A new lightweight method for security risk assessment based on fuzzy cognitive maps
By:
Open Access
|Mar 2014References
- Aguilar, J. (2005). A survey about fuzzy cognitive maps papers,
International Journal 3 (2): 27-33. - Anderson, S., De Palma, A. and Thisse, J. (1992).
Discrete Choice Theory of Product Differentiation ,MIT Press, Boston, MA. - Axelrod, R.M. (1976).
Structure of Decision: The Cognitive Maps of Political Elites , Princeton University Press, New York, NY. - Baudrit, C., Dubois, D. and Guyonnet, D. (2006). Joint propagation and exploitation of probabilistic and possibilistic information in risk assessment,
IEEE Transactions on Fuzzy Systems 14 (5): 593-608. - Birolini, A. (2000).
Reliability Engineering: Theory and Practice , 3rd Edn., Springer-Verlag, Berlin. - Bowles, J.B. and Wan, C. (2001). Software failure modes and effects analysis for a small embedded control system,
Proceedings of the Annual Reliability and Maintainability Symposium, Philadelphia, PA, USA , pp. 1-6. - Cervesato, I. and Meadows, C. (2003). Fault-tree representation of NPATRL security requirements,
Proceedings of the 3rd Workshop on Issues in the Theory of Security, Warsaw, Poland , pp. 1-10. - Chen, X.Z. (2006). Hierarchical threat assessment and quantitative calculation method of network security threatening state,
Journal of Software 17 (4): 885-897. - Chiang, F. and Braun, R. (2007). Self-adaptability and vulnerability assessment of secure autonomic communication networks,
Proceedings of the 10th Asia-Pacific Conference on Network Operations and Management Symposium: Managing Next Generation Networks and Services, APNOMS’07, Sapporo, Japan , pp. 112-122. - Craft, R., Vandewart, R., Wyss, G. and Funkhouser, D. (1998). An open framework for risk management 1,
21st National Information Systems Security Conference, Arlington, VA, USA . - Eom, J.-H., Park, S.-H., Han, Y.-J. and Chung, T.-M. (2007). Risk assessment method based on business process-oriented asset evaluation for information system security,
Proceedings of the 7th International Conference on Computational Science, Beijing, China , pp. 1024-1031. - Guttman, B. and Roback, E.A. (1995). An introduction to computer security: The NIST handbook,
Security 800 (12): 1-290. - Hagiwara, M. (1992). Extended fuzzy cognitive maps,
Proceedings of the IEEE International Conference on Fuzzy Systems, San Diego, CA, USA , pp. 795-801. - Han, Y.-J., Yang, J.S., Chang, B.H., Na, J.C. and Chung, T.-M. (2004). The vulnerability assessment for active networks: Model, policy, procedures, and performance evaluations,
in A. Laganà, M.L. Gavrilova, V. Kumar, Y. Mun, C.J.K. Tan and O. Geruasi (Eds.),ICCSA (1), Lecture Notes in Computer Science, Vol. 3034, Springer, Berlin/Heidelberg, pp. 191-198. - Hoo, K.J.S. (2000). How much is enough? A risk-management approach to computer security,
Working Paper , Stanford University, Stanford, CA, pp. 1-99. - Hubbard, D. and Evans, D. (2010). Problems with scoring methods and ordinal scales in risk assessment,
Journal of Research and Development 54 (3): 1-10. - Institute for Computer Sciences and Technology (1979).
Guideline for Automatic Data Processing Risk Analysis , National Bureau of Standards, Washington, DC. - ISO/IEC (2011). Information technology-Security techniques-Information security risk management,
Technical Report ISO/IEC 27005:2011, International Organization for Standardization, Washington, DC. - Jetter, A. and Schweinfort, W. (2011). Building scenarios with fuzzy cognitive maps: An exploratory study of solar energy,
Futures 43 (1): 52-66. - Kobylarz, D. and Danda, J. (2013). A common interface for bluetooth-based health monitoring devices,
29th Southern Biomedical Engineering Conference (SBEC), Ho ChiMinh City, Vietnam , pp. 153-154. - Kosko, B. (1986). Fuzzy cognitive maps,
International Journal of Machine Studies 24 (1): 65-75. - Kosko, B. (1992).
Neural Networks and Fuzzy Systems: A Dynamical Systems Approach to Machine Intelligence , Prentice Hall, Englewood Cliffs, NJ. - Landoll, D.J. (2005).
