is the requirement of the connectivity of the
graph constructed according to particular expert orders or quasi-orders. To calculate the resulting
ranking with incomplete given individual rankings of experts, two approaches are possible. In the first
approach, to measure the distances between the ranking of security measures given by experts and the
resulting complex improvement of these measures, the Cook metric of the mismatch of the ranks of
objects in the individual ranking is selected [29]. The second approach involves calculating the
resulting ranking of security measures using the Hamming metric [30] and using a heuristic
algorithm.
Let the problem of determining the importance of the set of alternatives of some complex system
be solved. For this, the preparation and justification of the decision on the sequence of alternatives
arrangement of a large and multidisciplinary organization is carried out. Representatives of various
departments and services included in the expert group, within their competence and understanding of
the importance of alternatives, provide individual proposals on the sequence of implementation of
alternatives that fall within their area of responsibility, or the priority of considering alternatives.
Tastes often do not coincide among the members of the expert group, which is reflected in their
compilation of different subsets of alternatives. This is justified by many factors: the competence of
experts, their interests, priorities, accents, aspects of the considered ideas about the idealization of the
model, and the other [31]. Therefore, at the previous stage of aggregation, there should be the
implementation of the stage of combining subsets of alternatives, ranked by experts into a single set
of alternatives.
5.1. Problem Statement
In [5, 19], the concept of incomplete ranking was introduced: it is a binary relation defined on a
subset of alternatives A' , A' A , satisfying the properties of completeness, antisymmetry,
transitivity: but only on a subset A' , A' A , and not on the entire set A . Let the expert group k
specify incomplete rankings of alternatives R iН , i 1,..., k . It is necessary to find some group
(resulting, aggregated, collective, consensus, integrative) ranking n of alternatives R* (a i1 ,..., a in ) ,
172
�i j I 1,..., n, j I , built according to logic, characterizing the processes of functioning of some
organizational system. That is R * , the ranking should be built based on individual orderings of tasks
performed by system k elements (experts) R iН (a1i ,..., a ni ), i J 1,..., k , where ni the
number of tasks in an individual expert ranking i J .
5.2. Metrics and Criteria
Distances between rankings of alternatives are determined using metrics [5, 19]:
• -Cook metrics of mismatch of ranks (places, positions) of alternatives,
d R j , R l ril ril , (1)
iI
where ri is the rank of the i th alternative in the ranking of the l th expert, R , l L,
l l
1 ril n,
• Hamming metrics [20, 21];
• Euclidean metrics [14, 20];
• A vector of advantages, the elements of which are the number of alternatives that precede each
alternative in the ranking.
The criteria that are most often applied in such cases:
• additive;
• minimax.
5.3. Formalizing the Problem of Determining the Resulting Ranking
The most common method for finding the resulting ranking of alternatives is to calculate the
median of the given rankings. This group of methods for generalizing expert information is the most
reliable and mathematically justified. The solution to the problem, determined by applying various
metrics and various criteria, is the median of the linear orders specified by experts.
Let us denote the set of all possible rankings n of alternatives through , the set of paired
R
comparison matrices (PCM) that correspond to all possible ranking n of objects – through , the
B
set of vectors of advantages reflecting the number of alternatives that precede each alternative in the
ranking (from 0 to n 1 ) – through The set of rankings and binary relations given by experts in
P
A
their answers, will be denoted by, they are answered, will be denoted by R ; the set of PCMs and
binary relations between the alternatives corresponding to the ranking - through, and the set of vectors
A
of advantages and corresponding relations – through P .
A B A
For the case under consideration in this work, the cardinality of the sets R , R and P is the
same: RA RB P A n , Rl R A , Bl R B , Pl P A ,l L . It is clear that
n n 1 / 2
R A R , R B B , P A P . In general, the cardinality of the set 2
B P
. But
for the method described in this work, we will consider only their subsets, denoting these subsets in
the same way R B P n!, since we are not intransitively interested in the elements of
the solution space and .
