Information security risk reduction based on genetic algorithm

Author

Tamjidyamcholo, Alireza

Author_Institution

Dept. of Comput. Sci. & Inf. Technol., Univ. of Malaya, Kuala Lumpur, Malaysia

fYear

2012

fDate

26-28 June 2012

Firstpage

122

Lastpage

127

Abstract

Nowadays, information systems comprise a crucial part of organizations; by losing security, these organizations will lose plenty of competitive advantages as well. The core point of information security (InfoSecu) is risk management. There are a great deal of research works and standards in security risk management (ISRM) including NIST 800-30 and ISO/IEC 27005. However, only few works of research focus on InfoSecu risk reduction, and while the standards explain general principles and guidelines, they do not provide any implementation details regarding ISRM. Reducing the InfoSecu risks in uncertain environments is painstaking. Thus, this paper applied a genetic algorithm (GA) for InfoSecu risk reduction in uncertainty. Finally, the effectiveness of the applied method was verified through an example.

Keywords

IEC standards; ISO standards; genetic algorithms; information systems; organisational aspects; risk analysis; security of data; ISO/IEC 27005 standard; ISRM; InfoSecu; NIST 800-30 standard; genetic algorithm; information security risk management; information security risk reduction; information systems; uncertain environments; Biological cells; Genetic algorithms; Information security; Organizations; Risk management; Uncertainty; Genetic Algorithm; Information Security; Risk Reduction;

fLanguage

English

Publisher

ieee

Conference_Titel

Cyber Security, Cyber Warfare and Digital Forensic (CyberSec), 2012 International Conference on

Conference_Location

Kuala Lumpur

Print_ISBN

978-1-4673-1425-1

Type

conf

DOI

10.1109/CyberSec.2012.6246088

Filename

6246088