Matching information security vulnerabilities to organizational security profiles: A genetic algorithm approach

Matching information security vulnerabilities to organizational security profiles: A genetic algorithm approach

0.00 Avg rating0 Votes
Article ID: iaor20061881
Country: Netherlands
Volume: 41
Issue: 3
Start Page Number: 592
End Page Number: 603
Publication Date: Mar 2006
Journal: Decision Support Systems
Authors: , , ,
Keywords: law & law enforcement
Abstract:

Organizations are making substantial investments in information security to reduce the risk presented by vulnerabilities in their information technology (IT) infrastructure. However, each security technology only addresses specific vulnerabilities and potentially creates additional vulnerabilities. The objective of this research is to present and evaluate a Genetic Algorithm (GA)-based approach enabling organizations to choose the minimal-cost security profile providing the maximal vulnerability coverage. This approach is compared to an enumerative approach for a given test set. The GA-based approach provides favorable results, eventually leading to improved tools for supporting information security investment decisions.

Reviews

Required fields are marked *. Your email address will not be published.