B P
5.4. Using a Cook metric for Incomplete Rankings of Alternatives
For the Cook metric (1), using the additive criterion, the following are calculated:
• Cook-Seyford median [13, 14]:
173
� R CS CS Arg minR d r R, R l
R
(2)
lL
• modified Cook-Seyford median [31]:
R МCS МCS Arg minA d r R, R l .
RR
(3)
lL
when using the minimax criterion, the following is calculated:
• GV-median (compromise) [14]:
R ГВ ГВ Arg minR max d r R, R l
R lL
(4)
• modified GV-median [5]:
R МГВ МГВ Arg minA max d r R, R l .
RR lL
(5)
Cook's metric is popular in the problems of ranking alternatives [13, 18]. To use it in solving the
set problem of analyzing incomplete rankings, we introduce heuristics and, on their basis, determine
the distance from the rankings set by the experts to the reference ranking.
In connection with the peculiarities of calculating generalized ranking with incomplete initial
information, in [5, 19] it was proposed to use a number of heuristics. In particular, the components of
the distances for incomplete ranking of objects are described as follows. Heuristic E1. The distance
(0)
from the incomplete rankings R iН , i 1,..., k , given by the experts to any ranking consists R * of
two components: a certain part of the distance and a probabilistic one. Heuristic E2. An alternative not
specified by an expert generates unknown relationships between all other alternatives and does not
take part in the ranking, that is, this alternative is not represented in an incomplete ranking. Thus,
when setting incomplete rankings for each Expert Advisor, there are several alternatives:
ni the alternatives given by him in the ranking R iН , i 1,..., k , , which will make up a certain
part of the distances;
(n ni ) i alternatives unspecified by the expert in the ranking R iН , i 1,..., k , of the
distances constituting the probabilistic part.
Heuristic E3. The probabilistic part of the distance from the ranking R iН , i 1,..., k , given by the
expert to any reference ranking is always equal i , i 1,..., k , for the Cook metric. A certain part of
the distance is calculated by the formula (1).
5.5. Еuclidean Measure of Proximity and Calculation of the Mean
According to [13], the resulting ranking can be the average R S S Arg min d 2 R, R l .
RR B lL
It is advisable to use such a resulting ranking [13] if the distance between expert rankings is
1/ 2
2
determined using the Euclidean measure of proximity: j l
d ( B , B ) rt j rtl
Е
,
tH
t H , j, l L.
5.6. Using the Hamming Metric for Incomplete Rankings of Alternatives
The probabilistic part from the ranking R , i 1,..., k , given by the expert to any other ranking
iН
for the Hamming metric is always equal to i ( i 1) / 2, i 1,..., k . To pass from the space of ranks
to the space of pairwise comparisons of alternatives [5], the individual incomplete advantages given
by each expert on subsets of alternatives R , l L , are represented in the form of an incomplete
lН
matrix of pairwise comparisons
174
�
B lН bijlН , j I , l L, (6)
Where bij , i, j I , l L, if and only if, according to the l th expert, the i th alternative
l
prevails in the j th alternative. Moreover, bijl b lji , i, j I , l L. when l the expert did not
set the preference relation between the alternatives ai and a j , then this fact affects
b lН
ij "*", j I , l L.
To determine the distances between incomplete relations (6), the Hamming metric is used
d ( B j , B l ) 0,5 bisj bisl .
h
iI sI
Heuristic E4. The mathematical expectation of the indeterminate distances between the alternatives
in the ranking is equal to one. That is, the distance between the PCM elements, at least one of which
is not defined, must be equal to 1 - on the assumption that the equality of its value "-1" or "1" are
equally probable. Since the matrices of relations B Н and R Н the form (1) are skew-symmetric.
Without loss of generality, we will use the vectors constructed on their basis ct bij , xt rij ,
t i 1 n j i 1 i / 2, 1 i j n. Let us denote by N n n 1 / 2 the number of
elements of the vectors c , and by H 1,..., N – the set of indices of the elements of these vectors.
