JCP 2012 Vol.7(12): 3103-3109 ISSN: 1796-203X
doi: 10.4304/jcp.7.12.3103-3109
doi: 10.4304/jcp.7.12.3103-3109
A Data-driven Assessment Model for Information Systems Security Risk Management
Nan Feng, Xue Yu
Tianjin University, Tianjin, China
Abstract—In this paper, a data-driven assessment model for information systems security risk management is proposed based on the knowledge from observed cases and domain experts. In the model, genetic algorithm is applied to search the rules of security risk identification based on historical data. For identifying the causal relationships of risk factors and predict the occurrence probability of security risk, a Bayesian network (BN) is developed. Structure learning and parameter learning are utilized to integrate the database of observed cases with domain expert experience in the development of the BN. The significance of the work is that the model provides more objective and visible support for security risk assessment in the information systems.
Index Terms—Information systems, risk management, Bayesian networks, genetic algorithm.
Abstract—In this paper, a data-driven assessment model for information systems security risk management is proposed based on the knowledge from observed cases and domain experts. In the model, genetic algorithm is applied to search the rules of security risk identification based on historical data. For identifying the causal relationships of risk factors and predict the occurrence probability of security risk, a Bayesian network (BN) is developed. Structure learning and parameter learning are utilized to integrate the database of observed cases with domain expert experience in the development of the BN. The significance of the work is that the model provides more objective and visible support for security risk assessment in the information systems.
Index Terms—Information systems, risk management, Bayesian networks, genetic algorithm.
Cite: Nan Feng, Xue Yu, "A Data-driven Assessment Model for Information Systems Security Risk Management," Journal of Computers vol. 7, no. 12, pp. 3103-3109, 2012.
NEXT PAPER
Last page
General Information
ISSN: 1796-203X
Abbreviated Title: J.Comput.
Frequency: Bimonthly
Abbreviated Title: J.Comput.
Frequency: Bimonthly
Editor-in-Chief: Prof. Liansheng Tan
Executive Editor: Ms. Nina Lee
Abstracting/ Indexing: DBLP, EBSCO, ProQuest, INSPEC, ULRICH's Periodicals Directory, WorldCat,etc
E-mail: jcp@iap.org
-
Nov 14, 2019 News!
Vol 14, No 11 has been published with online version [Click]
-
Mar 20, 2020 News!
Vol 15, No 2 has been published with online version [Click]
-
Dec 16, 2019 News!
Vol 14, No 12 has been published with online version [Click]
-
Sep 16, 2019 News!
Vol 14, No 9 has been published with online version [Click]
-
Aug 16, 2019 News!
Vol 14, No 8 has been published with online version [Click]
- Read more>>