Integrated assessment of system privacy: Formalisation, normalisation and differential privacy

Dmytro  Prokopovych-Tkachenko; Liudmyla  Rybalchenko; Volodymyr Zvieriev; Borys  Khrushkov; Valerii Bushkov; Dmytro  Prokopovych-Tkachenko; Liudmyla  Rybalchenko; Volodymyr Zvieriev; Borys  Khrushkov; Valerii Bushkov

https://doi.org/10.31649/vitce/3.2025.125

Retrieved from Vol. 22, No. 3, 2025

Received 08.07.2025, Revised 15.10.2025, Accepted 23.12.2025

Integrated assessment of system privacy: Formalisation, normalisation and differential privacy

Dmytro Prokopovych-Tkachenko, Liudmyla Rybalchenko, Volodymyr Zvieriev, Borys Khrushkov, Valerii Bushkov

Requirements for confidentiality and greater data privacy are constantly growing. The aim of this work was to develop a formalised approach to assessing the privacy of information systems based on a vector representation of a set of parameters. In the proposed approach, each parameter has a numerical value within a defined range that reflects the degree of its implementation or importance. For convenience and structure, the parameters were divided into several categories (access control, encryption, logging, key management, risk management, and incident management) covering the main aspects of information security. The overall privacy indicator of the system was calculated using a weighted sum, where the weighting coefficients were refined depending on the criticality of each parameter. To unify the scales and ensure correct further analysis, normalisation methods (minimax and Z-normalisation) were applied, thanks to which the obtained parameter values can be compared and effectively integrated into the general model. The proposed method used differential privacy to protect source data and enhance privacy, which was achieved by adding random noise with a normal distribution. This step complicated the process of restoring the original indicators and minimised the risk of identifying specific records, while maintaining the accuracy of aggregate statistical estimates. The developed approach consisted of several sequential stages: from initial data categorisation and normalisation to the implementation of differential privacy and data analysis in a neural network. An important advantage was the ability to integrate various aspects of data protection into a single coherent system. This multidimensional concept promoted flexibility and allowed the solution to be quickly adapted to updated requirements or new threats. The presented model is particularly relevant in areas where sensitive data is processed: healthcare, banking and finance, as well as public administration and information security. The proposed approach lays the foundation for the development and scaling of secure and transparent systems that meet modern privacy standards

information protection; secure neural networks; vector data normalisation; access to information; security assessment parameters; statistical noise; adaptive machine learning

125-135

Prokopovych-Tkachenko, D., Rybalchenko, L., Zvieriev, V., Khrushkov, B., & Bushkov, V. (2025). Integrated assessment of system privacy: Formalisation, normalisation and differential privacy. Information Technologies and Computer Engineering, 22(3), 125-135. https://doi.org/10.31649/vitce/3.2025.125

References

[1] Ahsan, M.S., & Pathan, A.-S.K. (2025). A comprehensive survey on the requirements, applications, and future challenges for access control models in IoT: The state of the art. IoT, 6(1), article number 9. doi: 10.3390/ iot6010009 .

[2] Chubukova, O., Ponomarenko, I., & Domantovych, O. (2020). Using data science to risk assessment. Market Infrastructure, 47, 129-132. doi: 10.32843/infrastruct47-24.

[3] Dwork, C., & Roth, A. (2014). The algorithmic foundations of differential privacy. Foundations and Trends® in Theoretical Computer Science, 9(3-4), 211-407. doi: 10.1561/0400000042.

[4] Fathullah, M.A., Subbarao, A., & Muthaiyah, S. (2023). A systematic review: Risk management of cloud computing projects in healthcare. International Journal of Management, Finance and Accounting, 4(2), 83-115. doi: 10.33093/ ijomfa.2023.4.2.5.

[5] Grinko, I., Skrypnyk, T., & Barmak, O. (2023). Quantum convolutional neural networks: Features of implementation in technical, natural and socio-economic systems. Herald of Khmelnytskyi National University. Technical Sciences, 323(4), 87-94. doi: 10.31891/2307-5732-2023-323-4-87-94 .

