|

Formalization of Information Security Insider Model

Authors: Sychev V.M. Published: 14.04.2015
Published in issue: #2(101)/2015  
DOI: 10.18698/0236-3933-2015-2-92-106

 
Category: Informatics, Computer Engineering and Control | Chapter: Methods and Systems of Information Protection, Information Security  
Keywords: insider model, threat level quantitative assessment, rating method

The problem is considered to create an insider’s formalized model which can be used in the state and commercial organizations. It is shown that the threats are characterized by integral set of both quantitative as qualitative vector indices. To formalize the indices, discrete mathematics and a fuzzy set theory are needed to be used. An insider ’s formalized model based on multicriterion ranking and applying a rating system, is built. Formalization of fuzzy information is carried out by means of linguistic approach and transfer to an unified quantitative scale. An example of defining an insider ’s threat level is presented for a group of IT-specialists with building the semantic models. It is shown that traditional methods of expert analysis cannot be applied for assessment of the majority of indices. Analysis of Bayesian approach is performed. Necessity to analyze a great deal of statistical data is demonstrated. It is proposed to use the models of Shortliffe and Buchanan to draw the conclusions based on incomplete data of the object under consideration.

References

[1] Karpychev V.Yu., Sychev V.M., Minin Yu.V. New approaches to modeling an insider of information security. Pribory i sistemy. Upravlenie, kontrol’, diagnostika [Instruments and Systems: Monitoring, Control, and Diagnostics], 2013, no. 7, pp. 3239 (in Russ.).

[2] Garaev Ya.G., Ryazantseva M.V. Assessment of intellectual property and intangible assets by means of comparative approach using expert and mathematical methods. Nauchn.-praktich. zhurnal "Sovremennye nauchnye issledovaniya i innovatsii" [Scientific & practical journal "Modern scientific researches and innovations"]. Available at: http://web.snauka.ru/issues/2012/10/17777 (accessed 21.08.2013).

[3] Moscow City Government Executive Order dated April 16, 2010 no. 707-РП "On approval of the Concept of comprehensive security in the city of Moscow".

[4] Litvak B.G. Ekspertnye tekhnologii v upravlenii [The expert technology in management]. Moscow, Delo Publ., 2004. 400 p.

[5] Poleshchuk O. M. Metody formalizatsii i obrabotki nechetkoy ekspertnoy informatsii: Diss. Dokt. tekhn. nauk [Methods of formalization and processing fuzzy expert information. Dr. eng. sci. diss.]. Moscow, 2004. 278 p.

[6] Standard RF GOST R 51897. Menedzhment riska. Terminy i opredeleniya [State Standard R 51897 Risk management. Terms and Definitions]. Moscow, Standartinform Publ., 2012.

[7] Buchanan В. G., Shortliffe E.H. ed. Rule-Based Expert Systems: The MYCIN Experiments of the Stanford Heuristic Programming Project. Reading, MA: Addison-Wesley, 1984.

[8] Bakaev A.A., Gritsenko V.I., Kozlov D.N. Interval probabilistic approach to dealing with uncertainty in knowledge databases. Upravlyayushchie sistemy i mashiny [Control systems and machines], 1990, no. 4, pp. 40-48 (in Russ.).