An information security risk assessment method based on conduct effect and dynamic threat

Hong Qiao; Jianwei Tian; Zheng Tian; Wenhui Qi; Xi Li; Hongyu Zhu; Shengsheng Chen

doi:10.1109/ICSESS.2017.8343029

An information security risk assessment method based on conduct effect and dynamic threat

Hong Qiao
, Jianwei Tian
, Zheng Tian
, Wenhui Qi
, Xi Li
, Hongyu Zhu
, Shengsheng Chen

State Grid Corporation of China

科研成果: 书/报告/会议事项章节 › 会议稿件 › 同行评审

4 引用（Scopus）

摘要

Traditional Information Security Risk Assessment method did not consider the dynamic characteristic and risk conduct effect among assets, which makes the assessment result inaccurately. To solve this problem, this paper proposes a novel Information Security Risk Assessment method based on Conduct effect and Dynamic threat (ISRACD). ISRACD adopts DTC (Dynamic Threat Calculation) method to calculate threat degree more objectively. Besides, ISRACD proposes ACEC (Asset Conduct Effect Calculation) method to describe the conduct effect among assets and quantify the conduct value. Based on the two methods, ISRACD can obtain the security level more precisely.

源语言	英语
主期刊名	ICSESS 2017 - Proceedings of 2017 IEEE 8th International Conference on Software Engineering and Service Science
编辑	Li Wenzheng, M. Surendra Prasad Babu, Lei Xiaohui
出版商	IEEE Computer Society
页	782-786
页数	5
ISBN（电子版）	9781538645703
DOI	https://doi.org/10.1109/ICSESS.2017.8343029
出版状态	已出版 - 2 7月 2017
已对外发布	是
活动	8th IEEE International Conference on Software Engineering and Service Science, ICSESS 2017 - Beijing, 中国期限: 24 11月 2017 → 26 11月 2017

出版系列

姓名	Proceedings of the IEEE International Conference on Software Engineering and Service Sciences, ICSESS
卷	2017-November
ISSN（印刷版）	2327-0586
ISSN（电子版）	2327-0594

会议

会议	8th IEEE International Conference on Software Engineering and Service Science, ICSESS 2017
国家/地区	中国
市	Beijing
时期	24/11/17 → 26/11/17

访问文件

10.1109/ICSESS.2017.8343029

其它文件与链接

链接到 Scopus 的出版物

引用此

Qiao, H., Tian, J., Tian, Z., Qi, W., Li, X., Zhu, H., & Chen, S. (2017). An information security risk assessment method based on conduct effect and dynamic threat. 在 L. Wenzheng, M. S. P. Babu, & L. Xiaohui (编辑), ICSESS 2017 - Proceedings of 2017 IEEE 8th International Conference on Software Engineering and Service Science (页码 782-786). (Proceedings of the IEEE International Conference on Software Engineering and Service Sciences, ICSESS; 卷 2017-November). IEEE Computer Society. https://doi.org/10.1109/ICSESS.2017.8343029

Qiao, Hong ; Tian, Jianwei ; Tian, Zheng 等. / An information security risk assessment method based on conduct effect and dynamic threat. ICSESS 2017 - Proceedings of 2017 IEEE 8th International Conference on Software Engineering and Service Science. 编辑 / Li Wenzheng ; M. Surendra Prasad Babu ; Lei Xiaohui. IEEE Computer Society, 2017. 页码 782-786 (Proceedings of the IEEE International Conference on Software Engineering and Service Sciences, ICSESS).

@inproceedings{9e478be661ae4dd29ffc3d91453359d7,

title = "An information security risk assessment method based on conduct effect and dynamic threat",

abstract = "Traditional Information Security Risk Assessment method did not consider the dynamic characteristic and risk conduct effect among assets, which makes the assessment result inaccurately. To solve this problem, this paper proposes a novel Information Security Risk Assessment method based on Conduct effect and Dynamic threat (ISRACD). ISRACD adopts DTC (Dynamic Threat Calculation) method to calculate threat degree more objectively. Besides, ISRACD proposes ACEC (Asset Conduct Effect Calculation) method to describe the conduct effect among assets and quantify the conduct value. Based on the two methods, ISRACD can obtain the security level more precisely.",

keywords = "Dynamic Threat, Information Security Risk Assessment, risk conduct effect",

author = "Hong Qiao and Jianwei Tian and Zheng Tian and Wenhui Qi and Xi Li and Hongyu Zhu and Shengsheng Chen",

note = "Publisher Copyright: {\textcopyright} 2017 IEEE.; 8th IEEE International Conference on Software Engineering and Service Science, ICSESS 2017 ; Conference date: 24-11-2017 Through 26-11-2017",

year = "2017",

month = jul,

day = "2",

doi = "10.1109/ICSESS.2017.8343029",

language = "英语",

series = "Proceedings of the IEEE International Conference on Software Engineering and Service Sciences, ICSESS",

publisher = "IEEE Computer Society",

pages = "782--786",

editor = "Li Wenzheng and Babu, \{M. Surendra Prasad\} and Lei Xiaohui",

booktitle = "ICSESS 2017 - Proceedings of 2017 IEEE 8th International Conference on Software Engineering and Service Science",

