Quantitative Model in Security Informatics Risk Assessment

Quantitative Model in Security Informatics Risk Assessment

Show other versions (2)

This paper shows the importance of approaching in security Risk Assessment (RA) about Quantitative model in Risk Management. The RA has been calculated with qualitative method by different framework, for example: RISK IT FRAMEWORK (COBIT Component) [7], OCTAVE – ALLEGRO [8], MAGERIT V3 [9], FAIR [4]...

Full description

Saved in:
Bibliographic Details
Main Author: Casanova, Andrés
Format: info:eu-repo/semantics/article
Language:spa
Published: UNIVERSIDAD ANTONIO NARIÑO 2016
Subjects:
Análisis Forense Logs
Seguridad informática
Evaluación de riesgos
Regresión logística
Diagramas de influencias
Risk Assessment
Information security
logistic regression statistics model
influence diagrams
IDS
Network forensic
Online Access:https://revistas.uan.edu.co/index.php/ingeuan/article/view/414
https://repositorio.uan.edu.co/handle/123456789/10477
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:This paper shows the importance of approaching in security Risk Assessment (RA) about Quantitative model in Risk Management. The RA has been calculated with qualitative method by different framework, for example: RISK IT FRAMEWORK (COBIT Component) [7], OCTAVE – ALLEGRO [8], MAGERIT V3 [9], FAIR [4], ISO 27005 [11], NIST800-30 [3]. All frameworks included in the scope the Risk Assessment; however this is more qualitative than quantitative. In this work, we propose a methodology to support the implementation and execution risk management, using quantitative risk assessment method. The methodology is based on three components: secure capture logs (apply networks forensic technical), likelihood risk or log analysis with logistic regression and risk assessment with influence diagrams.
  • Editorial
  • CRAI
  • Repositorio
  • Libros