The paper presents methods for organizing decision-making and the functioning of deceptive multi-computer systems based on prior operational experience and multiple task execution options. A formal representation of system components and their interconnections is developed, distinguishing between the system center and the decision-making controller. The system center prepares possible task execution options, while the decision-making controller evaluates these options considering past performance and selects one. Analytical expressions are proposed to describe processes within multi-computer systems, enabling autonomous decision-making in task execution. A method is developed for organizing the decision-making controller’s operation to ensure the selection of a task option based on prior experience, component security levels, and system topology. This approach allows for the formation of polymorphic responses to external and internal actions in corporate networks. Additionally, a method for organizing system functioning enables systems to adapt their properties, structure, and interconnections in response to functional and cybersecurity conditions. This can be used especially in cybersecurity of critical infrastructure systems like electrical power grids, smart grid infrastructure, energy plants and industrial control systems. A prototype was developed and tested under two scenarios: choosing among five task options and having only one option. Results showed greater operational stability in the first case, confirming that incorporating prior experience enhances resilience and creates polymorphic responses that hinder attackers’ attempts to study and exploit corporate networks.
KASHTALIAN et al. (Wed,) studied this question.