Automation of Information Security Risk Assessment

被引：0

作者：

Akhmetov, Berik ^{[1
]}

Lakhno, Valerii ^{[2
]}

Chubaievskyi, Vitalyi ^{[3
]}

Kaminskyi, Serhii ^{[3
]}

Adilzhanova, Saltanat ^{[4
]}

Ydyryshbayeva, Moldir ^{[4
]}

机构：

[1] Yessenov Univ, Aktau, Kazakhstan

[2] Natl Univ Life & Environm Sci Ukraine, Kiev, Ukraine

[3] Kyiv Natl Univ Trade & Econ, Kiev, Ukraine

[4] Al Farabi Kazakh Natl Univ, Alma Ata, Kazakhstan

来源：

INTERNATIONAL JOURNAL OF ELECTRONICS AND TELECOMMUNICATIONS | 2022年 / 68卷 / 03期

关键词：

information security; audit; Bayesian network; artificial neural networks; NEURAL-NETWORKS; INTERNAL AUDIT;

D O I：

10.24425/ijet.2022.141273

中图分类号：

TN [电子技术、通信技术];

学科分类号：

0809 ;

摘要：

An information security audit method (ISA) for a distributed computer network (DCN) of an informatization object (OBI) has been developed. Proposed method is based on the ISA procedures automation by using Bayesian networks (BN) and artificial neural networks (ANN) to assess the risks. It was shown that such a combination of BN and ANN makes it possible to quickly determine the actual risks for OBI information security (IS). At the same time, data from sensors of various hardware and software information security means (ISM) in the OBI DCS segments are used as the initial information. It was shown that the automation of ISA procedures based on the use of BN and ANN allows the DCN IS administrator to respond dynamically to threats in a real time manner, to promptly select effective countermeasures to protect the DCS.

引用

页码：549 / +

页数：8

共 50 条

[1] Automation security - Risk assessment - Methods for risk assessment
Runde, Markus
Speth, Walter
Steffen, Thomas
Thiel, Christoph
[J]. ATP EDITION, 2016, (1-2): : 48 - 55
[2] Cyber Security Risk Assessment for Industrial Automation Platform
Zheng, Yiling
Zheng, Song
[J]. 2015 INTERNATIONAL CONFERENCE ON INTELLIGENT INFORMATION HIDING AND MULTIMEDIA SIGNAL PROCESSING (IIH-MSP), 2015, : 341 - 344
[3] Information Security Risk Assessment in SCM
Roy, Arup
Gupta, A. D.
Deshmukh, S. G.
[J]. 2013 IEEE INTERNATIONAL CONFERENCE ON INDUSTRIAL ENGINEERING AND ENGINEERING MANAGEMENT (IEEM 2013), 2013, : 1002 - 1006
[4] A risk recommendation approach for information security risk assessment
Chu, Ya-Chi
Wei, Yu-Chih
Chang, Wen-Hsuan
[J]. 2013 15TH ASIA-PACIFIC NETWORK OPERATIONS AND MANAGEMENT SYMPOSIUM (APNOMS), 2013,
[5] Information security risk assessment model for risk management
Wawrzyniak, Dariusz
[J]. TRUST, PRIVACY, AND SECURITY IN DIGITAL BUSINESS, PROCEEDINGS, 2006, 4083 : 21 - 30
[6] Security Risk Assessment and Weaknesses Identification of the Substation Automation System
Guo, Jia
Bao, Yingkai
Yu, Bin
Zeng, Zhian
Wang, Liangyi
Guo, Chuangxin
[J]. 2014 INTERNATIONAL CONFERENCE ON POWER SYSTEM TECHNOLOGY (POWERCON), 2014,
[7] Information security climate and the assessment of information security risk among healthcare employees
Kessler, Stacey R.
Pindek, Shani
Kleinman, Gary
Andel, Stephanie A.
Spector, Paul E.
[J]. HEALTH INFORMATICS JOURNAL, 2020, 26 (01) : 461 - 473
[8] Information Security Risk Assessment of Commercial Organizations
Kupriyanov, A. O.
Babenko, A. A.
Bakhracheva, Y. S.
[J]. PHYSICS, TECHNOLOGIES AND INNOVATION (PTI-2019), 2019, 2174
[9] An approach to support information security risk assessment
Genchev, Petko
[J]. PROCEEDINGS OF THE 2020 INTERNATIONAL CONFERENCE ON BIOMEDICAL INNOVATIONS AND APPLICATIONS (BIA 2020), 2020, : 125 - 128
[10] Information Security Risk Assessment: A Method Comparison
Wangen, Gaute
[J]. COMPUTER, 2017, 50 (04) : 52 - 61

← 1 2 3 4 5 →