№2, 2018

A CONSENSUS RANKING METHOD FOR INFORMATION SECURITY THREATS OF AN E-GOVERNMENT

Yadigar N. Imamverdiyev

Threats to information security of the e-government are aimed at national interests in the information sphere. There are many threats to national interests in the information sphere, and in order to effectively counter these threats in the face of limited resources allocated to cyber defense, multi-criteria ranking of these threats is necessary. In the proposed model, threats are ranked on the basis of expert assessments that characterize the levels of threats to national interests. An optimization model for consensus threat ranking is proposed (pp.30-40).

Keywords: e-government, information security, information security threats, threat assessment, threat ranking, consensus ranking.
DOI : DOI: 10.25045/jpit.v09.i2.04
References
  • Libicki M. C. Conquest in cyberspace: National security and information warfare. Cambridge University Press, 2007, 336 p.
  • European Union Agency For Network and Information Security: ENISA Threat Landscape Report 2017 (ETL 2017). January 2018, 114 p.
  • Jang-Jaccard J., Nepal S. A survey of emerging threats in cybersecurity // Journal of Computer and System Sciences, 2014, vol.80, no.5, pp.973–993.
  • Sabillon R., Cavaller V., Cano J. National cyber security strategies: Global trends in cyberspace // International Journal of Computer Science and Software Engineering, 2016, vol.5, no.5, pp.67–81.
  • Jerman-Blažič B. An economic modelling approach to information security risk management // International Journal of Information Management, 2008, vol.28, no.5, pp.413–422.
  • Pierazzi F., Apruzzese G., Colajanni M., Guido A., Marchetti M. Scalable architecture for online prioritization of cyber threats / Proceedings of the 9th NATO International Conference on Cyber Conflicts, 2017, pp.1–22.
  • Imamverdiyev Y. Analysis of the state of the are of information security management of e-government // Information society problems, 2012, No 2 (6), pp.19–26.
  • Zavadskas E. K., Turskis Z., and Kildienė S. State of art surveys of overviews on MCDM/MADM methods //Technological and economic development of economy, 2014, vol.20, no.1, pp.165–179.
  • The Doctrine of Information Security of the Russian Federation: President of the Russian Federation 9 September. 2000. No1895.
  • Multi-State Information Sharing & Analysis Center (MSISAC). http://msisac.cisecurity.org/alert-level/
  • Lundberg R., and Willis H. H. Deliberative risk ranking to inform homeland security strategic planning // Journal of Homeland Security and Emergency Management, 2016, vol.13, no.1, pp.3–33.
  • Imamverdiyev Y.N. New generation national cyber security strategies // Information society problems, 2013, No2, pp.42–51.
  • Klimburg (Ed.), National Cyber Security Framework Manual, NATO CCD COE Publication,Tallinn 2012, 253 p.
  • OECD: National Risk Assessments: A Cross Country Perspective. OECD Publishing, Paris, 2018, 308 p. http://dx.doi.org/10.1787/9789264287532-en.
  • Robinson, Gribbon L., Horvath V., Robertson K., Cyber-security threat characterization: A rapid comparative analysis. RAND Corporation. 2013, 9 p.
  • Pochuev S.I., Bolshakov V.P. Methodological Approach to Solving the Problem of Ranking the Level of National Security Threats // Informmost, 2007, No. 6 (53), pp.34–36. 
  • Changwen Q., and You H. A method of threat assessment using multiple attribute decision making / Proc. of the 6th IEEE International Conference on Signal Processing, 2002, vol.2, pp.1091–1095.
  • Saaty T.L. The analytic hierarchy process. New York: McGraw-Hill, 1980, 287 p.
  • Saaty T.L. Decision making with dependence and feedback: The analytic network process. Pittsburgh: RWS Publications, 1996, 370 p.
  • Hwang C.L. and Yoon K. Multiple attribute decision making: Methods and applications, vol.186. New York: Springer, 1981, 259 p.
  • Opricovic S. Multicriteria optimization of civil engineering systems. PhD Thesis, Faculty of Civil Engineering, Belgrade, 1998, 302 p.
  • Gabus A. and Fontela E. The DEMATEL observer. Battelle Geneva Research Center, Geneva, Switzerland, 1976.
  • Roy B. and Bertier B. La méthode ELECTRE II: une méthodede classement en presence de critèresmultiples. Note de Travail 142, Groupe Metra, Direction Scientifique, 1971.
