=Paper=
{{Paper
|id=Vol-3421/paper6
|storemode=property
|title=Conflict Analysis in the “Subject-to-Subject” Security System
|pdfUrl=https://ceur-ws.org/Vol-3421/paper6.pdf
|volume=Vol-3421
|authors=Svitlana Shevchenko,Yuliia Zhdanova,Halina Shevchenko,Оlena Nehodenko,Svitlana Spasiteleva
|dblpUrl=https://dblp.org/rec/conf/cpits/ShevchenkoZSNS23
}}
==Conflict Analysis in the “Subject-to-Subject” Security System==
https://ceur-ws.org/Vol-3421/paper6.pdf
Conflict Analysis in the “Subject-to-Subject” Security
System
Svitlana Shevchenko1, Yuliia Zhdanova1, Halina Shevchenko2, Оlena Nehodenko3,
аnd Svitlana Spasiteleva1
1
Borys Grinchenko Kyiv University, 18/2 Bulvarno-Kudriavska str., Kyiv, 04053, Ukraine
2
The National University of Ostroh Academy, 2 Seminarska str., Ostroh, 35800, Ukraine
3
State University of Telecommunications, 7 Solomyanska str., Kyiv, 03110, Ukraine
Abstract
The concept of conflict theory is widely used in various sectors of society. This study examines
the problem of using the main provisions of the theory of conflicts in the field of information
security. With the development of information technologies, the risk of information conflicts
is increasing, which can create threats to the integrity, availability, and confidentiality of
information, which determines the relevance and importance of this research. The presented
work is a continuation of developments describing the applied aspects of the theory of conflict
theory in information security systems through the interaction of data streams in the “subject—
subject” perspective. It is proposed to analyze the problem at four levels: the level of the
individual (criminal—user); business level (internal and/or external violator—company
manager); state level (violators/hackers—state institutions, state officials); the level of
international relations (states, a group of subjects/hackers—institutions and/or political leaders
of another state). Each level is defined as a complex conflict system that has a corresponding
structure and stages. It was determined that the main characteristics of an information conflict
in cyberspace are: unlimited territory, globality, the problem of attribution, and the superiority
of attack over defense. It is substantiated that information security systems have all the features
of complex conflict systems, which implies the application of the mathematical theory of
conflict, namely, the Lotka-Volterra “predator—predator” model and the conflict triad model.
The innovative function of information conflict is determined. The concept of conflict theory
is widely used in various sectors of society. This study examines the problem of using the main
provisions of the theory of conflicts in the field of information security. With the development
of information technologies, the risk of information conflicts is increasing, which can create
threats to the integrity, availability, and confidentiality of information, which determines the
relevance and importance of this research.
Keywords 1
Conflict, information conflict, information security systems, cyber system, cyber conflict,
conflict structure, conflict stages, mathematical model of conflict.
1. Introduction impossible without disagreements, confron-
tations, contradictions, and conflicts.
More and more scientists are turning to
Our society, in the center of which is a person
theoretical and practical developments in conflict
and his activities, is a complex dynamic system,
theory. This is connected not only with the
which is characterized by many connections,
problem of studying man as a conflicted creature,
interactions, and relations in different spheres and
but also with the growing tension in various
at different levels. Existence in such a system is
spheres of social interaction of the participants of
the organization, the state, and the world.
CPITS 2023: Workshop on Cybersecurity Providing in Information and Telecommunication Systems, February 28, 2023, Kyiv, Ukraine
EMAIL: s.shevchenko@kubg.edu.ua (S. Shevchenko); y.zhdanova@kubg.edu.ua (Y. Zhdanova); halyna.shevchenko@oa.edu.ua
(H. Shevchenko); negodenkoav@i.ua (O. Nehodenko); s.spasitielieva@kubg.edu.ua (S. Spasiteleva)
ORCID: 0000-0002-9736-8623 (S. Shevchenko); 0000-0002-9277-4972 (Y. Zhdanova); 0000-0002-8717-4358 (H. Shevchenko); 0000-
0001-6645-1566 (O. Nehodenko); 0000-0003-4993-6355 (S. Spasiteleva)
©️ 2023 Copyright for this paper by its authors.
Use permitted under Creative Commons License Attribution 4.0 International (CC BY 4.0).
