Modelling cyber-security experts' decision making processes using aggregation operators
An important role carried out by cyber-security experts is the assessment of proposed computer systems, during their design stage. This task is fraught with difficulties and uncertainty, making the knowledge provided by human experts essential for successful assessment. Today, the increasing number...
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Published: |
Elsevier
2016
|
| Subjects: | |
| Online Access: | https://eprints.nottingham.ac.uk/35868/ |
| _version_ | 1848795179272634368 |
|---|---|
| author | Miller, Simon Wagner, Christian Aickelin, Uwe Garibaldi, Jonathan M. |
| author_facet | Miller, Simon Wagner, Christian Aickelin, Uwe Garibaldi, Jonathan M. |
| author_sort | Miller, Simon |
| building | Nottingham Research Data Repository |
| collection | Online Access |
| description | An important role carried out by cyber-security experts is the assessment of proposed computer systems, during their design stage. This task is fraught with difficulties and uncertainty, making the knowledge provided by human experts essential for successful assessment. Today, the increasing number of progressively complex systems has led to an urgent need to produce tools that support the expert-led process of system-security assessment. In this research, we use Weighted Averages (WAs) and Ordered Weighted Averages (OWAs) with Evolutionary Algorithms (EAs) to create aggregation operators that model parts of the assessment process. We show how individual overall ratings for security components can be produced from ratings of their characteristics, and how these individual overall ratings can be aggregated to produce overall rankings of potential attacks on a system. As well as the identification of salient attacks and weak points in a prospective system, the proposed method also highlights which factors and security components contribute most to a component's difficulty and attack ranking respectively. A real world scenario is used in which experts were asked to rank a set of technical attacks, and to answer a series of questions about the security components that are the subject of the attacks. The work shows how finding good aggregation operators, and identifying important components and factors of a cyber-security problem can be automated. The resulting operators have the potential for use as decision aids for systems designers and cyber-security experts, increasing the amount of assessment that can be achieved with the limited resources available. |
| first_indexed | 2025-11-14T19:27:58Z |
| format | Article |
| id | nottingham-35868 |
| institution | University of Nottingham Malaysia Campus |
| institution_category | Local University |
| last_indexed | 2025-11-14T19:27:58Z |
| publishDate | 2016 |
| publisher | Elsevier |
| recordtype | eprints |
| repository_type | Digital Repository |
| spelling | nottingham-358682020-05-04T18:07:19Z https://eprints.nottingham.ac.uk/35868/ Modelling cyber-security experts' decision making processes using aggregation operators Miller, Simon Wagner, Christian Aickelin, Uwe Garibaldi, Jonathan M. An important role carried out by cyber-security experts is the assessment of proposed computer systems, during their design stage. This task is fraught with difficulties and uncertainty, making the knowledge provided by human experts essential for successful assessment. Today, the increasing number of progressively complex systems has led to an urgent need to produce tools that support the expert-led process of system-security assessment. In this research, we use Weighted Averages (WAs) and Ordered Weighted Averages (OWAs) with Evolutionary Algorithms (EAs) to create aggregation operators that model parts of the assessment process. We show how individual overall ratings for security components can be produced from ratings of their characteristics, and how these individual overall ratings can be aggregated to produce overall rankings of potential attacks on a system. As well as the identification of salient attacks and weak points in a prospective system, the proposed method also highlights which factors and security components contribute most to a component's difficulty and attack ranking respectively. A real world scenario is used in which experts were asked to rank a set of technical attacks, and to answer a series of questions about the security components that are the subject of the attacks. The work shows how finding good aggregation operators, and identifying important components and factors of a cyber-security problem can be automated. The resulting operators have the potential for use as decision aids for systems designers and cyber-security experts, increasing the amount of assessment that can be achieved with the limited resources available. Elsevier 2016-08-10 Article PeerReviewed Miller, Simon, Wagner, Christian, Aickelin, Uwe and Garibaldi, Jonathan M. (2016) Modelling cyber-security experts' decision making processes using aggregation operators. Computers and Security, 62 . pp. 229-245. ISSN 0167-4048 Expert Decision Making; Cyber-security; Evolutionary algorithm; Ordered Weighted average; Weighted Average http://www.sciencedirect.com/science/article/pii/S016740481630089X doi:10.1016/j.cose.2016.08.001 doi:10.1016/j.cose.2016.08.001 |
| spellingShingle | Expert Decision Making; Cyber-security; Evolutionary algorithm; Ordered Weighted average; Weighted Average Miller, Simon Wagner, Christian Aickelin, Uwe Garibaldi, Jonathan M. Modelling cyber-security experts' decision making processes using aggregation operators |
| title | Modelling cyber-security experts' decision making processes using aggregation operators |
| title_full | Modelling cyber-security experts' decision making processes using aggregation operators |
| title_fullStr | Modelling cyber-security experts' decision making processes using aggregation operators |
| title_full_unstemmed | Modelling cyber-security experts' decision making processes using aggregation operators |
| title_short | Modelling cyber-security experts' decision making processes using aggregation operators |
| title_sort | modelling cyber-security experts' decision making processes using aggregation operators |
| topic | Expert Decision Making; Cyber-security; Evolutionary algorithm; Ordered Weighted average; Weighted Average |
| url | https://eprints.nottingham.ac.uk/35868/ https://eprints.nottingham.ac.uk/35868/ https://eprints.nottingham.ac.uk/35868/ |