Information Security Risk Assessment in Industry Information System Based on Fuzzy Set Theory and Artificial Neural Network

Cover Page

Cite item

Full Text

Abstract

Information security risk assessment is a crucial component of industrial management techniques that aids in identifying, quantifying, and evaluating risks in comparison to criteria for risk acceptance and organizationally pertinent objectives. Due to its capacity to combine several parameters to determine an overall risk, the traditional fuzzy-rule-based risk assessment technique has been used in numerous industries. The technique has a drawback because it is used in situations where there are several parameters that need to be evaluated, and each parameter is expressed by a different set of linguistic phrases. In this paper, fuzzy set theory and an artificial neural network (ANN) risk prediction model that can solve the issue at hand are provided. Also developed is an algorithm that may change the risk-related factors and the overall risk level from a fuzzy property to a crisp-valued attribute is developed. The system was trained by using twelve samples representing 70%, 15%, and 15% of the dataset for training, testing, and validation, respectively. In addition, a stepwise regression model has also been designed, and its results are compared with the results of ANN. In terms of overall efficiency, the ANN model (R2= 0.99981, RMSE=0.00288, and MSE=0.00001,) performed better, though both models are satisfactory enough. It is concluded that a risk-predicting ANN model can produce accurate results as long as the training data accounts for all conceivable conditions.

