This page has only limited features, please log in for full access.
Information technology (IT) security risk analysis preventatively helps organizations in identifying their vulnerable systems or internal controls. Some researchers propose expert systems (ES) as the solution for risk analysis automation since risk analysis by human experts is expensive and timely. By design, ES need a knowledge base, which must be up to date and of high quality. Manual creation of databases is also expensive and cannot ensure stable information renewal. These facts make the knowledge base automation process very important. This paper proposes a novel method of converting attack trees to a format usable by expert systems for utilizing the existing attack tree repositories in facilitating information and IT security risk analysis. The method performs attack tree translation into the Java Expert System Shell (JESS) format, by consistently applying ATTop, a software bridging tool that enables automated analysis of attack trees using a model-driven engineering approach, translating attack trees into the eXtensible Markup Language (XML) format, and using the newly developed ATES (attack trees to expert system) program, performing further XML conversion into JESS compatible format. The detailed method description, along with samples of attack tree conversion and results of conversion experiments on a significant number of attack trees, are presented and discussed. The results demonstrate the high method reliability rate and viability of attack trees as a source for the knowledge bases of expert systems used in the IT security risk analysis process.
Donatas Vitkus; Jonathan Salter; Nikolaj Goranin; Dainius Čeponis. Method for Attack Tree Data Transformation and Import Into IT Risk Analysis Expert Systems. Applied Sciences 2020, 10, 8423 .
AMA StyleDonatas Vitkus, Jonathan Salter, Nikolaj Goranin, Dainius Čeponis. Method for Attack Tree Data Transformation and Import Into IT Risk Analysis Expert Systems. Applied Sciences. 2020; 10 (23):8423.
Chicago/Turabian StyleDonatas Vitkus; Jonathan Salter; Nikolaj Goranin; Dainius Čeponis. 2020. "Method for Attack Tree Data Transformation and Import Into IT Risk Analysis Expert Systems." Applied Sciences 10, no. 23: 8423.
Fast development of information systems and technologies while providing new opportunities for people and organizations also make them more vulnerable at the same time. Information security risk assessment helps to identify weak points and preparing mitigation actions. The analysis of expert systems has shown that rule-based expert systems are universal, and because of that can be considered as a proper solution for the task of risk assessment automation. But to assess information security risks quickly and accurately, it is necessary to process a large amount of data about newly discovered vulnerabilities or threats, to reflect regional and industry specific information, making the traditional approach of knowledge base formation for expert system problematic. This work presents a novel method for an automated expert systems knowledge base formation based on the integration of data on regional malware distribution from Cyberthreat real-time map providing current information on newly discovered threats. In our work we collect the necessary information from the web sites in an automated way, that can be later used in a relevant risk calculation. This paper presents method implementation, which includes not only knowledge base formation but also the development of the prototype of an expert system. It was created using the JESS expert system shell. Information security risk evaluation was performed according to OWASP risk assessment methodology, taking into account the location of the organization and prevalent malware in that area.
Donatas Vitkus; Justina Jezukevičiūtė; Nikolaj Goranin. Dynamic Expert System-Based Geographically Adapted Malware Risk Evaluation Method. International Journal of Computers Communications & Control 2020, 15, 1 .
AMA StyleDonatas Vitkus, Justina Jezukevičiūtė, Nikolaj Goranin. Dynamic Expert System-Based Geographically Adapted Malware Risk Evaluation Method. International Journal of Computers Communications & Control. 2020; 15 (3):1.
Chicago/Turabian StyleDonatas Vitkus; Justina Jezukevičiūtė; Nikolaj Goranin. 2020. "Dynamic Expert System-Based Geographically Adapted Malware Risk Evaluation Method." International Journal of Computers Communications & Control 15, no. 3: 1.
Information security risk analysis is a compulsory requirement both from the side of regulating documents and information security management decision making process. Some researchers propose using expert systems (ES) for process automation, but this approach requires the creation of a high-quality knowledge base. A knowledge base can be formed both from expert knowledge or information collected from other sources of information. The problem of such approach is that experts or good quality knowledge sources are expensive. In this paper we propose the problem solution by providing an automated ES knowledge base development method. The method proposed is novel since unlike other methods it does not integrate ontology directly but utilizes automated transformation of existing information security ontology elements into ES rules: The Web Ontology Rule Language (OWL RL) subset of ontology is segregated into Resource Description Framework (RDF) triplets, that are transformed into Rule Interchange Format (RIF); RIF rules are converted into Java Expert System Shell (JESS) knowledge base rules. The experiments performed have shown the principal method applicability. The created knowledge base was later verified by performing comparative risk analysis in a sample company.
Donatas Vitkus; Žilvinas Steckevičius; Nikolaj Goranin; Diana Kalibatienė; Antanas Čenys. Automated Expert System Knowledge Base Development Method for Information Security Risk Analysis. International Journal of Computers Communications & Control 2020, 14, 743 -758.
AMA StyleDonatas Vitkus, Žilvinas Steckevičius, Nikolaj Goranin, Diana Kalibatienė, Antanas Čenys. Automated Expert System Knowledge Base Development Method for Information Security Risk Analysis. International Journal of Computers Communications & Control. 2020; 14 (6):743-758.
Chicago/Turabian StyleDonatas Vitkus; Žilvinas Steckevičius; Nikolaj Goranin; Diana Kalibatienė; Antanas Čenys. 2020. "Automated Expert System Knowledge Base Development Method for Information Security Risk Analysis." International Journal of Computers Communications & Control 14, no. 6: 743-758.