Then the distance between the relations B and R will be written in the form
d h ( B j , B l ) ctj ctl , j , l L. (7)
tH
For the Hamming metric (7), when using the additive criterion, the following are calculated:
• Kemeny-Snell median:
R КС КС Arg minB d h B, B l
B
(8)
lL
• modified median [29] Kemeny-Snell:
R МКС МКС Arg minB d h B, B l .
BR
(9)
lL
When using the minimax criterion, the following are calculated:
• VG-median (compromise) [12]:
R ВГ ВГ Arg minB max d h B, B l
B lL
(10)
Modified VG-median:
R МВГ МВГ Arg minB max d h B, B l .
BR lL
(11)
Methods for determining medians of the form (2), (4), (8), (10) and their features are considered in
the monograph [19]. The modified medians (3), (9) were proposed to be applied, in particular, in [28],
but their use in many practical problems is inappropriate and sometimes unreasonable and
inappropriate. This is because the modified median significantly limits the choice space; therefore,
when applying such criteria, as a rule, we find ineffective solutions: they dominate, in particular, the
median itself of the form (3), (5), (9), (11).
5.7. Using Distances Between Benefit Vectors for Incomplete Rankings of
Alternatives
To apply the algebraic approach on a set of rankings, one can use the distance based on the vectors
of advantages [29, 30] l 1l ,..., nl , where il the number of alternatives precedes the i
alternative in the l ranking. In the monograph [32, 33] B.G. Litvak proposed for the vectors of
175
�advantages 1 and 2 , formed based on rankings R and R , to determine the distance by the
1 2
formula:
d ( R1 , R 2 ) i1 i2 . (12)
iI
For vectors of advantages of the form (12), using the additive criterion, the Litvak median is
calculated [29, 30]:
R L L Arg minR d R, R l
R
(13)
lL
We also introduce the concept of a modified Litvak median:
R ML ML Arg minA d R, R l
R
(14)
lL
When using the minimax criterion, we introduce the following medians:
• LK-median or Litvak compromise median:
R LK LK Arg minR max d R, R l
R lL
(15)
• modified LK-median:
R MLK MLK Arg minA max d R, R l
R lL
(16)
For incomplete rankings when using the distance (12) between the vectors of advantages, we will
also use heuristics similar to those introduced for medians, based on the application of the Cook
metric (1). Likewise, the distances between the advantage vectors are applied and modified to
determine the Litvack median.
5.8. Heuristic Algorithm for Determining Medians Using the Heming Metric
In [31], a heuristic algorithm for determining the median R* of a given set of incomplete rankings
R iН , i I , in the form of the Kemeny-Snell median is given, which is given in [29].
Step 1. Let us write the upper supra-diagonal triangular parts of the matrices B iН , i I , in the
form of rows of the new matrix: C (cij ), i I , j J {1,..., N }, N n * (n 1) / 2. . Matrix
elements C are defined as follows: сij blt ,
i
j (l 1) * n t l * (l 1) / 2, 1 l t n, i I .
Step 2. Define a metric priority matrix M (mlt ), l , t I , the elements of which are calculated as
follows:
mlt cij / cij , 1 l t n, j J ,
iI , iI , (17)
cij 0 cij 0
where x is the absolute value of the number x, l j / n j / n 1,
t j l 1* n l * (l 1) / 2, where x is the integer part of the number x . In this case, the
values of the symmetric elements of the matrix are in the following ratio:
mtl 1 / mlt , mtt 1, t , l I . It is clear that the elements сij , i I , j J , whose values are not
determined by experts, that is сij '*', they do not participate in the formation of values mlt ,
1 l t n, j J , of the form (1).
Step 3. Construction of the residual matrix P pij , i 1,..., n, j 1,..., N , based on the analysis
of all possible relationships between the triplets of alternatives.
p1 j mlt , j (l 1) * n t l * (l 1) / 2, 1 l t n,
176
� mls / mts , l s, s t ,
pij mls * mts , l s, s t , (18)
mst / msl , l s, s t ,
s 1,...n, s l , s t , i l 1, l 1,..., n 1, t l 1,..., n, j (l 1) * n t l * (l 1) / 2.
Step 4. Replacing one of the matrix elements for each index i 2,..., n, with a matrix element
M (mlt ), l , t I , if the elements P pij , i 2,..., n, j 1,..., N , do not match: mlt pij , for
j (l 1) * n t l * (l 1) / 2.
Step 5. For each next generated in point 4 matrix, determine the weighting coefficients of each of
n the alternatives by the method of urgent or column sums, which are the standard of the
computational simplicity of determining the "weight".
Step 6. Placing (or sorting) the elements of the vector elements of the vector obtained in step 5, in
descending order of values (for row sums) or increasing values (for sums in rows). The indices of the
vector ordered in this way will be considered the indices of alternatives in the resulting ranking.
Step 7. Determination of the sum of the distances from the ranking obtained in clause 6 to the
ranking given by the experts, according to the rules described for incomplete matrices of pairwise
comparisons.
Step 8. Continuation of the procedures described in steps (points) 4-7 until all modified matrices
M (mlt ), l , t I are calculated by replacing the next matrix element in them
P pij , i 2,..., n, j 1,..., N .
The best matrices obtained in this way, defined in points 4-8, will make up the set of Kemeny-
Snell medians. The VG-median can also be determined using the described algorithm since it
generates variants that are close to optimal solutions.
5.9. Results of Computational Experiments Using a Heuristic Algorithm
The authors carried out a computational experiment using a heuristic algorithm for matrices of
dimensions from 6x6 to 10x10, that is, when several dozen randomly ordered 6-10 alternatives are
given. Experiments using the described method, verified by exact methods, gave the following results:
• with poor consistency of matrices set by experts, the set of effective solutions can be very large -
the number of Kemeny-Snell medians for some advantage profiles is up to 15% of the total
number of rankings on a set of alternatives, that is, up to 0.15*n!;
• among the solutions found using the described algorithm when applying the method of urgent
sums, up to 50% of the rankings of alternatives is the Kemeny-Snell median, and when using the
method of line sums - up to 83%;
• application of the described algorithm in some cases allows to find up to 39% of rankings
belonging to the set of Kemeny-Snell medians;
• among the compromise rankings of the form (18) found using the described algorithm, up to
22% is at the same time the GV-median.
Thus, the described algorithm is a convenient heuristic method for determining the sets of
Kemeny-Snell medians and GV-medians. Although it is impossible to determine the entire set of
effective solutions using this algorithm, some of the medians are guaranteed to be calculated. The
study confirms the relationship between the ordinal and cardinal models for setting expert
preferences, as well as the prospects of using heuristic algorithms in the problems of expert
assessment.
6. Options for Using the Developed Algorithms
The algorithms for calculating the resulting ranking of the given incomplete expert rankings of
alternatives described in this work can be applied to solve various problems in various subject areas.
In particular, using the described approaches and the algorithms presented, the following problems
177
�can be solved:
• development of a system of complex cybersecurity measures [3, 4, 28];
• development and implementation of procedures for rapid response to external threats to the
organizational system;
• search for the ranking of the most popular cryptocurrencies on trading floors and determine the
integral ordering of the popularity of the cryptocurrency;
• selection of textbooks for the formation of a list of literature and determination of the sequence
of presentation of the academic discipline;
• determination of the sequence of preparation of collections of books in libraries for the
harmonious formation of personality;
• construction of a sequence of lecture courses in the tasks of developing curricula of educational
programs.
