350 rub
Journal Neurocomputers №5 for 2012 г.
Article in number:
Model and method for analysis of computer systems information security risks, based on hybrid fuzzy models
Authors:
M.M. Goncharov
Abstract:
International and domestic standards relating to the information security management, are the basis for the mechanisms of information and managing risks analysis, assessing business continuity organization, planning and control systems security. Today, there are a large number of used methods and software tools automating the basic steps and procedures of analysis and risk management in complex information systems.
However, the existing information security standards do not reflect specific requirements for information security of computer systems. Available methods of analysis and risk management systems are for commercial or industrial usage. In addition, due to the nature of information security of computer systems, assessment of risks and damages has some difficulties.
Remedy of these deficiencies and improving the efficiency of decision-making by assessing and reducing security risks are possible through construction and analysis of cognitive models that take features of complex computer systems as a distributed object-specific security processes and technologies of information security.
Hybrid fuzzy model based on fuzzy cognitive maps and fuzzy automata, and method of its construction are proposed. List of elements that determine the state of security of computer systems required for the construction of fuzzy cognitive maps and fuzzy automata is developed. Examples of the construction of fuzzy cognitive maps and fuzzy automata in the framework of a hybrid fuzzy model for information security risks evaluation are given. The method for the analysis of information security risks based on the proposed hybrid fuzzy model is presented.
Pages: 9-15
References
- Борисов В.В., Круглов В.В., Федулов A.C. Нечеткие модели и сети. М.: Горячая линия - Телеком. 2007.
- Галатенко В.А.Основы информационной безопасности / под ред. В.Б. Бетелена. М.: ИНТУИТ.РУ «Интернет-Университет Информационных технологий». 2003.
- Гончаров М.М. Об актуальности внедрения анализа рисков информационной безопасности // Сборник трудов по материалам III межвузовской научно-практической студенческой конференции «Молодежь. Наука. Инновации», Смоленск. 2010. С. 137-139.
- Корченко А.Г. Построение системы защиты информации на нечетких множествах. Теория и практические решения. К.: «МК-Пресс». 2006.
- Carvalho J. P., Tome J. A. Qualitative modeling of an economic system using Rule Based Fuzzy Cognitive Maps // FUZZ-IEEE 2007. IEEE InternationalConference on Fuzzy Systems. Budapest. 2007. Р. 659-663.