Automation of Information Security Risk Assessment

被引：0

作者：

Akhmetov, Berik ^{[1
]}

Lakhno, Valerii ^{[2
]}

Chubaievskyi, Vitalyi ^{[3
]}

Kaminskyi, Serhii ^{[3
]}

Adilzhanova, Saltanat ^{[4
]}

Ydyryshbayeva, Moldir ^{[4
]}

机构：

[1] Yessenov Univ, Aktau, Kazakhstan

[2] Natl Univ Life & Environm Sci Ukraine, Kiev, Ukraine

[3] Kyiv Natl Univ Trade & Econ, Kiev, Ukraine

[4] Al Farabi Kazakh Natl Univ, Alma Ata, Kazakhstan

来源：

INTERNATIONAL JOURNAL OF ELECTRONICS AND TELECOMMUNICATIONS | 2022年 / 68卷 / 03期

关键词：

information security; audit; Bayesian network; artificial neural networks; NEURAL-NETWORKS; INTERNAL AUDIT;

D O I：

10.24425/ijet.2022.141273

中图分类号：

TN [电子技术、通信技术];

学科分类号：

0809 ;

摘要：

An information security audit method (ISA) for a distributed computer network (DCN) of an informatization object (OBI) has been developed. Proposed method is based on the ISA procedures automation by using Bayesian networks (BN) and artificial neural networks (ANN) to assess the risks. It was shown that such a combination of BN and ANN makes it possible to quickly determine the actual risks for OBI information security (IS). At the same time, data from sensors of various hardware and software information security means (ISM) in the OBI DCS segments are used as the initial information. It was shown that the automation of ISA procedures based on the use of BN and ANN allows the DCN IS administrator to respond dynamically to threats in a real time manner, to promptly select effective countermeasures to protect the DCS.

引用

页码：549 / +

页数：8

共 50 条

[21] Overview of Enterprise Information Needs in Information Security Risk Assessment
Korman, Matus
Ekstedt, Mathias
Sommestad, Teodor
Hallberg, Jonas
Bengtsson, Johan
[J]. PROCEEDINGS OF THE 2014 IEEE 18TH INTERNATIONAL ENTERPRISE DISTRIBUTED OBJECT COMPUTING CONFERENCE (EDOC 2014), 2014, : 42 - 51
[22] Risk Assessment of Power Information Risk Security Based on Risk Matrix
Wang Xu
Chen Tao
Wang Yujie
Guo Qinrui
Teng Yangxin
[J]. PROCEEDINGS OF 2018 IEEE 3RD ADVANCED INFORMATION TECHNOLOGY, ELECTRONIC AND AUTOMATION CONTROL CONFERENCE (IAEAC 2018), 2018, : 1494 - 1498
[23] LiSRA: Lightweight Security Risk Assessment for decision support in information security
Schmitz, Christopher
Pape, Sebastian
[J]. COMPUTERS & SECURITY, 2020, 90
[24] Information Lifecycle Security Risk Assessment: A tool for closing security gaps
Bernard, Ray
[J]. COMPUTERS & SECURITY, 2007, 26 (01) : 26 - 30
[25] Security Risk Assessment of Information Systems in an Indeterminate Environment
Basumatary, Basundhara
Kumar, Chandan
Yadav, Dilip Kumar
[J]. 2021 11TH INTERNATIONAL CONFERENCE ON CLOUD COMPUTING, DATA SCIENCE & ENGINEERING (CONFLUENCE 2021), 2021, : 82 - 87
[26] Information Security Risk Assessment Technology of Cyberspace: a Review
Li Qianmu
Zhang Hong
[J]. INFORMATION-AN INTERNATIONAL INTERDISCIPLINARY JOURNAL, 2012, 15 (11A): : 4677 - 4683
[27] General risk assessment model for information system security
Chi, Yue
Zhang, Yong-Zheng
Yun, Xiao-Chun
[J]. Harbin Gongye Daxue Xuebao/Journal of Harbin Institute of Technology, 2005, 37 (SUPPL. 1): : 192 - 194
[28] Information Security Risk Assessment Methods for the Transportation Industry
Deng Jing
Song LaiQiang
Wu XiaoBo
[J]. INTERNATIONAL CONFERENCE ON SMART TRANSPORTATION AND CITY ENGINEERING 2021, 2021, 12050
[29] INFORMATION SECURITY RISK ASSESSMENT - THE DEVELOPMENT OF THE STANDARD APPROACHES
Wawrzyniak, Dariusz
[J]. 5TH INTERNATIONAL SCIENTIFIC CONFERENCE BUSINESS AND MANAGEMENT' 2008, 2008, : 495 - 500
[30] Network & Information System Security Risk Assessment Technology
Yao Ye
Cai Wandong
Fang Nan
[J]. 2016 13TH INTERNATIONAL BHURBAN CONFERENCE ON APPLIED SCIENCES AND TECHNOLOGY (IBCAST), 2016, : 397 - 401

← 1 2 3 4 5 →