7. Further Research
In many tasks, events that should be sequenced using incomplete expert rankings must run in
parallel, or even occur simultaneously. Therefore, it is logical to formalize the problem posed in the
class of computing the collective quasi-order [14, 20].
It is also promising to develop parallel algorithms using artificial intelligence methods, the use of
which in the described approaches can contribute to obtaining a synergistic effect when:
• formalization and further optimization of business processes [36];
• solving problems of information recovery to the preferences of experts based on the definition
of group ranking.
• application of the formalisms of the problem of determining collective ranking to a wide class
of classical combinatorial problems in the descriptions of the corresponding statements for
adaptation and interpretation of the statement.
8. Conclusions
A model of an integrated approach to the construction of a cybersecurity system for some complex
weakly structured organizational system is considered. An approach to finding the resulting ranking
of the priority of cybersecurity measures as a solution to the problem of multi-criteria optimization is
also described. This approach makes it possible to determine the resulting ordering of a set of
activities in the form of a median of incomplete rankings given by experts. The proposed approach
allows you to combine information security measures of different composition and priorities,
proposed by experts from the relevant departments of the organization; find a compromise solution
for a diverse group of experts; use the described technique to solve data augmentation problems; build
an integrated cybersecurity system for an organization [34, 35] or improve a previously created
system of measures [17, 37].
Thus, in this work, approaches to determining the resulting ranking of alternatives based on
incomplete expert rankings were investigated and the following main results were obtained:
• the formulation of tasks for determining the group ranking of alternatives based on incomplete
expert rankings is proposed;
• introduced the concept of Litvak's compromise median;
• approaches to the aggregation of expert data are considered, taking into account the peculiarities
of incomplete information received from experts;
• algorithms have been developed for solving problems of calculating large-scale collective
ranking;
• computational experiments were carried out to study the described algorithms and features of
the ranking problems;
178
� • it has been found that the modified medians of a given set of expert rankings are always
naturally and reasonably dominated by the medians calculated in the full space of all possible
rankings of alternatives.
References
[1] Voloshin, A.F., Gnatienko, G.N., Drobot, E.V. A Method of Indirect Determination of Intervals of
Weight Coefficients of Parameters for Metricized Relations Between Objects. Journal of
Automation and Information Sciences, 2003, 35(1-4). DOI:10.1615/JAutomatInfScien.v35.i3.30
[2] A. Dodonov, D. Lande, V. Tsyganok, O. Andriichuk, S. Kadenko, A. Graivoronskaya,
Information Operations Recognition. From Nonlinear Analysis to Decision-Making, LAP
Lambert Academic Publishing, 2019, 292 p.
[3] Hrechko Viktoriia; Hrygorii Hnatienko; Tetiana Babenko. An intelligent model to assess
information systems security level. 2021 Fifth World Conference on Smart Trends in Systems
Security and Sustainability (WorldS4), London, United Kingdom, 29-30 July 2021, pp. 128–133.
DOI: 10.1109/WorldS451998.2021.9514019.
[4] Babenko, T., Hnatiienko, H., Vialkova, V. Modeling of the integrated quality assessment system
of the information security management system. CEUR Workshop Proceedings, 2021, 2845, pp.
75–84.
[5] Hnatiienko H., Tmienova N., Kruglov A. (2021) Methods for Determining the Group Ranking
of Alternatives for Incomplete Expert Rankings. In: Shkarlet S., Morozov A., Palagin A.
(eds) Mathematical Modeling and Simulation of Systems (MODS'2020). MODS 2020.
Advances in Intelligent Systems and Computing, vol 1265. Springer, Cham. DOI:
10.1007/978-3-030-58124-4_21. Pp. 217-226.
[6] Hnatiienko H. Choice Manipulation in Multicriteria Optimization Problems / Selected Papers of
the XIX International Scientific and Practical Conference "Information Technologies and
Security" (ITS 2019), pp. 234–245 (2019).