CEUR Workshop Proceedings (CEUR-WS.org)
56
� There is no unequivocal opinion about the information is a strategic resource, the value of
concept of “conflict”. In modern literature, there which acquires especially in the process of
are more than a dozen different definitions of creation, therefore it needs to be protected.
conflict. All of them have the right to exist 2. Information conflicts as conflicts in
because each emphasizes one or more information systems between implemented
characteristics of this multifaceted phenomenon. programs or in telecommunication systems
For the term “conflict” we come across several between radio-electronic means and security
synonyms: clash of opposing interests, and views; systems.
a sharp dispute; extreme aggravation of 3. Cyber conflicts are part of international
contradictions, which leads to complications or information conflicts and are most often
acute struggle [1]. However, contradiction and associated with information wars, cyber
conflict should not be equated. Contradiction espionage, and cyber operations.
(opposite as its component) is a defining feature It is substantiated that it is advisable to
of any phenomenon or event. Contradictions turn consider the coverage of this problem through the
into conflict if their level increases to a critical interaction of the planes of the theory of conflict
limit and at the same time a subject is formed, theory and the theory of information and
which will deliberately exacerbate them in its cybernetic security in three perspectives:
interests [2]. ● “subject—subject” or “person—person”,
At the same time, the authors of the study [3] possibly “group of people—group of people”,
emphasize that outside the subjects and “person—group of people”.
independently of them there are contradictions, ● “subject—object” or “man—machine”.
but not conflicts. The concept of conflict is not a ● “object—object” or “machine—machine”.
fixation, but a qualification of the state of relations
Within the scope of this article, it is intended
in a certain situation, which defines conflict as an
to consider the applied aspects of the theory of
assessment of the nature of interaction. Such a
conflict theory in information security systems
definition makes it possible to preserve the name
through the interaction of data flows from the
conflict for situations of the opposition of the
perspective of “subject—subject”. In particular,
parties to each other, which are traditionally called
analyze the issues at four levels:
conflict, and at the same time to extend this
1. Personality level (criminal—user)
concept to situations of incompatibility of certain
2. Business level (internal and/or external
elements in the composition of the whole [3, p.
offender—company manager)
41]. This interpretation will allow us to describe
3. State level (violators/hackers—state
conflicts of various natures, for example, a
institutions, state officials)
conflict of immunities, a conflict between
4. The level of international relations (states,
software and a security system, and others.
a group of subjects/hackers—institutions
The transition of society to the information age
and/or political leaders of another state).
gave rise to innovative conflicts—informational.
Modern informational conflicts have significantly
transformed on both the micro and macro levels: 2. Mathematical Models of “Subject-
starting from communication in social networks Subject” Information Conflict
and ending with cyberespionage, cyberattacks,
cyberwars, and involvement of non-state actors in Conflict is a very complex system with
relations in the international arena. With the adaptive structures and evolutionary mechanisms.
development of information technologies, the risk It is a system made up of interconnected parts that,
of new conflicts that may threaten the integrity,
as a whole, exhibit properties that cannot be easily
availability, and confidentiality of information
understood just by disassembling and analyzing
increases [4–6]. the properties of the individual components. A
The beginning of the discussion of these deep understanding of conflicts requires, on the
aspects of the analysis of information conflicts in one hand, a systems thinking approach, and on the
security systems was presented by us in the study other, a combination of many social and scientific
[7]. The analysis of the literature made it possible
disciplines [8]. The analysis of analytical reports
to determine the following approaches to the and scientific literature confirms the fact that
definition of conflicts in security systems: together with the development of hardware and
1. Information conflicts as a part of conflicts software means of information protection, the
in various spheres and industries, since
57
�number of malicious software that allows one Protected,
subject (group) to gain unauthorized access to the 𝑝2 is the probability that an attacker will obtain
information resources of another subject the information,
(institution) is growing rapidly. As a result of the 𝑝3 is the probability that an attacker will not be
implementation of such a threat, information able to obtain the information,
protection is violated, and its destruction and/or
𝑝4 is the probability that an attacker has
theft, loss of integrity, availability, and
sufficient potential to breach the user’s protection.
