Modeling of "information bubbles" in the global information space

. The article uses the Sedov-Taylor function to model "information bubbles" formed in the global information space due to information attacks. The authors identify the most relevant determinants that describe information activities related to cyber threats and reactions of economic agents in the global digital economic space. The article hypothesizes about the emergence of "information bubbles" due to increases in information activities and their rupture due to information intrusion, leading to appropriate reactions of economic agents and their subsequent stabilization over time. The empirical data from global web statistics indicates, that four large-scale information overloads were caused by cyberattacks during the study period, which led to the rupture of "information bubbles". Application of autocorrelation functions allows us to determine that the period during which misinformation spreads is, on average, seven days. Solution of the Sedov-Taylor optimization problem and calculations of differential equations, as well as their derivatives, suggest several indicators. Namely, a breakpoint of the second kind, corresponds to the rupture of the "information bubble" with a subsequent adaptation of the system; the inflection point of the function identifies the levels of information activities related to cyber threats, which will change the consequences of the "information bubble" rupture; the minimum possible level of the reactions of economic agents in the global digital economic space.


INTRODUCTION
The fourth industrial revolution has brought on the rapid development of cyber-physical systems, which has led to the mass introduction of computer technologies in various sectors in the last decade. At the same time, these processes have been accompanied by an increase in cybercrime, the main purpose of which is to seize information or disrupt information systems through illegal access to them. The World Economic Forum (2021) has identified cybercrime as the fifth expecting risk to increase in the world after economic confrontations, domestic political polarization, extreme heat waves, destruction of natural ecosystems. According to the University of Maryland statistics, every two minutes three cyberattacks happen globally (Cvetićanin, 2020). Their most common forms are phishing, ransomware attacks, data leaks, DDoS attacks, etc. Among all these violations, 23% are cyber warfare acts, which increased by 440% from 2009 to 2018 (Cvetićanin, 2020). This is primarily due to the fact that governments use information or cyber warfare against each other as the most powerful weapon aimed at destabilizing the economic, political or social situation in a country and gaining world supremacy. The most attacked country is the United States, which is the target for 38% of all cyberattacks. India (17%), Japan (11%), Taiwan (7%), Ukraine (6%), South Korea (6%), Brunei (4%), Russia (4%) are also worth noting (PurpleSec LLC, 2021). The acts of information wars are usually directed at important objects of state infrastructure -government organizations, defense companies, banks, giant companies, etc. -and perpetrated through mass virus attacks, cyber espionage, hacktivism, cyberterrorism, etc.
Information intrusion is a type of information warfare, carried out by filling the information space with a certain type of information, usually of negative nature, en masse. It leads to resonance in society and its spheres, thus creating an "information bubble". The "information bubble" is an unpredictable event that does not occur permanently, but whose emergence is purposefully aimed at achieving specific political or economic results. As a result of the attack, information activities in the global information environment (messages, tweets, articles, publications, etc.) about a specific object against which the attack is directed grow rapidly. At the peak of such activity, there is an information injection (release of energy), which ends with the rupture of such a bubble. After that, for a certain period, there are fluctuations of information entities that reflect the results of actual sector events, closely related to information activities, and identified in the global information space. These can be consequences in the economic environment, or in the political sphere, or of a social nature, which grow exponentially and can destabilize the country in these spheres or even collapse. Today, this type of information warfare is the most popular because it allows their initiators to manipulate public sentiment and provoke appropriate reactions in the real sector. Therefore, it is extremely important to have tools to identify "information bubbles" of various kinds, predict their impact on other areas, and develop a mechanism for their detection and prevention.
The purpose of this research is to investigate a mathematical model for identifying "information bubbles". It will determine the temporal features of the economic agents' reaction in the global digital economic space to their gaps caused by parasitic information intrusions due to large-scale hacker attacks. It will determine the number of bubbles in the worldwide network of retrospect, the average duration of the disinformation period due to global cyber incidents, the average period of destabilization of digital economic transactions after the bubble rupture.