[7] Hnatiienko H., Snytyuk V. A posteriori determination of expert competence under uncertainty /
Selected Papers of the XIX International Scientific and Practical Conference "Information
Technologies and Security" (ITS 2019), pp. 82–99 (2019).
[8] Makarov, I.M., Vinogradskaya, T.M., Rubchinsky, А.А. Theory of choice and decision
making, Nauka, Moscow, 1982, 328 p.
[9] Bozóki Sándor & Tsyganok Vitaliy. The (logarithmic) least squares optimality of the arithmetic
(geometric) mean of weight vectors calculated from all spanning trees for incomplete additive
(multiplicative) pairwise comparison matrices. International Journal of General Systems. 2019.
vol.48, No.4. P.362-381. DOI: 10.1080/03081079.2019.1585432
[10] Hudry, O. NP-hardness results on the aggregation of linear orders into median orders. Annals of
Operations Research. 2008. Vol. 163, No. 1. Pp. 63–88.
[11] Kadenko S.V., Tsyganok V.V., Andriichuk O.V., Karabchuk A.V. An analysis of decision-
making support tools in the context of strategic planning problem solution. Data Recording,
Storage & Processing. 2020. Vol. 22. Nо. 2. P. 77–91. [in Ukrainian] DOI: 10.35681/1560-
9189.2020.22.2.211281
[12] List, C. Judgement aggregation: a survey. C. List, C. Puppe. In: Oxford handbook of rational and
social choice. Oxford: Oxford University Press. 2009. Pp. 457–482.
[13] Cook, W.D. Distance-based and adhoc consensus models in ordinal preference ranking.
European Journal of Operational Research. 2006. No. 172. Pp. 369–385.
[14] Voloshin O.F., Mashchenko S.O. Decision Theory: A Textbook. - Kyiv: Kyiv University
Publishing and Printing Center, 2006. - 304 p.
[15] A. Alnur, M. Meila. Experiments with Kemeny Ranking: What Works When? Mathematical
Social Sciences. 2012. Vol. 64, No. 1. Pp. 28-40. DOI:
10.1016/j.mathsocsci.2011.08.008
[16] Saaty, T.L. Decision making with the analytic hierarchy process, International Journal of
Services Sciences 1 (1) (2008): 83-98. DOI: 10.1504/IJSSCI.2008.017590.
[17] M. Rakushev, Y. Kravchenko, O. Permiakov, O. Lavrinchuk, V. Bychenkov, Krainov, V.
Modeling of solving stabilized differential equations by differential-Taylor transformations,
IEEE 2nd International Conference on Advanced Trends in Information Theory, ATIT`2020,
Proceedings, pp. 216–221. DOI: 10.1109/ATIT50783.2020.9349265
179
�[18] Hnatiienko, H., Kudin, V., Onyshchenko, A., Snytyuk, V. and Kruhlov, A. Greenhouse Gas
Emission Determination Based on the Pseudo-Base Matrix Method for Environmental Pollution
Quotas Between Countries Allocation Problem. 2020 IEEE 2nd International Conference on
System Analysis & Intelligent Computing (SAIC), Kyiv, Ukraine, 2020, pp. 150-157, DOI:
10.1109/SAIC51296.2020.9239125.
[19] Saaty, T. L. (2016). Pairwise Comparisons and their Contribution to Understanding
Consciousness. International Journal of the Analytic Hierarchy Process, 8(1). DOI:
10.13033/ijahp.v8i1.381
[20] Voloshin, O.F., Mashchenko. S.O. Models and methods of decision making: textbook. way for
students. higher textbook zakl., K.: Publishing and Printing Center "Kyiv University", 2010, 336 p.