}

Qiao, H, Tian, J, Tian, Z, Qi, W, Li, X, Zhu, H & Chen, S 2017, An information security risk assessment method based on conduct effect and dynamic threat. 在 L Wenzheng, MSP Babu & L Xiaohui (编辑), ICSESS 2017 - Proceedings of 2017 IEEE 8th International Conference on Software Engineering and Service Science. Proceedings of the IEEE International Conference on Software Engineering and Service Sciences, ICSESS, 卷 2017-November, IEEE Computer Society, 页码 782-786, 8th IEEE International Conference on Software Engineering and Service Science, ICSESS 2017, Beijing, 中国, 24/11/17. https://doi.org/10.1109/ICSESS.2017.8343029

An information security risk assessment method based on conduct effect and dynamic threat. / Qiao, Hong; Tian, Jianwei; Tian, Zheng 等.
ICSESS 2017 - Proceedings of 2017 IEEE 8th International Conference on Software Engineering and Service Science. 编辑 / Li Wenzheng; M. Surendra Prasad Babu; Lei Xiaohui. IEEE Computer Society, 2017. 页码 782-786 (Proceedings of the IEEE International Conference on Software Engineering and Service Sciences, ICSESS; 卷 2017-November).

科研成果: 书/报告/会议事项章节 › 会议稿件 › 同行评审

TY - GEN

T1 - An information security risk assessment method based on conduct effect and dynamic threat

AU - Qiao, Hong

AU - Tian, Jianwei

AU - Tian, Zheng

AU - Qi, Wenhui

AU - Li, Xi

AU - Zhu, Hongyu

AU - Chen, Shengsheng

PY - 2017/7/2

Y1 - 2017/7/2

N2 - Traditional Information Security Risk Assessment method did not consider the dynamic characteristic and risk conduct effect among assets, which makes the assessment result inaccurately. To solve this problem, this paper proposes a novel Information Security Risk Assessment method based on Conduct effect and Dynamic threat (ISRACD). ISRACD adopts DTC (Dynamic Threat Calculation) method to calculate threat degree more objectively. Besides, ISRACD proposes ACEC (Asset Conduct Effect Calculation) method to describe the conduct effect among assets and quantify the conduct value. Based on the two methods, ISRACD can obtain the security level more precisely.

AB - Traditional Information Security Risk Assessment method did not consider the dynamic characteristic and risk conduct effect among assets, which makes the assessment result inaccurately. To solve this problem, this paper proposes a novel Information Security Risk Assessment method based on Conduct effect and Dynamic threat (ISRACD). ISRACD adopts DTC (Dynamic Threat Calculation) method to calculate threat degree more objectively. Besides, ISRACD proposes ACEC (Asset Conduct Effect Calculation) method to describe the conduct effect among assets and quantify the conduct value. Based on the two methods, ISRACD can obtain the security level more precisely.

KW - Dynamic Threat

KW - Information Security Risk Assessment

KW - risk conduct effect

UR - https://www.scopus.com/pages/publications/85047017606

U2 - 10.1109/ICSESS.2017.8343029

DO - 10.1109/ICSESS.2017.8343029

M3 - 会议稿件

AN - SCOPUS:85047017606

T3 - Proceedings of the IEEE International Conference on Software Engineering and Service Sciences, ICSESS

SP - 782

EP - 786

BT - ICSESS 2017 - Proceedings of 2017 IEEE 8th International Conference on Software Engineering and Service Science

A2 - Wenzheng, Li

A2 - Babu, M. Surendra Prasad

A2 - Xiaohui, Lei

PB - IEEE Computer Society

T2 - 8th IEEE International Conference on Software Engineering and Service Science, ICSESS 2017

Y2 - 24 November 2017 through 26 November 2017

ER -

Qiao H, Tian J, Tian Z, Qi W, Li X, Zhu H 等. An information security risk assessment method based on conduct effect and dynamic threat. 在 Wenzheng L, Babu MSP, Xiaohui L, 编辑, ICSESS 2017 - Proceedings of 2017 IEEE 8th International Conference on Software Engineering and Service Science. IEEE Computer Society. 2017. 页码 782-786. (Proceedings of the IEEE International Conference on Software Engineering and Service Sciences, ICSESS). doi: 10.1109/ICSESS.2017.8343029

An information security risk assessment method based on conduct effect and dynamic threat

摘要

出版系列

会议

访问文件

其它文件与链接

学术指纹

引用此