scholarly journals Constructing a model for the dynamic evaluation of vulnerability in software based on public sources

2021 ◽  
Vol 6 (2 (114)) ◽  
pp. 19-29
Author(s):  
Yuliia Tatarinova ◽  
Olga Sinelnikova
Keyword(s):  
Mathematical Model ◽  
Information Security ◽  
Technical Information ◽  
General System ◽  
Security Risks ◽  
Dynamic Evaluation ◽  
System A ◽  
Neuro Fuzzy ◽  
The Cost ◽  
The Impact

One of the key processes in software development and information security management is the evaluation of vulnerability risks. Analysis and evaluation of vulnerabilities are considered a resource-intensive process that requires high qualifications and a lot of technical information. The main opportunities and drawbacks of existing systems for evaluation of vulnerability risks in software, which include the lack of consideration of the impact of trends and the degree of popularity of vulnerability on the final evaluation, were analyzed. During the study, the following information was analyzed in the structured form: the vector of the general system of vulnerability evaluation, the threat type, the attack vector, the existence of the original code with patches, exploitation programs, and trends. The obtained result made it possible to determine the main independent characteristics, the existence of a correlation between the parameters, the order, and schemes of the relationships between the basic magnitudes that affect the final value of evaluation of vulnerability impact on a system. A dataset with formalized characteristics, as well as expert evaluation for further construction of a mathematical model, was generated. Analysis of various approaches and methods for machine learning for construction of a target model of dynamic risk evaluation was carried out: neuro-fuzzy logic, regression analysis algorithms, neuro-network modeling. A mathematical model of dynamic evaluation of vulnerability risk in software, based on the dynamics of spreading information about a vulnerability in open sources and a multidimensional model with an accuracy of 88.9 %, was developed. Using the obtained model makes it possible to reduce the analysis time from several hours to several minutes and to make a more effective decision regarding the establishment of the order of patch prioritization, to unify the actions of experts, to reduce the cost of managing information security risks

From statistics, through new requirements to mathematical modelling of SAT aircraft safety

2018 ◽  
Vol 90 (4) ◽  
pp. 659-666
Author(s):  
Bartosz Dziugiel ◽  
Zdobyslaw Jan Goraj
Keyword(s):  
Mathematical Model ◽  
Business Models ◽  
Federal Aviation Administration ◽  
Safety Level ◽  
Content Type ◽  
Technical Specifications ◽  
Safety Estimation ◽  
The Cost ◽  
The Impact ◽  
Small Aircraft

Purpose The purpose of this study is to investigate the influence of the technical and operational specifications of the Small Aircraft Transport System (SAT/SATS) to the achieved safety level. Design/methodology/approach Safety estimation was made with the use of mathematical model of safety of light aircraft in commercial operations developed on the basis of Federal Aviation Administration (FAA) data. The analysis was conducted for two different SATS business models based on Direct AiR Transport (DART) concept. It allowed for the investigation of the impact of technical specifications of the aircraft included into the SATS fleet as well as the selected elements of the applied business model on SATS safety level. Findings It was found that the proposed changes to DART system resulted in a significant improvement of safety. Mean Time Between Incidents and Accident (MTBIA) increased by 200 per cent. Additionally, the introduced alterations impacted the weights of particular domains and pilot’s error became less critical than the technical reliability. Practical implications It was shown that the application of new requirements influences both the safety level and the cost of operation, which was demonstrated within the ESPOSA and DART projects. Additionally, it was indicated that further effort to improve the light aircraft safety is absolutely necessary. Originality/value Originality consists in combining in one mathematical model both the aircraft configuration and the rules for business operation. Optimization of selected parameters of the system leads to a significant reduction in the accident number and to keeping the cost increment at a reasonable level. It was also found that the resulted improvement sometimes cannot be sufficient to consider a small aircraft operation fully safe, mainly owing to the numerous restrictions because of its small weight and loading capacity.

scholarly journals A dynamic model for crime control and policy evaluation

1999 ◽  
Vol 4 (6) ◽  
pp. 489-504 ◽  
Author(s):  
N. U. Ahmed ◽  
M. A. Rahim
Keyword(s):  
Mathematical Model ◽  
Dynamic Model ◽  
Legal System ◽  
Policy Evaluation ◽  
Performance Index ◽  
Crime Control ◽  
Preventive Measures ◽  
The Cost ◽  
The Impact ◽  
Rigorous Mathematical Model

