Conflict Analysis in the “Subject-to-Subject” Security System Svitlana Shevchenko1, Yuliia Zhdanova1, Halina Shevchenko2, Оlena Nehodenko3, аnd Svitlana Spasiteleva1 1 Borys Grinchenko Kyiv University, 18/2 Bulvarno-Kudriavska str., Kyiv, 04053, Ukraine 2 The National University of Ostroh Academy, 2 Seminarska str., Ostroh, 35800, Ukraine 3 State University of Telecommunications, 7 Solomyanska str., Kyiv, 03110, Ukraine Abstract The concept of conflict theory is widely used in various sectors of society. This study examines the problem of using the main provisions of the theory of conflicts in the field of information security. With the development of information technologies, the risk of information conflicts is increasing, which can create threats to the integrity, availability, and confidentiality of information, which determines the relevance and importance of this research. The presented work is a continuation of developments describing the applied aspects of the theory of conflict theory in information security systems through the interaction of data streams in the “subject— subject” perspective. It is proposed to analyze the problem at four levels: the level of the individual (criminal—user); business level (internal and/or external violator—company manager); state level (violators/hackers—state institutions, state officials); the level of international relations (states, a group of subjects/hackers—institutions and/or political leaders of another state). Each level is defined as a complex conflict system that has a corresponding structure and stages. It was determined that the main characteristics of an information conflict in cyberspace are: unlimited territory, globality, the problem of attribution, and the superiority of attack over defense. It is substantiated that information security systems have all the features of complex conflict systems, which implies the application of the mathematical theory of conflict, namely, the Lotka-Volterra “predator—predator” model and the conflict triad model. The innovative function of information conflict is determined. The concept of conflict theory is widely used in various sectors of society. This study examines the problem of using the main provisions of the theory of conflicts in the field of information security. With the development of information technologies, the risk of information conflicts is increasing, which can create threats to the integrity, availability, and confidentiality of information, which determines the relevance and importance of this research. Keywords 1 Conflict, information conflict, information security systems, cyber system, cyber conflict, conflict structure, conflict stages, mathematical model of conflict. 1. Introduction impossible without disagreements, confron- tations, contradictions, and conflicts. More and more scientists are turning to Our society, in the center of which is a person theoretical and practical developments in conflict and his activities, is a complex dynamic system, theory. This is connected not only with the which is characterized by many connections, problem of studying man as a conflicted creature, interactions, and relations in different spheres and but also with the growing tension in various at different levels. Existence in such a system is spheres of social interaction of the participants of the organization, the state, and the world. CPITS 2023: Workshop on Cybersecurity Providing in Information and Telecommunication Systems, February 28, 2023, Kyiv, Ukraine EMAIL: s.shevchenko@kubg.edu.ua (S. Shevchenko); y.zhdanova@kubg.edu.ua (Y. Zhdanova); halyna.shevchenko@oa.edu.ua (H. Shevchenko); negodenkoav@i.ua (O. Nehodenko); s.spasitielieva@kubg.edu.ua (S. Spasiteleva) ORCID: 0000-0002-9736-8623 (S. Shevchenko); 0000-0002-9277-4972 (Y. Zhdanova); 0000-0002-8717-4358 (H. Shevchenko); 0000- 0001-6645-1566 (O. Nehodenko); 0000-0003-4993-6355 (S. Spasiteleva) ©️ 2023 Copyright for this paper by its authors. Use permitted under Creative Commons License Attribution 4.0 International (CC BY 4.0). CEUR Workshop Proceedings (CEUR-WS.org) 56 There is no unequivocal opinion about the information is a strategic resource, the value of concept of “conflict”. In modern literature, there which acquires especially in the process of are more than a dozen different definitions of creation, therefore it needs to be protected. conflict. All of them have the right to exist 2. Information conflicts as conflicts in because each emphasizes one or more information systems between implemented characteristics of this multifaceted phenomenon. programs or in telecommunication systems For the term “conflict” we come across several between radio-electronic means and security synonyms: clash of opposing