confidentiality are possible. The interaction of
these parties is conflictual. The modern theory of However, the presented model is of a
conflict systems allows for building and generalized nature, since this information security
researching models of real processes using the system is not isolated from others and is in a
mathematical theory of conflict. In this case, we complex relationship with them. To bring the
will use the well-known “prey—predator” model, model closer to real data, various modifications
which is based on a system of two first-order are used. Thus, work [14] presents an approach
ordinary differential equations. The equation was where x and y are vector values:
proposed independently by scientists Alfred 𝑥 = (𝑥1 , 𝑥2 , . . . , 𝑥𝑛 ),
James Lotka and Vito Volterra in 1925 and 1926
𝑦 = (𝑦1 , 𝑦2 , . . . , 𝑦𝑛 ), 𝑛 > 1.
[9]. The classical Lotka-Volterra “predator—
prey” mathematical model is used in many fields Therefore, the values x and y can be
of science and technology due to its successful represented not only by the volume of information
combination of relatively low complexity and but also by other characteristics of the security
strong nonlinearity. The model has a high degree system.
of universality when describing the behavior of The model can also be improved by
complex systems operating in the mode of self- introducing the delay time of the argument t, the
oscillations [10, 11]. It should be noted the value of which is determined by the method of
existence of spot developments for the experimental selection.
implementation of this model in the security
The next conflict system that can be modeled
system [12–13].
In general, the model looks as follows: in security systems is the conflict triad model [15].
The dynamic model of the conflict triad is a model
𝑑𝑥
= (𝑝1 − 𝑝2 y)𝑥, that is defined by the interaction between three
{ 𝑑𝑡 natural substances: the population of a biological
𝑑𝑦
= (−𝑝3 + 𝑝4 y)𝑥, species (life), the environment (resource of
𝑑𝑡 existence), and negative factors for existence
where 𝑥 is the amount of information available to (virus).
the user and interest to the attacker, Let’s apply the described model to the security
𝑦 is the amount of information obtained by system. Let us denote by P, R, Q substances that
hacking, exist in a common space and interact with each
𝑡 is the duration of the process, other in a certain way. Then, in the conflict system
𝑝1 is the probability that the volume of of the “subject—subject” security system, we get
information of interest to the attacker is well the following subsystems at different levels (see
Table 1):
Table 1
Substances in the conflict triad of information security
Subject— Space 𝜴 Substance 𝑷 Substance 𝑹 Substance 𝑸
subject level
Information Company Technical, legal, Anthropogenic sources of
Business level
system management organizational tools threats
Information State figures,
Technical, legal, Anthropogenic sources of
State level system of state state
organizational tools threats
institutions institutions
International Politicians, state Any subject (group of
Virtual space All existing
relations level institutions subjects) of another state
58
� Interdependence between substances P, R, Q 2.1. Subject—Subject Informational
[15] is depicted by the diagram in Figure 1, where
Conflict: The Level of the Individual
an arrow with a certain sign corresponds to the
direction of positive or negative dependence of
The birth of the Internet in 1989 caused a rapid
one substance on another.
growth of computer equipment, in particular,
personal. The use of the World Wide Web led to
the creation of new interactions and relationships
P between people—virtual, the era of digital society
began. Persons, relationships, and social
institutions are formed by both software and
– – hardware [16]. Along with this, where there are
+ + new social facts, new habits, new ways to meet,
buy, pay, store, protect, and transfer assets, new
digital identities, and new systems for gathering
information, it is only natural that new crimes
Q – R appear, related to information technologies [17].
– According to an analytical report [18] in 2022,
the frequency of email attacks has increased to
reach 86% of all file-based in-the-wild attacks,
Zip files are the most common format for hiding
Figure 1: Interdependence between substances malware, Joker mobile malware, which accesses
contact lists by hiding in at least 8 Google Store
Two-way pairwise interdependence “plus-
apps, has been downloaded more than 3 million
minus” is an analog of the “prey-predator” model.
times, allowing attackers to obtain relevant
Interdependence “minus-minus” models the
information. accesses users’ contact lists and
conflict struggle of irreconcilable alternative
sends information to attackers. Every day, the
substances (anthropogenic source of threats—
AV-TEST Institute registers more than 450,000
security policy).