LITERATURE REVIEW
The Industrial Revolution 4.0 contributed to the formation of a digital environment where business and society function intensively (Afonasova et al., 2019;Baranauskas, 2020). The global COVID-19 pandemic has also created the conditions for its growth (Tiutiunyk et al., 2021). These processes have also affected the development of new areas of life, such as the creative industry (Bilan et al., 2019b), education digitalization (Cosmulese et al., 2019), digital medicine (Kotenko & Bohnhardt, 2021), the Internet of Things (Miskiewicz, 2020), FinTech (Petrushenko et al., 2018), omnichannel marketing (Bondarenko, 2020). One should note that there is a direct link between the development of the economy, its informatization and digitalization (Moradi, 2021). It requires the introduction of new innovative solutions aimed at creating a security space (Bilan et al., 2020a) and developing three dimensions -the digitalization of society, the ability of the economy to meet the challenges of technological development and the use of information technology in companies (Bilan et al., 2019a). In parallel, the digitalization growth has caused a rapid increase in information flows that require systemic protection, the effectiveness of which significantly affects the national security of any country (Petroye et al., 2020;Leonov et al., 2019;Bilan et al., 2020b). Thus, threats to information security form one of the main risks to sustainable development, especially for developing countries (Stukalo et al., 2020). This issue is relevant at the macroeconomic level, as noted by Brychko et al. (2021), and at the level of business entities (Chigrin & Pimonenko, 2014). It is manifested in the growing requirements for the personal information security of employees (Skrynnyk, 2020a), where possible solutions are proposed to create a surrogate model for digitization of organizational systems (Skrynnyk, 2020b). This process requires increased investment capacity, integrating modern management information systems with digitalization processes (Sotnyk et al., 2020). On the other hand, the Internet may be the most effective means of providing prompt information (Kundeliene & Stepanauskaite, 2018) and influencing economic processes, namely increasing consumer behavior (Rybaczewska et al., 2020). The level of information security undoubtedly affects the social sphere (Vasilyeva et al., 2020;Didenko et al., 2020), especially in terms of ensuring personal data protection as the object of cyber financial fraud . In the matter of unwillingness to disclose personal data, this issue was resolved by Degutis et al. (2020). An essential aspect of the information space functioning is the state regulation of data protection, implemented by the European Union General Data Protection Regulation (Lăzăroiu et al., 2018;Vorontsova et al., 2020;Petrushenko et al., 2020). In quarantine measures, the digital information space is one of the active sources of social communication, ensuring the population well-being (Vasilyeva et al., 2018;Sułkowski, 2020). However, on the other hand, its use is related to a negative effect, namely the digital deprivation in the population (Kuc-Czarnecka, 2020). The digital information space can be one of the key tools for propaganda and information wars (Lyeonov & Liuta, 2016). Targeted information attacks can lead to fluctuations in the foreign exchange market, securities market, cryptocurrency market, etc. (Sokolovska et al., 2020). According to MacKay & Munro (2012), information wars can lead to changes in the country's political landscape. Although today most information attacks do not reach the level of terrorism, governments use them to gather information, funds, political and social destabilization, etc. (Kenney, 2015). Knapp & Boulton (2006) emphasize that information wars turn from a political and military tool into a commercial problem because they are actively used for industrial espionage. Thus, there is a need to study information flows to identify potential attacks to prevent them.
Undoubtedly, the most popular method for working with big data is artificial intelligence, based on bibliographic and retrospective analyses of Delanoy & Kasztelnik (2020). It has gained the most practical application in the banking sector for information protection, positively affecting the image of banking institutions . It is also one of the main prerequisites for introducing corporate social responsibility to increase the information protection in large companies . Such world leaders as the United States and China try to realize their ambitions by using artificial intelligence to espionage information (Obeid et al., 2020). As one of the artificial intelligence areas, data mining has many opportunities to analyze large amounts of information and identify patterns of linear and nonlinear nature Olena & Tetyana, 2020a). Its effectiveness has been proven, for example, in money laundering . Genetic algorithms are effective tools for studying behavioral patterns, particularly the attitudes of social network users (Olena & Tetyana, 2020b). The main competitor of artificial intelligence is blockchain technology, which gradually gains application in various spheres of life and modern information security systems (Kibaroğlu, 2020). Although such technologies may have a downside, especially in decision-making (Lopez et al., 2019), the risks of implementing Industry 4.0 should be considered (Snieška et al., 2020). The risks related to distortion, loss of information and knowledge, which is relevant for any economic entity and its various areas Nitsenko et al., 2019), should also be considered. Undoubtedly, the application of analytical methods for analyzing social networks and global databases has significant potential for identifying potential problems (Belz et al., 2019). Therefore, to detect information intrusions as tools of information attacks, there is a need to use not standard analytical approaches but those that will fully identify this phenomenon, namely the Sedov-Taylor blast wave model.