interests, and views; systems. a sharp dispute; extreme aggravation of 3. Cyber conflicts are part of international contradictions, which leads to complications or information conflicts and are most often acute struggle [1]. However, contradiction and associated with information wars, cyber conflict should not be equated. Contradiction espionage, and cyber operations. (opposite as its component) is a defining feature It is substantiated that it is advisable to of any phenomenon or event. Contradictions turn consider the coverage of this problem through the into conflict if their level increases to a critical interaction of the planes of the theory of conflict limit and at the same time a subject is formed, theory and the theory of information and which will deliberately exacerbate them in its cybernetic security in three perspectives: interests [2]. ● “subject—subject” or “person—person”, At the same time, the authors of the study [3] possibly “group of people—group of people”, emphasize that outside the subjects and “person—group of people”. independently of them there are contradictions, ● “subject—object” or “man—machine”. but not conflicts. The concept of conflict is not a ● “object—object” or “machine—machine”. fixation, but a qualification of the state of relations Within the scope of this article, it is intended in a certain situation, which defines conflict as an to consider the applied aspects of the theory of assessment of the nature of interaction. Such a conflict theory in information security systems definition makes it possible to preserve the name through the interaction of data flows from the conflict for situations of the opposition of the perspective of “subject—subject”. In particular, parties to each other, which are traditionally called analyze the issues at four levels: conflict, and at the same time to extend this 1. Personality level (criminal—user) concept to situations of incompatibility of certain 2. Business level (internal and/or external elements in the composition of the whole [3, p. offender—company manager) 41]. This interpretation will allow us to describe 3. State level (violators/hackers—state conflicts of various natures, for example, a institutions, state officials) conflict of immunities, a conflict between 4. The level of international relations (states, software and a security system, and others. a group of subjects/hackers—institutions The transition of society to the information age and/or political leaders of another state). gave rise to innovative conflicts—informational. Modern informational conflicts have significantly transformed on both the micro and macro levels: 2. Mathematical Models of “Subject- starting from communication in social networks Subject” Information Conflict and ending with cyberespionage, cyberattacks, cyberwars, and involvement of non-state actors in Conflict is a very complex system with relations in the international arena. With the adaptive structures and evolutionary mechanisms. development of information technologies, the risk It is a system made up of interconnected parts that, of new conflicts that may threaten the integrity, as a whole, exhibit properties that cannot be easily availability, and confidentiality of information understood just by disassembling and analyzing increases [4–6]. the properties of the individual components. A The beginning of the discussion of these deep understanding of conflicts requires, on the aspects of the analysis of information conflicts in one hand, a systems thinking approach, and on the security systems was presented by us in the study other, a combination of many social and scientific [7]. The analysis of the literature made it possible disciplines [8]. The analysis of analytical reports to determine the following approaches to the and scientific literature confirms the fact that definition of conflicts in security systems: together with the development of hardware and 1. Information conflicts as a part of conflicts software means of information protection, the in various spheres and industries, since 57 number of malicious software that allows one Protected, subject (group) to gain unauthorized access to the 𝑝2 is the probability that an attacker will obtain information resources of another subject the information, (institution) is growing rapidly. As a result of the 𝑝3 is the probability that an attacker will not be implementation of such a threat, information able to obtain the information, protection is violated, and its destruction and/or 𝑝4 is the probability that an attacker has theft, loss of integrity, availability, and sufficient potential to breach the user’s protection. confidentiality are possible. The interaction of these parties is conflictual. The modern theory