An information security risk assessment method based on conduct effect and dynamic threat

Hong Qiao; Jianwei Tian; Zheng Tian; Wenhui Qi; Xi Li; Hongyu Zhu; Shengsheng Chen

doi:10.1109/ICSESS.2017.8343029

An information security risk assessment method based on conduct effect and dynamic threat

Hong Qiao
, Jianwei Tian
, Zheng Tian
, Wenhui Qi
, Xi Li
, Hongyu Zhu
, Shengsheng Chen

State Grid Corporation of China

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

4 Scopus citations

Abstract

Traditional Information Security Risk Assessment method did not consider the dynamic characteristic and risk conduct effect among assets, which makes the assessment result inaccurately. To solve this problem, this paper proposes a novel Information Security Risk Assessment method based on Conduct effect and Dynamic threat (ISRACD). ISRACD adopts DTC (Dynamic Threat Calculation) method to calculate threat degree more objectively. Besides, ISRACD proposes ACEC (Asset Conduct Effect Calculation) method to describe the conduct effect among assets and quantify the conduct value. Based on the two methods, ISRACD can obtain the security level more precisely.

Original language	English
Title of host publication	ICSESS 2017 - Proceedings of 2017 IEEE 8th International Conference on Software Engineering and Service Science
Editors	Li Wenzheng, M. Surendra Prasad Babu, Lei Xiaohui
Publisher	IEEE Computer Society
Pages	782-786
Number of pages	5
ISBN (Electronic)	9781538645703
DOIs	https://doi.org/10.1109/ICSESS.2017.8343029
State	Published - 2 Jul 2017
Externally published	Yes
Event	8th IEEE International Conference on Software Engineering and Service Science, ICSESS 2017 - Beijing, China Duration: 24 Nov 2017 → 26 Nov 2017

Publication series

Name	Proceedings of the IEEE International Conference on Software Engineering and Service Sciences, ICSESS
Volume	2017-November
ISSN (Print)	2327-0586
ISSN (Electronic)	2327-0594

Conference

Conference	8th IEEE International Conference on Software Engineering and Service Science, ICSESS 2017
Country/Territory	China
City	Beijing
Period	24/11/17 → 26/11/17

Keywords

Dynamic Threat
Information Security Risk Assessment
risk conduct effect

Access to Document

10.1109/ICSESS.2017.8343029

Cite this

Qiao, H., Tian, J., Tian, Z., Qi, W., Li, X., Zhu, H., & Chen, S. (2017). An information security risk assessment method based on conduct effect and dynamic threat. In L. Wenzheng, M. S. P. Babu, & L. Xiaohui (Eds.), ICSESS 2017 - Proceedings of 2017 IEEE 8th International Conference on Software Engineering and Service Science (pp. 782-786). (Proceedings of the IEEE International Conference on Software Engineering and Service Sciences, ICSESS; Vol. 2017-November). IEEE Computer Society. https://doi.org/10.1109/ICSESS.2017.8343029

Qiao, Hong ; Tian, Jianwei ; Tian, Zheng et al. / An information security risk assessment method based on conduct effect and dynamic threat. ICSESS 2017 - Proceedings of 2017 IEEE 8th International Conference on Software Engineering and Service Science. editor / Li Wenzheng ; M. Surendra Prasad Babu ; Lei Xiaohui. IEEE Computer Society, 2017. pp. 782-786 (Proceedings of the IEEE International Conference on Software Engineering and Service Sciences, ICSESS).

@inproceedings{9e478be661ae4dd29ffc3d91453359d7,

title = "An information security risk assessment method based on conduct effect and dynamic threat",

abstract = "Traditional Information Security Risk Assessment method did not consider the dynamic characteristic and risk conduct effect among assets, which makes the assessment result inaccurately. To solve this problem, this paper proposes a novel Information Security Risk Assessment method based on Conduct effect and Dynamic threat (ISRACD). ISRACD adopts DTC (Dynamic Threat Calculation) method to calculate threat degree more objectively. Besides, ISRACD proposes ACEC (Asset Conduct Effect Calculation) method to describe the conduct effect among assets and quantify the conduct value. Based on the two methods, ISRACD can obtain the security level more precisely.",

keywords = "Dynamic Threat, Information Security Risk Assessment, risk conduct effect",

author = "Hong Qiao and Jianwei Tian and Zheng Tian and Wenhui Qi and Xi Li and Hongyu Zhu and Shengsheng Chen",

note = "Publisher Copyright: {\textcopyright} 2017 IEEE.; 8th IEEE International Conference on Software Engineering and Service Science, ICSESS 2017 ; Conference date: 24-11-2017 Through 26-11-2017",

year = "2017",

month = jul,

day = "2",

doi = "10.1109/ICSESS.2017.8343029",

language = "英语",

series = "Proceedings of the IEEE International Conference on Software Engineering and Service Sciences, ICSESS",

publisher = "IEEE Computer Society",

pages = "782--786",

editor = "Li Wenzheng and Babu, \{M. Surendra Prasad\} and Lei Xiaohui",

booktitle = "ICSESS 2017 - Proceedings of 2017 IEEE 8th International Conference on Software Engineering and Service Science",