DATA
The authors chose the bubbles by the formation of cybercrime information with the impact of their gaps on the economic agents' reactions in the global digital economic space for the study. Relevant quantitative criteria were selected in the form of daily data based on the results of the global web statistics query for the period from 05.08.2017 to 20.10.2020: the value of information activities that characterize the behavior of entities the activity of which relates to cryptocurrencies, the Internet things, online services, banking, e-commerce, etc., and the importance of information activities that describe cyber threats (Statoperator, 2021). Figure 1 shows a time series constructed using the EViews analytics package, displaying information that identifies cyber threats. Based on its levels, four information intrusions were identified, i.e., information bubbles, the peak of actions that fell on 11/29/2017, 11/26/2018, 12/03/2019, 06/19/2020. These dates are identified as abnormal levels through the unexpected rapid jump with the subsequent establishment of the previous level of the time series level. We can say that there is a gap between these information activities on cyber incidents. Figure 2 shows the information activity dynamics describing the economic agents' reactions in the global digital economic space from 05.08.2017 to 20.10.2020. This information reflects the results of responding to the massive cyber threat. Therefore, to study this impact, it is necessary to examine whether there is a link between activities that characterize cyber threats and the economic agents' reactions in the global digital economic space. For this purpose, a correlation coefficient of 0.52 was determined, indicating a noticeable relationship between the selected pair of information activities. It can be argued that the impact of one group of activities will be evident to another, so it is relevant to use information bubbles in the modeling process.  III  IV  I  II  III  IV  I  II  III  IV  I  II  III IV   2017 III  IV  I  II  III  IV  I  II  III  IV  I  II  III IV   2017

METHODOLOGY
The information attacks in the information space and information bubbles can be identified with the explosion and the blast wave extension after it. We hypothesize that the rapid increase in information activities through mentioning the cyber threats, hacker attacks, information leaks, etc., leads to parasitic injection (release of energy) and ends with the rupture of the information bubble, which causes economic agents' appropriate reactions, online transactions. Then, its fluctuations occur for a certain period until its state stabilizes. It is reflected in the relevant activities in the global information space. We use the Sedov-Taylor blast wave model (Sedov, 1959;Taylor, 1950) to test the hypothesis. It will mathematically formalize the spread of the effects made by information attacks as factors destabilizing digital economic transactions in the form of "information bubble" rupture by the formula (1): where -the radius of the shock wavefront in the moment of time ( ); -spatial dimension ( = 1 for flat space, = 2 for cylindrical space, = 3 for spherical space); -energy release rate factor ( = 0 for instantaneous release, = 1 for constant rate release); -detonation energy with the following features: 0 -length, 0 -time; -atmospheric air density.
We adapt formula (1) to the model for spreading the results of information attacks in the information space as a factor of digital economic operation destabilization in the country. When describing this system, it makes sense to use four-dimensional space considering the time factor. The quantitative description formula of the blast wave "pressure" of the information bubble rupture and its attenuation tendency, which accompanies the successive energy dissipation as a destabilization factor of economic agents' digital operations, takes the form (2). A similar approach has been used to model financial crises by Bulkin (2016).
where ∆ ( ) -change of information activities occurring in the form of information inserts for period in the global digital space; -the energy at the initial moment after the rupture of the bubble, i.e., the value of economic agents' losses in the global digital economic space, identified as a change in information activities; -the time after the rupture of information bubble (number of days); 1 , 2 , 3 -features of the shock wave extension environment as a result of information intrusions.
In the process of bubble rupture, it is necessary to minimize the economic agents' losses, identified in the form of information entities in the global information space. Therefore, the Sedov-Taylor model can be solved as an optimization problem of nonlinear programming. In terms of each direction of digital economic transaction destabilization, it is necessary to identify the type of information attack and the rupture of the information bubble. The parameters of model (2) should provide the minimum possible level of information activity loss that occur due to the bubble rupture and characterize fluctuations in information flows about actual sector events caused by information messages about cyber threats. There are also other options for destabilizing the country's economy, the results of which are reflected in business, financial, public sectors, etc., considered in the system of optimization model constraints. Given the above, the model of dissemination of the information attacks consequences as a factor of digital economic operations destabilization of the country acquires a general (universal) form (3), which was presented by Yarovenko (2021): where -scattering of the blast wave energy after the rupture of the information bubble in the first channel of the spread of digital economic operations destabilization in the country; -the number of information wars (information intrusion, hacker attack, information espionage, information propaganda, etc.). Under the terms of our problem, only information input is considered; -the initial energy at time , i.e., the initial values of information activities on cyber threats before the implementation of the information injection; -time, which corresponds to the lag of the j-level of the time series of information activities on cyber threats in the i-th direction of digital economic operations destabilization in the country; -the duration of the j-type of information war in the i-direction of digital economic operations destabilization in the country.
The practical implementation of formula (3) will model the spread of the information bubbles rupture consequences generated, affected by different information wars, the extension of which is manifested through fluctuations in the information activities regarding the economic agents' performance in the global digital economic space.