[21] Saaty, T.L. (2011). Aligning the Measurement of Tangibles With Intangibles And Not the
Converse. International Journal of the Analytic Hierarchy Process, 3(1). DOI:
10.13033/ijahp.v3i1.91
[22] Mulesa, O., Snytyuk, V., & Myronyuk, I. (2019). Optimal alternative selection models in a
multi-stage decision-making process. EUREKA: Physics and Engineering, (6), 43-50. DOI:
10.21303/2461-4262.2019.001005
[23] Kravchenko, Y., Vialkova, V. The problem of providing functional stability properties of
information security systems. Modern Problems of Radio Engineering, Telecommunications and
Computer Science, Proceedings of the 13th International Conference on TCSET 2016, pp. 526–
530. DOI: 10.1109/TCSET.2016.7452105
[24] Andrew S. Tanenbaum, Maarten Van Steen. Distributed Systems: Principles and Paradigms,
Prentice Hall of India; 2nd edition (January 1, 2007).
[25] White, G.B.: The community cyber security maturity model. In: IEEE International Conference
on Technologies for Homeland Security, pp. 173–178. IEEE Press, Wakefield (2011). DOI:
10.1109/HICSS.2007.522
[26] Department of Energy: Cybersecurity Capability Maturity Model (C2M2): Version 1.1.
Technical report, Department of Homeland Security (2014)
[27] Angel Marcelo Rea-Guaman, Tomás San Feliu, Jose A. Calvo-Manzano, and Isaac Daniel
Sanchez-Garcia. Comparative Study of Cybersecurity Capability Maturity Models / International
Conference on Software Process Improvement and Capability Determination. – September 2017.
DOI: 10.1007/978-3-319-67383-7_8
[28] Palko, D., Hnatienko, H., Babenko, T., Bigdan, A. Determining key risks for modern distributed
information systems. CEUR Workshop Proceedings, 2021, 3018, pp. 81–100.
[29] S. Amodio, A. D'Ambrosio, R. Siciliano. Accurate algorithms for identifying the median ranking
when dealing with weak and partial rankings under the Kemeny axiomatic approach. European
Journal of Operational Research, 2015, No. 249.pp. 667–676. DOI: 10.1016/j.ejor.2015.08.048
[30] Hudry, O. Complexity of computing median linear orders and variants. Electronic Notes in
Discrete Mathematics, 2013, Vol. 42. Pp. 57–64. DOI: 10.1016/j.endm.2013.05.146
[31] Orlov, A.I. Methods of making managerial decisions: textbook - M .: KNORUS, 2018. - 286 p.
[32] A. Boltenkov, V. I. Kuvaeva, A. V. Poznyak. Analysis of median methods of consensus
aggregation of rank preferences. Computer Science and Mathematical Methods in Models, 2017,
vol. 7, No. 4. - pp. 307-317.
[33] H. Bury, D. Wagner. Zastosowanie mediany Litvaka do wyznaczania oceny grupowej w
przypadku występowania obiektów równoważnych. Studia i Materiały Polskiego Stowarzyszenia
Zarządzania Wiedzą, 2007, Vol. 10. Pp. 19–34.
[34] ISO. ISO/IEC 27001:2013 Information technology – Security techniques – Information security
management systems – Requirements; 2013. URL: https://www.iso.org/standard/54534.html
[35] ISO. ISO/IEC 27002:2013 Information technology – Security techniques – code of practice for
information security controls; 2013. URL: https://www.iso.org/standard/54533.html
[36] Kraevsky, V., Kostenko, O., Kalivoshko, O., Kiktev, N., Lyutyy, I. Financial Infrastructure of
Telecommunication Space: Accounting Information Attributive of Syntalytical Submission.
IEEE International Scientific-Practical Conference Problems of Infocommunications, Science
and Technology (PIC S&T), 8-11 Oct. 2019, Kyiv, Ukraine, 2019. – pp. 873-876. DOI:
10.1109/PICST47496.2019.9061494.
[37] Stouffer, K., Stouffer, K., Zimmerman, T., Tang, C., Lubell, J., Cichonski, J., McCarthy, J.
Cybersecurity framework manufacturing profile / US Department of Commerce, National
Institute of Standards and Technology (2017)
180
