Skip to main content
SpringerLink
Log in

Information Security Evaluation Using Multi-Attribute Threat Index

  • Published:
Wireless Personal Communications Aims and scope Submit manuscript

Abstract

Threat to security has been increasing along with proliferation of service through the Web. Multi-attribute risk assessment serves as a useful tool to assess risk quantitatively by prioritizing sets of threats and security requirements. The case study presents decision-making methods as to the selection of information security technology and solution through the process of identifying risk and quantifying threat index. Since the intrusion types and analysis data was analyzed based on the statistics of multiple enterprises, it is advisable to classify the types into more detailed types suitable to the target company, and to reasonably reflect the characteristics of the organization through accumulation and utilization of the company’s own data.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Ojanperä, T., & Mononen, R. (2002). Security and authentication in the mobile world. Wireless Personal Communications, 22(2), 229–235.

    Article  Google Scholar 

  2. Saravanan, K., & Senthilkumar, A. (2015). Security enhancement in distributed networks using link-based mapping scheme for network intrusion detection with enhanced bloom filter. Wireless Personal Communications, 64(2), 821–839.

    Article  Google Scholar 

  3. Prasad, A., & Kempf, J. (2003). Wireless personal communications special issue on security for next generation communications. Wireless Personal Communications, 26(2–3), 283–284.

    Article  Google Scholar 

  4. Feledi, D., Fenz, S., & Lechner, L. (2013). Toward web-based information security knowledge sharing. Information Security Technical Report, 17, 199–209.

    Article  Google Scholar 

  5. Kumar, R., & Singh, H. (2012). Analysis of information systems security issues and security techniques. International Journal of Advanced Computer Research, 2(6), 65–68.

    Google Scholar 

  6. Prasad, A. R., & Kempf, J. (2004). Security for next generation communications. Wireless Personal Communications, 29(3–4), 157–208.

    Article  Google Scholar 

  7. Feng, N., Wang, H., & Li, M. (2013). A security risk analysis model for information systems: Causal relationships of risk factors and vulnerability propagation analysis. Information Sciences, 256, 57–73.

    Article  Google Scholar 

  8. Bang, Y., Lee, D., Bae, Y., & Ahn, J. (2012). Improving information security management: An analysis of ID–password usage and a new login vulnerability measure. International Journal of Information Management, 32(5), 409–418.

    Article  Google Scholar 

  9. Von Solms, R., & Van Niekerk, J. (2013). From information security to cyber security. Computers & Security, 38, 196–207.

    Google Scholar 

  10. Veiga, A., & Eloff, J. (2010). A framework and assessment instrument for information security culture. Computers & Security, 29, 196–207.

    Article  Google Scholar 

  11. Kim, K., & Na, K. (2004). Threat index evaluation of information system using multi-attribute risk assessment method. Journal of Korea Risk Management Society, 15(2), 103–126.

    Google Scholar 

  12. Lee, K., Kim, K., & Na, K. (2008). Multi-attribute threat index for information security. Journal of Korea Society of IT Services, 7(1), 118–122.

    Google Scholar 

  13. Butler, S. (2000). Security attribute evaluation method: A cost benefit approach. In 24th International conference on software engineering proceedings (pp. 22–240).

  14. Butler, S., & Fischbeck, P. (2001). Multi-attribute risk assessment, Technical Report CMU-CS-01-169.

  15. Fuchs, L., Pernul, G., & Sandhu, R. (2011). Roles in information security—A survey and classification of the research area. Computers & Security, 30(8), 748–769.

    Article  Google Scholar 

  16. Penta Security Systems Inc. (2013). Web application threat report: Trends for the second half of 2012.

  17. Saaty, T. (1980). The analytic hierarchy process. New York: McGraw-Hill.

    MATH  Google Scholar 

  18. Korea Internet and Security Agency. (2012). Information security survey 2012 (enterprise edition).

  19. Saleh, M. (2011). Information security maturity model. International Journal of Computer Science and Security, 5(3), 316–337.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Knowledge Service and Consulting, Hansung University, Seoul, Korea

    Young-Man Je & Yen-Yoo You

  2. Department of Management Information Systems, Seowon University, Cheongju, Korea

    Kwan-Sik Na

Authors
  1. Young-Man Je
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yen-Yoo You
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Kwan-Sik Na
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Yen-Yoo You.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Je, YM., You, YY. & Na, KS. Information Security Evaluation Using Multi-Attribute Threat Index. Wireless Pers Commun 89, 913–925 (2016). https://doi.org/10.1007/s11277-015-3140-5

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11277-015-3140-5

Keywords

Search

Navigation