new malicious programs (malware) and
The conflict triad is a complex dynamic system
potentially unwanted programs (PUAs), in the last
since each of the three substances has an internal
year there have been about 70 million malicious
structure 𝑃 = (𝑃1 , 𝑃2 , . . . , 𝑃𝑛 ),
programs for Windows, which is 5000 times more
𝑅 = (𝑅1 , 𝑅2 , . . . , 𝑅𝑛 ), 𝑄 = (𝑄1 , 𝑄2 , . . . , 𝑄𝑛 ).
than for macOS (where only about 12,000
Also, all the formulas for the interaction of
samples) and 60 times more than the
each substance with a pair of others are different
corresponding figures for Linux (2 million
from each other: P with a pair {𝑄, 𝑅}, 𝑄 with a
samples) [19]. Thus, in the information sphere, a
pair {𝑃, 𝑅}, 𝑅 with a pair {𝑃, 𝑄}.
conflict situation is defined, as one which was
The formulas defining the dynamic system of
intentionally created by one of the parties
the conflict triad are given in [15].
(criminal) to achieve their goals or orders.
The nature of things in the world is such that
An information conflict in “subject-subject”
any conflict process is endless. In each act, the
security systems at the “criminal-user” level is the
conflict transforms the content of the
result of the process of the criminal overcoming
contradiction into a new, possibly hidden, form.
the resistance of the protection means of the user’s
From the point of view of mathematics, this means
information system, which enables the loss of
a change in the spectral structure of the conflicting
confidentiality, availability, and integrity of
distributions.
information.
It should be noted that managing information
Such a conflict occurs in the user’s information
conflict in information security systems is a major
system, usually two participants (however, there
problem today. This is explained by the fact that
may be a third person—the customer). The
in the virtual space, criminals have unprecedented
duration of such a conflict is determined by the
opportunities to mask their actions, as a result—
strength of the defenses and capabilities of the
their impunity. The geography and time of such
attacker. Table 2 presents the stages of this
conflicts are unlimited.
conflict.
59
�Table 2 cause material losses and/or reputational losses
Stages of information conflict at the attacker- of the organization [20].
user level As the 2022 Cost of Insider Threats: Global
Stages Description Report reveals, insider threat incidents have risen
44% over the past two years, with costs per
Creating malicious software on incident up more than a third to $15.38 million;
The
purpose (using someone else’s) the cost of credential theft to organizations
emergence
to achieve one’s goals (revenge, increased 65% from $2.79 million in 2020 to
of a conflict
financial gain, emotional $4.6 million at present; the time to contain an
situation
satisfaction) insider threat incident increased from 77 days to
85 days, leading organizations to spend the most
The attacker deliberately and on containment [21].
Latent actively searches for The authors [22] propose to consider the
stage vulnerabilities in the user’s portrait of an insider from the point of view of
information system psychological characteristics and activities: low-
class and high-class insiders. The activities of
Destruction, forgery, low-class insiders have been exposed and
Active stage modification, blocking, theft of punished. The profile of such a violator includes
information the following features: these people do not have
high-quality technical education; worked in
The stage of The user provides redemption; various positions; are motivated by personal gain
ending the acts through the legal field; loses and are influenced by emotions; are not aware of
conflict information the potential negative consequences of their
actions; their behavior arouses suspicion on the
part of colleagues.
Regulation of this conflict is possible at a latent High-class insiders see their malicious
stage, if the user has a high level of information mission as their career decision. The portrait of
protection, following the basic rules: password such a violator is high-quality professional
management; use of at least two-factor abilities, diligence, reliability, leadership, and
authentication; use of licensed antivirus dedication. Such insiders are very dangerous.
programs; control over personal information The structure and stages of the informational
transmitted over the Internet; avoiding the use of conflict are different for each of these types. The
public Wi-Fi networks. description is presented in Table 3 and Table 4.
Table 3
2.2. Subject-Subject Information Stages of information conflict at the level of an
Conflict: Business Level internal employee (low-class insider)—the head
of the company
The direction of our research will further be Stages Description
directed to the analysis of possible conflict An unfair decision by the
situations between the head of the company and The emergence of manager, resentment, and
a subordinate in the context of the existence of a conflict situation lack of respect, as a result of
an information conflict, which causes a violation the desire for revenge
of the information protection system.
