使用模糊认知图建模因果依赖事件

2014 IEEE International Conference on Computational Intelligence and Computing Research Pub Date : 2014-12-01 DOI:10.1109/ICCIC.2014.7238339

R. Sarala, G. Zayaraz, V. Vijayalakshmi, R. Sivaranjani

{"title":"使用模糊认知图建模因果依赖事件","authors":"R. Sarala, G. Zayaraz, V. Vijayalakshmi, R. Sivaranjani","doi":"10.1109/ICCIC.2014.7238339","DOIUrl":null,"url":null,"abstract":"The increase in the number of security breaches has made information security risk management an essential security activity for all type of organizations. Risk Management involves assessment involves identification of assets, threats and vulnerabilities. Attacks by outsiders continue to cause the most security breaches to all organizations. Existing approaches like attack graph based risk assessment have scalability issues and focus on only single step attacks. It is very difficult to predict multistep attacks that exploit a chain of vulnerabilities. The multistep attacks are based on the causality of relation where every cause has an effect. Causality refers to a cause i.e. one event and consequences i.e. another event that has occurred because of the cause. The proposed system aims to make use of fuzzy cognitive maps to model the causally dependent events. Fuzzy cognitive map is a concrete representation of knowledge that can handle incomplete or conflicting information. This is very important in risk assessment because important information may be unreliable as they may be a result of unreliable measurement techniques. The proposed system will aid in proactive information security risk assessment.","PeriodicalId":187874,"journal":{"name":"2014 IEEE International Conference on Computational Intelligence and Computing Research","volume":"342 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Modeling causally dependent events using fuzzy cognitive maps\",\"authors\":\"R. Sarala, G. Zayaraz, V. Vijayalakshmi, R. Sivaranjani\",\"doi\":\"10.1109/ICCIC.2014.7238339\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The increase in the number of security breaches has made information security risk management an essential security activity for all type of organizations. Risk Management involves assessment involves identification of assets, threats and vulnerabilities. Attacks by outsiders continue to cause the most security breaches to all organizations. Existing approaches like attack graph based risk assessment have scalability issues and focus on only single step attacks. It is very difficult to predict multistep attacks that exploit a chain of vulnerabilities. The multistep attacks are based on the causality of relation where every cause has an effect. Causality refers to a cause i.e. one event and consequences i.e. another event that has occurred because of the cause. The proposed system aims to make use of fuzzy cognitive maps to model the causally dependent events. Fuzzy cognitive map is a concrete representation of knowledge that can handle incomplete or conflicting information. This is very important in risk assessment because important information may be unreliable as they may be a result of unreliable measurement techniques. The proposed system will aid in proactive information security risk assessment.\",\"PeriodicalId\":187874,\"journal\":{\"name\":\"2014 IEEE International Conference on Computational Intelligence and Computing Research\",\"volume\":\"342 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2014-12-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2014 IEEE International Conference on Computational Intelligence and Computing Research\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICCIC.2014.7238339\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2014 IEEE International Conference on Computational Intelligence and Computing Research","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICCIC.2014.7238339","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

摘要

安全漏洞数量的增加使得信息安全风险管理成为所有类型组织的基本安全活动。风险管理涉及评估，涉及识别资产、威胁和弱点。外部攻击仍然是所有组织中最严重的安全漏洞。现有的方法，如基于攻击图的风险评估，存在可伸缩性问题，并且只关注单步攻击。很难预测利用一系列漏洞的多步攻击。多步骤攻击是基于关系的因果关系，其中每个原因都有结果。因果关系指的是原因，即一个事件和结果，即由于原因而发生的另一个事件。该系统旨在利用模糊认知图对因果依赖事件进行建模。模糊认知地图是一种知识的具体表示，可以处理不完整或冲突的信息。这在风险评估中非常重要，因为重要的信息可能是不可靠的，因为它们可能是不可靠的测量技术的结果。拟议的系统将有助于进行主动的信息安全风险评估。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Modeling causally dependent events using fuzzy cognitive maps

The increase in the number of security breaches has made information security risk management an essential security activity for all type of organizations. Risk Management involves assessment involves identification of assets, threats and vulnerabilities. Attacks by outsiders continue to cause the most security breaches to all organizations. Existing approaches like attack graph based risk assessment have scalability issues and focus on only single step attacks. It is very difficult to predict multistep attacks that exploit a chain of vulnerabilities. The multistep attacks are based on the causality of relation where every cause has an effect. Causality refers to a cause i.e. one event and consequences i.e. another event that has occurred because of the cause. The proposed system aims to make use of fuzzy cognitive maps to model the causally dependent events. Fuzzy cognitive map is a concrete representation of knowledge that can handle incomplete or conflicting information. This is very important in risk assessment because important information may be unreliable as they may be a result of unreliable measurement techniques. The proposed system will aid in proactive information security risk assessment.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2014 IEEE International Conference on Computational Intelligence and Computing Research

自引率

0.00%

发文量