A. I. Kuralenko - Post-graduate Student, TUSUR. E-mail: Kuralenko@outlook.com

In the article the question of assessing the efficiency of information security. Such systems require periodic evaluation of the effectiveness. The existing approaches are based either on the performance requirements of the standards in the field of information security or risk management. That does not allow a quantitative estimate without considering the potential damage. Propose a method for quantitative evaluation of the effectiveness of knowledge-based expert on the probability of threats to information security and the adequacy of measures that can counter this threat. Moreover, the provision of such a system is formed as reference fuzzy statements that establish a connection between the fuzzy values of input and output parameters. It uses linguistic variables. Next, define the rules of fuzzy inference and membership functions are constructed for each of the linguistic variables, the knowledge base is formed. Knowing the values of the input parameters, the knowledge base using the algorithm Mamdani fuzzy inference, we obtain a quantitative estimate of the output for a specific security threat to information security. Assess the effectiveness of implementation of the method is executed in a batch environment FUZZY LOGIC in MATLAB. Simulation results with the specified input parameters are obtained adequate values of performance evaluation. Method of performance evaluation based on fuzzy logic is used to audit the information security of automated systems.