Dynamic Expert System-Based Geographically Adapted Malware Risk Evaluation Method



information security risk analysis, expert systems, knowledge base formation, JESS, information acquisition


Fast development of information systems and technologies while providing new opportunities for people and organizations also make them more vulnerable at the same time. Information security risk assessment helps to identify weak points and preparing mitigation actions. The analysis of expert systems has shown that rule-based expert systems are universal, and because of that can be considered as a proper solution for the task of risk assessment automation. But to assess information security risks quickly and accurately, it is necessary to process a large amount of data about newly discovered vulnerabilities or threats, to reflect regional and industry specific information, making the traditional approach of knowledge base formation for expert system problematic. This work presents a novel method for an automated expert systems knowledge base formation based on the integration of data on regional malware distribution from Cyberthreat real-time map providing current information on newly discovered threats. In our work we collect the necessary information from the web sites in an automated way, that can be later used in a relevant risk calculation. This paper presents method implementation, which includes not only knowledge base formation but also the development of the prototype of an expert system. It was created using the JESS expert system shell. Information security risk evaluation was performed according to OWASP risk assessment methodology, taking into account the location of the organization and prevalent malware in that area.


Agrawal, V.A. (2017). Comparative Study on Information Security Risk Analysis Methods, JCP, 12.1, 57-67, 2017. https://doi.org/10.17706/jcp.12.1.57-67

Batista, L. O.; de Silva, G. A.; Araujo, V. S.; Araujo, V. J. S.; Rezende, T. S.; Guimaraes, A. J.; Souza, P. V. D. C. (2018). Fuzzy neural networks to create an expert system for detecting attacks by sql injection, The International Journal of Forensic Computer Science, 1, 8-21, 2018. https://doi.org/10.5769/J201801001

Dheir, I.; Abu-Naser, S. S. (2019). Knowledge Based System for Diagnosing Guava Problems, International Journal of Academic Information Systems Research (IJAISR), 3(3), 9-15, 2019.

Dua, S.; Du, X. (2016). Data mining and machine learning in cybersecurity, CRC press, 2016. https://doi.org/10.1201/b10867

Dzitac, I.; Barbat, B. E. (2009). Artificial intelligence + distributed systems = agents, International Journal of Computers Communications & Control, 4(1), 17-26, 2009. https://doi.org/10.15837/ijccc.2009.1.2410

Elsharif, A. A.; Abu-Naser, S. S. (2018). An Expert System for Diagnosing Sugarcane Diseases, International Journal of Academic Engineering Research (IJAER), 3(3), 19-27, 2019.

Kireeva, N.; Pozdnyak, I.; Gazizulina, A. (2019). Filling a Knowledge Base for Expert System in Information Security, IOP Conference Series: Materials Science and Engineering, 618(1), 2019. https://doi.org/10.1088/1757-899X/618/1/012085

Kless, D.; Milton, S.; Kazmierczak, E.; Lindenthal, J. (2015). Thesaurus and ontology structure: Formal and pragmatic differences and similarities, Journal of the Association for information science and technology, 66(7), 1348-1366, 2015. https://doi.org/10.1002/asi.23268

Li, D.; Cai, Z.; Deng, L.; Yao, X.; Wang, H. H. (2018). Information security model of block chain based on intrusion sensing in the IoT environment, Cluster Computing, 22(1), 451-468, 2019. https://doi.org/10.1007/s10586-018-2516-1

Losonczi, P.; Necas, P.; Nad, N. (2016). Risk management in information security, Journal of Management, 28, 2016.

Mohamed E. (2017). Comparative study of four supervised machine learning techniques for classifications, Information Journal of applied science and technology, 7(2), 5--18, 2017.

Ramachandra, M. (2010). Information Mining, Web-Based Supply Chain Management and Digital Signal Processing: Methods for Effective Information Administration and Transmission, IGI Global, 223-231, 2010. https://doi.org/10.4018/978-1-60566-888-8.ch017

Ristoski, P.; Paulheim, H. (2016).Web in data mining and knowledge discovery: A comprehensive survey, Journal of Web Semantics, 36, 1-22, 2016. https://doi.org/10.1016/j.websem.2016.01.001

Tandon, N.; Varde, A. S.; de Melo, G. (2017). Commonsense knowledge in machine intelligence, SIGMOD Record, 46(4), 2017. https://doi.org/10.1145/3186549.3186562

Vitkus, D.; Steckevicius, Z.; Goranin, N.; Kalibatiene, D.; Cenys, A. (2019). Automated Expert System Knowledge Base Development Method for Information Security Risk Analysis, International Journal of Computers Communications & Control, 14(6), 743-758, 2019. https://doi.org/10.15837/ijccc.2019.6.3668

Xiao, H.; Rasul, K.; Vollgraf, R. (2017). Fashion-MNIST: a novel image dataset for benchmarking machine learning algorithms, arXiv preprint, 2017.

Yadav, U.; Narula, G. S.; Duhan, N.; Jain, V.; Murthy, B. K. (2015). Development and visualization of domain specific ontology using protege, Indian Journal of Science and Technology, 9(16), 1-7, 2016. https://doi.org/10.17485/ijst/2016/v9i16/88524

Zhong, W.; Liu, S.; Wan, F.; Li, Z. (2018). Equipment selection knowledge base system for industrial styrene process, Chinese Journal of Chemical Engineering, 26(8), 1707-1712, 2018. https://doi.org/10.1016/j.cjche.2017.10.009

[Online]. Available: https://cybermap.kaspersky.com, Accesed on 27 March 2020.

[Online]. Available: https://www.owasp.org/index.php/OWASP_Risk_Rating_Methodology, Accesed on 27 March 2020.

[Online]. Available: https://jessrules.com/jess/download.shtml, Accesed on 27 March 2020.



Most read articles by the same author(s)

Obs.: This plugin requires at least one statistics/report plugin to be enabled. If your statistics plugins provide more than one metric then please also select a main metric on the admin's site settings page and/or on the journal manager's settings pages.