Modelling cyber-security experts' decision making processes using aggregation operators

Tools

Miller, Simon, Wagner, Christian, Aickelin, Uwe and Garibaldi, Jonathan M. (2016) Modelling cyber-security experts' decision making processes using aggregation operators. Computers and Security, 62 . pp. 229-245. ISSN 0167-4048

Full text not available from this repository.

Official URL: http://www.sciencedirect.com/science/article/pii/S016740481630089X

Abstract

An important role carried out by cyber-security experts is the assessment of proposed computer systems, during their design stage. This task is fraught with difficulties and uncertainty, making the knowledge provided by human experts essential for successful assessment. Today, the increasing number of progressively complex systems has led to an urgent need to produce tools that support the expert-led process of system-security assessment. In this research, we use Weighted Averages (WAs) and Ordered Weighted Averages (OWAs) with Evolutionary Algorithms (EAs) to create aggregation operators that model parts of the assessment process. We show how individual overall ratings for security components can be produced from ratings of their characteristics, and how these individual overall ratings can be aggregated to produce overall rankings of potential attacks on a system. As well as the identification of salient attacks and weak points in a prospective system, the proposed method also highlights which factors and security components contribute most to a component's difficulty and attack ranking respectively. A real world scenario is used in which experts were asked to rank a set of technical attacks, and to answer a series of questions about the security components that are the subject of the attacks. The work shows how finding good aggregation operators, and identifying important components and factors of a cyber-security problem can be automated. The resulting operators have the potential for use as decision aids for systems designers and cyber-security experts, increasing the amount of assessment that can be achieved with the limited resources available.

Item Type:	Article
RIS ID:	https://nottingham-repository.worktribe.com/output/805984
Keywords:	Expert Decision Making; Cyber-security; Evolutionary algorithm; Ordered Weighted average; Weighted Average
Schools/Departments:	University of Nottingham, UK > Faculty of Science > School of Computer Science
Identification Number:	https://doi.org/10.1016/j.cose.2016.08.001
Depositing User:	Eprints, Support
Date Deposited:	16 Aug 2016 14:42
Last Modified:	04 May 2020 18:07
URI:	https://eprints.nottingham.ac.uk/id/eprint/35868

Actions (Archive Staff Only)

Edit View

LoginAdmin