Abstract
The risk analysis system has a mechanism to evaluate and analysis the potential risk level in an organization IT system. To evaluate the Risk Level, it must be calculated the essential vulnerability that appear in various assets of organization, threats for these assets. These elements, vulnerabilities, threats and assets are the important factor to evaluate the risk level in an organization In this paper, we describe about design and implementation of a system using the practical risk analysis process that we propose. Furthermore we suggest the security countermeasure choice algorithm against the risk we found in an organization. Especially, The Security Countermeasure choice algorithm is implemented by using the Genetic-Algorithm restricted by some important factor. In this paper, we describe the design and implementation idea of the suggested genetic-algorithm module. Finally, We propose the main idea of the practical risk analysis process and the system using the risk analysis process that we propose in this paper.
| Original language | English |
|---|---|
| Pages (from-to) | 835-842 |
| Number of pages | 8 |
| Journal | Lecture Notes in Computer Science |
| Volume | 3391 |
| DOIs | |
| Publication status | Published - 2005 |
| Event | International Conference on Information Networking, ICOIN 2005 - Jeju Island, Korea, Republic of Duration: Jan 31 2005 → Feb 2 2005 |
All Science Journal Classification (ASJC) codes
- Theoretical Computer Science
- Computer Science(all)