Hierarchikus fuzzy alapú kiberbiztonsági kockázatértékelő modell

Gózon Fanni Zsuzsanna; Váczi Dániel; Laufer Edit

doi:10.32567/hm.2022.1.8

Hierarchical Fuzzy-based Cybersecurity Risk Assessment Model

Gózon Fanni Zsuzsanna
Váczi Dániel
Laufer Edit

doi: 10.32567/hm.2022.1.8

This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.

Abstract

With the rise of IT systems, cyberattacks are becoming more sophisticated, allowing for more intense and complex attacks. According to the source of the threats, we can distinguish between attacks based on hardware, software, physical and human factors. In this study the human factor is in the focus, because humans are the weakest link; however, other factors affecting company security are also taken into account. The authors propose a risk assessment model that can predict the level of cybersecurity risk in a company. In this hierarchical model, fuzzy-based subsystems are applied, as in the field of cybersecurity, the uncertainties and subjectivity that often arise in the data and evaluation process, must also be addressed.

Keywords:

fuzzy inference system cybersecurity human vulnerability social engineering

How to Cite

Gózon, F. Z., Váczi, D., & Laufer, E. (2022). Hierarchical Fuzzy-based Cybersecurity Risk Assessment Model. Military Engineer, 17(1), 117–137. https://doi.org/10.32567/hm.2022.1.8

References

Hadnagy, Christopher: Social Engineering: The Art of Human Hacking. Hoboken, Wiley, 2011.

Jakus Attila – Tick Andrea: IT biztonsági kockázatok és kockázatkezelés. Hadmérnök, 12. (2017), 1. 182–202. Online: http://hadmernok.hu/171_15_jakus.pdf

Pokorádi László: Fuzzy Techniques in the Aircraft Engineering. In Zobory I. (szerk.): Proceedings of the 7th Mini Conference on Vehicle System Dynamics, Identification and Anomalies. Budapest, BME Vasúti Járművek Tanszék, 2001. 443–448.

Salahdine, Fatima – Naima Kaabouch: Social Engineering Attacks: A Survey. Future Internet, 11. (2019), 89. 1–17. Online: https://doi.org/10.3390/fi11040089

Steingartner, William – Darko Galinec: Cyber Threats and Cyber Deception in Hybrid Warfare. Acta Polytechnica Hungarica, 18. (2021), 3. 25–45. Online: https://doi.org/10.12700/APH.18.3.2021.3.2

Szádeczky Tamás: Governmental Regulation of Cybersecurity in the EU and Hungary after 2000. AARMS, 19. (2020), 1. 83–93. Online: https://doi.org/10.32565/aarms.2020.1.7

Vacca, John R.: Computer and Information Security Handbook. Burlington, Morgan Kaufmann, 2009.