Dynamic Expert System-Based Geographically Adapted Malware Risk Evaluation Method

Donatas Vitkus, Justina Jezukevičiūtė, Nikolaj Goranin


Fast development of information systems and technologies while providing new opportunities for people and organizations also make them more vulnerable at the same time. Information security risk assessment helps to identify weak points and preparing mitigation actions. The analysis of expert systems has shown that rule-based expert systems are universal, and because of that can be considered as a proper solution for the task of risk assessment automation. But to assess information security risks quickly and accurately, it is necessary to process a large amount of data about newly discovered vulnerabilities or threats, to reflect regional and industry specific information, making the traditional approach of knowledge base formation for expert system problematic. This work presents a novel method for an automated expert systems knowledge base formation based on the integration of data on regional malware distribution from Cyberthreat real-time map providing current information on newly discovered threats. In our work we collect the necessary information from the web sites in an automated way, that can be later used in a relevant risk calculation. This paper presents method implementation, which includes not only knowledge base formation but also the development of the prototype of an expert system. It was created using the JESS expert system shell. Information security risk evaluation was performed according to OWASP risk assessment methodology, taking into account the location of the organization and prevalent malware in that area.


information security risk analysis, expert systems, knowledge base formation, JESS, information acquisition

Full Text:



Agrawal, V.A. (2017). Comparative Study on Information Security Risk Analysis Methods, JCP, 12.1, 57-67, 2017.

Batista, L. O.; de Silva, G. A.; Araujo, V. S.; Araujo, V. J. S.; Rezende, T. S.; Guimaraes, A. J.; Souza, P. V. D. C. (2018). Fuzzy neural networks to create an expert system for detecting attacks by sql injection, The International Journal of Forensic Computer Science, 1, 8-21, 2018.

Dheir, I.; Abu-Naser, S. S. (2019). Knowledge Based System for Diagnosing Guava Problems, International Journal of Academic Information Systems Research (IJAISR), 3(3), 9-15, 2019.

Dua, S.; Du, X. (2016). Data mining and machine learning in cybersecurity, CRC press, 2016.

Dzitac, I.; Barbat, B. E. (2009). Artificial intelligence + distributed systems = agents, International Journal of Computers Communications & Control, 4(1), 17-26, 2009.

Elsharif, A. A.; Abu-Naser, S. S. (2018). An Expert System for Diagnosing Sugarcane Diseases, International Journal of Academic Engineering Research (IJAER), 3(3), 19-27, 2019.

Kireeva, N.; Pozdnyak, I.; Gazizulina, A. (2019). Filling a Knowledge Base for Expert System in Information Security, IOP Conference Series: Materials Science and Engineering, 618(1), 2019.

Kless, D.; Milton, S.; Kazmierczak, E.; Lindenthal, J. (2015). Thesaurus and ontology structure: Formal and pragmatic differences and similarities, Journal of the Association for information science and technology, 66(7), 1348-1366, 2015.

Li, D.; Cai, Z.; Deng, L.; Yao, X.; Wang, H. H. (2018). Information security model of block chain based on intrusion sensing in the IoT environment, Cluster Computing, 22(1), 451-468, 2019.

Losonczi, P.; Necas, P.; Nad, N. (2016). Risk management in information security, Journal of Management, 28, 2016.

Mohamed E. (2017). Comparative study of four supervised machine learning techniques for classifications, Information Journal of applied science and technology, 7(2), 5--18, 2017.

Ramachandra, M. (2010). Information Mining, Web-Based Supply Chain Management and Digital Signal Processing: Methods for Effective Information Administration and Transmission, IGI Global, 223-231, 2010.

Ristoski, P.; Paulheim, H. (2016).Web in data mining and knowledge discovery: A comprehensive survey, Journal of Web Semantics, 36, 1-22, 2016.

Tandon, N.; Varde, A. S.; de Melo, G. (2017). Commonsense knowledge in machine intelligence, SIGMOD Record, 46(4), 2017.

Vitkus, D.; Steckevicius, Z.; Goranin, N.; Kalibatiene, D.; Cenys, A. (2019). Automated Expert System Knowledge Base Development Method for Information Security Risk Analysis, International Journal of Computers Communications & Control, 14(6), 743-758, 2019.

Xiao, H.; Rasul, K.; Vollgraf, R. (2017). Fashion-MNIST: a novel image dataset for benchmarking machine learning algorithms, arXiv preprint, 2017.

