Criteria for Evaluating the Effectiveness of the Decision Support System

  • V. Tolubko
  • S. Kozelkov
  • S. Zybin
  • V. Kozlovskyi
  • Y. Boiko
Conference paper
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 754)

Abstract

The task of increasing effectiveness for decision-making support in the condition of information protection is considered. The main criteria for assessing the processes effectiveness of forming an information security system in conditions of limitations and uncertainties are described. The integral criteria of effectiveness consists of sub-criteria: efficiency, quality, continuity, reliability, uniqueness, risk. In this article, the author suggests using risk criteria for implementing threats to assess effectiveness.

Keywords

Decision making Evaluating criteria Information security Security program Decision making Protection system DSS Decision support system Evaluation Simulating and judgement 

References

  1. 1.
    Otero, A.R., Otero, C.E., Qureshi, A.: A multi-criteria evaluation of information security controls using boolean features. Int. J. Netw. Secur. Appl. (IJNSA), 2(4), 1–11 (2010)CrossRefGoogle Scholar
  2. 2.
    Mellado, D., Fernández-Medina, E., Piattini, M.: A common criteria based security requirements engineering process for the development of secure information systems. Comput. Stand. Interfaces 29 (2), 244–253 (2007)CrossRefGoogle Scholar
  3. 3.
    Larichev, O.I., Kortneva, A.V., Kochin, D.Y.: Decision support system for classification of a finite set of multicriteria alternatives. Decis. Support Syst. 33, 13–21 (2002)CrossRefGoogle Scholar
  4. 4.
    Zybin, S., Khoroshko, V.: Support for decision making in the formation of state information security programs: evaluation of program effectiveness. Inform. Math. Methods Model. 5(2), 122–128 (2015)Google Scholar
  5. 5.
    Koshal, J., Bag, M.: Cascading of C4. 5 decision tree and support vector machine for rule based intrusion detection system. Int. J. Comput. Netw. Inf. Secur. 4(8), 8 (2012)Google Scholar
  6. 6.
    Rannenberg, K.: Recent development in information technology security evaluation-the need for evaluation criteria for multilateral security. In: Security and Control of Information Technology in Society, pp. 113–128, August 1993Google Scholar
  7. 7.
    Kruger, R., Eloff, J.H.: A common criteria framework for the evaluation of information technology systems security. In: Information Security in Research and Business, pp. 197–209. Springer, Boston (1997)CrossRefGoogle Scholar
  8. 8.
    Ling, A.P.A., Masao, M.: Selection of model in developing information security criteria on smart grid security system. In: 2011 Ninth IEEE International Symposium on Parallel and Distributed Processing with Applications Workshops (ISPAW), pp. 91–98. IEEE, May 2011Google Scholar
  9. 9.
    Zopounidis, C., Doumpos, M.: Multi-criteria decision aid in financial decision making: methodologies and literature review. J. Multi-Criteria Decis. Anal. 11(4–5), 167–186 (2002)CrossRefGoogle Scholar
  10. 10.
    Lakhno, V., Kozlovskii, V., Mishchenko, A., Boiko, Y., Pupchenko, O.: Development of the intelligent decision-making support system to manage cyber protection at the object of informatization. East. Eur. J. Enterp. Technol. 2(9), 53–61 (2017).  https://doi.org/10.15587/1729-4061.2017.96662CrossRefGoogle Scholar
  11. 11.
    Rees, L.P., Deane, J.K., Rakes, T.R., Baker, W.H.: Decision support for cybersecurity risk planning. Decis. Support Syst. 51(3), 493–505 (2011)CrossRefGoogle Scholar
  12. 12.
    Larichev, O., Asanov, A., Naryzhny, Y.: Effectiveness evaluation of expert classification methods. Eur. J. Oper. Res. 138(2), 260–273 (2002)MathSciNetCrossRefGoogle Scholar
  13. 13.
    Hashemi, A., Pilevar, A.H., Rafeh, R.: Mass detection in lung ct images using region growing segmentation and decision making based on fuzzy inference system and artificial neural network. Int. J. Image, Graph. Sig. Process. (IJIGSP) 5(6), 16–24 (2013).  https://doi.org/10.5815/ijigsp.2013.06.03CrossRefGoogle Scholar
  14. 14.
    Mir, I.A., Quadri, S.M.K.: Analysis and evaluating security of component-based software development: a security metrics framework. Int. J. Comput. Netw. Inf. Secur. (IJCNIS) 4(11), 21–31 (2012).  https://doi.org/10.5815/ijcnis.2012.11.03CrossRefGoogle Scholar
  15. 15.
    Shameli-Sendi, A., Shajari, M., Hassanabadi, M., Jabbarifar, M., Dagenais, M.: Fuzzy multi-criteria decision-making for information security risk assessment. Open Cybern. Syst. J. 6(1), 26–37 (2012)MathSciNetCrossRefGoogle Scholar
  16. 16.
    Alharbi, E.T., Qureshi, M.R.J.: Implementation of risk management with SCRUM to achieve CMMI requirements. Int. J. Comput. Netw. Inf. Secur. (IJCNIS) 6(11), 20–25 (2014).  https://doi.org/10.5815/ijcnis.2014.11.03CrossRefGoogle Scholar
  17. 17.
    Filali, F.Z., Yagoubi, B.: Global trust: a trust model for cloud service selection. Int. J. Comput. Netw. Inf. Secur. (IJCNIS) 7(5), 41–50 (2015).  https://doi.org/10.5815/ijcnis.2015.05.06CrossRefGoogle Scholar
  18. 18.
    Rostami, M., Koushanfar, F., Karri, R.: A primer on hardware security: models, methods, and metrics. Proc. IEEE 102(8), 1283–1295 (2014).  https://doi.org/10.1109/JPROC.2014.2335155CrossRefGoogle Scholar
  19. 19.
    Liang, G., Weller, S.R., Zhao, J., Luo, F., Dong, Z.Y.: The 2015 Ukraine blackout: implications for false data injection attacks. IEEE Trans. Power Syst. 32(4), 3317–3318 (2017).  https://doi.org/10.1109/TPWRS.2016.2631891CrossRefGoogle Scholar
  20. 20.
    Stoneburner, G., Goguen, A., Feringa, A.: Sp 800-30 Risk Management Guide for Information Technology Systems. NIST Special Publication (2002)Google Scholar

Copyright information

© Springer International Publishing AG, part of Springer Nature 2019

Authors and Affiliations

  • V. Tolubko
    • 1
    • 2
  • S. Kozelkov
    • 1
    • 2
  • S. Zybin
    • 1
  • V. Kozlovskyi
    • 1
    • 2
  • Y. Boiko
    • 2
  1. 1.State University of TelecommunicationsKyivUkraine
  2. 2.National Aviation UniversityKyivUkraine

Personalised recommendations