Evaluation of security risks using Apriori algorithm

Abstract

The progress of IT technologies offers many means to collect and store an extremely large quantity of data and conveys a prodigious quantity of information in several sectors of activity. However, this progress is not only exposed to classic operational risks such as fire or blackouts, but also to various viruses and data theft. These extremely technologically complex risks have risen a big challenge at responding to a large-scale of intangible threats within an industry of perpetual change. Wherefore, the value of Security Risk Assessment "SRA" at ensuring the protection of the organizations' business services. However, conducting SRA is difficult and time-consuming and its results may not project the risky behaviors which often leads to unnecessary controls being implemented. Therefore, we tolerate using the Apriori algorithm as a prominent approach accurately determining the threat sources emerging within the risky behaviors. The Apriori algorithm is very useful at better mapping the relationship between organization critical assets and the potential threats-vulnerabilities. We use a history dataset of security risks in order to determine association rules between vulnerabilities and the potential threats. The algorithm performs classification which successfully reduces assessment time. As a result, the improved algorithm undertakes recommendations for a better SRA conduction.