EMPIRICAL RESULTS
It is necessary to determine the period after the information bubble rupture (number of days) for its spread to calculate the blast wave propagation model regarding the consequences of information attacks and their impact on the destabilization of economic agents' digital operations. To this end, we will perform an autocorrelation analysis using the EViews analytical package for both time-series -quantitative features of information activities on cyber threats and the economic agents' response in the global digital economic space (Figures 3-4).
The results of the analysis on the autocorrelation functions, presented in Figure 3, allow us to conclude that there are fluctuations in the time series of activities against cyber threats, which occur every seven days. Similarly, every seven days, there are periodic fluctuations in the time series of activities on the economic agents' response in the global digital economic space (Figure 4). This synchronicity suggests that changes in one-time series are related to another. It means that there may be the dissemination of information about cyber threats during this period, which affects changes in information activities on the economic agents' reactions. Therefore, after the rupture of the information bubble for its distribution, we choose seven days. Kuzmenko, O. et al.

Figure 3. Autocorrelation analysis on time series of information activities on cyber threats
Source: Authors' calculations After the information bubble rupture, the blast wave will spread in any case, but its consequences may not reach the real sector. If it occurs, they may not have a significant impact. We calculate the initial energy of ruptures of certain information bubbles on the set dates according to formula (2). The results of the calculations are presented in Table 1. At the next stage of calculating the blast wave model of the information attacks to destabilize the economic agents' digital operations, we find the coefficients of the blast energy scattering model. Given the initial levels of burst energy of the information bubbles presented in Table 1 and the seven days of bubble extension after its rupture identified by autocorrelation analysis, we write the optimization model (3) as the following system of equations (4). Equations are used in the context of each rupture of the information bubble. The values of the Sedov-Taylor function were equal to the absolute increments of the current level of the time series activities in the digital economy to their previous level.
The search of the blast wave extension coefficients regarding the consequences of information attacks to destabilize the economic agents' digital operations in the formula (4) is performed using the generalized reduced gradient method in the tool Solution Search software MS Excel. The direct solution of the equations system (4) considers the coefficients using the software application Mathcad. Then, a model of information attacks extension is formed as a result of information bubble rupture as a destabilizing factor of economic agents' digital operations via the equation (

