• DocumentCode
    3735318
  • Title

    Cyber security risk assessment using an interpretable evolutionary fuzzy scoring system

  • Author

    Chih-Hung Hsieh;Wei-Chieh Chao;Pei-Wen Liu;Chao-Wen Li

  • Author_Institution
    Institute of Informaiton Industry, Taipei, Taiwan
  • fYear
    2015
  • Firstpage
    153
  • Lastpage
    158
  • Abstract
    An efficient and effective security risk assessment benefits a lot on realizing the potential threats changing, uncovering emergency when maintaining cyber security, and maximize utilization of available resource. However, traditional cyber security risk assessments are usually based on knowledge-driven approach which is suffered from demanding lots of proper domain knowledge and time-consuming human interaction to generate assessment model. In this research, aiming to alleviate the efforts taken by domain experts, we propose a novel interpretable evolutionary fuzzy scoring system, which is innovated in data-driven way, for cyber security risk assessing. The design process of the proposed method is elaborately optimized according to three objectives: accurate, compact, and most important, interpretable. Performance of proposed method is evaluated by both well-known machine learning benchmarks and real cyber security risk assessment dataset. Experimental results deliver insights as followings: 1) The delivered real-valued scoring can successfully quantify the degree of cyber security risk, just like the conventional knowledge-driven methods do. 2) The proposed scoring system can be further modified as a wrapper method to making alert, when given system-suggested or human-specified value as cyber risk alert threshold in advance. 3) The derived scoring system with a compact fuzzy rule base can generate interpretable result that depicts clear data distribution to users.
  • Keywords
    "Computer security","Risk management","Organizations","Training","Optimization","Pragmatics","Linear programming"
  • Publisher
    ieee
  • Conference_Titel
    Security Technology (ICCST), 2015 International Carnahan Conference on
  • Print_ISBN
    978-1-4799-8690-3
  • Electronic_ISBN
    2153-0742
  • Type

    conf

  • DOI
    10.1109/CCST.2015.7389674
  • Filename
    7389674