Fuzzy management of information and security events: features of constructing membership functions

The object of the study is methodological approaches to solving the problems of constructing membership functions in the application to decision-making procedures (decision support) for the fuzzy management of information and security events of modern cyber-physical systems. These methodological approaches (methods) allow taking into account the vagueness of the observed and controlled parameters of the protection of complex controlled technical systems. At the same time, the comparative analysis of the approaches under consideration is focused on the most applicable methods for specific tasks – the method of constructing membership functions based on the analysis of probability density functions and the method using a simple probabilistic scheme. Based on the method that uses the analysis of probability density functions, a mechanism for determining the values of membership functions for the problem of making decisions about the relevance of a particular computer attack to a fuzzy set of dangerous attacks (a set of attacks of a high level of danger) is proposed. This mechanism does not have a great mathematical and computational complexity, but it allows us to take into account the fuzziness of the observed and controlled security parameters, which will increase the reliability of monitoring information and security events within the framework of fuzzy security management of systems of this class.