of However, the presented model is of a conflict systems allows for building and generalized nature, since this information security researching models of real processes using the system is not isolated from others and is in a mathematical theory of conflict. In this case, we complex relationship with them. To bring the will use the well-known “prey—predator” model, model closer to real data, various modifications which is based on a system of two first-order are used. Thus, work [14] presents an approach ordinary differential equations. The equation was where x and y are vector values: proposed independently by scientists Alfred 𝑥 = (𝑥1 , 𝑥2 , . . . , 𝑥𝑛 ), James Lotka and Vito Volterra in 1925 and 1926 𝑦 = (𝑦1 , 𝑦2 , . . . , 𝑦𝑛 ), 𝑛 > 1. [9]. The classical Lotka-Volterra “predator— prey” mathematical model is used in many fields Therefore, the values x and y can be of science and technology due to its successful represented not only by the volume of information combination of relatively low complexity and but also by other characteristics of the security strong nonlinearity. The model has a high degree system. of universality when describing the behavior of The model can also be improved by complex systems operating in the mode of self- introducing the delay time of the argument t, the oscillations [10, 11]. It should be noted the value of which is determined by the method of existence of spot developments for the experimental selection. implementation of this model in the security The next conflict system that can be modeled system [12–13]. In general, the model looks as follows: in security systems is the conflict triad model [15]. The dynamic model of the conflict triad is a model 𝑑𝑥 = (𝑝1 − 𝑝2 y)𝑥, that is defined by the interaction between three { 𝑑𝑡 natural substances: the population of a biological 𝑑𝑦 = (−𝑝3 + 𝑝4 y)𝑥, species (life), the environment (resource of 𝑑𝑡 existence), and negative factors for existence where 𝑥 is the amount of information available to (virus). the user and interest to the attacker, Let’s apply the described model to the security 𝑦 is the amount of information obtained by system. Let us denote by P, R, Q substances that hacking, exist in a common space and interact with each 𝑡 is the duration of the process, other in a certain way. Then, in the conflict system 𝑝1 is the probability that the volume of of the “subject—subject” security system, we get information of interest to the attacker is well the following subsystems at different levels (see Table 1): Table 1 Substances in the conflict triad of information security Subject— Space 𝜴 Substance 𝑷 Substance 𝑹 Substance 𝑸 subject level Information Company Technical, legal, Anthropogenic sources of Business level system management organizational tools threats Information State figures, Technical, legal, Anthropogenic sources of State level system of state state organizational tools threats institutions institutions International Politicians, state Any subject (group of Virtual space All existing relations level institutions subjects) of another state 58 Interdependence between substances P, R, Q 2.1. Subject—Subject Informational [15] is depicted by the diagram in Figure 1, where Conflict: The Level of the Individual an arrow with a certain sign corresponds to the direction of positive or negative dependence of The birth of the Internet in 1989 caused a rapid one substance on another. growth of computer equipment, in particular, personal. The use of the World Wide Web led to the creation of new interactions and relationships P between people—virtual, the era of digital society began. Persons, relationships, and social institutions are formed by both software and – – hardware [16]. Along with this, where there are + + new social facts, new habits, new ways to meet, buy, pay, store, protect, and transfer assets, new digital identities, and new systems for gathering information, it is only natural that new crimes Q – R appear, related to information technologies [17]. – According to an analytical report [18] in 2022, the frequency of email attacks has increased to reach 86% of all file-based in-the-wild attacks, Zip files are the most common format for hiding Figure 1: Interdependence between substances malware, Joker mobile malware, which accesses contact lists by hiding in at least 8 Google Store Two-way pairwise interdependence “plus- apps, has been downloaded more than 3 million minus” is an analog of the “prey-predator” model. times, allowing attackers to obtain relevant Interdependence “minus-minus” models the information. accesses users’ contact lists and conflict struggle of irreconcilable alternative sends information to attackers. Every day, the substances (anthropogenic source of threats— AV-TEST Institute registers more than 450,000 security policy). new malicious programs (malware) and The conflict triad is a complex dynamic system potentially unwanted programs (PUAs), in the last since each of the three substances has an internal year there have been about 70 million malicious structure 𝑃 = (𝑃1 , 𝑃2 , . . . , 𝑃𝑛 ), programs for Windows, which is 5000 times more 𝑅 = (𝑅1 , 𝑅2 , . . . , 𝑅𝑛 ), 𝑄 = (𝑄1 , 𝑄2 , . . . , 𝑄𝑛 ). than for macOS (where only about 12,000 Also, all the formulas for the interaction of samples) and 60 times more than the each substance with a pair of others are different corresponding figures for Linux (2 million from each other: P with a pair {𝑄, 𝑅}, 𝑄 with a samples) [19]. Thus, in the information sphere, a pair {𝑃, 𝑅}, 𝑅 with a pair {𝑃, 𝑄}. conflict situation is defined, as one which was The formulas defining the dynamic system of intentionally created by one of the parties the conflict triad are given in [15]. (criminal) to achieve their goals or orders. The nature of things in the world is such that An information conflict in “subject-subject” any conflict process is endless. In each act, the security systems at the “criminal-user” level is the conflict transforms the content of the result of the process of the criminal overcoming contradiction into a new, possibly hidden, form. the resistance of the protection means of the user’s From the point of view of mathematics, this means information system, which enables the loss of a change in the spectral structure of the conflicting confidentiality, availability, and integrity of distributions. information. It should be noted that managing information Such a conflict occurs in the user’s information conflict in information security systems is a major system, usually two participants (however, there problem today. This is explained by the fact that may be a third person—the customer). The in the virtual space, criminals have unprecedented duration of such a conflict is determined by the opportunities to mask their actions, as a result— strength of the defenses and capabilities of the their impunity. The geography and time of such attacker. Table 2 presents the stages of this conflicts are unlimited. conflict. 59 Table 2 cause material losses and/or reputational losses Stages of information conflict at the attacker- of the organization [20]. user level As the 2022 Cost of Insider Threats: Global Stages Description Report reveals, insider threat incidents have risen 44% over the past two years, with costs per Creating malicious software on incident up more than a third to $15.38 million; The purpose (using someone else’s) the cost of credential theft to organizations emergence to achieve one’s goals (revenge, increased 65% from $2.79 million in 2020 to of a conflict financial gain, emotional $4.6 million at present; the time to contain an situation satisfaction) insider threat incident increased from 77 days to 85 days, leading organizations to spend the most The attacker deliberately and on containment [21]. Latent actively searches for The authors [22] propose to consider the stage vulnerabilities in the user’s portrait of an insider from the point of view of information system psychological characteristics and activities: low- class and high-class insiders. The activities of Destruction, forgery, low-class insiders have been exposed and Active stage modification, blocking, theft of punished. The profile of such a violator includes information the following features: these people do not have high-quality technical education; worked in The stage of The user provides redemption; various positions; are motivated by personal gain ending the acts through the legal field; loses and are influenced by emotions; are not aware of conflict information the potential negative consequences of their actions; their behavior arouses suspicion on the part of colleagues. Regulation of this conflict is possible at a latent High-class insiders see their malicious stage, if the user has a high level of information mission as their career decision. The portrait of protection, following the basic rules: password such a violator is high-quality professional management; use of at least two-factor abilities, diligence, reliability, leadership, and authentication; use of licensed antivirus dedication. Such insiders are very dangerous. programs; control over personal information The structure and stages of the informational transmitted over the Internet; avoiding the use of conflict are different for each of these types. The public Wi-Fi networks. description is presented in Table 3 and Table 4. Table 3 2.2. Subject-Subject Information Stages of information conflict at the level of an Conflict: Business Level internal employee (low-class insider)—the head of the company The direction of our research will further be Stages Description directed to the analysis of possible conflict An unfair decision by the situations between the head of the company and The emergence of manager, resentment, and a subordinate in the context of the existence of a conflict situation lack of respect, as a result of an information conflict, which causes a violation the desire for revenge of the information protection system. Information conflict in security systems Unauthorized/privileged “subject-subject” at the level of business Latent stage access to IS “internal employee—manager” is defined as the result of an employee’s insider activity, which The violator was found and Active stage led to a violation of the security policy in the detained company’s information system. Insider activity—directed actions of The stage of Firing from a job; punishment motivated subjects who have legitimate access to ending the conflict by law information assets and skills to obtain valuable information, know the vulnerabilities of information systems and business processes, to 60 Table 4 The current stage is characterized by the Stages of information conflict at the level of an introduction of mixed systems and methods of internal employee (high-class insider)—the head detecting insider threats [20]. Scientists are trying of the company to combine two approaches in this direction: Stages Description ● Psychosocial approach, the basis of which Emergence is the analysis of the mental and emotional The temptation to get hidden profit; states of employees, and it is possible to predict of a conflict sharp sensations; boasting the behavior of an insider. situation Latent Unauthorized/privileged access to ● Continuous monitoring in the network. stage IS A large business has the material resources to Loss of confidentiality, integrity, implement software products to detect insider Active and availability of information threats, for example, the CHAMPION system stage (material and reputational damage (Columnar Hierarchical Autoassociative Memory to the organization) Processing in Ontological Networks), small and The possibility of purchasing medium-sized businesses practically do not deal The stage information; actions through the with this issue. In this regard, we offer the of ending legal field; involvement of third following recommendations regarding the the conflict parties in negotiations possible forecasting of conflicts in the company’s information security. This process is based on two It should be noted that an insider can be an components: external actor, for example, a former employee, 1. Software for determining the user’s whose motive may be revenge for, in his opinion, computer activity, the main of which is: unfair dismissal from work. ● Role-based access policy. An information conflict is also possible if the ● Restrictions on data transmission and insider activity was unintentional, but the loss of the copying. company’s information data occurred. Moreover, ● Using MPI (Microsoft Purview Insider or the manager learned about this event after this DLP (Digital Light Processing). incident. The structure of such a conflict does not contain a latent stage, since the informational 2. Psychological methods for personality conflict has occurred. The stage of the end of the profiling can be used: conflict is the punishment of the employee (verbal • “Big Five” test or written penalty, material penalty, dismissal from • Test “Ability to self-govern” work). • Individual psychological test. The conflict struggle is most often caused by a As a result of processing the obtained results, primitive perception of reality, as if one of the parties if everything is satisfactory, then there is constant is capable of winning, and the other—is defeated. monitoring of the information system on the one There is some redistribution of the spectral hand and training with employees on the other. characteristics of the opposing sides in the conflict. Otherwise, the security policy should be further The victorious gain in one aspect means inevitable reviewed and additional methods of detecting and loss, defeat, and loss in another. The essence of the countering insiders should be added. Fig. 2 contradiction is transformed and appears again in the presents the algorithm of this process. future at another level of gradation of the complex Therefore, increasing investments in the structure of interests [14]. This process is company’s information security will reduce the demonstrated by an example of a dismissed likelihood of information conflicts. However, employee. Therefore, it is important to understand companies stop at a level of rational investment the problem of