Development of the classification of the cyber security agents bounded rationality

Abstract

The subject are the bounded rationality agents of cyber security system. The purpose of this work is is to build a classification system for agents of a cybersecurity system with limited rationality. The tasks: consideration of the decisionmaking process by agents in cybersecurity systems, analysis of various manifestations of bounded rationality of agents of the cybersecurity system, introduction of classification features of bounded rationality, formal presentation of bounded rationality of various types, combining agents with various types of bounded rationality into a whole classification system. Results. Presents approaches to the classification of the concept of rationality in relation to cybersecurity systems. Such types of rationality are considered as strong, semi-strong, weak. Further classification of types of rationality is carried out on the basis of the place of manifestation of rationality. For this, the decision-making process in the cybersecurity system has been considered, formal relations have been introduced, which characterize its various stages. Such types of bounded rationality as informational, methodological, predictive, evaluative and conditional are considered. The ratio of the considered types of rationality is presented. Conclusion: A comparison of various types of bounded rationality, based primarily on its place in the decision-making process, made it possible to propose a classification scheme of bounded rationality characteristic of agents of the cybersecurity system. The result of the formalization of the description of bounded rationality is presented, which can be used as the basis for the development of models of behavior of interacting agents of cybersecurity systems.