کد مقاله کد نشریه سال انتشار مقاله انگلیسی ترجمه فارسی نسخه تمام متن
4951351 1441243 2016 7 صفحه PDF سفارش دهید دانلود کنید
عنوان انگلیسی مقاله ISI
Using neural networks to aid CVSS risk aggregation - An empirically validated approach
موضوعات مرتبط
مهندسی و علوم پایه مهندسی کامپیوتر نظریه محاسباتی و ریاضیات
پیش نمایش صفحه اول مقاله
Using neural networks to aid CVSS risk aggregation - An empirically validated approach
چکیده انگلیسی


- A method for automated CVSS risk aggregation is proposed.
- The aggregation can be tailored/trained to domain expertise and uncertain knowledge.
- Results have been verified along an empirical study.
- A method to reduce answer variability and ambiguity in empirical CVSS risk assessments is described.

Managing risks in large information infrastructures is often tied to inevitable simplification of the system, to make a risk analysis feasible. One common way of “compacting” matters for efficient decision making is to aggregate vulnerabilities and risks identified for distinct components into an overall risk measure related to an entire subsystem and the system as a whole. Traditionally, this aggregation is done pessimistically by taking the overall risk as the maximum of all individual risks, following the heuristic understanding that the “security chain” is only as strong as its weakest link. As that method is quite wasteful of information, this work proposes a new approach, which uses neural networks to resemble human expert's decision making in the same regard. To validate the concept, we conducted an empirical study on human expert's risk assessments, and trained several candidate networks on the empirical data to identify the best approximation to the opinions in our expert group.

ناشر
Database: Elsevier - ScienceDirect (ساینس دایرکت)
Journal: Journal of Innovation in Digital Ecosystems - Volume 3, Issue 2, December 2016, Pages 148-154
نویسندگان
, ,