Cybersecurity risk analysis model using fault tree analysis and fuzzy decision theory

作者：

Highlights：

• A model to evaluate cybersecurity risk of particular applications is proposed.

• Fault Tree Analysis, Decision Theory and Fuzzy Theory comprise the model.

• An illustrative example was applied to a website, e-commerce and enterprise resource planning (ERP).

• Results demonstrate that e-commerce may be more vulnerable to cybersecurity attacks.

摘要

•A model to evaluate cybersecurity risk of particular applications is proposed.•Fault Tree Analysis, Decision Theory and Fuzzy Theory comprise the model.•An illustrative example was applied to a website, e-commerce and enterprise resource planning (ERP).•Results demonstrate that e-commerce may be more vulnerable to cybersecurity attacks.

论文关键词：Cybersecurity,Information security,Risk analysis model,Fuzzy decision theory,Fault tree analysis

论文评审过程：Received 24 January 2018, Revised 20 July 2018, Accepted 25 August 2018, Available online 31 August 2018, Version of Record 31 August 2018.

论文官网地址：https://doi.org/10.1016/j.ijinfomgt.2018.08.008