A Data-driven Assessment Model for Information Systems Security Risk Management

被引:4
|
作者
Feng, Nan [1 ]
Yu, Xue [1 ]
机构
[1] Tianjin Univ, Coll Management & Econ, Dept Informat Management & Management Sci, Tianjin, Peoples R China
来源
JOURNAL OF COMPUTERS | 2012年 / 7卷 / 12期
基金
中国国家自然科学基金;
关键词
information systems; risk management; Bayesian networks; genetic algorithm;
D O I
10.4304/jcp.7.12.3103-3109
中图分类号
TP39 [计算机的应用];
学科分类号
081203 ; 0835 ;
摘要
In this paper, a data-driven assessment model for information systems security risk management is proposed based on the knowledge from observed cases and domain experts. In the model, genetic algorithm is applied to search the rules of security risk identification based on historical data. For identifying the causal relationships of risk factors and predict the occurrence probability of security risk, a Bayesian network (BN) is developed. Structure learning and parameter learning are utilized to integrate the database of observed cases with domain expert experience in the development of the BN. The significance of the work is that the model provides more objective and visible support for security risk assessment in the information systems.
引用
收藏
页码:3103 / 3109
页数:7
相关论文
共 50 条
  • [1] A Data-Driven Security Risk Assessment Scheme for Personal Data Protection
    Cha, Shi-Cho
    Yeh, Kuo-Hui
    [J]. IEEE ACCESS, 2018, 6 : 50510 - 50517
  • [2] An efficient security data-driven approach for implementing risk assessment
    Shameli-Sendi, Alireza
    [J]. JOURNAL OF INFORMATION SECURITY AND APPLICATIONS, 2020, 54
  • [3] Information security risk assessment model for risk management
    Wawrzyniak, Dariusz
    [J]. TRUST, PRIVACY, AND SECURITY IN DIGITAL BUSINESS, PROCEEDINGS, 2006, 4083 : 21 - 30
  • [4] Probabilistic Data-driven Assessment of Pavement Management Systems
    Tari, Yasamin Sadat Hashemi
    Wang, Ming L.
    [J]. STRUCTURAL HEALTH MONITORING 2015: SYSTEM RELIABILITY FOR VERIFICATION AND IMPLEMENTATION, VOLS. 1 AND 2, 2015, : 2399 - 2406
  • [5] Exploration on human resource management and prediction model of data-driven information security in Internet of Things
    Niu, Xuejie
    [J]. HELIYON, 2024, 10 (09)
  • [6] Efficient Database Generation for Data-Driven Security Assessment of Power Systems
    Thams, Florian
    Venzke, Andreas
    Eriksson, Robert
    Chatzivasileiadis, Spyros
    [J]. IEEE TRANSACTIONS ON POWER SYSTEMS, 2020, 35 (01) : 30 - 41
  • [7] A Data-driven Security Game to Facilitate Information Security Education
    Lovgren, Dag Erik Homdrum
    Li, Jingyue
    Oyetoyan, Tosin Daniel
    [J]. 2019 IEEE/ACM 41ST INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING: COMPANION PROCEEDINGS (ICSE-COMPANION 2019), 2019, : 256 - 257
  • [8] Information Security Risk Management Model for Big Data
    Yang, Min
    [J]. ADVANCES IN MULTIMEDIA, 2022, 2022
  • [9] An online data-driven risk assessment method for resilient distribution systems
    Lin, Chaofan
    Liu, Fei
    Zhang, Liyin
    Li, Gengfeng
    Chen, Chen
    Bie, Zhaohong
    [J]. CPSS Transactions on Power Electronics and Applications, 2021, 6 (02): : 138 - 144
  • [10] Data-Driven Techniques in Disaster Information Management
    Li, Tao
    Xie, Ning
    Zeng, Chunqiu
    Zhou, Wubai
    Zheng, Li
    Jiang, Yexi
    Yang, Yimin
    Ha, Hsin-Yu
    Xue, Wei
    Huang, Yue
    Chen, Shu-Ching
    Navlakha, Jainendra
    Iyengar, S. S.
    [J]. ACM COMPUTING SURVEYS, 2017, 50 (01)
12345