}

Qiao, H, Tian, J, Tian, Z, Qi, W, Li, X, Zhu, H & Chen, S 2017, An information security risk assessment method based on conduct effect and dynamic threat. in L Wenzheng, MSP Babu & L Xiaohui (eds), ICSESS 2017 - Proceedings of 2017 IEEE 8th International Conference on Software Engineering and Service Science. Proceedings of the IEEE International Conference on Software Engineering and Service Sciences, ICSESS, vol. 2017-November, IEEE Computer Society, pp. 782-786, 8th IEEE International Conference on Software Engineering and Service Science, ICSESS 2017, Beijing, China, 24/11/17. https://doi.org/10.1109/ICSESS.2017.8343029

An information security risk assessment method based on conduct effect and dynamic threat. / Qiao, Hong; Tian, Jianwei; Tian, Zheng et al.
ICSESS 2017 - Proceedings of 2017 IEEE 8th International Conference on Software Engineering and Service Science. ed. / Li Wenzheng; M. Surendra Prasad Babu; Lei Xiaohui. IEEE Computer Society, 2017. p. 782-786 (Proceedings of the IEEE International Conference on Software Engineering and Service Sciences, ICSESS; Vol. 2017-November).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - An information security risk assessment method based on conduct effect and dynamic threat

AU - Qiao, Hong

AU - Tian, Jianwei

AU - Tian, Zheng

AU - Qi, Wenhui

AU - Li, Xi

AU - Zhu, Hongyu

AU - Chen, Shengsheng

PY - 2017/7/2

Y1 - 2017/7/2

N2 - Traditional Information Security Risk Assessment method did not consider the dynamic characteristic and risk conduct effect among assets, which makes the assessment result inaccurately. To solve this problem, this paper proposes a novel Information Security Risk Assessment method based on Conduct effect and Dynamic threat (ISRACD). ISRACD adopts DTC (Dynamic Threat Calculation) method to calculate threat degree more objectively. Besides, ISRACD proposes ACEC (Asset Conduct Effect Calculation) method to describe the conduct effect among assets and quantify the conduct value. Based on the two methods, ISRACD can obtain the security level more precisely.

AB - Traditional Information Security Risk Assessment method did not consider the dynamic characteristic and risk conduct effect among assets, which makes the assessment result inaccurately. To solve this problem, this paper proposes a novel Information Security Risk Assessment method based on Conduct effect and Dynamic threat (ISRACD). ISRACD adopts DTC (Dynamic Threat Calculation) method to calculate threat degree more objectively. Besides, ISRACD proposes ACEC (Asset Conduct Effect Calculation) method to describe the conduct effect among assets and quantify the conduct value. Based on the two methods, ISRACD can obtain the security level more precisely.

KW - Dynamic Threat

KW - Information Security Risk Assessment

KW - risk conduct effect

UR - https://www.scopus.com/pages/publications/85047017606

U2 - 10.1109/ICSESS.2017.8343029

DO - 10.1109/ICSESS.2017.8343029

M3 - 会议稿件

AN - SCOPUS:85047017606

T3 - Proceedings of the IEEE International Conference on Software Engineering and Service Sciences, ICSESS

SP - 782

EP - 786

BT - ICSESS 2017 - Proceedings of 2017 IEEE 8th International Conference on Software Engineering and Service Science

A2 - Wenzheng, Li

A2 - Babu, M. Surendra Prasad

A2 - Xiaohui, Lei

PB - IEEE Computer Society

T2 - 8th IEEE International Conference on Software Engineering and Service Science, ICSESS 2017

Y2 - 24 November 2017 through 26 November 2017

ER -

Qiao H, Tian J, Tian Z, Qi W, Li X, Zhu H et al. An information security risk assessment method based on conduct effect and dynamic threat. In Wenzheng L, Babu MSP, Xiaohui L, editors, ICSESS 2017 - Proceedings of 2017 IEEE 8th International Conference on Software Engineering and Service Science. IEEE Computer Society. 2017. p. 782-786. (Proceedings of the IEEE International Conference on Software Engineering and Service Sciences, ICSESS). doi: 10.1109/ICSESS.2017.8343029

An information security risk assessment method based on conduct effect and dynamic threat

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this