ALGORITHM FOR INCREASING PERSONAL DATA PROTECTION EFFICIENCY DUE TO COMBINATION OF THREAT AND SECURITY VIOLATOR MODELS

Abstract

Statistics of information security breaches show that information compromise is one of the most frequent security violations, and almost half of them are aimed at acquiring personal data. Since companies suffer significant financial losses, lose customers and their reputation due to the leakage of personal data, it is this category of data that requires particularly reliable and effective protection. It has been established that for the effective protection of personal data processed in information and communication systems, it is necessary to implement a complex of normative-legal, organizational, engineering-technical and software-hardware measures. The basic principles of the regulatory and legal protection of personal data in Ukraine, which obliges enterprises, organizations and institutions that own or dispose of personal data, to ensure their proper protection, are considered. The paper analyzes the existing models of threats to personal data and data security tools, in particular the requirements for their formation, elements, factors and characteristics that must be considered during modeling. Based on the obtained results, an algorithm for improving the efficiency of personal data protection in ICS is proposed, which, thanks to the combination of threat and security violator models, has a synergistic effect and leads to an increase in the quality of data protection indicators. Achieving a synergistic effect on increasing the efficiency of personal data protection creates advantages of the presented model in comparison with existing models and algorithms. Recommendations for organizations and individuals on improving the efficiency of personal data protection in ICS are also presented, constant compliance with which will help reduce the number of incidents related to the compromise of personal information.

Keywords: protection of personal data, security threat model, security violator model, algorithm for increasing the efficiency of personal data protection.