Modeling of "information bubbles" in the global information space
We have constructed a graph of the information attacks extension as a destabilizing factor of economic agents' digital operations in the country to visualize the blast wave extension model after the rupture of the "information bubble" (Figure 5) in the software application "Mathcad". The nature of the curve in Figure  5, i.e., its growth after the critical decline, indicates the breakpoint of the second kind, which accompanies the rupture of the "information bubble" with the subsequent adaptation of the system and combating the shock wave effects. We find the value 4 , using which the absolute increase in the current level of information activities on the digital economy to the previous level will be zero. For this purpose, function (5) is equated to zero. The corresponding result is presented in the form of a matrix (6): The obtained value 4 = 2,85 • 10 12 indicates the constant volatility of the activity level concerning the digital economy and the almost inability to achieve zero value of its absolute growth. In practice, it means that there will be fluctuations in information activities, i.e., interest in the object will constantly be changing.
We conduct additional research using the differential calculus and find: 1) the points of the function inflexion, which identify levels of information activities on cyber threats, which will change the consequences of the "information bubble" rupture, identified by activities; 2) extreme points of the function, which will determine the peak values of the information activities on cyber threats, at which the maximum and/or minimum possible levels of activity on the digital economy will be achieved.
To solve the first task, we determine the first derivative of function (5) for the corresponding variable, the equation of which is presented as function 7, and the graph is shown in Figure 6, using the software application "Mathcad":  Figure 6 shows an increase in the information activity on the digital economy due to the "information bubble" rupture initiated by the rise in the information activity on cyber threats. This process reaches the level of 0.879 for the variable 4 ; the absolute growth of digital economy activities will be 536 units. It will happen the day after the rupture of the "information bubble". After this peak, the increase in the information activities on cyber threats will be accompanied by a decrease in the information activities in the digital economy.
To solve the second task, we define the extreme points of the function, i.e., find the value of the activity on cyber threats, which will achieve the maximum and minimum possible action on the digital economy. For this purpose, we take the second derivative of function (5), the result of which takes the form (8): Using the obtained results, we construct the function of the second derivative model describing the blast wave regarding the spread of the information attacks consequences as a destabilizing factor of economic agents' digital operations in the country (Figure 7). units, i.e., there is a decrease in their growth. Stabilization of their level will begin after the tenth day from the "information bubble" rupture, i.e., during this time, there will be a decline in information activity in the real sector of the digital economy. A ten-day period is sufficient for the information space to stabilize the information flows for a specific object.

CONCLUSION
Over the last decade, information wars have become a real weapon for countries struggling for supremacy in the world economic and political arenas. Its most effective measures are information outbursts, which lead to the spread of panic among the population or fluctuations in the foreign exchange market, securities market, among the digital economy subjects, etc. The authors consider that the growth of information activities on specific objects in the information warfare conditions leads to information injection, i.e., there is an analogy between this process and the process of bubbling, the rupture of which is like the blast wave process. Therefore, this paper proposes using the Sedov-Taylor blast wave model to spread the consequences of information attacks as a factor in destabilizing the economic agents' digital operations. This model was considered for four-dimensional space, considering the time factor affecting the information flow change in digital space. The model was also adapted to disseminate the effects of the information bubble rupture formed under the influence of information activities on cyber threats for the information activities dissemination channel that identify the results of the real economy sector subjects' reactions. Empirical data are selected to implement the model. It reflects the change in information activities in the global digital space and characterizes the cyber threats and digital economy reactions as the most active part. It is determined that there is a moderate relationship between these indicators, making it possible to implement the Sedov-Taylor model. There was also a large-scale information overload due to cyberattacks, which led to the rupture of four "information bubbles" in the world in three years. Construction and analysis of autocorrelation functions revealed that the spread of misinformation occurs within seven days and is repeated with this frequency. As a result of the "information bubble" rupture, the absolute growth of activities in the digital economy reaches 536 units. The reaction of the real sector of the economy in the information space begins the day after the rupture. The digital economic operation destabilization lasts for ten days, after which there will be an increase in information activity to the current average level. In other words, the ten-day effect of the information drop may be sufficient to cause negative consequences for economic entities.
The same models might be used as an information weapon that can help identify some threatening factors destabilizing the information space, the most vulnerable areas of the information security system, and predict potential scenarios for possible negative consequences of information wars. Therefore, it is proposed to use it to predict the possible "information bubbles" generated by information activities in the global digital space and predict the quantitative and temporal features of their rupture spread. It will allow government agencies to introduce preventive measures that will help maximize the impact of information attacks on the real sector. The application of this model is appropriate for response groups to cyber incidents and information wars.