This page has only limited features, please log in for full access.

Mr. Jonathan Salter
Vilnius Gediminas Technical University

Basic Info


Research Keywords & Expertise

0 Computer Security
0 Expert Systems
0 Information Security
0 Network Security
0 Cybersecurity

Honors and Awards

The user has no records in this section


Career Timeline

The user has no records in this section.


Short Biography

Bachelor's in Computer Networking and Cybersecurity from University of Maryland University College. Master's in Information Security from Vilnius Gediminas Technical University.

Following
Followers
Co Authors
The list of users this user is following is empty.
Following: 0 users

Feed

Journal article
Published: 26 November 2020 in Applied Sciences
Reads 0
Downloads 0

Information technology (IT) security risk analysis preventatively helps organizations in identifying their vulnerable systems or internal controls. Some researchers propose expert systems (ES) as the solution for risk analysis automation since risk analysis by human experts is expensive and timely. By design, ES need a knowledge base, which must be up to date and of high quality. Manual creation of databases is also expensive and cannot ensure stable information renewal. These facts make the knowledge base automation process very important. This paper proposes a novel method of converting attack trees to a format usable by expert systems for utilizing the existing attack tree repositories in facilitating information and IT security risk analysis. The method performs attack tree translation into the Java Expert System Shell (JESS) format, by consistently applying ATTop, a software bridging tool that enables automated analysis of attack trees using a model-driven engineering approach, translating attack trees into the eXtensible Markup Language (XML) format, and using the newly developed ATES (attack trees to expert system) program, performing further XML conversion into JESS compatible format. The detailed method description, along with samples of attack tree conversion and results of conversion experiments on a significant number of attack trees, are presented and discussed. The results demonstrate the high method reliability rate and viability of attack trees as a source for the knowledge bases of expert systems used in the IT security risk analysis process.

ACS Style

Donatas Vitkus; Jonathan Salter; Nikolaj Goranin; Dainius Čeponis. Method for Attack Tree Data Transformation and Import Into IT Risk Analysis Expert Systems. Applied Sciences 2020, 10, 8423 .

AMA Style

Donatas Vitkus, Jonathan Salter, Nikolaj Goranin, Dainius Čeponis. Method for Attack Tree Data Transformation and Import Into IT Risk Analysis Expert Systems. Applied Sciences. 2020; 10 (23):8423.

Chicago/Turabian Style

Donatas Vitkus; Jonathan Salter; Nikolaj Goranin; Dainius Čeponis. 2020. "Method for Attack Tree Data Transformation and Import Into IT Risk Analysis Expert Systems." Applied Sciences 10, no. 23: 8423.