Cyber Security Metrics Evaluation Using Multi-criteria Decision-Making Approach

Cyberspace is the trust-worthy environment in which message transmission over computer networks occurs. Cyber security aims to protect the information and other resources from malicious users, external or internal within the organization. Metrics is a general name that used to the set of measures that describe a suitable applications. The aim of security metrics is to make certain business and minimize business damage by preventing or lowering the impact of cyber incidents. A metric can be developed to measure cyber security trust-worthiness of a company. The measurement of security metrics can be viewed as multiple-criteria decision-making problem (MCDM). In the present paper we are comparing two MCDM approaches: AHP and Electre III to evaluate cyber security metrics.

[1]  S. Samantaray,et al.  Cyber Feminism: Unleashing Women Power through Technology , 2017 .

[2]  G. A. Preethi,et al.  Seamless Handoff using Electre III and Promethee Methods , 2015 .

[3]  K. Solecka,et al.  Selection of multi-criteria decision making support systems for evaluation of variants of an integrated urban public transport system , 2014 .

[4]  Evangelos Triantaphyllou,et al.  USING THE ANALYTIC HIERARCHY PROCESS FOR DECISION MAKING IN ENGINEERING APPLICATIONS: SOME CHALLENGES , 1995 .

[5]  Rabira Geleta Ibsa Cyber Safety Certainty Performance in Business : Degree Assessment with Analytic Hierarchy Process , 2018 .

[6]  Rayford B. Vaughn,et al.  Information assurance measures and metrics - state of practice and proposed taxonomy , 2003, 36th Annual Hawaii International Conference on System Sciences, 2003. Proceedings of the.

[7]  G. Suganya,et al.  Multi-Criteria Decision Making Using ELECTRE , 2016 .

[8]  Marcus Pendleton,et al.  A Survey on Systems Security Metrics , 2016, ACM Comput. Surv..

[9]  B. Roy THE OUTRANKING APPROACH AND THE FOUNDATIONS OF ELECTRE METHODS , 1991 .

[10]  Barbara Galinska,et al.  Multiple Criteria Evaluation Of Suppliers In Company Operating In Clothing Industry , 2017 .

[11]  Min Xia,et al.  Temporal metrics for software vulnerabilities , 2008, CSIIRW '08.

[12]  Marianne Swanson,et al.  Security metrics guide for information technology systems , 2003 .

[13]  Martin Rogers,et al.  Electre and decision support , 1999 .

[14]  Reijo Savola,et al.  A Novel Security Metrics Taxonomy for R&D Organisations , 2008, ISSA.

[15]  Ioannis Lambadaris,et al.  Current Trends and Advances in Information Assurance Metrics , 2004, Conference on Privacy, Security and Trust.

[16]  Marcus Pendleton,et al.  A Survey on Security Metrics , 2016, ArXiv.

[17]  Sachin S. Kamble,et al.  To identify the critical success factors for cloud computing adoption by MCDM technique , 2017, Int. J. Bus. Inf. Syst..

[18]  Hassan Khosravi,et al.  Application of AHP and ELECTRE models for assessment of dedesertification alternatives , 2014 .

[19]  Ciprian Cristea,et al.  A multi-criteria decision making approach for supplier selection in the flexible packaging industry , 2017 .