An information Security Risk Assessment Method Based on Conduct Effect and Dynamic Threat

被引：0

作者：

Qiao Hong ^{[1
]}

Tian Jianwei ^{[1
]}

Tian Zheng ^{[1
]}

Qi Wenhui ^{[1
]}

Li Xi ^{[1
]}

Zhu Hongyu ^{[1
]}

Chen Shengsheng ^{[1
]}

机构：

[1] State Grid Hunan Elect Power Corp Res Inst, Changsha 410007, Hunan, Peoples R China

来源：

PROCEEDINGS OF 2017 8TH IEEE INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING AND SERVICE SCIENCE (ICSESS 2017) | 2017年

关键词：

Information Security Risk Assessment; Dynamic Threat; risk conduct effect;

D O I：

暂无

中图分类号：

TP31 [计算机软件];

学科分类号：

081202 ; 0835 ;

摘要：

Traditional Information Security Risk Assessment method did not consider the dynamic characteristic and risk conduct effect among assets, which makes the assessment result inaccurately. To solve this problem, this paper proposes a novel Information Security Risk Assessment method based on Conduct effect and Dynamic threat (ISRACD). ISRACD adopts DTC (Dynamic Threat Calculation) method to calculate threat degree more objectively. Besides, ISRACD proposes ACEC (Asset Conduct Effect Calculation) method to describe the conduct effect among assets and quantify the conduct value. Based on the two methods, ISRACD can obtain the security level more precisely.

引用

页码：782 / 786

页数：5

共 50 条

[1] A Method for Information Security Risk Assessment Based on the Dynamic Bayesian Network
Wang, Jiao
Fan, Kefeng
Mo, Wei
Xu, Dongyang
PROCEEDINGS 2016 INTERNATIONAL CONFERENCE ON NETWORKING AND NETWORK APPLICATIONS NANA 2016, 2016, : 279 - 283
[2] Risk assessment of complex information system security based on threat propagation
Shi, Z. (shizz@ics.ict.ac.cn), 1600, Tsinghua University (54):
[3] Fuzzy risk assessment of information security threat scenario
Ge, Hai-Hui
Zheng, Shi-Hui
Chen, Tian-Ping
Yang, Yi-Xian
Beijing Youdian Daxue Xuebao/Journal of Beijing University of Posts and Telecommunications, 2013, 36 (06): : 89 - 92
[4] Risk Assessment Method of Information Security Based on AHP
Ning, Xu
PROCEEDINGS OF 2010 INTERNATIONAL CONFERENCE ON INFORMATION TECHNOLOGY AND INDUSTRIAL ENGINEERING, VOLS I AND II, 2010, : 430 - 433
[5] A Threat Table Based Assessment of Information Security in Telemedicine
Pendergrass, John C.
Heart, Karen
Ranganathan, C.
Venkatakrishnan, V. N.
INTERNATIONAL JOURNAL OF HEALTHCARE INFORMATION SYSTEMS AND INFORMATICS, 2014, 9 (04) : 20 - 31
[6] The Research of Information Security Risk Assessment Method Based on AHP
Xu, Ning
Zhao, DongMei
SPORTS MATERIALS, MODELLING AND SIMULATION, 2011, 187 : 575 - 580
[7] A Fuzzy Logic based Information Security Risk Assessment Method
Yang, Yaling
Zhou, Yanhui
MECHANICAL AND ELECTRONICS ENGINEERING III, PTS 1-5, 2012, 130-134 : 3726 - 3730
[8] Dynamic Assessment and VaR-based Quantification of Information Security Risk
Qi, Wenjing
Liu, Xue
Zhang, Jian
Yuan, Weihua
2010 2ND INTERNATIONAL CONFERENCE ON E-BUSINESS AND INFORMATION SYSTEM SECURITY (EBISS 2010), 2010, : 145 - 148
[9] Dynamic financial and monetary security risk assessment based on information service security assessment model and blockchain
Jia Li
Scientific Reports, 13
[10] Dynamic financial and monetary security risk assessment based on information service security assessment model and blockchain
Li, Jia
SCIENTIFIC REPORTS, 2023, 13 (01)

← 1 2 3 4 5 →