ISSN 2587-814X (print),
ISSN 2587-8158 (online)

Russian version: ISSN 1998-0663 (print),
ISSN 2587-8166 (online)

Sergey Glushenko1
  • 1 Rostov State University of Economics, 69, Bolshaya Sadovaya Street, Rostov-on-Don 344002, Russia

An adaptive neuro-fuzzy inferencesystem for assessment of risks to an organization’s information security[1]


2017. No. 1 (39). P. 68–77 [issue contents]

Sergey A. Glushenko - Senior Lecturer, Department of Information Systems and Applied Computer Science, Rostov State University of Economics
Address: 69, Bolshaya Sadovaya Street, Rostov-on-Don, 344002, Russian Federation
E-mail: gs-gears@yandex.ru

      This article explains the importance of applying risk assessment in the implementation of information security systems. It is considered the most common risk assessment procedure and entails application of fuzzy logic theory for this purpose. The paper describes the proposed fuzzy production model (FPM), which defines seven input linguistic variables describing risk factors, four output linguistic variables that characterize different areas of information security risks, as well as four base rules.
      It is noted that the FPM is the first approach to the subject area and requires optimization to minimize the model’s output errors. The most common methods of optimization of fuzzy models parameters are examined, and the advantages of applying methods based on neuro-fuzzy networks (NFN) are justified.
      The article describes the process of converting fuzzy model elements, such as unit fuzzification, rule base unit and unit defuzzification, into fragments of the neural network. The result of this process is a neuro-fuzzy network corresponding to the fuzzy model.
      Formation of the developed NFN is based on an adaptive neuro-fuzzy inference system (ANFIS), using the specialized Neuro-Fuzzy Designer package of MATLAB software. The model was trained by a hybrid method which represents a combination of the methods of least squares and backpropagation. The result of this process is optimization (setting) the parameters of membership functions of input linguistic variables.
      Application of neuro-fuzzy modeling made it possible to obtain a more appropriate fuzzy production model which is able to conduct linguistic analysis of the risks of an organization’s information security. The information obtained with its help allows IT managers to determine risk priorities and to develop effective action plans to reduce the impact of the most dangerous threats.

[1] This research has been carried out with financial support of RFBR within the framework of scientific project No. 16-31-00285 “Fuzzy logic methods and models in risk management decision support systems”


Glushenko S.A. (2017) An adaptive neuro-fuzzy inference system for assessment of risks to an organization’s information security. Business Informatics, no. 1 (39), pp. 68–77.  DOI: 10.17323/1998-0663.2017.1.68.77

Rambler's Top100 rss