The paper is concerned with the development of a rigorous mathematical model describing the dynamics of criminal population subject to sentencing policies of any penal (legal) system. The model enables evaluation of the impact of preventive measures used in the society and correctional measures used by the penitentiaries. A performance index reflecting the effectiveness of such measures and the cost to the society for providing the same is introduced and the question of optimality discussed.

scholarly journals MODELING OF INFORMATION SECURITY SYSTEM IN COMPUTER NETWORK

2019 ◽  
pp. 36-41
Author(s):  
Bogdan Korniyenko ◽  
Liliya Galata
Keyword(s):  
Information Security ◽  
Computing System ◽  
Security System ◽  
Third Party ◽  
Virtual Network ◽  
Service Reliability ◽  
Network Simulator ◽  
Network Bandwidth ◽  
The Cost ◽  
The Impact

This article presents simulation modeling process as the way to study the behavior of the Information Security system. Graphical Network Simulator is used for modeling such system and Kali Linux is used for penetration testing and security audit. To implement the project GNS3 package is selected. GNS3 is a graphical network emulator that allows you to simulate a virtual network of more than 20 different manufacturers on a local computer, connect a virtual network to a real one, add a full computer to the network, Third-party Applications for network packet analysis are supported. Depending on the hardware platform on which GNS3 will be used, it is possible to build complex projects consisting of routers Cisco, Cisco ASA, Juniper, as well as servers running network operating systems. Using modeling in the design of computing systems, you can: estimate the bandwidth of the network and its components; identify vulnerability in the structure of computing system; compare different organizations of a computing system; make a perspective development forecast for computer system; predict future requirements for network bandwidth; estimate the performance and the required number of servers in the network; compare various options for computing system upgrading; estimate the impact of software upgrades, workstations or servers power, network protocols changes on the computing system. Research computing system parameters with different characteristics of the individual components allows us to select the network and computing equipment, taking into account its performance, quality of service, reliability and cost. As the cost of a single port in active network equipment can vary depends on the manufacturer's equipment, technology used, reliability, manageability. The modeling can minimize the cost of equipment for the computing system. The modeling becomes effective when the number of workstations is 50-100, and when it more than 300, the total savings could reach 30-40% of project cost

scholarly journals THE IMPACT OF LOGISTICS ON THE COST OF PREFABRICATED CONSTRUCTION

2021 ◽  
Vol 8 (1) ◽  
pp. 65-71
Author(s):  
Alena Tažiková ◽  
Zuzana Struková
Keyword(s):  
Construction Cost ◽  
Transport Cost ◽  
Construction Time ◽  
System A ◽  
Construction Contractor ◽  
Rational Construction ◽  
The Cost ◽  
The Impact ◽  
Family House ◽  
Construction System

The aim of the paper is to emphasize the need for logistics planning in prefabricated construction in Slovakia. A construction contractor can achieve profit and efficiency of a construction project through well-managed resource logistics. Moreover, it helps to ensure the competitiveness of prefabricated construction compared to traditional on-site construction. In the case study of a wood-based family house, the construction cost and the transport cost are analysed in relation to available logistics chains. Three variants of wood-based construction systems are adopted in the study: the column-beam construction system, the construction system based on Structural Insulated Panels (SIPs) and the panel construction system. The results of the study found that the transport cost does not represent a large share of the total construction cost of the wood-based family house. This applies to all three variants of the construction system. A well-planned logistics of resources – people, materials, machines – can help to achieve an efficient and rational construction cost and construction time of a project. Thus, a client of a wood-based prefabricated building does not have to worry that the transport cost related to the transport of large, prefabricated components will make the construction of the building markedly more expensive.

scholarly journals Melacak Dampak Perubahan Iklim Terhadap Kondisi Makroekonomi dengan Teori Permainan Dinamis

2018 ◽  
Vol 7 (2) ◽  
pp. 57-62
Author(s):  
Muhammad Wakhid Musthofa
Keyword(s):  
Climate Change ◽  
Economic Growth ◽  
Mathematical Model ◽  
Equation System ◽  
Output Function ◽  
Macroeconomic Conditions ◽  
System A ◽  
Economic Growth Model ◽  
The Impact ◽  
The Mathematical Model

