{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,5]],"date-time":"2026-03-05T14:31:09Z","timestamp":1772721069943,"version":"3.50.1"},"reference-count":26,"publisher":"MDPI AG","issue":"3","license":[{"start":{"date-parts":[[2026,3,5]],"date-time":"2026-03-05T00:00:00Z","timestamp":1772668800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Future Internet"],"abstract":"<jats:p>The problem of multi-criteria selection of network security configurations (NSC) under resource constraints and the necessity to comply with information security (IS) policies is addressed in this study. A formal mathematical model of the problem has been developed, encompassing the definition of a set of possible security mechanism configurations, the formalization of objective functions reflecting security levels, throughput, and deployment costs, and the introduction of constraints on feasible solutions. The NSGA-II (Non-dominated Sorting Genetic Algorithm II) optimization algorithm is employed to generate a set of Pareto-optimal solutions, ensuring uniform coverage of compromise configurations. A software package implemented in Python 3 incorporates modules for population generation, fitness evaluation, selection, crossover, mutation operators, and result visualization. Computational experiments (CE) were conducted to validate the effectiveness of the proposed approach. The evolution dynamics of the Pareto hypervolume were analyzed, the uniformity of solution distribution in the objective space was studied, and the impact of algorithm parameters on convergence to the optimal solution was examined. The results demonstrate that the proposed methodology enables the formation of NSC sets that achieve a balanced trade-off between security, throughput, and IS system deployment costs.<\/jats:p>","DOI":"10.3390\/fi18030134","type":"journal-article","created":{"date-parts":[[2026,3,5]],"date-time":"2026-03-05T13:11:22Z","timestamp":1772716282000},"page":"134","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Multi-Criteria Selection of Network Security Configuration Using NSGA-II"],"prefix":"10.3390","volume":"18","author":[{"given":"Bagdat","family":"Yagaliyeva","sequence":"first","affiliation":[{"name":"Department of Cybersecurity, Satbayev University, Almaty 050013, Kazakhstan"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9695-4543","authenticated-orcid":false,"given":"Valery","family":"Lakhno","sequence":"additional","affiliation":[{"name":"Department of Computer Systems and Networks, National University of Life and Environmental Sciences of Ukraine, 03041 Kyiv, Ukraine"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Myroslav","family":"Lakhno","sequence":"additional","affiliation":[{"name":"Department of Computer Systems and Networks, National University of Life and Environmental Sciences of Ukraine, 03041 Kyiv, Ukraine"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Boris","family":"Gusev","sequence":"additional","affiliation":[{"name":"Department of Computer Systems and Networks, National University of Life and Environmental Sciences of Ukraine, 03041 Kyiv, Ukraine"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-0826-0371","authenticated-orcid":false,"given":"Kaiyrbek","family":"Makulov","sequence":"additional","affiliation":[{"name":"Department of Computer Science, Yessenov University, Aktau 130000, Kazakhstan"},{"name":"College of Engineering, Michigan State University, East Lansing, MI 48824, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Tomiris","family":"Sundet","sequence":"additional","affiliation":[{"name":"Department of Cybersecurity, Satbayev University, Almaty 050013, Kazakhstan"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"1968","published-online":{"date-parts":[[2026,3,5]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","unstructured":"Tariq, M.I., Ahmed, S., Memon, N.A., Tayyaba, S., Ashraf, M.W., Nazir, M., and Balas, M.M. (2020). Prioritization of information security controls through fuzzy AHP for cloud computing networks and wireless sensor networks. Sensors, 20.","DOI":"10.3390\/s20051310"},{"key":"ref_2","doi-asserted-by":"crossref","first-page":"2617","DOI":"10.1007\/s11276-016-1301-4","article-title":"Network selection in heterogeneous wireless networks using multi-criteria decision-making algorithms: A review","volume":"23","author":"Obayiuwana","year":"2017","journal-title":"Wirel. Netw."