Information conflict in security systems Unauthorized/privileged
“subject-subject” at the level of business Latent stage
access to IS
“internal employee—manager” is defined as the
result of an employee’s insider activity, which The violator was found and
Active stage
led to a violation of the security policy in the detained
company’s information system.
Insider activity—directed actions of The stage of Firing from a job; punishment
motivated subjects who have legitimate access to ending the conflict by law
information assets and skills to obtain valuable
information, know the vulnerabilities of
information systems and business processes, to
60
�Table 4 The current stage is characterized by the
Stages of information conflict at the level of an introduction of mixed systems and methods of
internal employee (high-class insider)—the head detecting insider threats [20]. Scientists are trying
of the company to combine two approaches in this direction:
Stages Description ● Psychosocial approach, the basis of which
Emergence
is the analysis of the mental and emotional
The temptation to get hidden profit; states of employees, and it is possible to predict
of a conflict
sharp sensations; boasting the behavior of an insider.
situation
Latent Unauthorized/privileged access to ● Continuous monitoring in the network.
stage IS A large business has the material resources to
Loss of confidentiality, integrity, implement software products to detect insider
Active and availability of information threats, for example, the CHAMPION system
stage (material and reputational damage (Columnar Hierarchical Autoassociative Memory
to the organization) Processing in Ontological Networks), small and
The possibility of purchasing medium-sized businesses practically do not deal
The stage
information; actions through the with this issue. In this regard, we offer the
of ending
legal field; involvement of third following recommendations regarding the
the conflict
parties in negotiations possible forecasting of conflicts in the company’s
information security. This process is based on two
It should be noted that an insider can be an components:
external actor, for example, a former employee, 1. Software for determining the user’s
whose motive may be revenge for, in his opinion, computer activity, the main of which is:
unfair dismissal from work. ● Role-based access policy.
An information conflict is also possible if the ● Restrictions on data transmission and
insider activity was unintentional, but the loss of the copying.
company’s information data occurred. Moreover, ● Using MPI (Microsoft Purview Insider or
the manager learned about this event after this DLP (Digital Light Processing).
incident. The structure of such a conflict does not
contain a latent stage, since the informational 2. Psychological methods for personality
conflict has occurred. The stage of the end of the profiling can be used:
conflict is the punishment of the employee (verbal • “Big Five” test
or written penalty, material penalty, dismissal from • Test “Ability to self-govern”
work). • Individual psychological test.
The conflict struggle is most often caused by a As a result of processing the obtained results,
primitive perception of reality, as if one of the parties if everything is satisfactory, then there is constant
is capable of winning, and the other—is defeated. monitoring of the information system on the one
There is some redistribution of the spectral hand and training with employees on the other.
characteristics of the opposing sides in the conflict. Otherwise, the security policy should be further
The victorious gain in one aspect means inevitable reviewed and additional methods of detecting and
loss, defeat, and loss in another. The essence of the countering insiders should be added. Fig. 2
contradiction is transformed and appears again in the presents the algorithm of this process.
future at another level of gradation of the complex Therefore, increasing investments in the
structure of interests [14]. This process is company’s information security will reduce the
demonstrated by an example of a dismissed likelihood of information conflicts. However,
employee. Therefore, it is important to understand companies stop at a level of rational investment
the problem of conflict prevention. The authors of that is equal to or less than the expected losses
the study [23] proposed three approaches to from a hack. This leads to a gap in investments
detecting insider threats: (Fig. 3) in the cyber defense of companies [24].
● Sociological, psychological, and Special measures of the government would allow
organizational. the filling of this delta. For example, to subsidize
● Socio-technical. equipment, software, and training, and increase
● Technical. the number of cyber specialists who know how to
work with systems, programs, and equipment and
In our opinion, this will make it possible to stop
ensure the functioning of all these components.
the informational conflict before the active stage.
61
� Approaches to information
conflict resolution
Requirements for the Psychological and diagnostic
Organization’s IS to testing of behavior
determine activity
Trainings and cooperation
Continuous IS monitoring
1. Access policy based on roles
and their needs to perform
1. Individual psychological tests.
official functions
2. “Big five” test.
2. Limitation of data
3. The “Ability to
transmission and copying.
self-governance” test
3. Using MS Purview
Insider or DLP
Result
processing
No
Is it satisfactory?