conflict prevention. The authors of that is equal to or less than the expected losses the study [23] proposed three approaches to from a hack. This leads to a gap in investments detecting insider threats: (Fig. 3) in the cyber defense of companies [24]. ● Sociological, psychological, and Special measures of the government would allow organizational. the filling of this delta. For example, to subsidize ● Socio-technical. equipment, software, and training, and increase ● Technical. the number of cyber specialists who know how to work with systems, programs, and equipment and In our opinion, this will make it possible to stop ensure the functioning of all these components. the informational conflict before the active stage. 61 Approaches to information conflict resolution Requirements for the Psychological and diagnostic Organization’s IS to testing of behavior determine activity Trainings and cooperation Continuous IS monitoring 1. Access policy based on roles and their needs to perform 1. Individual psychological tests. official functions 2. “Big five” test. 2. Limitation of data 3. The “Ability to transmission and copying. self-governance” test 3. Using MS Purview Insider or DLP Result processing No Is it satisfactory? Yes Acception Figure 2: Approaches to the resolution of informational conflicts at the level of an insider-head of the company 1 Rational Investment Level Minimum Risk Level Possible Maximum Investment in information Security Investment Figure 3: Rational Investment Level 62 2.3. Information Conflict “Subject- approach, as the tools needed to respond are often in the hands of others [24, 25]. This to-Subject”: State Level cooperation should include specialized information and cyber security firms, IT Information conflict in security systems companies, hardware companies, banks and “subject-subject” at the level of the state financial sector entities, politicians and “hackers—state institutions, state officials” is the process of resisting hacker attacks on the members of government, and private entities. information systems of critical infrastructure The effectiveness of work is monitored objects of the state, as a result of which there is a through reporting and transparency of their possible disruption of the functioning of data activities, which will reduce the likelihood of about objects information conflicts. It should be noted that most of the incidents are disclosed by the relevant state structures. Table 5 2.4. Information Conflict “Subject— presents the structure of this conflict. Subject”: International Relations Table 5 Stages of information conflict at the level of Level hackers—state institutions, statesmen Stages Description The relevance of the issue of information Preparation for a cyber attack conflict at the level of international relations is on critical infrastructure facilities. confirmed by a large number of studies in the field The Motivation: of politics, law, military affairs, and cyber security emergence of - material component [26–35]. a conflict - sharp sensations Analysis of the literature made it possible to situation - leadership. identify the following features and characteristics of information conflict in security systems: Unauthorized interference (use of ● the geography of the conflict (in malicious software); traditional battles, the defender has an Latent stage bribery of insiders; blackmail of advantage due to his knowledge of the terrain politicians. and the direction of the attack, in the cyber Violation of integrity world these advantages disappear, since states (manipulation of data or often do not know where the attack will come introduction of data to influence from or even if an attack is happening [30]). the political and economic ● the globality of the conflict (in any activities of the government). conflict, cyberattacks quickly become global Violation of availability (refusal to as secretly acquired or hacked computers and Active stage service critical infrastructure servers around the world are brought into objects). action [30]). Violation of confidentiality ● responsibility for the conflict (in the (extraction of personal data of digital sphere, identifying perpetrators is more members of the government, difficult: most states deny any involvement in political figures; espionage). actions that can be considered military in cyberspace; it is easy to hide behind proxies, If the active stage has taken place, then a violation of the regular raise false flags and act on behalf of another mode of operation of the critical person [27, 31]). The stage of infrastructure object. ● an imbalance between offense and ending the In the opposite case: the use of defense (a single weak point may be enough conflict the legal field, meeting