},{"key":"ref_3","first-page":"161","article-title":"A systematic literature review on the application of multicriteria decision making methods for information security risk assessment","volume":"10","year":"2020","journal-title":"Int. J. Saf. Secur. Eng."},{"key":"ref_4","doi-asserted-by":"crossref","first-page":"662","DOI":"10.3390\/jcp3040031","article-title":"Cyberattacks in smart grids: Challenges and solving the multi-criteria decision-making for cybersecurity options, including ones that incorporate artificial intelligence, using an analytical hierarchy process","volume":"3","author":"Bouramdane","year":"2023","journal-title":"J. Cybersecur. Priv."},{"key":"ref_5","doi-asserted-by":"crossref","unstructured":"Llans\u00f3, T., McNeil, M., and Noteboom, C. (2019, January 8\u201311). Multi-criteria selection of capability-based cybersecurity solutions. Proceedings of the 2019 Conference: Hawaii International Conference on System Sciences, Maui, HI, USA.","DOI":"10.24251\/HICSS.2019.879"},{"key":"ref_6","first-page":"81","article-title":"Multi-criteria assessment of the correctness of decision-making in information security tasks","volume":"4","author":"Khoroshko","year":"2023","journal-title":"Comput. Syst. Inf. Technol."},{"key":"ref_7","unstructured":"(2022). Information Security, Cybersecurity and Privacy Protection\u2014Information Security Management Systems\u2014Requirements (Standard No. ISO\/IEC 27001:2022)."},{"key":"ref_8","unstructured":"(2022). Information Security, Cybersecurity and Privacy Protection\u2014Information Security Controls (Standard No. ISO\/IEC 27002:2022)."},{"key":"ref_9","doi-asserted-by":"crossref","first-page":"61","DOI":"10.1016\/j.csi.2019.02.002","article-title":"Improved TOPSIS: A multi-criteria decision making for research productivity in cloud security","volume":"65","author":"Garg","year":"2019","journal-title":"Comput. Stand. Interfaces"},{"key":"ref_10","doi-asserted-by":"crossref","unstructured":"Khouzani, M.H.R., Malacaria, P., Hankin, C., Fielder, A., and Smeraldi, F. (2016). Efficient numerical frameworks for multi-objective cyber security planning. Proceedings of the Conference: European Symposium on Research in Computer Security, Heraklion, Crete, Greece, 26\u201330 September 2016, Springer. Lecture Notes in Computer Science 9879.","DOI":"10.1007\/978-3-319-45741-3_10"},{"key":"ref_11","doi-asserted-by":"crossref","first-page":"894","DOI":"10.1016\/j.ejor.2019.04.035","article-title":"Scalable min-max multi-objective cyber-security optimisation over probabilistic attack graphs","volume":"278","author":"Khouzani","year":"2019","journal-title":"Eur. J. Oper. Res."},{"key":"ref_12","doi-asserted-by":"crossref","first-page":"2227","DOI":"10.1016\/j.asej.2021.01.003","article-title":"A hybrid fuzzy rule-based multi-criteria framework for sustainable-security assessment of web application","volume":"12","author":"Kumar","year":"2021","journal-title":"Ain Shams Eng. J."},{"key":"ref_13","first-page":"1996","article-title":"Multi-criterial optimization composition of cyber security circuits based on genetic algorithm","volume":"100","author":"Lakhno","year":"2022","journal-title":"J. Theor. Appl. Inf. Technol."},{"key":"ref_14","doi-asserted-by":"crossref","unstructured":"Torbacki, W. (2021). A hybrid MCDM model combining DANP and PROMETHEE II methods for the assessment of cybersecurity in industry 4.0. Sustainability, 13.","DOI":"10.3390\/su13168833"},{"key":"ref_15","doi-asserted-by":"crossref","first-page":"598","DOI":"10.1016\/j.procs.2022.12.062","article-title":"Application of a Genetic Algorithm for the Selection of the Optimal Composition of Protection Tools of the Information and Educational System of the University","volume":"215","author":"Akhmetov","year":"2022","journal-title":"Procedia Comput. Sci."