Assessing Information Security Risk Using Markov Chain

Daniel Tse; Xiaoting Pan; Yuan Zong; Jiaxi Liu; Qinyan Yang

doi:10.1109/IEEM.2018.8607422

Assessing Information Security Risk Using Markov Chain

Daniel Tse^*, Xiaoting Pan, Yuan Zong, Jiaxi Liu, Qinyan Yang

^*Corresponding author for this work

Department of Information Systems

Research output: Chapters, Conference Papers, Creative and Literary Works › RGC 32 - Refereed conference paper (with host publication) › peer-review

1 Citation (Scopus)

Abstract

[1] Information leakage occurs several times in universities in recent years. In this article, we propose a risk assessment method based on Markov chain for universities to evaluate risks using menace index. After identifying the assets and threats in universities, we use a survey data of university risks to find out the probability of the occurrence of each threat. Markov chain is used to indicate the probability of future. The result of a predicted severity sequence of risks can be useful to universities which risks they should pay more attention to. Two methods are used in the Markov part: One is the traditional way to set the initial probability matrix; the other is a statistical probability to present each menace in the initial probability matrix. After comparison, we found that the second method is more precise for risk assessment.

Original language	English
Title of host publication	2018 IEEE International Conference on Industrial Engineering and Engineering Management, IEEM 2018
Publisher	IEEE
Pages	808-813
ISBN (Electronic)	978-1-5386-6786-6
DOIs	https://doi.org/10.1109/IEEM.2018.8607422
Publication status	Published - Dec 2018
Event	2018 IEEE International Conference on Industrial Engineering and Engineering Management, IEEM 2018 - Bangkok, Thailand Duration: 16 Dec 2018 → 19 Dec 2018

Publication series

Name	IEEE International Conference on Industrial Engineering and Engineering Management
Volume	2019-December
ISSN (Print)	2157-3611
ISSN (Electronic)	2157-362X

Conference

Conference	2018 IEEE International Conference on Industrial Engineering and Engineering Management, IEEM 2018
Country/Territory	Thailand
City	Bangkok
Period	16/12/18 → 19/12/18

Research Keywords

Markov Chain
Menace Index
Security Risk Assessment

Access Output

10.1109/IEEM.2018.8607422

Other Access Options

Check CityUHK Library

Permanent Link

Right click to copy link

Cite this

Tse, D., Pan, X., Zong, Y., Liu, J., & Yang, Q. (2018). Assessing Information Security Risk Using Markov Chain. In 2018 IEEE International Conference on Industrial Engineering and Engineering Management, IEEM 2018 (pp. 808-813). Article 8607422 (IEEE International Conference on Industrial Engineering and Engineering Management; Vol. 2019-December). IEEE. https://doi.org/10.1109/IEEM.2018.8607422

@inproceedings{6e9a375ed6594aa2ba732baa612cb94c,

title = "Assessing Information Security Risk Using Markov Chain",

abstract = "[1] Information leakage occurs several times in universities in recent years. In this article, we propose a risk assessment method based on Markov chain for universities to evaluate risks using menace index. After identifying the assets and threats in universities, we use a survey data of university risks to find out the probability of the occurrence of each threat. Markov chain is used to indicate the probability of future. The result of a predicted severity sequence of risks can be useful to universities which risks they should pay more attention to. Two methods are used in the Markov part: One is the traditional way to set the initial probability matrix; the other is a statistical probability to present each menace in the initial probability matrix. After comparison, we found that the second method is more precise for risk assessment.",

keywords = "Markov Chain, Menace Index, Security Risk Assessment",

author = "Daniel Tse and Xiaoting Pan and Yuan Zong and Jiaxi Liu and Qinyan Yang",

year = "2018",

month = dec,

doi = "10.1109/IEEM.2018.8607422",

language = "English",

series = "IEEE International Conference on Industrial Engineering and Engineering Management",

publisher = "IEEE",

pages = "808--813",

booktitle = "2018 IEEE International Conference on Industrial Engineering and Engineering Management, IEEM 2018",

address = "United States",

note = "2018 IEEE International Conference on Industrial Engineering and Engineering Management, IEEM 2018 ; Conference date: 16-12-2018 Through 19-12-2018",

