Quantitative Model in Security Informatics Risk Assessment

thumbnail.default.alt
Share
Date
Authors
Casanova, Andrés
Director(s)
Publisher
UNIVERSIDAD ANTONIO NARIÑO
Campus
Faculty
Program
Degree obtained
Document type
COAR type
http://purl.org/coar/resource_type/c_6501
Citation
Bibliographic Managers
Zotero
BibTex
CSV
EndNote
View the article
Source
ISSN: 2346-1446
ISSN: 2145-0935
item.page.resume
This paper shows the importance of approaching in security Risk Assessment (RA) about Quantitative model in Risk Management. The RA has been calculated with qualitative method by different framework, for example: RISK IT FRAMEWORK (COBIT Component) [7], OCTAVE – ALLEGRO [8], MAGERIT V3 [9], FAIR [4], ISO 27005 [11], NIST800-30 [3]. All frameworks included in the scope the Risk Assessment; however this is more qualitative than quantitative. In this work, we propose a methodology to support the implementation and execution risk management, using quantitative risk assessment method. The methodology is based on three components: secure capture logs (apply networks forensic technical), likelihood risk or log analysis with logistic regression and risk assessment with influence diagrams.
Abstract
Keywords
Risk Assessment
Information security
logistic regression statistics model
influence diagrams
IDS
Network forensic
item.page.subject.keyword
item.page.coverage.spatial
item.page.coverage.temporal
URI
https://repositorio.uan.edu.co/handle/123456789/10477
Collections
INGE@UAN