},{"key":"ref_16","first-page":"132","article-title":"Genetic algorithm based feature ranking in multi-criteria optimization","volume":"9","author":"Suguna","year":"2009","journal-title":"IJCSNS Int. J. Comput. Sci. Netw. Secur."},{"key":"ref_17","doi-asserted-by":"crossref","first-page":"15217","DOI":"10.1007\/s10462-023-10526-z","article-title":"A comprehensive survey on NSGA-II for multi-objective optimization and applications","volume":"56","author":"Ma","year":"2023","journal-title":"Artif. Intell. Rev."},{"key":"ref_18","doi-asserted-by":"crossref","first-page":"721","DOI":"10.1007\/s10723-013-9251-x","article-title":"Security driven scheduling model for computational grid using NSGA-II","volume":"11","author":"Kashyap","year":"2013","journal-title":"J. Grid Comput."},{"key":"ref_19","doi-asserted-by":"crossref","first-page":"111576","DOI":"10.1016\/j.knosys.2024.111576","article-title":"A multi-objectives framework for secure blockchain in fog\u2013cloud network of vehicle-to-infrastructure applications","volume":"290","author":"Lakhan","year":"2024","journal-title":"Knowl. Based Syst."},{"key":"ref_20","doi-asserted-by":"crossref","first-page":"1779","DOI":"10.1109\/TNET.2020.2994015","article-title":"FoGMatch: An intelligent multi-criteria IoT-fog scheduling approach using game theory","volume":"28","author":"Arisdakessian","year":"2020","journal-title":"IEEE\/ACM Trans. Netw."},{"key":"ref_21","doi-asserted-by":"crossref","first-page":"22578","DOI":"10.1109\/ACCESS.2025.3535814","article-title":"Cloud Platform Selection Model in the Framework of Differential Quality Game with Fuzzy Information","volume":"13","author":"Makulov","year":"2025","journal-title":"IEEE Access"},{"key":"ref_22","doi-asserted-by":"crossref","unstructured":"Zegzhda, D., Pavlenko, E., and Aleksandrova, E. (2021). Modelling artificial immunization processes to counter cyberthreats. Symmetry, 13.","DOI":"10.3390\/sym13122453"},{"key":"ref_23","doi-asserted-by":"crossref","unstructured":"Kalinin, M., Krundyshev, V., and Zegzhda, D. (2021). AI methods for neutralizing cyber threats at unmanned vehicular ecosystem of smart city. The Economics of Digital Transformation: Approaching Non-Stable and Uncertain Digitalized Production Systems, Springer International Publishing.","DOI":"10.1007\/978-3-030-59959-1_10"},{"key":"ref_24","first-page":"1","article-title":"pRTMNSGA-III: A novel multi-objective algorithm for QoS-aware multi-cloud IoT service selection","volume":"80","author":"Zebouchi","year":"2024","journal-title":"Ann. Telecommun."},{"key":"ref_25","doi-asserted-by":"crossref","first-page":"1235","DOI":"10.1109\/JIOT.2016.2577889","article-title":"Multiobjective topology optimization based on mapping matrix and NSGA-II for switched industrial Internet of Things","volume":"3","author":"Li","year":"2016","journal-title":"IEEE Internet Things J."},{"key":"ref_26","first-page":"112","article-title":"Zadacha mnogokriterialnogo vybora setevyh sredstv zashity informacii v sootvetstvii s politikami informacionnoj bezopasnosti","volume":"22","author":"Chernyavskij","year":"2015","journal-title":"Bezop. Inf. Tehnol."}],"container-title":["Future Internet"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/1999-5903\/18\/3\/134\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,3,5]],"date-time":"2026-03-05T13:19:12Z","timestamp":1772716752000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/1999-5903\/18\/3\/134"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026,3,5]]},"references-count":26,"journal-issue":{"issue":"3","published-online":{"date-parts":[[2026,3]]}},"alternative-id":["fi18030134"],"URL":"https:\/\/doi.org\/10.3390\/fi18030134","relation":{},"ISSN":["1999-5903"],"issn-type":[{"value":"1999-5903","type":"electronic"}],"subject":[],"published":{"date-parts":[[2026,3,5]]}}}