Makalah ini membahas tentang model matematika dampak perubahan iklim terhadap kondisi makroekonomi suatu negara. Dengan mengacu pada model pertumbuhan ekonomi endogen pada suatu negara, dengan fungsi output berbentuk fungsi Cobb-Douglas akan diturunkan model matematika yang mendeskripsikan dampak perubahan iklim terhadap kondisi makroekonomi suatu negara. Selanjutnya, akan dikonstruksikan pula fungsi ongkos yang berhubungan dengan model matematika yang telah diturunkan. Mengingat model matematika tersebut masih dalam bentuk sistem persamaan nonlinear, maka diperlukan proses linearisasi untuk menghasilkan model matematika yang linear sehingga memudahkan untuk dianalisis maupun diaplikasikan. [This paper discusses the mathematical model of the impact of climate change on the macroeconomic conditions of a country. By referring to an endogenous economic growth model in a country, with the output function in the form of a Cobb-Douglas function, a mathematical model will be described that describes the effects of climate change on the macroeconomic conditions of a country. Furthermore, it will also construct cost functions related to mathematical models that have been derived. Considering that the mathematical model is still in the form of a nonlinear equation system, a linearisation process is needed to produce a linear mathematical model that makes it easy to analyze and apply.]

Book Reviews

2014 ◽  
Vol 52 (4) ◽  
pp. 1177-1178
Keyword(s):  
Information Security ◽  
Credit Card ◽  
Personal Data ◽  
Security And Privacy ◽  
Management Tool ◽  
Security Risks ◽  
Economics Of Information ◽  
Security Costs ◽  
The Cost ◽  
The University

Shane Greenstein of Northwestern University reviews “The Economics of Information Security and Privacy”, by Rainer Bohme. The Econlit abstract of this book begins: “Thirteen papers, revised and previously presented at the 11th Workshop on the Economics of Information Security held in Berlin in June 2012, explore the economics of information security and privacy, focusing on the management of information security, the economics of information security, the economics of privacy, and the economics of cybercrime. Papers discuss information security costs; whether to invest or not to invest--assessing the economic viability of a policy and security configuration management tool; ad-blocking games--monetizing online content under the threat of ad avoidance; software security economics--theory, in practice; an empirical study on information security behaviors and awareness; sectoral and regional interdependency of Japanese firms under the influence of information security risks; whether we can afford integrity by proof-of-work--scenarios inspired by the Bitcoin currency; online promiscuity--prophylactic patching and the spread of computer transmitted infections; the privacy economics of voluntary overdisclosure in web forms; choice architecture and smartphone privacy--there's a price for that; personal data disclosure in a simulated credit card application; measuring the cost of cybercrime; and an analysis of e-crime in crowd-sourced labor markets--Mechanical Turk versus Freelancer. Böhme is with the European Research Center for Information Systems at the University of Münster.”

scholarly journals A mathematical model of information security for a mining company

2020 ◽  
Vol 174 ◽  
pp. 04012
Author(s):  
Aleksandr Kirenberg ◽  
Aleksey Medvedev ◽  
Evgeniya Prokopenko
Keyword(s):  
Mathematical Model ◽  
Information Security ◽  
Cost Effective ◽  
Economic Security ◽  
Economic Systems ◽  
Security Risks ◽  
Mining Company ◽  
The Relationship ◽  
A Company ◽  
Efficiency Indicators

The relationship between the concepts of information and economic security in terms of their use in assessing the efficiency of business planning in a company using standard efficiency indicators (NPV) is discussed in the article. The necessity of using optimization models and methods for solving problems of information and economic security in a company is substantiated. A mathematical model has been developed to minimize the information security risks of a cost-effective company in the form of a two-objective linear optimal control problem. The conclusion is drawn about the possibility of using a mathematical model of information and economic security, as a component in the analysis of the investment attractiveness of economic systems and, in particular, small and medium- sized businesses.

scholarly journals Information Security Risk Assessment

Encyclopedia ◽  
2021 ◽  
Vol 1 (3) ◽  
pp. 602-617
Author(s):  
Ievgeniia Kuzminykh ◽  
Bogdan Ghita ◽  
Volodymyr Sokolov ◽  
Taimur Bakhshi
Keyword(s):  
Risk Assessment ◽  
Information System ◽  
Information Security ◽  
Management Practices ◽  
Security Risk ◽  
Security Risks ◽  
Information Security Risk ◽  
Security Risk Assessment ◽  
The Cost ◽  
Cost Of Protection

Information security risk assessment is an important part of enterprises’ management practices that helps to identify, quantify, and prioritize risks against criteria for risk acceptance and objectives relevant to the organization. Risk management refers to a process that consists of identification, management, and elimination or reduction of the likelihood of events that can negatively affect the resources of the information system to reduce security risks that potentially have the ability to affect the information system, subject to an acceptable cost of protection means that contain a risk analysis, analysis of the “cost-effectiveness” parameter, and selection, construction, and testing of the security subsystem, as well as the study of all aspects of security.

Sign in / Sign up

Export Citation Format

Share Document