  • Brans J. P. and Vincke P. A preference ranking organisation method: the PROMETHEE method for MCDM // Management Science, 1985, vol.31, no.6, pp.647–656.
  • Zadeh L. A. Fuzzy sets // Information and Control, 1965, vol.8, no.3, pp.338–353.
  • Buckley J. J., Feuring T., and Hayashi Y., Fuzzy hierarchical analysis revisited // European Journal of Operational Research, 2001, vol.129, no.1, pp.48–64.
  • Torfi F., Farahani R. Z., and Rezapour S. Fuzzy AHP to determine the relative weights of evaluation criteria and Fuzzy TOPSIS to rank the alternatives // Applied Soft Computing, 2010, vol.10, no.2, pp.520–528.
  • Alguliyev R. M., Aliguliyev R. M., and Mahmudova R. S. Multicriteria personnel selection by the modified fuzzy VIKOR method // The Scientific World Journal, 2015, vol.2015, Article ID 612767, pp.1–16.
  • Büyüközkan G., and Çifçi G. A novel hybrid MCDM approach based on fuzzy DEMATEL, fuzzy ANP and fuzzy TOPSIS to evaluate green suppliers // Expert Systems with Applications, vol.39, no.3, pp.3000–3011.
  • Alguliyev R. M., Aliguliyev R. M., and Mahmudova R. S. A fuzzy TOPSIS+ Worst-case model for personnel evaluation using information culture criteria // International Journal of Operations Research and Information Systems, 2016, vol.7, no.4, pp.38–66.
  • Deng Y. A Threat assessment model under uncertain environment // Mathematical Problems in Engineering, 2015, Volume 2015, Article ID 878024, 12 pages. http://dx.doi.org/10.1155/2015/878024
  • Ou Yang Y. P., Shieh H. M., Leu J. D., & Tzeng G. H. A VIKOR-based multiple criteria decision method for improving information security risk // International Journal of Information Technology & Decision Making, 2009, vol.8, no.2, pp.267–287.
  • Yang Y. P. O., Shieh H. M., & Tzeng, G. H. A VIKOR technique based on DEMATEL and ANP for information security risk control assessment // Information Sciences, 2013, vol.232, pp.482–500.
  • Shameli-Sendi A., Shajari M., Hassanabadi M., Jabbarifar M., & Dagenais M. Fuzzy multi-criteria decision-making for information security risk assessment // The Open Cybernetics & Systemics Journal, 2012, vol.6, no.1, pp.26–37.
  • Syamsuddin I., and Hwang J. A new fuzzy MCDM framework to evaluate e-government security strategy / Proc. of the 4th International Conference on Application of Information and Communication Technologies, 2010, pp.1–5.
  • Yu L., and Lai K. K. A distance-based group decision-making methodology for multi-person multi-criteria emergency decision support // Decision Support Systems, 2011, vol.51, no.2, pp.307–315.
  • Alfares H.K., Duffuaa S.O. Determining aggregate criteria weights from criteria rankings by a group of decision makers // International Journal of Information Technology & Decision Making, 2008, vol.7, no.4, pp.769–781.
  • Cabrerizo F.J., Alonso S., Herrera-Viedma E. A consensus model for group decision making problems with unbalanced fuzzy linguistic information // International Journal of Information Technology & Decision Making, 2009, vol.8, no.1, pp.109–131.
  • Manmatha R., Rath T., and Feng F. Modeling score distributions for combining the outputs of search engines / Proc. of the 24th Annual International ACM SIGIR Conference on Research and Development in Information Retrieval, 2001, pp.267–275.
  • Van Erp M., and Schomaker L. Variants of the Borda count method for combining ranked classifier hypotheses / Proc. of the 7th International Workshop on Frontiers in Handwriting Recognition, 2000, pp.443–452.
  • Liu Y.-T., Liu T.-Y., Qin T., Ma Z.-M., and Li H. Supervised rank aggregation / Proc.of the 16th International Conference on World Wide Web, 2007, pp.481–490.
  • Klementiev A., Roth D., and Small K. An unsupervised learning algorithm for rank aggregation / Proc. of the European Conference on Machine Learning, 2007, pp. 616–623.
  • Imamverdiyev Y. N. Consensus ranking method of information security threats of a nation state / ІІ Міжнародна науково-практична конференція "Інформаційна безпека та комп’ютерні технології", 2017, pp.12–13.
  • Wang D., and Li T. Weighted consensus multi-document summarization // Information Processing & Management, 2012, vol.48, no.3, pp.513-523.
  • Duchi J., Shalev-Shwartz S., Singer Y., and Chandra T. Efficient projections onto the l1-ball for learning in high dimensions / Proc. of the 25th International Conference on Machine Learning, 2008, pp.272–279.