Yes
Acception
Figure 2: Approaches to the resolution of informational conflicts at the level of an insider-head of
the company
1
Rational
Investment Level
Minimum
Risk Level Possible
Maximum Investment in information Security
Investment
Figure 3: Rational Investment Level
62
�2.3. Information Conflict “Subject- approach, as the tools needed to respond are
often in the hands of others [24, 25]. This
to-Subject”: State Level cooperation should include specialized
information and cyber security firms, IT
Information conflict in security systems companies, hardware companies, banks and
“subject-subject” at the level of the state
financial sector entities, politicians and
“hackers—state institutions, state officials” is the
process of resisting hacker attacks on the members of government, and private entities.
information systems of critical infrastructure The effectiveness of work is monitored
objects of the state, as a result of which there is a through reporting and transparency of their
possible disruption of the functioning of data activities, which will reduce the likelihood of
about objects information conflicts.
It should be noted that most of the incidents are
disclosed by the relevant state structures. Table 5 2.4. Information Conflict “Subject—
presents the structure of this conflict.
Subject”: International Relations
Table 5
Stages of information conflict at the level of Level
hackers—state institutions, statesmen
Stages Description The relevance of the issue of information
Preparation for a cyber attack conflict at the level of international relations is
on critical infrastructure facilities. confirmed by a large number of studies in the field
The
Motivation: of politics, law, military affairs, and cyber security
emergence of
- material component [26–35].
a conflict
- sharp sensations Analysis of the literature made it possible to
situation
- leadership. identify the following features and characteristics
of information conflict in security systems:
Unauthorized interference (use of ● the geography of the conflict (in
malicious software); traditional battles, the defender has an
Latent stage bribery of insiders; blackmail of
advantage due to his knowledge of the terrain
politicians.
and the direction of the attack, in the cyber
Violation of integrity world these advantages disappear, since states
(manipulation of data or often do not know where the attack will come
introduction of data to influence from or even if an attack is happening [30]).
the political and economic ● the globality of the conflict (in any
activities of the government). conflict, cyberattacks quickly become global
Violation of availability (refusal to as secretly acquired or hacked computers and
Active stage service critical infrastructure servers around the world are brought into
objects). action [30]).
Violation of confidentiality ● responsibility for the conflict (in the
(extraction of personal data of digital sphere, identifying perpetrators is more
members of the government, difficult: most states deny any involvement in
political figures; espionage). actions that can be considered military in
cyberspace; it is easy to hide behind proxies,
If the active stage has taken place,
then a violation of the regular
raise false flags and act on behalf of another
mode of operation of the critical
person [27, 31]).
The stage of infrastructure object. ● an imbalance between offense and
ending the In the opposite case: the use of defense (a single weak point may be enough
conflict the legal field, meeting the for an attacker to enter systems and networks
requirements of the opposite to achieve their goals, while defenders need to
party guard many systems, often without adequate
resources [27, 28, 31]).
Combating online threats requires the state An information conflict in security systems
to go beyond the whole government paradigm “subject-subject” at the international level “states,
and adopt a public-private partnership a group of subjects/hackers—institutions and/or
63
�political leaders of another state” is called the The increase in the number of information
process of confrontation between subjects of conflicts at the international level is especially
international relations in cyberspace, where intensified during the period of armed conflicts
offensive means and techniques of subjects of one between states. Thus, cyberattacks on the
state are aimed at information systems of critical Ukrainian government and the military sector
infrastructure objects of another state, as a result increased by 196% in the first three days of the
of which it is possible to disrupt the functioning of Russian Federation’s war against Ukraine [18.
these objects.
Table 6 3. Conclusions
Stages of information conflict at the level of the
state, groups of subjects—institutions, political Summarizing the above, we have the following
figures of another state results:
Stages Description 1. The study of information conflicts from
Preparation of a cyber attack on the point of view of information and cyber
critical infrastructure facilities of security is relevant and important since the
another state. Motivation: relationships between participants in the
- disruption of functioning virtual space are completely different.
and destruction of critical 2. When analyzing information conflicts in
infrastructure: power grids, cyberspace, the following key issues should be
production and distribution of oil considered:
The
and gas; logistics networks; ● the problem of attribution (anonymity of
emergence of
telecommunications; financial the created cyber attack, it is difficult to
a conflict
sector; services. distinguish different types of actors,
situation
- a claim to a certain status. including states, non-state groups, and
Involvement of public and individual hackers; the reward is a high level
private individuals/groups in the of information protection).
formation of a cyberattack. ● the advantage of offense over defense
Bribery and blackmail of (cyberspace encourages offensive strategies
members of the government and as opposed to defensive ones; attackers act
political figures. without warning, looking for vulnerabilities,
Unauthorized interference (use of while cyber defense monitoring must be real-
Latent stage malicious software); bribery of time and constant).
insiders; blackmail of politicians. ● unlimited territory.
