Abstract
Sergey A. Glushenko - Senior Lecturer, Department of Information Systems and Applied Computer Science, Rostov State University of EconomicsAddress: 69, Bolshaya Sadovaya Street, Rostov-on-Don, 344002, Russian FederationE-mail: gs-gears@yandex.ru This article explains the importance of applying risk assessment in the implementation of information security systems. It is considered the most common risk assessment procedure and entails application of fuzzy logic theory for this purpose. The paper describes the proposed fuzzy production model (FPM), which defines seven input linguistic variables describing risk factors, four output linguistic variables that characterize different areas of information security risks, as well as four base rules. It is noted that the FPM is the first approach to the subject area and requires optimization to minimize the model’s output errors. The most common methods of optimization of fuzzy models parameters are examined, and the advantages of applying methods based on neuro-fuzzy networks (NFN) are justified. The article describes the process of converting fuzzy model elements, such as unit fuzzification, rule base unit and unit defuzzification, into fragments of the neural network. The result of this process is a neuro-fuzzy network corresponding to the fuzzy model. Formation of the developed NFN is based on an adaptive neuro-fuzzy inference system (ANFIS), using the specialized Neuro-Fuzzy Designer package of MATLAB software. The model was trained by a hybrid method which represents a combination of the methods of least squares and backpropagation. The result of this process is optimization (setting) the parameters of membership functions of input linguistic variables. Application of neuro-fuzzy modeling made it possible to obtain a more appropriate fuzzy production model which is able to conduct linguistic analysis of the risks of an organization’s information security. The information obtained with its help allows IT managers to determine risk priorities and to develop effective action plans to reduce the impact of the most dangerous threats.[1] This research has been carried out with financial support of RFBR within the framework of scientific project No. 16-31-00285 “Fuzzy logic methods and models in risk management decision support systems”
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.