A Data-driven Assessment Model for Information Systems Security Risk Management

被引:4
|
作者
Feng, Nan [1 ]
Yu, Xue [1 ]
机构
[1] Tianjin Univ, Coll Management & Econ, Dept Informat Management & Management Sci, Tianjin, Peoples R China
来源
JOURNAL OF COMPUTERS | 2012年 / 7卷 / 12期
基金
中国国家自然科学基金;
关键词
information systems; risk management; Bayesian networks; genetic algorithm;
D O I
10.4304/jcp.7.12.3103-3109
中图分类号
TP39 [计算机的应用];
学科分类号
081203 ; 0835 ;
摘要
In this paper, a data-driven assessment model for information systems security risk management is proposed based on the knowledge from observed cases and domain experts. In the model, genetic algorithm is applied to search the rules of security risk identification based on historical data. For identifying the causal relationships of risk factors and predict the occurrence probability of security risk, a Bayesian network (BN) is developed. Structure learning and parameter learning are utilized to integrate the database of observed cases with domain expert experience in the development of the BN. The significance of the work is that the model provides more objective and visible support for security risk assessment in the information systems.
引用
收藏
页码:3103 / 3109
页数:7
相关论文
共 50 条
  • [41] DECISION SUPPORT SYSTEMS DESIGN FOR DATA-DRIVEN MANAGEMENT
    Lei, Ningrong
    Moon, Seung Ki
    [J]. PROCEEDINGS OF THE ASME INTERNATIONAL DESIGN ENGINEERING TECHNICAL CONFERENCES AND COMPUTERS AND INFORMATION IN ENGINEERING CONFERENCE, 2014, VOL 2A, 2014,
  • [42] Data-Driven Revenue Management: The Interplay of Data, Model, and Decisions
    Chen, Ningyuan
    Hu, Ming
    [J]. SERVICE SCIENCE, 2023, 15 (02): : 79 - 91
  • [43] Data-driven food supply chain management and systems
    Zhong, Ray Y.
    Tan, Kim
    Bhaskaran, Gopalakrishnan
    [J]. INDUSTRIAL MANAGEMENT & DATA SYSTEMS, 2017, 117 (09) : 1779 - 1781
  • [44] Data-driven decision-making in credit risk management: The information value of analyst reports
    Roeder, Jan
    Palmer, Matthias
    Muntermann, Jan
    [J]. DECISION SUPPORT SYSTEMS, 2022, 158
  • [45] Data-driven information for action
    Wulff, Kristin
    Finnestrand, Hanne
    [J]. GIO-GRUPPE-INTERAKTION-ORGANISATION-ZEITSCHRIFT FUER ANGEWANDTE ORGANISATIONSPSYCHOLOGIE, 2023, 54 (01): : 65 - 77
  • [46] Review of Data-Driven Techniques for On-Line Static and Dynamic Security Assessment of Modern Power Systems
    De Caro, Fabrizio
    Collin, Adam John
    Giannuzzi, Giorgio Maria
    Pisani, Cosimo
    Vaccaro, Alfredo
    [J]. IEEE ACCESS, 2023, 11 : 130644 - 130673
  • [47] Security Vulnerability and Patch Management in Electric Utilities: A Data-Driven Analysis
    Zhang, Fengli
    Li, Qinghua
    [J]. PROCEEDINGS OF THE FIRST WORKSHOP ON RADICAL AND EXPERIENTIAL SECURITY (RESEC'18), 2018, : 65 - 68
  • [48] Security of Data and Information in Vessel Traffic Management Information Systems
    Ristov, Panco
    Mrvica, Ante
    Komadina, Pavao
    [J]. NASE MORE, 2016, 63 (01): : 1 - 8
  • [49] A security risk analysis model for information systems
    In, HP
    Kim, YG
    Lee, T
    Moon, CJ
    Jung, YJ
    Kim, I
    [J]. SYSTEMS MODELING AND SIMULATION: THEORY AND APPLICATIONS, 2005, 3398 : 505 - 513
  • [50] Data-driven worst conditional value at risk energy management model of energy station
    He, Shuaijia
    Gao, Hongjun
    Chen, Zhe
    Liu, Junyong
    [J]. ENERGY, 2023, 266
12345