Incident prioritisation using analytic hierarchy process (AHP): Risk Index Model (RIM)

Nor Badrul Anuar*, Maria Papadaki, Steven Furnell, Nathan Clarke

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

Abstract

The landscape of security threats continues to evolve, with attacks becoming more serious and the number of vulnerabilities rising. For these threats to be managed, many security studies have been undertaken in recent years, mainly focusing on improving detection, prevention and response efficiency. This paper proposes an incident prioritisation model, the Risk Index Model (RIM), which is based on risk assessment and the analytic hierarchy process. For incidents to be prioritised, the model uses indicators, such as criticality, as decision factors to calculate incidents' risk index. The model also adopts different strategies to enhance the prioritisation process. To evaluate the model, two stages of evaluation study were conducted. The first stage aims to validate the model by comparing its results with the Common Vulnerability Scoring System and Snort. The second stage aims to enhance RIM by analysing the effect of using different strategies in the model. The experimental results in the first stage have shown that 100% of incidents could be rated with RIM, compared with only 17.23% with the Common Vulnerability Scoring System. The experiments in the second stage have shown significant changes in the resultant risk index as well as some of the top-priority incidents.
Original languageEnglish
Pages (from-to)1087-1116
Number of pages0
JournalSecurity and Communication Networks
Volume6
Issue number9
DOIs
Publication statusPublished - 1 Sept 2013

Fingerprint

Dive into the research topics of 'Incident prioritisation using analytic hierarchy process (AHP): Risk Index Model (RIM)'. Together they form a unique fingerprint.

Cite this