The Security Risk Assessment Handbook: A Complete Guide for Performing Security Risk Assessments , Auerbach Publications, Boca Raton, FL. - Lazzerini, B. and Mkrtchyan, L. (2011). Analyzing risk impact factors using extended fuzzy cognitive maps,
IEEE Systems Journal 5 (2): 288-297. - Maglogiannis, I., Zafiropoulos, E., Platis, A. and Lambrinoudakis, C. (2006). Risk analysis of a patient monitoring system using Bayesian network modeling,
Journal of Biomedical Informatics 39 (6): 637-647. - Mikulik, J. and Zajdel, M. (2009). Automatic risk control based on FSA methodology adaptation for safety assessment in intelligent buildings,
International Journal of Applied Mathematics and Computer Science 19 (2): 317-326, DOI: 10.2478/v10006-009-0027-1. - Modarres, M., Kaminskiy, M. and Krivtsov, V. (1999).
Reliability Engineering and Risk Analysis , CRC Press, New York, NY. - Ozesmi, U. Ozesmi, S. (2004). Ecological models based on people’s knowledge: A multi-step fuzzy cognitive mapping approach,
Ecological Modelling 176 (1-2): 43-64. - Papageorgiou, E.I. (2011). Learning algorithms for fuzzy cognitive maps-A review study,
IEEE Transactions on Systems 42 (2): 1-14. - Peng L.X. (2007). Model danger theory based network risk assessment,
Journal of University of Electron Science and Technology 36 (6). - Ross, R.S. (2011). Guide for conducting risk assessments,
NIST Special Publication SP-800-30 Rev 1 , September, p. 85. - Schneier, B. (1999). Attack trees,
Dr. Dobb’s Journal 24 (12): 21-29. - Stamatis, D. H. (2003).
Failure Mode and Effect Analysis: FMEA from Theory to Execution , ASQ Quality Press, Milwaukee, WI. - Stathiakis, N., Chronaki, C., Skipenes, E., Henriksen, E., Charalambus, E., Sykianakis, A., Vrouchos, G., Antonakis, N., Tsiknakis, M. and Orphanoudakis, S. (2003). Risk assessment of a cardiology ehealth service in HYGEIAnet,
Computers in Cardiology (CIC’2003), Cambridge, MA, USA , pp. 201-204. - Sun, L., Srivastava, R.P. and Mock, T.J. (2006). An information systems security risk assessment model under the Dempster-Shafer theory of belief functions,
Journal of Management Information Systems 22 (4): 109-142. - Szpyrka, M., Jasiul, B., Wrona, K. and Dziedzic, F. (2013). Telecommunications networks risk assessment with Bayesian networks,
in K. Saeed, R. Chaki, A. Cortesi and S.T.Wierzchon (Eds.),Computer Information Systems and Industrial Management , Lecture Notes in Computer Sience, Vol. 8104, Springer-Verlag, Berlin, pp. 277-288. - Szwed, P. (2013). Application of fuzzy ontological reasoning in an implementation of medical guidelines,
6th International Conference on Human System Interaction (HSI), Sopot, Poland , pp. 342-349. - Szwed, P., Skrzynski, P. and Grodniewicz, P. (2013). Risk assessment for SWOP telemonitoring system based on fuzzy cognitive maps,
in A. Dziech and A. Czy˙zewski (Eds.),Multimedia Communications, Services and Security , Communications in Computer and Information Science, Vol. 368, Springer, Berlin/Heidelberg, pp. 233-247. - The Open Group (2012). Open Group Standard, Archimate 2.0 Specification, www.opengroup.org.
- Vesely, W.E., Goldberg, F.F., Roberts, N.H. and Haasl, D.F. (1981). Fault tree handbook,
Technical Report Nureg-0492 , Nuclear Regulatory Commission, Washington, DC. - Wang Y., Zhu, A. and Zhang, J. (2011). Research on and application of the analyzing method of network security based on security case reasoning,
International Conference on Control, Automation and Systems Engineering (CASE), Tokyo, Japan, pp. 1-4. - Zhuang, Y., Li, X., Xu, B. and Zhou, B. (2009). Information security risk assessment based on artificial immune danger theory,
Proceedings of the 2009 4th International Multi- Conference on Computing in the Global Information Technology, ICCGI’09, Cannes, France , pp. 169-174.
Language: English
Page range: 213 - 225
Published on: Mar 25, 2014
Published by: Sciendo
In partnership with: Paradigm Publishing Services
Publication frequency: 4 times per year
Keywords:
Related subjects:
© 2014 Piotr Szwed, Paweł Skrzyński, published by Sciendo
This work is licensed under the Creative Commons License.