About the authors

A. E Asfha

ITMO University

Author for correspondence.
Email: baquesti2003@gmail.com
Kronverksky Av. 49

A. Vaish

Indian Institute of Information Technology, Allahabad

Email: abhishek@iiita.ac.in
Uttar Pradesh -

References

  1. Verhoef P.C., Broekhuizen T., Bart Y., Bhattacharya A., Dong J.Q., Fabian N., Haenlein M. Digital transformation: A multidisciplinary reflection and research agenda. Journal of business research. 2021. vol. 122. pp. 889–901. doi: 10.1016/j.jbusres.2019.09.022.
  2. Mazhar T., Irfan H.M., Khan S., Haq I., Ullah I., Iqbal M., Hamam H. Analysis of Cyber Security Attacks and Its Solutions for the Smart grid Using Machine Learning and Blockchain Methods. Future Internet. 2023. vol. 15(2). no. 83. doi: 10.3390/fi15020083.
  3. Alhassan M.M., Adjei-Quaye A. Information Security in an Organization. International Journal of Computer. 2017. Т. 24. № 1. С. 100–116. [Online]. URL: https://ijcjournal.org/index.php/InternationalJournalOfComputer/article/view/820.
  4. Shaikh F.A., Siponen M. Information security risk assessments following cybersecurity breaches: The mediating role of top management attention to cybersecurity. Comput. Secur. 2023. vol. 124. no. 102974. doi: 10.1016/j.cose.2022.102974.
  5. Cruz S.T. Information security risk assessment. Information Security Management Handbook. 2007. pp. 243–250. doi: 10.3390/encyclopedia1030050.
  6. Yevseiev S., Shmatko O., Romashchenko N. Algorithm of Information Security Risk Assessment Based on Fuzzy-Multiple Approach. Adv. Inf. Syst. 2019. vol. 3. no. 2. pp. 73–79. doi: 10.20998/2522-9052.2019.2.13.
  7. By I. et al. Implementing of qualitative risk assessment procedures. 2021. pp. 1–275.
  8. Aven T. Risk assessment and risk management: Review of recent advances on their foundation. European Journal of Operational Research. 2016. vol. 253. no. 1. pp. 1–13. doi: 10.1016/j.ejor.2015.12.023.
  9. Tariq U., Ahmed I., Bashir A.K., Shaukat K. A Critical Cybersecurity Analysis and Future Research Directions for the Internet of Things: A Comprehensive Review. Sensors. 2023. vol. 23(8). no. 4117. doi: 10.3390/s23084117.
  10. de Campos Souza P.V., Lughofer E. Evolving fuzzy neural classifier that integrates uncertainty from human-expert feedback. 2023. vol. 14. pp. 319–341.
  11. Bozic V. Fuzzy Approach to Risk Management: Enhancing Decision-Making Under Uncertainty. 2023. doi: 10.13140/RG.2.2.13517.82405.
  12. Kaka S., Hussin H., Khan R., Akbar A., Sarwar U., Ansari J. Fuzzy Logic-Based Quantitative Risk Assessment Model for Hse in Oil and Gas Industry. Journal of Tianjin University Science and Technology. 2022. pp. 93–109. doi: 10.17605/OSF.IO/WVG2H.
  13. Nikmanesh M., Feili A., Sorooshian S. Employee Productivity Assessment Using Fuzzy Inference System. Information. 2023. vol. 14(7). no. 423. doi: 10.3390/info14070423.
  14. Crnogorac L., Tokalic R., Gutic K., Jovanovic S., Dukanovic D. Fuzzy logic model for stability assessment of underground facilities. Podzemni radovi. 2020. no. 36. pp. 29–48. doi: 10.5937/podrad2036029c.
  15. Parra-Dominguez J., Alonso-Garcia M., Corchado J.M. Fuzzy Logic to Measure the Degree of Compliance with a Target in an SDG –The Case of SDG 11. Mathematics. 2023. vol. 11(13). no. 2967. doi: 10.3390/math11132967.
  16. Madanda V.C., Sengani F., Mulenga F. Applications of Fuzzy Theory-Based Approaches in Tunnelling Geomechanics: a State-of-the-Art Review. Mining, Metallurgy and Exploration. 2023. vol. 40. no. 3. pp. 819–837. doi: 10.1007/s42461-023-00767-5.
  17. Xie J., Deng Q., Xia S., Zhao Y., Wang G., Gao X. Research on Efficient Fuzzy Clustering Method Based on Local Fuzzy Granular balls. 2023. pp. 1–10. [Online]. URL: http://arxiv.org/abs/2303.03590.
  18. Aliyeva K., Aliyeva A., Aliyev R., Ozdeser M. Application of Fuzzy Simple Additive Weighting Method in Group Decision-Making for Capital Investment. Axioms. 2023. vol. 12(8). no. 797. doi: 10.3390/axioms12080797.
  19. Alaloul W., Qureshi A.H. Data Processing Using Artificial Neural Networks. IntechOpen. 2020. 26 p. doi: 10.5772/intechopen.91935.
  20. Yang G.R., Wang X.J. Artificial Neural Networks for Neuroscientists: A Primer. Neuron. 2020. vol. 107. no. 6. pp. 1048–1070. doi: 10.1016/j.neuron.2020.09.005.
  21. Sarker I.H. Machine Learning: Algorithms, Real-World Applications and Research Directions. SN Computer Science. 2021. vol. 2(3). no. 160. doi: 10.1007/s42979-021-00592-x.
  22. Zhang J., He Y., Zhang Y., Li W., Zhang J. Well-Logging-Based Lithology Classification Using Machine Learning Methods for High-Quality Reservoir Identification: A Case Study of Baikouquan Formation in Mahu Area of Junggar Basin, NW China. Energies. 2022. vol. 15. no. 10. doi: 10.3390/en15103675.
  23. Sarker I.H. Deep Learning: A Comprehensive Overview on Techniques, Taxonomy, Applications and Research Directions. SN Computer Science. 2021. vol. 2(6). no. 420. doi: 10.1007/s42979-021-00815-1.

Supplementary files

Supplementary Files
Action
1. JATS XML
Download

Согласие на обработку персональных данных

 

Используя сайт https://journals.rcsi.science, я (далее – «Пользователь» или «Субъект персональных данных») даю согласие на обработку персональных данных на этом сайте (текст Согласия) и на обработку персональных данных с помощью сервиса «Яндекс.Метрика» (текст Согласия).