Artificial intelligence techniques for information security risk assessment

In computer security audits, information security risk assessments (ISR) are performed to computer systems, within it to database management systems (DBMS), often using qualitative methodologies. In these methodologies, the evaluation of the ISR is classified according to its impact in linguistic te...

Full description

Saved in:
Bibliographic Details
Published in:Revista IEEE América Latina 2018-03, Vol.16 (3), p.897-901
Main Authors: Azan Basallo, Yasser, Estrada Senti, Vivian, Martinez Sanchez, Natalia
Format: Article
Language:eng ; spa
Subjects:
Artificial intelligence
Audits
Computer security
Cybersecurity
Data base management systems
Fuzzy logic
IEEE transactions
Monitoring
risk
Risk assessment
Silicon
XML
Citations: Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:In computer security audits, information security risk assessments (ISR) are performed to computer systems, within it to database management systems (DBMS), often using qualitative methodologies. In these methodologies, the evaluation of the ISR is classified according to its impact in linguistic terms such as: High, Medium or Low, so that ambiguities can be generated in the evaluation result. Security checklists are also used to review the configurations of the DBMS. They have a strong dependence on the presence of the expert auditor in DBMS for this analysis. In order to facilitate the work of the auditors, a model based on knowledge and fuzzy logic was developed for the evaluation of the ISR in the DBMS. In this way, the experience in previous audits of this type is useful and improves the results in the evaluation of the ISR.
ISSN:1548-0992
1548-0992
DOI:10.1109/TLA.2018.8358671