A Bayesian networks-based security risk analysis model for information systems integrating the observed cases with expert experience

Nan Feng; Jing Xie

doi:10.5897/SRE11.1792

Scientific Research and Essays

Abbreviation: Sci. Res. Essays
Language: English
ISSN: 1992-2248
DOI: 10.5897/SRE
Start Year: 2006
Published Articles: 2768

Review

A Bayesian networks-based security risk analysis model for information systems integrating the observed cases with expert experience

Nan Feng and Jing Xie*

College of Management and Economics, Tianjin University, 300072 Tianjin, China.
Email: [email protected]

Article Number - BB59DC638228
Vol.7(10), pp. 1103-1112 , March 2012
https://doi.org/10.5897/SRE11.1792

Accepted: 02 December 2011
Published: 16 March 2012

Copyright © 2024 Author(s) retain the copyright of this article.
This article is published under the terms of the Creative Commons Attribution License 4.0.

Abstract

In the process of security risk analysis for information systems, establishing an appropriate model suitable for the target security risk problem is a crucial task that will ultimately influence the effectiveness of risk analysis results. For inducing a representative model for observed information systems, a security risk analysis model is proposed based on the knowledge from observed cases and domain experts. In this model, a Bayesian network (BN) is developed by integrating the database of observed cases with domain expert experience and knowledge. Based on the BN, the model facilitates the visibility and repeatability of the decision-making process of security risk analysis. Finally, the model is further demonstrated and validated via a case study.

Key words: information systems, risk analysis, Bayesian networks, probabilistic inference.

This article is published under the terms of the Creative Commons Attribution License 4.0

Back to Vol. 7 No. 10

Back to articles

Views: 0
Downloads: 0

Related Articles:
On Google
On Google Scholar

Articles on Google by: