Dynamic Expert System-Based Geographically Adapted Malware Risk Evaluation Method

Abstract

Fast development of information systems and technologies while providing new opportunities for people and organizations also make them more vulnerable at the same time. Information security risk assessment helps to identify weak points and preparing mitigation actions. The analysis of expert systems has shown that rule-based expert systems are universal, and because of that can be considered as a proper solution for the task of risk assessment automation. But to assess information security risks quickly and accurately, it is necessary to process a large amount of data about newly discovered vulnerabilities or threats, to reflect regional and industry specific information, making the traditional approach of knowledge base formation for expert system problematic. This work presents a novel method for an automated expert systems knowledge base formation based on the integration of data on regional malware distribution from Cyberthreat real-time map providing current information on newly discovered threats. In our work we collect the necessary information from the web sites in an automated way, that can be later used in a relevant risk calculation. This paper presents method implementation, which includes not only knowledge base formation but also the development of the prototype of an expert system. It was created using the JESS expert system shell. Information security risk evaluation was performed according to OWASP risk assessment methodology, taking into account the location of the organization and prevalent malware in that area.

References

[1] Agrawal, V.A. (2017). Comparative Study on Information Security Risk Analysis Methods, JCP, 12.1, 57-67, 2017.
https://doi.org/10.17706/jcp.12.1.57-67

[2] Batista, L. O.; de Silva, G. A.; Araujo, V. S.; Araujo, V. J. S.; Rezende, T. S.; Guimaraes, A. J.; Souza, P. V. D. C. (2018). Fuzzy neural networks to create an expert system for detecting attacks by sql injection, The International Journal of Forensic Computer Science, 1, 8-21, 2018.
https://doi.org/10.5769/J201801001

[3] Dheir, I.; Abu-Naser, S. S. (2019). Knowledge Based System for Diagnosing Guava Problems, International Journal of Academic Information Systems Research (IJAISR), 3(3), 9-15, 2019.

[4] Dua, S.; Du, X. (2016). Data mining and machine learning in cybersecurity, CRC press, 2016.
https://doi.org/10.1201/b10867

[5] Dzitac, I.; Barbat, B. E. (2009). Artificial intelligence + distributed systems = agents, International Journal of Computers Communications & Control, 4(1), 17-26, 2009.
https://doi.org/10.15837/ijccc.2009.1.2410

[6] Elsharif, A. A.; Abu-Naser, S. S. (2018). An Expert System for Diagnosing Sugarcane Diseases, International Journal of Academic Engineering Research (IJAER), 3(3), 19-27, 2019.

[7] Kireeva, N.; Pozdnyak, I.; Gazizulina, A. (2019). Filling a Knowledge Base for Expert System in Information Security, IOP Conference Series: Materials Science and Engineering, 618(1), 2019.
https://doi.org/10.1088/1757-899X/618/1/012085

[8] Kless, D.; Milton, S.; Kazmierczak, E.; Lindenthal, J. (2015). Thesaurus and ontology structure: Formal and pragmatic differences and similarities, Journal of the Association for information science and technology, 66(7), 1348-1366, 2015.
https://doi.org/10.1002/asi.23268

[9] Li, D.; Cai, Z.; Deng, L.; Yao, X.; Wang, H. H. (2018). Information security model of block chain based on intrusion sensing in the IoT environment, Cluster Computing, 22(1), 451-468, 2019.
https://doi.org/10.1007/s10586-018-2516-1

[10] Losonczi, P.; Necas, P.; Nad, N. (2016). Risk management in information security, Journal of Management, 28, 2016.

[11] Mohamed E. (2017). Comparative study of four supervised machine learning techniques for classifications, Information Journal of applied science and technology, 7(2), 5--18, 2017.

[12] Ramachandra, M. (2010). Information Mining, Web-Based Supply Chain Management and Digital Signal Processing: Methods for Effective Information Administration and Transmission, IGI Global, 223-231, 2010.
https://doi.org/10.4018/978-1-60566-888-8.ch017

[13] Ristoski, P.; Paulheim, H. (2016).Web in data mining and knowledge discovery: A comprehensive survey, Journal of Web Semantics, 36, 1-22, 2016.
https://doi.org/10.1016/j.websem.2016.01.001

[14] Tandon, N.; Varde, A. S.; de Melo, G. (2017). Commonsense knowledge in machine intelligence, SIGMOD Record, 46(4), 2017.
https://doi.org/10.1145/3186549.3186562

[15] Vitkus, D.; Steckevicius, Z.; Goranin, N.; Kalibatiene, D.; Cenys, A. (2019). Automated Expert System Knowledge Base Development Method for Information Security Risk Analysis, International Journal of Computers Communications & Control, 14(6), 743-758, 2019.
https://doi.org/10.15837/ijccc.2019.6.3668

[16] Xiao, H.; Rasul, K.; Vollgraf, R. (2017). Fashion-MNIST: a novel image dataset for benchmarking machine learning algorithms, arXiv preprint, 2017.

[17] Yadav, U.; Narula, G. S.; Duhan, N.; Jain, V.; Murthy, B. K. (2015). Development and visualization of domain specific ontology using protege, Indian Journal of Science and Technology, 9(16), 1-7, 2016.
https://doi.org/10.17485/ijst/2016/v9i16/88524

[18] Zhong, W.; Liu, S.; Wan, F.; Li, Z. (2018). Equipment selection knowledge base system for industrial styrene process, Chinese Journal of Chemical Engineering, 26(8), 1707-1712, 2018.
https://doi.org/10.1016/j.cjche.2017.10.009

[19] [Online]. Available: https://cybermap.kaspersky.com, Accesed on 27 March 2020.

[20] [Online]. Available: https://www.owasp.org/index.php/OWASP_Risk_Rating_Methodology, Accesed on 27 March 2020.

[21] [Online]. Available: https://jessrules.com/jess/download.shtml, Accesed on 27 March 2020.
Published
2020-04-21
How to Cite
VITKUS, Donatas; JEZUKEVIČIŪTĖ, Justina; GORANIN, Nikolaj. Dynamic Expert System-Based Geographically Adapted Malware Risk Evaluation Method. INTERNATIONAL JOURNAL OF COMPUTERS COMMUNICATIONS & CONTROL, [S.l.], v. 15, n. 3, apr. 2020. ISSN 1841-9844. Available at: <http://univagora.ro/jour/index.php/ijccc/article/view/3865>. Date accessed: 29 sep. 2020. doi: https://doi.org/10.15837/ijccc.2020.3.3865.

Keywords

information security risk analysis, expert systems, knowledge base formation, JESS, information acquisition