Abstract
The task of increasing effectiveness for decision-making support in the condition of information protection is considered. The main criteria for assessing the processes effectiveness of forming an information security system in conditions of limitations and uncertainties are described. The integral criteria of effectiveness consists of sub-criteria: efficiency, quality, continuity, reliability, uniqueness, risk. In this article, the author suggests using risk criteria for implementing threats to assess effectiveness.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Otero, A.R., Otero, C.E., Qureshi, A.: A multi-criteria evaluation of information security controls using boolean features. Int. J. Netw. Secur. Appl. (IJNSA), 2(4), 1–11 (2010)
Mellado, D., Fernández-Medina, E., Piattini, M.: A common criteria based security requirements engineering process for the development of secure information systems. Comput. Stand. Interfaces 29 (2), 244–253 (2007)
Larichev, O.I., Kortneva, A.V., Kochin, D.Y.: Decision support system for classification of a finite set of multicriteria alternatives. Decis. Support Syst. 33, 13–21 (2002)
Zybin, S., Khoroshko, V.: Support for decision making in the formation of state information security programs: evaluation of program effectiveness. Inform. Math. Methods Model. 5(2), 122–128 (2015)
Koshal, J., Bag, M.: Cascading of C4. 5 decision tree and support vector machine for rule based intrusion detection system. Int. J. Comput. Netw. Inf. Secur. 4(8), 8 (2012)
Rannenberg, K.: Recent development in information technology security evaluation-the need for evaluation criteria for multilateral security. In: Security and Control of Information Technology in Society, pp. 113–128, August 1993
Kruger, R., Eloff, J.H.: A common criteria framework for the evaluation of information technology systems security. In: Information Security in Research and Business, pp. 197–209. Springer, Boston (1997)
Ling, A.P.A., Masao, M.: Selection of model in developing information security criteria on smart grid security system. In: 2011 Ninth IEEE International Symposium on Parallel and Distributed Processing with Applications Workshops (ISPAW), pp. 91–98. IEEE, May 2011
Zopounidis, C., Doumpos, M.: Multi-criteria decision aid in financial decision making: methodologies and literature review. J. Multi-Criteria Decis. Anal. 11(4–5), 167–186 (2002)
Lakhno, V., Kozlovskii, V., Mishchenko, A., Boiko, Y., Pupchenko, O.: Development of the intelligent decision-making support system to manage cyber protection at the object of informatization. East. Eur. J. Enterp. Technol. 2(9), 53–61 (2017). https://doi.org/10.15587/1729-4061.2017.96662
Rees, L.P., Deane, J.K., Rakes, T.R., Baker, W.H.: Decision support for cybersecurity risk planning. Decis. Support Syst. 51(3), 493–505 (2011)
Larichev, O., Asanov, A., Naryzhny, Y.: Effectiveness evaluation of expert classification methods. Eur. J. Oper. Res. 138(2), 260–273 (2002)
Hashemi, A., Pilevar, A.H., Rafeh, R.: Mass detection in lung ct images using region growing segmentation and decision making based on fuzzy inference system and artificial neural network. Int. J. Image, Graph. Sig. Process. (IJIGSP) 5(6), 16–24 (2013). https://doi.org/10.5815/ijigsp.2013.06.03
Mir, I.A., Quadri, S.M.K.: Analysis and evaluating security of component-based software development: a security metrics framework. Int. J. Comput. Netw. Inf. Secur. (IJCNIS) 4(11), 21–31 (2012). https://doi.org/10.5815/ijcnis.2012.11.03
Shameli-Sendi, A., Shajari, M., Hassanabadi, M., Jabbarifar, M., Dagenais, M.: Fuzzy multi-criteria decision-making for information security risk assessment. Open Cybern. Syst. J. 6(1), 26–37 (2012)
Alharbi, E.T., Qureshi, M.R.J.: Implementation of risk management with SCRUM to achieve CMMI requirements. Int. J. Comput. Netw. Inf. Secur. (IJCNIS) 6(11), 20–25 (2014). https://doi.org/10.5815/ijcnis.2014.11.03
Filali, F.Z., Yagoubi, B.: Global trust: a trust model for cloud service selection. Int. J. Comput. Netw. Inf. Secur. (IJCNIS) 7(5), 41–50 (2015). https://doi.org/10.5815/ijcnis.2015.05.06
Rostami, M., Koushanfar, F., Karri, R.: A primer on hardware security: models, methods, and metrics. Proc. IEEE 102(8), 1283–1295 (2014). https://doi.org/10.1109/JPROC.2014.2335155
Liang, G., Weller, S.R., Zhao, J., Luo, F., Dong, Z.Y.: The 2015 Ukraine blackout: implications for false data injection attacks. IEEE Trans. Power Syst. 32(4), 3317–3318 (2017). https://doi.org/10.1109/TPWRS.2016.2631891
Stoneburner, G., Goguen, A., Feringa, A.: Sp 800-30 Risk Management Guide for Information Technology Systems. NIST Special Publication (2002)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer International Publishing AG, part of Springer Nature
About this paper
Cite this paper
Tolubko, V., Kozelkov, S., Zybin, S., Kozlovskyi, V., Boiko, Y. (2019). Criteria for Evaluating the Effectiveness of the Decision Support System. In: Hu, Z., Petoukhov, S., Dychka, I., He, M. (eds) Advances in Computer Science for Engineering and Education. ICCSEEA 2018. Advances in Intelligent Systems and Computing, vol 754. Springer, Cham. https://doi.org/10.1007/978-3-319-91008-6_32
Download citation
DOI: https://doi.org/10.1007/978-3-319-91008-6_32
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-91007-9
Online ISBN: 978-3-319-91008-6
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)