the for an attacker to enter systems and networks requirements of the opposite to achieve their goals, while defenders need to party guard many systems, often without adequate resources [27, 28, 31]). Combating online threats requires the state An information conflict in security systems to go beyond the whole government paradigm “subject-subject” at the international level “states, and adopt a public-private partnership a group of subjects/hackers—institutions and/or 63 political leaders of another state” is called the The increase in the number of information process of confrontation between subjects of conflicts at the international level is especially international relations in cyberspace, where intensified during the period of armed conflicts offensive means and techniques of subjects of one between states. Thus, cyberattacks on the state are aimed at information systems of critical Ukrainian government and the military sector infrastructure objects of another state, as a result increased by 196% in the first three days of the of which it is possible to disrupt the functioning of Russian Federation’s war against Ukraine [18. these objects. Table 6 3. Conclusions Stages of information conflict at the level of the state, groups of subjects—institutions, political Summarizing the above, we have the following figures of another state results: Stages Description 1. The study of information conflicts from Preparation of a cyber attack on the point of view of information and cyber critical infrastructure facilities of security is relevant and important since the another state. Motivation: relationships between participants in the - disruption of functioning virtual space are completely different. and destruction of critical 2. When analyzing information conflicts in infrastructure: power grids, cyberspace, the following key issues should be production and distribution of oil considered: The and gas; logistics networks; ● the problem of attribution (anonymity of emergence of telecommunications; financial the created cyber attack, it is difficult to a conflict sector; services. distinguish different types of actors, situation - a claim to a certain status. including states, non-state groups, and Involvement of public and individual hackers; the reward is a high level private individuals/groups in the of information protection). formation of a cyberattack. ● the advantage of offense over defense Bribery and blackmail of (cyberspace encourages offensive strategies members of the government and as opposed to defensive ones; attackers act political figures. without warning, looking for vulnerabilities, Unauthorized interference (use of while cyber defense monitoring must be real- Latent stage malicious software); bribery of time and constant). insiders; blackmail of politicians. ● unlimited territory. ● globality. Violation of integrity (manipulation of data or 3. Effective prevention of cyber conflicts introduction of data to influence and their resolution requires public-private the political and economic cooperation (involvement of security experts, activities of the government). IT technologies, members of the government, Violation of availability (refusal to and scientists). Active stage service critical infrastructure 4. The creation of mathematical models in objects). the process of analyzing information conflicts Violation of confidentiality in cyber security systems will become an (removal of personal data of adequate tool for knowledge, description, and members of the government, modeling of real phenomena in this field. political figures. Espionage) 5. The theory of information conflicts in If the active stage has taken place, information and cyber security systems has an then a violation of the regular innovative character, strengthening the mode of operation of the critical creation and development of new technologies The stage of infrastructure object. for ensuring the integrity, availability, and ending the In the opposite case: the use of confidentiality of information. conflict the legal field at the international level, and involvement of a third party (state or group of states) in the negotiations. 64 4. References [12] І. Kononovich, D. Mayevskiy, R. Podobniy, Models of System of the Cibersecurity Providing with Delay of Reaction on [1] V. V. Yaremenko, et. al., New Glossary of Incidents, Inf. Math. Methods Simul. 