Information Security Risk Management using Cognitive Modeling

Shevchenko, Svitlana та Zhdanova, Yuliia та Shevchenko, Halyna та Nehodenko, Olena та Spasiteleva, Svitlana (2023) Information Security Risk Management using Cognitive Modeling Cybersecurity Providing in Information and Telecommunication Systems, 3550. с. 297-305. ISSN 1613-0073

[thumbnail of S_Shevchenko_Y_Zhdanova_H_Shevchenko_О_Nehodenko_S_ Spasiteleva_CPITS-II-2023_3050.pdf]

Текст
S_Shevchenko_Y_Zhdanova_H_Shevchenko_О_Nehodenko_S_ Spasiteleva_CPITS-II-2023_3050.pdf
Download (593kB)

Офіційне посилання: https://ceur-ws.org/Vol-3550/

Анотація

Making decisions by an individual is an element of managing any process in society; therefore, theories of cognitive science are applicable in various fields, including information and cyber security systems. This study proposes the development of a cognitive model of “danger-risk” in the process of managing information risks in information and cyber security systems. Based on the analysis of scientific literature, the concepts of “cognitive modeling” and “cognitive map” are defined. The views of scholars on methods for creating cognitive maps and mechanisms for simulating problem situations are presented. The main tasks addressed within cognitive analysis and modeling are outlined, and the advantages and disadvantages of cognitive models are identified. In the second part of the study, the main stages of developing the cognitive model of “danger-risk” in the field of information and cyber security are considered: identification of complex situations and issues, construction of a cognitive map, modeling and verification of model adequacy, and dynamic situation analysis. A theoretical model of “danger-risk” is developed, and its elements are highlighted. A list of risk management concepts in information security is characterized, and cause-and-effect relationships between them are justified using SWOT analysis. As an example, for a specific information asset (a database), threats and vulnerabilities are identified, and the risk level for each connection is calculated as the product of the probability of each threat's realization and the probability of corresponding damages. The model of cognitive risk maps in information security is represented in a static form as an oriented graph, with a subsequent selection of methods for handling these risks.

Тип елементу :	Стаття
Ключові слова:	Information security risks; information security system; cyber system; cyber risks; cognitive modeling; cognitive danger-risk model; SWOT analysis
Типологія:	Це архівна тематика Київського університету імені Бориса Грінченка > Статті у наукометричних базах > Scopus
Підрозділи:	Це архівні підрозділи Київського університету імені Бориса Грінченка > Факультет інформаційних технологій та математики > Кафедра інформаційної та кібернетичної безпеки імені професора Володимира Бурячка
Користувач, що депонує:	Павло Миколайович Складанний
Дата внесення:	11 Груд 2023 10:18
Останні зміни:	11 Груд 2023 10:18
URI:	https://elibrary.kubg.edu.ua/id/eprint/47369

Actions (login required)

Перегляд елементу