[6] Gumen, О.М., & Rachek, K.O. (2023). Neural networks and machine learning in data processing for space weather forecasting. Applied Questions of Mathematical Modeling, 6(2), 19-23. doi: 10.32782/mathematical modelling/2023-6-2-2 .

[7] Ivanichenko, V., Sablina, M., & Kravchuk, K. (2021). Use of machine learning in cyber security. Cybersecurity: Education, Science, Technology, 4(12), 132-142. doi: 10.28925/2663-4023.2021.12.132142 .

[8] Lee, H., Finke, D.C., & Yang, H. (2023). Privacy-preserving neural networks for smart manufacturing. Journal of Computing and Information Science in Engineering, 24(7), article number 071002. doi: 10.1115/1.4063728 .

[9] Liavynets, H., Liulka, O., & Tkachuk, Y. (2024). Shallow artificial neural networks in management hotel and restaurant business. Economy and Society, 68. doi: 10.32782/2524-0072/2024-68-46.

[10] Piplai, A., Kotal, A., Mohseni, S., Gaur, M., Mittal, S., & Joshi, A. (2023). Knowledge-enhanced neurosymbolic artificial intelligence for cybersecurity and privacy. IEEE Internet Computing, 27(5), 43-48. doi: 10.1109/MIC.2023.3299435.

[11] Rutkas, A., & Shtanko, V. (2024). Artificial neural networks: A tool or a partner of the human mind. Grail of Science, 47, 652-659. doi: 10.36074/grail-of-science.20.12.2024.099.

[12] Sav, S., Diaa, A., Pyrgelis, A., Bossuat, J.-P., & Hubaux, J.-P. (2023). Privacy-preserving federated recurrent neural networks. Proceedings on Privacy Enhancing Technologies, 2023(4), 500-521. doi: 10.56553/popets-2023-0122 .

[13] Savka, N., Vasylkiv, N., Dubchak, L., & Mudryk, I. (2020). Radial-basis neural networks for enterprises activity prediction. European Science, 3(sge17-03), 42-48. doi: 10.30890/2709-2313.2023-17-03-012 .

[14] Semenenko, O., Kirsanov, S., Movchan, A., Ihnatiev, M., & Dobrovolskyi, U. (2024). Impact of computer-integrated technologies on cybersecurity in the defence sector. Machinery & Energetics, 15(2), 118-129. doi: 10.31548/ machinery/2.2024.118 .

[15] Shokri, R., Stronati, M., Song, C., & Shmatikov, V. (2017). Membership inference attacks against machine learning models. In IEEE symposium on security and privacy (pp. 3-18). San Jose: IEEE. doi: 10.1109/SP.2017.41 .

[16] Terpilovskyi, Y. (2024). Comparison of DNA k-mer data representations for classification via neural networks. International Scientific Technical Journal “Problems of Control and Informatics”, 69(6), 61-69. doi: 10.34229/1028-0979 2024-6-5 .

[17] Thantharate, P., & Anurag, T. (2023). CYBRIA – Pioneering federated learning for privacy aware cybersecurity. In IEEE 20th international conference on smart communities: Improving quality of life using AI, robotics and IoT (HONET) (pp. 56-61). Boca Raton: IEEE. doi: 10.1109/honet59747.2023.10374608.

[18] Tyshchenko, S., & Kuznetsov, E. (2024). Neural networks for the problem of image classification. Science and Technology Today, 3(31). doi: 10.52058/2786-6025-2024-3(31)-705-718 .

[19] Volokyta, A., & Melenchukov, M. (2024). Neural networks in detecting attacks on distributed systems. Technical Sciences and Technologies, 1(35), 135-145. doi: 10.25140/2411-5363-2024-1(35)-135-145 .

[20] Zaplatynskyi, N., Lub, P., & Zaporozhtsev, S. (2024). Improving cybersecurity with artificial intelligence. Bulletin of Cherkasy State Technological University, 29(4), 53-61. doi: 10.62660/bcstu/4.2024.53 .