Yadav, U.; Narula, G. S.; Duhan, N.; Jain, V.; Murthy, B. K. (2015). Development and visualization of domain specific ontology using protege, Indian Journal of Science and Technology, 9(16), 1-7, 2016.

Zhong, W.; Liu, S.; Wan, F.; Li, Z. (2018). Equipment selection knowledge base system for industrial styrene process, Chinese Journal of Chemical Engineering, 26(8), 1707-1712, 2018.

[Online]. Available: https://cybermap.kaspersky.com, Accesed on 27 March 2020.

[Online]. Available: https://www.owasp.org/index.php/OWASP_Risk_Rating_Methodology, Accesed on 27 March 2020.

[Online]. Available: https://jessrules.com/jess/download.shtml, Accesed on 27 March 2020.

DOI: https://doi.org/10.15837/ijccc.2020.3.3865

Copyright (c) 2020 Donatas Vitkus, Justina Jezukevičiūtė, Nikolaj Goranin

Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.

IJCCC is an Open Access Journal : CC-BY-NC.

Articles published in IJCCC user license are protected by copyright.

Users can access, download, copy, translate the IJCCC articles for non-commercial purposes provided that users, but cannot redistribute, display or adapt:

  • Cite the article using an appropriate bibliographic citation: author(s), article title, journal, volume, issue, page numbers, year of publication, DOI, and the link to the definitive published version on IJCCC website;
  • Maintain the integrity of the IJCCC article;
  • Retain the copyright notices and links to these terms and conditions so it is clear to other users what can and what cannot be done with the  article;
  • Ensure that, for any content in the IJCCC article that is identified as belonging to a third party, any re-use complies with the copyright policies of that third party;
  • Any translations must prominently display the statement: "This is an unofficial translation of an article that appeared in IJCCC. Agora University  has not endorsed this translation."

This is a non commercial license where the use of published articles for commercial purposes is forbiden. 

Commercial purposes include: 

  • Copying or downloading IJCCC articles, or linking to such postings, for further redistribution, sale or licensing, for a fee;
  • Copying, downloading or posting by a site or service that incorporates advertising with such content;
  • The inclusion or incorporation of article content in other works or services (other than normal quotations with an appropriate citation) that is then available for sale or licensing, for a fee;
  • Use of IJCCC articles or article content (other than normal quotations with appropriate citation) by for-profit organizations for promotional purposes, whether for a fee or otherwise;
  • Use for the purposes of monetary reward by means of sale, resale, license, loan, transfer or other form of commercial exploitation;

    The licensor cannot revoke these freedoms as long as you follow the license terms.

[End of CC-BY-NC  License for Website User]

INTERNATIONAL JOURNAL OF COMPUTERS COMMUNICATIONS & CONTROL (IJCCC), With Emphasis on the Integration of Three Technologies (C & C & C),  ISSN 1841-9836.

IJCCC was founded in 2006,  at Agora University, by  Ioan DZITAC (Editor-in-Chief),  Florin Gheorghe FILIP (Editor-in-Chief), and  Misu-Jan MANOLESCU (Managing Editor).

Ethics: This journal is a member of, and subscribes to the principles of, the Committee on Publication Ethics (COPE).

Ioan  DZITAC (Editor-in-Chief) at COPE European Seminar, Bruxelles, 2015:

IJCCC is covered/indexed/abstracted in Science Citation Index Expanded (since vol.1(S),  2006); JCR2018: IF=1.585..

IJCCC is indexed in Scopus from 2008 (CiteScore2018 = 1.56):

Nomination by Elsevier for Journal Excellence Award Romania 2015 (SNIP2014 = 1.029): Elsevier/ Scopus

IJCCC was nominated by Elsevier for Journal Excellence Award - "Scopus Awards Romania 2015" (SNIP2014 = 1.029).

IJCCC is in Top 3 of 157 Romanian journals indexed by Scopus (in all fields) and No.1 in Computer Science field by Elsevier/ Scopus.


 Impact Factor in JCR2018 (Clarivate Analytics/SCI Expanded/ISI Web of Science): IF=1.585 (Q3). Scopus: CiteScore2018=1.56 (Q2);

SCImago Journal & Country Rank

Editors-in-Chief: Ioan DZITAC & Florin Gheorghe FILIP.