• DocumentCode
    718521
  • Title

    Information security risk assessment and management method in computer networks

  • Author

    Anikin, Igor V.

  • Author_Institution
    Inf. Security Syst. Dept., Kazan Nat. Res. Tech. Univ. named after A.N.Tupolev-KAI, Kazan, Russia
  • fYear
    2015
  • fDate
    21-23 May 2015
  • Firstpage
    1
  • Lastpage
    5
  • Abstract
    We suggested a method for quantitative information security risk assessment and management in computer networks. We used questionnaires, expert judgments, fuzzy logic and analytic hierarchy process to evaluate an impact and possibility values for specific threats. We suggested fuzzy extension of Common Vulnerability Scoring System for vulnerability assessment. Fuzzy prediction rules are used to describe expert´s knowledge about vulnerabilities.
  • Keywords
    analytic hierarchy process; computer network security; fuzzy logic; risk management; analytic hierarchy process; common vulnerability scoring system; computer network; fuzzy logic; fuzzy prediction; information security risk assessment method; information security risk management method; vulnerability assessment; Analytic hierarchy process; Fuzzy logic; Information security; Measurement; Risk management; Servers; analytic hierarchy process; fuzzy logic; information security risks;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Control and Communications (SIBCON), 2015 International Siberian Conference on
  • Conference_Location
    Omsk
  • Print_ISBN
    978-1-4799-7102-2
  • Type

    conf

  • DOI
    10.1109/SIBCON.2015.7146975
  • Filename
    7146975
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=718521