● globality.
Violation of integrity
(manipulation of data or 3. Effective prevention of cyber conflicts
introduction of data to influence and their resolution requires public-private
the political and economic cooperation (involvement of security experts,
activities of the government). IT technologies, members of the government,
Violation of availability (refusal to and scientists).
Active stage
service critical infrastructure 4. The creation of mathematical models in
objects). the process of analyzing information conflicts
Violation of confidentiality in cyber security systems will become an
(removal of personal data of adequate tool for knowledge, description, and
members of the government, modeling of real phenomena in this field.
political figures. Espionage) 5. The theory of information conflicts in
If the active stage has taken place, information and cyber security systems has an
then a violation of the regular innovative character, strengthening the
mode of operation of the critical creation and development of new technologies
The stage of infrastructure object. for ensuring the integrity, availability, and
ending the In the opposite case: the use of confidentiality of information.
conflict the legal field at the international
level, and involvement of a third
party (state or group of states) in
the negotiations.
64
�4. References [12] І. Kononovich, D. Mayevskiy, R. Podobniy,
Models of System of the Cibersecurity
Providing with Delay of Reaction on
[1] V. V. Yaremenko, et. al., New Glossary of
Incidents, Inf. Math. Methods Simul. 5(4),
Ukrainian Language in Three Volumes,
(2015) 339–346.
Aconite, 1 (2007).
[13] S. Gorman, et. al., A Predator Prey
[2] M. Piren, Conflictology: Textbook.
Approach to the Network Structure of
MAUP, Kyiv, (2007).
Cyberspace, (2004).
[3] A. Girnyk, V. Rezanenko, The Concept of
[14] S. Yevseiev, et. al., Development of a
“Conflict” in Western Culture and in the
Method for Assessing the Security of Cyber-
Culture of Traditional Societies of the Far
Physical Systems Based on the Lotka–
East. Scientific Notes of NaUKMA, 136
Volterra Model, Eastern-European Journal of
(2012) 37–42.
Enterprise Technologies, 5(9) (113) (2021).
[4] M. Vladymyrenko, et al., Analysis of
doi:10.15587/1729-4061.2021.241638
Implementation Results of the Distributed
[15] V. Koshmanenko, Spectral Theory of
Access Control System. 2019 IEEE
Dynamic Conflict Systems, Naukova
International Scientific-Practical
Dumka, Kyiv, (2016).
Conference Problems of
[16] V. Koshmanenko, I. Samoilenko, Model of
Infocommunications, Science and
a Dynamic System of a Conflict Triad,
Technology (2019). doi:
Nonlinear Oscillations, 14(1) (2011) 56–
10.1109/picst47496.2019.9061376
76. doi:10.1007/s11072-011-0141-5
[5] Y. Sadykov, et al., Technology of Location
[17] D. Lupton, Digital Sociology (2015) Taylor
Hiding by Spoofing the Mobile Operator IP
and Francis. doi: 10.4324/9781315776880-1
Address, in: IEEE International Conference
[18] A. Nicola, Towards Digital Organized
on Information and Telecommunication
Crime and Digital Sociology of Organized
Technologies and Radio Electronics (2021)
Crime. Trends. Organ. Crim. (2022).
22–25. doi:
doi:10.1007/s12117-022-09457-y.
10.1109/UkrMiCo52950.2021.9716700
[19] Check Point Software’s 2023 Cyber
[6] V. Buriachok, V. Sokolov, P. Skladannyi,
Security Report, Cyber Security Report.
Security Rating Metrics for Distributed
[20] Malware, AV-TEST URL.
Wireless Systems, in: Workshop of the 8th
[21] S. Shevchenko, et. al., Іnsiders and Insider
International Conference on "Mathematics.