}

Tse, D, Pan, X, Zong, Y, Liu, J & Yang, Q 2018, Assessing Information Security Risk Using Markov Chain. in 2018 IEEE International Conference on Industrial Engineering and Engineering Management, IEEM 2018., 8607422, IEEE International Conference on Industrial Engineering and Engineering Management, vol. 2019-December, IEEE, pp. 808-813, 2018 IEEE International Conference on Industrial Engineering and Engineering Management, IEEM 2018, Bangkok, Thailand, 16/12/18. https://doi.org/10.1109/IEEM.2018.8607422

Assessing Information Security Risk Using Markov Chain. / Tse, Daniel; Pan, Xiaoting; Zong, Yuan et al.
2018 IEEE International Conference on Industrial Engineering and Engineering Management, IEEM 2018. IEEE, 2018. p. 808-813 8607422 (IEEE International Conference on Industrial Engineering and Engineering Management; Vol. 2019-December).

Research output: Chapters, Conference Papers, Creative and Literary Works › RGC 32 - Refereed conference paper (with host publication) › peer-review

TY - GEN

T1 - Assessing Information Security Risk Using Markov Chain

AU - Tse, Daniel

AU - Pan, Xiaoting

AU - Zong, Yuan

AU - Liu, Jiaxi

AU - Yang, Qinyan

PY - 2018/12

Y1 - 2018/12

N2 - [1] Information leakage occurs several times in universities in recent years. In this article, we propose a risk assessment method based on Markov chain for universities to evaluate risks using menace index. After identifying the assets and threats in universities, we use a survey data of university risks to find out the probability of the occurrence of each threat. Markov chain is used to indicate the probability of future. The result of a predicted severity sequence of risks can be useful to universities which risks they should pay more attention to. Two methods are used in the Markov part: One is the traditional way to set the initial probability matrix; the other is a statistical probability to present each menace in the initial probability matrix. After comparison, we found that the second method is more precise for risk assessment.

AB - [1] Information leakage occurs several times in universities in recent years. In this article, we propose a risk assessment method based on Markov chain for universities to evaluate risks using menace index. After identifying the assets and threats in universities, we use a survey data of university risks to find out the probability of the occurrence of each threat. Markov chain is used to indicate the probability of future. The result of a predicted severity sequence of risks can be useful to universities which risks they should pay more attention to. Two methods are used in the Markov part: One is the traditional way to set the initial probability matrix; the other is a statistical probability to present each menace in the initial probability matrix. After comparison, we found that the second method is more precise for risk assessment.

KW - Markov Chain

KW - Menace Index

KW - Security Risk Assessment

UR - http://www.scopus.com/inward/record.url?scp=85061834639&partnerID=8YFLogxK

UR - https://www.scopus.com/record/pubmetrics.uri?eid=2-s2.0-85061834639&origin=recordpage

U2 - 10.1109/IEEM.2018.8607422

DO - 10.1109/IEEM.2018.8607422

M3 - RGC 32 - Refereed conference paper (with host publication)

T3 - IEEE International Conference on Industrial Engineering and Engineering Management

SP - 808

EP - 813

BT - 2018 IEEE International Conference on Industrial Engineering and Engineering Management, IEEM 2018

PB - IEEE

T2 - 2018 IEEE International Conference on Industrial Engineering and Engineering Management, IEEM 2018

Y2 - 16 December 2018 through 19 December 2018

ER -

Assessing Information Security Risk Using Markov Chain

Abstract

Publication series

Conference

Research Keywords

Access Output

Other Access Options

Permanent Link

Other Files and Links

Fingerprint

Cite this