Dynamic Expert System-Based Geographically Adapted Malware Risk Evaluation Method

Abstract: Fast development of information systems and technologies while providing new opportunities for people and organizations also make them more vulnerable at the same time. Information security risk assessment helps to identify weak points and preparing mitigation actions. The analysis of expert systems has shown that rule-based expert systems are universal, and because of that can be considered as a proper solution for the task of risk assessment automation. But to assess information security risks quickly and ac… Show more

“…Still, in order to demonstrate that automatically generated rules are practically applicable, the earlier expert system prototype developed by our team and utilizing the OWASP Risk Rating Methodology [55] was used. The system prototype is JESS based and was presented in [10]. The generated rules, including information attack success rates, were imported from the tree, presented in Figure 16.…”

“…The idea of automating knowledge base formation is relatively new; still, some research on the area was already done, and currently, proposed methods have demonstrated the possibility and benefits of such an approach. In our previous research, methods for transformation of ontologies into expert system (ES) knowledge base format [9] and integration of data from websites on regional malware distribution [10] for further use in the expert system-based risk analysis were discussed.…”

“…This method enables the integration of sources that have a deep structure and keeps valuable information on possible recommended controls in the expert systems' knowledge base. In our further research [10] the applicability of data importation to the knowledge base from the websites was analyzed; specifically, regional malware distribution was imported to prove the influence of geographical threat prevalence on the risk assessment results. It has also ensured regular (in fact daily) updates for the knowledge base.…”

Method for Attack Tree Data Transformation and Import Into IT Risk Analysis Expert Systems

“…Still, in order to demonstrate that automatically generated rules are practically applicable, the earlier expert system prototype developed by our team and utilizing the OWASP Risk Rating Methodology [55] was used. The system prototype is JESS based and was presented in [10]. The generated rules, including information attack success rates, were imported from the tree, presented in Figure 16.…”

“…The idea of automating knowledge base formation is relatively new; still, some research on the area was already done, and currently, proposed methods have demonstrated the possibility and benefits of such an approach. In our previous research, methods for transformation of ontologies into expert system (ES) knowledge base format [9] and integration of data from websites on regional malware distribution [10] for further use in the expert system-based risk analysis were discussed.…”

“…This method enables the integration of sources that have a deep structure and keeps valuable information on possible recommended controls in the expert systems' knowledge base. In our further research [10] the applicability of data importation to the knowledge base from the websites was analyzed; specifically, regional malware distribution was imported to prove the influence of geographical threat prevalence on the risk assessment results. It has also ensured regular (in fact daily) updates for the knowledge base.…”

Method for Attack Tree Data Transformation and Import Into IT Risk Analysis Expert Systems