Information: Essence, Threats, Activities
Information Technologies. Education":
and Legal Responsibility, Cybersecur.
Modern Machine Learning Technologies
Educ. Sci. Technol. 3(15) (2022) 175–185.
and Data Science, vol. 2386 (2019) 222–
doi:10.28925/2663-4023.2022.15.175185
233.
[22] 2022 Ponemon Cost of Insider Threats
[7] S. Shevchenko, et. al., Study of Applied
Global Report, Proofpoint US.
Aspects Ofconflict Theory in Security
[23] E. Cole, S. Ring. Insider Threat: Protecting
Systems, Cybersecur. Educ. Sci. Technol.
the Enterprise from Sabotage, Spying, and
2(18) (2022) 150-162. doi:10.28925/2663-
Theft, Elsevier/Syngress, Amsterdam,
4023.2022.18.150162
(2005).
[8] G. Gallo, Conflict Theory, Complexity and
[24] J. Hunker, C. Probst. Insiders and Insider
Systems Approach, Systs. Res. Behav. Sci.
Threats: An Overview of Definitions and
30(2) (2013) 156–175. doi:10.1002/sres.2132
Mitigation Techniques, J. of Wirel. Mob.
[9] A. Lotka, Elements of Physical Biology,
Netws. Ubiquitous Comp. Dependable
Nature 116, 461 (1925).
Appls. 2(1) (2011) 4–27.
doi:10.1038/116461b0 1925
doi:10.22667/JOWUA.2011.03.31.004
[10] D. Trubetskov, Phenomenon of Lotka-
[25] S. Castro, Towards the Development of a
Volterra Mathematical Model and Similar
Rationalist Cyber Conflict Theory, Cyber
Models, Izvestiya VUZ, Appl. Nonlinear
Def. Rev. 6(1) (2021) 35–62.
Dyn. 19(2) (2011), 69–88.
[26] B. Buckland, F. Schreier, T. Winkler.
doi:10.18500/0869-6632-2011-19-2-69-88
Democratic Governance Challenges of
[11] A. Bratus’, A. Novozhilov, A. Platonov,
Cyber Security. DCAF Horizon 2015
Dynamic Systems and Models of Biology,
Working Paper, 1 (2015).
Draft, (2019).
65
�[27] D. Sherengovskij, The Concept and
Essence of International Conflict in the
Science of International Relations, Actual
Problems of Politics, Phoenix, Odesa, 43
(2011) 98–108.
[28] M. Wohlfeld, J. Jasper, Cyberattacks and
Cyber Conflict: Where Is Conflict
Resolution? University of Malta. Centre for
the Study and Practice of Conflict
Resolution, (2018) 5–17.
[29] J. Healey, The Five Futures of Cyber
Conflict and Cooperation. Georgetown J.
Int. Affs. (2011) 110–117.
[30] M. Intriligator, Research on Conflict
Theory: Analytic Approaches and Areas
of Application, J. Confl. Resolut. 26(2)
(1982) 307–327.
doi:10.1177/0022002782026002006
[31] B. Valeriano, R. Maness, What Do We
Know About Cyber Conflict? Scope,
Impact, and Restraint in Cyberspace.
[32] R. Inversini, Cyber Peace: And How It
Can Be Achieved, The Ethics of
Cybersecurity, Int. Libr. of Eths. Law
Technol. 21 (2020) 259–276.
doi:10.1007/978-3-030-29053-5_13
[33] R. Kazansky, Тhe Conflict Theory as a
Pillar of Security Science, Secur. Sci. J.
1(2) (2020). doi:10.37458/ssj.1.2.3
[34] H. Lin, Cyber Conflict and International
Humanitarian Law, Int. Rev. Red Cross,
94(886) (2012) 515–531.
doi:10.1017/S1816383112000811
[35] M. Christen, et. al., A Review of Value-
Conflicts in Cybersecurity, ORBIT J. 1(1)
(2017) 1–19. doi:10.29297/ORBIT.V1I1.28
[36] I. Alakbarova, Рroblems Created by
Cyberconflicts and Methods to Solve
Them, Probls. Inf. Soc. 2 (2015) 29–33.
doi:10.25045/jpis.v06.i2.04
66