References
1. ITRC Annual Data Breach Report (2020). ITRC. https://www.idtheftcenter.org/publication/2022-data-breach-report/
2. IBM Report: Cost of a Data Breach Hits Record High During Pandemic (2021). IBM. https://newsroom.ibm.com/2021-07-28-IBM-Report-Cost-of-a-Data-Breach-Hits-Record-High-During-Pandemic
3. Cisco 2024 Data Privacy Benchmark Study. Cisco. https://www.cisco.com/c/en/us/about/ trust-center/data-privacy-benchmark-study.html#~about-the-study
4. Sobchuk V., Zamrii I., Sobchuk A., Laptiev S., Laptieva T. Periodic solutions of nonlinear differential equation of models information network. Sciences of Europe. Praha, Czech Republic, Vol. 1. No. 67. 2021. рр. 31-35.
5. Oleksandr Laptiev, Valentyn Sobchuk, Andrii Sobchuk, Serhii Laptiev, Tetiana Laptieva. An improved model for estimating the economic costs of the information protection system in social networks. Cyber security: education, science, technology. Volume 4 No. 12 (2021). pp. 19–28. https://doi.org/10.28925/2663-4023.2021.12.1928
6. Lukova-Chuiko N.V., Tolyupa S.V., Pogasii S.S., Lapteva T.O., Laptev S.O. Improving the model of information protection in social networks. Collection of scientific works of the Military Institute of Taras Shevchenko Kyiv National University. K.: VIKNU, Vol. 73, 2021. рр. 88-103.
7. Sergey Laptiev. An improved method of protecting personal data from attacks using social engineering algorithms. Cybersecurity: education, science, technology. 4(16), 2022. рр. 45–62.
8. S. Laptiev, S. Tolupa. The methodology for evaluating the functional stability of the protection system of special networks. Scientific technologies. Information technologies, cyber security. Volume 55 No. 3 (2022) C.178 – 183. https://doi.org/10.18372/2310-5461.55.16900
9. Serhii Yevseiev, Oleksandr Laptiev, Sergii Lazarenko, Anna Korchenko, Iryna Manzhul. Modeling the protection of personal data from trust and the amount of information on social networks. Number 1 (2021). EUREKA: Physics and Engineering. pp. 24–31. https://doi.org/10.21303/2461-4262.2021.001615
10. O. Laptiev, V. Savchenko, A. Kotenko, V. Akhramovych, V. Samosyuk, G. Shuklin, A. Biehun. Method of Determining Trust and Protection of Personal Data in Social Networks. International Journal of Communication Networks and Information Security (IJCNIS), Vol. 13, No. 1, 2021. рр. 15-21. https://www.ijcnis.org/index.php/ijcnis/article/view/4882
11. S. Yevseyev, V. Ponomarenko, O. Laptiev, O. Milov and others. Synergy of building cybersecurity systems: monograph. Kharkiv: PC Technology Center, 2021. 188 p. http://monograph.com.ua/pctc/catalog/book/64
12. Horbulin V.P. Information operations and social security: threats, countermeasures, modeling: monograph / V.P. Horbulin, O.G. Dodonov, D.V. Lande. K.: Intertekhnologiya, 2009. 164 p.
13. Akhramovych V.M. Models of trust and reputation of users in social networks. Modern information protection. K. DUT. 2019, No. 4, pр. 45–51.
14. Vitalii Savchenko, VolodymyrAkhramovych, Alina Tusych, Irina Sribna, Ihor Vlasov. Analysis of Social Network Parameters and the Likelihood of its Construction. International Journal of Emerging Trends in Engineering Research. Volume 8.No. 2, February 2020, pр. 271–276. http://www.warse.org/IJETER/static/pdf/file/ijeter05822020.pdf
15. Yang Jaewon, Leskovec Jure. Defining and evaluating network communities based on ground-truth. Knowledge and Information Systems. 2015. Vol. 42, No. 1. pp. 181–213.
16. Thomas Paul, Sonja Buchegger, and Thorsten Strufe. Decentralizing social networking services. In International Tyrrhenian Workshop on Digital Communications, ITWDC. 2015, pр. 1–10, Island of Ponza, Italy, September 2015.
17. Lukova-Chuiko N.V., Laptev O.A., Barabash O.V., Musienko A.P., Ahramovich V.M. The method of calculating the protection of personal data taking into account the set of specific parameters of social networks. Collection of scientific works of the Military Institute of Taras Shevchenko Kyiv National University. Kyiv: VIKNU, 2022. No. 76. рр. 54–68.
18. On the protection of personal data: Law of Ukraine dated 01.06.2010 No. 2297-VI. Official Gazette of Ukraine dated 09.07.2010, 2010, No. 49, p. 199, Article 1604. https://zakon.rada.gov.ua/laws/card/2297-17
19. Convention on the Protection of Individuals in Connection with Automated Processing of Personal Data. Official Gazette of Ukraine dated 14.01.2011, 2011, No. 1, / No. 58, 2010, Art. 1994 /, p. 701, Article 85.
20. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (Text with EEA relevance). https://eur-lex.europa.eu/eli/reg/2016/679/oj
21. Laptev, O., Gryshanovych, T. Complex methodology for evaluating the effectiveness of the distance learning system. Applied problems of computer science, security and mathematics. Lesya Ukrainka Volyn National University, Lutsk. 1 (May 2023). 2023. рр.63–75.
22. Laptev O.A., Buchyk S.S., Savchenko V.A., Nakonechnyi V.S. , Mykhalchuk I.I., Shestak Ya.V., Detection and blocking of slow DDOS attacks using user behavior prediction. Scientific technologies. Information technologies, cyber security. Volume 55 No. 3 (2022) pp. 184-192.
23. Berkman L.N., Barabash O.V., Tkachenko O.M., Musienko A.P., Laptev O.A., Svynchuk O.V. Intelligent control system for information communication networks. Navigation and communication control systems. Volume 3. No. 69. 2022. рр. 54–59.
24. Volodymyr Nakonechny, Oleksandr Laptev, Serhii Pogasii, Serhii Lazarenko, Hanna Martyniuk. Selection of sources with false information using the bee colony method. Scientific technologies. Information technologies, cyber security. Volume 52 No. 4 (2021) pp. 330-337.
25. Kalchuk I., Lapteva T., Lukova-Chuiko N., Kharkevich Yu. The method of constructing protected data transmission channels using a modified neural network. Information Technology and Security. Vol. 9, Iss. 2, pp. 232–243. July - December 2021.
26. T.O. Lapteva A simplified algorithm for the analysis of the spread of unreliable information in the conditions of information conflict. Scientific and technical conference of young scientists "Actual problems of information technologies" (ARJT-2021). October 19-20, 2021. Kyiv. рр.56–58.