| Bezopasnostʹ Informacionnyh Tehnologij | |
| Using cluster analysis techniques to optimize the qualitative assessment of informationsecurity risk | |
| Anton S. Burakov1 Vladimir L. Evseev1 Vitaliy G. Ivanenko2 | |
| [1] Financial University under the Government of the Russian Federation (Financial University);National Research Nuclear University MEPhI (Moscow Engineering Physics Institute); | |
| 关键词: risk assessment, cluster analysis methods, nearest neighbor method, remote neighbor method, k-means method, degree of threat realization, degree of threat impact on the asset, euclidean distance, determining distance, average intra-cluster distance.; | |
| DOI : 10.26583/bit.2021.2.07 | |
| 来源: DOAJ | |
【 摘 要 】
The study is devoted to the accuracy of information security risk assessment. The paper substantiates the relevance of risk assessment, based on the consequences of their implementation for business and the probability of their occurrence. The method of qualitative assessment of information security risks (the method of expert assessment) is analysed on a specific example. The application of cluster analysis methods is justified. In detail, the examples show the use of cluster analysis methods: the nearest neighbor method; the remote neighbor method; the k-means method. The principal disadvantages of the first two methods are: the appearance of large clusters that do not have similarities; the lack of the ability of experts to set the desired number of clusters in advance. The application of the k-means method is justified - the ability of experts to set the desired number of clusters in advance by setting the initial centers. The results obtained with the usual qualitative assessment are compared with the results obtained by the methods of cluster analysis. The expediency of using cluster analysis methods to improve the accuracy of information security risk assessment is justified.
【 授权许可】
Unknown
878987797
028-85220240
