scholarly journals Dynamic Expert System-Based Geographically Adapted Malware Risk Evaluation Method

2020 ◽  
Vol 15 (3) ◽  
Author(s):  
Donatas Vitkus ◽  
Justina Jezukevičiūtė ◽  
Nikolaj Goranin
Keyword(s):  
Risk Assessment ◽  
Expert System ◽  
Information Security ◽  
Expert Systems ◽  
Knowledge Base ◽  
Risk Evaluation ◽  
Proper Solution ◽  
Security Risk ◽  
Information Security Risk ◽  
Base Formation

Fast development of information systems and technologies while providing new opportunities for people and organizations also make them more vulnerable at the same time. Information security risk assessment helps to identify weak points and preparing mitigation actions. The analysis of expert systems has shown that rule-based expert systems are universal, and because of that can be considered as a proper solution for the task of risk assessment automation. But to assess information security risks quickly and accurately, it is necessary to process a large amount of data about newly discovered vulnerabilities or threats, to reflect regional and industry specific information, making the traditional approach of knowledge base formation for expert system problematic. This work presents a novel method for an automated expert systems knowledge base formation based on the integration of data on regional malware distribution from Cyberthreat real-time map providing current information on newly discovered threats. In our work we collect the necessary information from the web sites in an automated way, that can be later used in a relevant risk calculation. This paper presents method implementation, which includes not only knowledge base formation but also the development of the prototype of an expert system. It was created using the JESS expert system shell. Information security risk evaluation was performed according to OWASP risk assessment methodology, taking into account the location of the organization and prevalent malware in that area.

scholarly journals Automated Expert System Knowledge Base Development Method for Information Security Risk Analysis

2019 ◽  
Vol 14 (6) ◽  
pp. 743-758 ◽  
Author(s):  
Donatas Vitkus ◽  
Žilvinas Steckevičius ◽  
Nikolaj Goranin ◽  
Diana Kalibatienė ◽  
Antanas Čenys
Keyword(s):  
Expert System ◽  
Information Security ◽  
Risk Analysis ◽  
Knowledge Base ◽  
Expert Knowledge ◽  
Management Decision ◽  
Problem Solution ◽  
Security Risk ◽  
Development Method ◽  
Information Security Risk

Information security risk analysis is a compulsory requirement both from the side of regulating documents and information security management decision making process. Some researchers propose using expert systems (ES) for process automation, but this approach requires the creation of a high-quality knowledge base. A knowledge base can be formed both from expert knowledge or information collected from other sources of information. The problem of such approach is that experts or good quality knowledge sources are expensive. In this paper we propose the problem solution by providing an automated ES knowledge base development method. The method proposed is novel since unlike other methods it does not integrate ontology directly but utilizes automated transformation of existing information security ontology elements into ES rules: The Web Ontology Rule Language (OWL RL) subset of ontology is segregated into Resource Description Framework (RDF) triplets, that are transformed into Rule Interchange Format (RIF); RIF rules are converted into Java Expert System Shell (JESS) knowledge base rules. The experiments performed have shown the principal method applicability. The created knowledge base was later verified by performing comparative risk analysis in a sample company.

Sign in / Sign up

Export Citation Format

Share Document