5(4), Ukrainian Language in Three Volumes, (2015) 339–346. Aconite, 1 (2007). [13] S. Gorman, et. al., A Predator Prey [2] M. Piren, Conflictology: Textbook. Approach to the Network Structure of MAUP, Kyiv, (2007). Cyberspace, (2004). [3] A. Girnyk, V. Rezanenko, The Concept of [14] S. Yevseiev, et. al., Development of a “Conflict” in Western Culture and in the Method for Assessing the Security of Cyber- Culture of Traditional Societies of the Far Physical Systems Based on the Lotka– East. Scientific Notes of NaUKMA, 136 Volterra Model, Eastern-European Journal of (2012) 37–42. Enterprise Technologies, 5(9) (113) (2021). [4] M. Vladymyrenko, et al., Analysis of doi:10.15587/1729-4061.2021.241638 Implementation Results of the Distributed [15] V. Koshmanenko, Spectral Theory of Access Control System. 2019 IEEE Dynamic Conflict Systems, Naukova International Scientific-Practical Dumka, Kyiv, (2016). Conference Problems of [16] V. Koshmanenko, I. Samoilenko, Model of Infocommunications, Science and a Dynamic System of a Conflict Triad, Technology (2019). doi: Nonlinear Oscillations, 14(1) (2011) 56– 10.1109/picst47496.2019.9061376 76. doi:10.1007/s11072-011-0141-5 [5] Y. Sadykov, et al., Technology of Location [17] D. Lupton, Digital Sociology (2015) Taylor Hiding by Spoofing the Mobile Operator IP and Francis. doi: 10.4324/9781315776880-1 Address, in: IEEE International Conference [18] A. Nicola, Towards Digital Organized on Information and Telecommunication Crime and Digital Sociology of Organized Technologies and Radio Electronics (2021) Crime. Trends. Organ. Crim. (2022). 22–25. doi: doi:10.1007/s12117-022-09457-y. 10.1109/UkrMiCo52950.2021.9716700 [19] Check Point Software’s 2023 Cyber [6] V. Buriachok, V. Sokolov, P. Skladannyi, Security Report, Cyber Security Report. Security Rating Metrics for Distributed [20] Malware, AV-TEST URL. Wireless Systems, in: Workshop of the 8th [21] S. Shevchenko, et. al., Іnsiders and Insider International Conference on "Mathematics. Information: Essence, Threats, Activities Information Technologies. Education": and Legal Responsibility, Cybersecur. Modern Machine Learning Technologies Educ. Sci. Technol. 3(15) (2022) 175–185. and Data Science, vol. 2386 (2019) 222– doi:10.28925/2663-4023.2022.15.175185 233. [22] 2022 Ponemon Cost of Insider Threats [7] S. Shevchenko, et. al., Study of Applied Global Report, Proofpoint US. Aspects Ofconflict Theory in Security [23] E. Cole, S. Ring. Insider Threat: Protecting Systems, Cybersecur. Educ. Sci. Technol. the Enterprise from Sabotage, Spying, and 2(18) (2022) 150-162. doi:10.28925/2663- Theft, Elsevier/Syngress, Amsterdam, 4023.2022.18.150162 (2005). [8] G. Gallo, Conflict Theory, Complexity and [24] J. Hunker, C. Probst. Insiders and Insider Systems Approach, Systs. Res. Behav. Sci. Threats: An Overview of Definitions and 30(2) (2013) 156–175. doi:10.1002/sres.2132 Mitigation Techniques, J. of Wirel. Mob. [9] A. Lotka, Elements of Physical Biology, Netws. Ubiquitous Comp. Dependable Nature 116, 461 (1925). Appls. 2(1) (2011) 4–27. doi:10.1038/116461b0 1925 doi:10.22667/JOWUA.2011.03.31.004 [10] D. Trubetskov, Phenomenon of Lotka- [25] S. Castro, Towards the Development of a Volterra Mathematical Model and Similar Rationalist Cyber Conflict Theory, Cyber Models, Izvestiya VUZ, Appl. Nonlinear Def. Rev. 6(1) (2021) 35–62. Dyn. 19(2) (2011), 69–88. [26] B. Buckland, F. Schreier, T. Winkler. doi:10.18500/0869-6632-2011-19-2-69-88 Democratic Governance Challenges of [11] A. Bratus’, A. Novozhilov, A. Platonov, Cyber Security. DCAF Horizon 2015 Dynamic Systems and Models of Biology, Working Paper, 1 (2015). Draft, (2019). 65 [27] D. Sherengovskij, The Concept and Essence of International Conflict in the Science of International Relations, Actual Problems of Politics, Phoenix, Odesa, 43 (2011) 98–108. [28] M. Wohlfeld, J. Jasper, Cyberattacks and Cyber Conflict: Where Is Conflict Resolution? University of Malta. Centre for the Study and Practice of Conflict Resolution, (2018) 5–17. [29] J. Healey, The Five Futures of Cyber Conflict and Cooperation. Georgetown J. Int. Affs. (2011) 110–117. [30] M. Intriligator, Research on Conflict Theory: Analytic Approaches and Areas of Application, J. Confl. Resolut. 26(2) (1982) 307–327. doi:10.1177/0022002782026002006 [31] B. Valeriano, R. Maness, What Do We Know About Cyber Conflict? Scope, Impact, and Restraint in Cyberspace. [32] R. Inversini, Cyber Peace: And How It Can Be Achieved, The Ethics of Cybersecurity, Int. Libr. of Eths. Law Technol. 21 (2020) 259–276. doi:10.1007/978-3-030-29053-5_13 [33] R. Kazansky, Тhe Conflict Theory as a Pillar of Security Science, Secur. Sci. J. 1(2) (2020). doi:10.37458/ssj.1.2.3 [34] H. Lin, Cyber Conflict and International Humanitarian Law, Int. Rev. Red Cross, 94(886) (2012) 515–531. doi:10.1017/S1816383112000811 [35] M. Christen, et. al., A Review of Value- Conflicts in Cybersecurity, ORBIT J. 1(1) (2017) 1–19. doi:10.29297/ORBIT.V1I1.28 [36] I. Alakbarova, Рroblems Created by Cyberconflicts and Methods to Solve Them, Probls. Inf. Soc. 2 (2015) 29–33. doi:10.25045/jpis.v06.i2.04 66