Development of a Flexible Information Security Risk Model Using Machine Learning Methods and Ontologies

Barlybayev A. Sharipbay A. Shakhmetova G. Zhumadillayeva A.
November 2024 Multidisciplinary Digital Publishing Institute (MDPI)

Applied Sciences (Switzerland)
2024 #14 Issue 21

This paper presents a significant advancement in information security risk assessment by introducing a flexible and comprehensive model. The research integrates established standards, expert knowledge, machine learning, and ontological modeling to create a multifaceted approach for understanding and managing information security risks. The combination of standards and expert insights forms a robust foundation, ensuring a holistic grasp of the intricate risk landscape. The use of cluster analysis, specifically applying k-means on information security standards, expands the data-driven approach, uncovering patterns not discernible through traditional methods. The integration of machine learning algorithms in the creation of information security risk dendrogram demonstrates effective computational techniques for enhanced risk discovery. The introduction of a heat map as a visualization tool adds innovation, facilitating an intuitive understanding of risk interconnections and prioritization for decision makers. Additionally, a thesaurus optimizes risk descriptions, ensuring comprehensiveness and relevance despite evolving terminologies in the dynamic field of information security. The development of an ontological model for structured risk classification is a significant stride forward, offering an effective means of categorizing information security risks based on ontological relationships. These collective innovations enhance understanding and management of information security risks, paving the way for more effective approaches in the ever-evolving technological landscape.

assessment model , dendrogram , heat map , information security risk , information security standards , k-means , ontological model , thesaurus

Text of the article Перейти на текст статьи

Higher School of Information Technology and Engineering, Astana International University, Astana, Z05H0T3, Kazakhstan
Research Institute of Artificial Intelligence, L.N. Gumilyov Eurasian National University, Astana, Z00T8E0, Kazakhstan

Higher School of Information Technology and Engineering
Research Institute of Artificial Intelligence

10 лет помогаем публиковать статьи Международный издатель

Книга Публикация научной статьи Волощук 2026 Book Publication of a scientific article 2026