An information Security Risk Assessment Method Based on Conduct Effect and Dynamic Threat

被引：0

作者：

Qiao Hong ^{[1
]}

Tian Jianwei ^{[1
]}

Tian Zheng ^{[1
]}

Qi Wenhui ^{[1
]}

Li Xi ^{[1
]}

Zhu Hongyu ^{[1
]}

Chen Shengsheng ^{[1
]}

机构：

[1] State Grid Hunan Elect Power Corp Res Inst, Changsha 410007, Hunan, Peoples R China

来源：

PROCEEDINGS OF 2017 8TH IEEE INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING AND SERVICE SCIENCE (ICSESS 2017) | 2017年

关键词：

Information Security Risk Assessment; Dynamic Threat; risk conduct effect;

D O I：

暂无

中图分类号：

TP31 [计算机软件];

学科分类号：

081202 ; 0835 ;

摘要：

Traditional Information Security Risk Assessment method did not consider the dynamic characteristic and risk conduct effect among assets, which makes the assessment result inaccurately. To solve this problem, this paper proposes a novel Information Security Risk Assessment method based on Conduct effect and Dynamic threat (ISRACD). ISRACD adopts DTC (Dynamic Threat Calculation) method to calculate threat degree more objectively. Besides, ISRACD proposes ACEC (Asset Conduct Effect Calculation) method to describe the conduct effect among assets and quantify the conduct value. Based on the two methods, ISRACD can obtain the security level more precisely.

引用

页码：782 / 786

页数：5

共 50 条

[31] A novel intelligent assessment method for SCADA information security risk based on causality analysis
Yang, Li
Cao, Xiedong
Geng, Xinyu
CLUSTER COMPUTING-THE JOURNAL OF NETWORKS SOFTWARE TOOLS AND APPLICATIONS, 2019, 22 (Suppl 3): : S5491 - S5503
[32] Network security threat assessment method based on unsupervised generation reasoning
Yang H.
Wang F.
Lü W.
Qinghua Daxue Xuebao/Journal of Tsinghua University, 2020, 60 (06): : 474 - 484
[33] An Information Security Threat Assessment Model based on Bayesian Network and OWA Operator
Wu, Kehe
Ye, Shichao
APPLIED MATHEMATICS & INFORMATION SCIENCES, 2014, 8 (02): : 833 - 838
[34] Robust Cyber-threat and Vulnerability Information Analyzer for Dynamic Risk Assessment
Malik, Adeel A.
Tosh, Deepak K.
2021 IEEE INTERNATIONAL MEDITERRANEAN CONFERENCE ON COMMUNICATIONS AND NETWORKING (IEEE MEDITCOM 2021), 2021, : 168 - 173
[35] Information Security Risk Assessment and Management Method in Computer Networks
Anikin, Igor V.
2015 INTERNATIONAL SIBERIAN CONFERENCE ON CONTROL AND COMMUNICATIONS (SIBCON), 2015,
[36] Threat Scenario Dependency-Based Model of Information Security Risk Analysis
Rahmad, Basuki
Supangkat, Suhono H.
Sembiring, Jaka
Surendro, Kridanto
INTERNATIONAL JOURNAL OF COMPUTER SCIENCE AND NETWORK SECURITY, 2010, 10 (08): : 93 - 102
[37] Method of Constructing a Visualization of Threat Model of Information Security
Manzhosov, A., V
Bolodurina, I. P.
2020 IEEE 14TH INTERNATIONAL CONFERENCE ON APPLICATION OF INFORMATION AND COMMUNICATION TECHNOLOGIES (AICT2020), 2020,
[38] Towards Automated Threat-Based Risk Assessment for Cyber Security in Smarthomes
Pandey, Pankaj
Collen, Anastasija
Nijdam, Niels
Anagnostopoulos, Marios
Katsikas, Sokratis
Konstantas, Dimitri
PROCEEDINGS OF THE 18TH EUROPEAN CONFERENCE ON CYBER WARFARE AND SECURITY (ECCWS 2019), 2019, : 839 - 844
[39] Research on Privacy Security Risk Assessment Method of Mobile Commerce Based on Information Entropy and Markov
Zhang, Tao
Zhao, Kun
Yang, Ming
Gao, Tilei
Xie, Wanyu
WIRELESS COMMUNICATIONS & MOBILE COMPUTING, 2020, 2020
[40] Attack Tree Based Information Security Risk Assessment Method Integrating Enterprise Objectives with Vulnerabilities
Karabey, Bugra
Baykal, Nazife
INTERNATIONAL ARAB JOURNAL OF INFORMATION TECHNOLOGY, 2013, 10 (03) : 297 - 304

← 1 2 3 4 5 →