Automated Expert System Knowledge Base Development Method for Information Security Risk Analysis

Autor: Donatas Vitkus, Nikolaj Goranin, Žilvinas Steckevičius, Antanas Čenys, Diana Kalibatienė
Rok vydání: 2020
Předmět:
Zdroj: INTERNATIONAL JOURNAL OF COMPUTERS COMMUNICATIONS & CONTROL. 14:743
ISSN: 1841-9844
1841-9836
DOI: 10.15837/ijccc.2019.6.3668
Popis: Information security risk analysis is a compulsory requirement both from the side of regulating documents and information security management decision making process. Some researchers propose using expert systems (ES) for process automation, but this approach requires the creation of a high-quality knowledge base. A knowledge base can be formed both from expert knowledge or information collected from other sources of information. The problem of such approach is that experts or good quality knowledge sources are expensive. In this paper we propose the problem solution by providing an automated ES knowledge base development method. The method proposed is novel since unlike other methods it does not integrate ontology directly but utilizes automated transformation of existing information security ontology elements into ES rules: The Web Ontology Rule Language (OWL RL) subset of ontology is segregated into Resource Description Framework (RDF) triplets, that are transformed into Rule Interchange Format (RIF); RIF rules are converted into Java Expert System Shell (JESS) knowledge base rules. The experiments performed have shown the principal method applicability. The created knowledge base was later verified by performing comparative risk analysis in a sample company.
Databáze: OpenAIRE
Externí odkaz: