Towards Empirical Evaluation of Automated Risk Assessment Methods

Olga Gadyatskaya; Katsiaryna Labunets; Frederica Paci

Towards Empirical Evaluation of Automated Risk Assessment Methods

Olga Gadyatskaya, Katsiaryna Labunets, Frederica Paci

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

Abstract

Security risk assessment methods are numerous, and it might be confusing for organizations to select one. Researchers have conducted empirical studies with established methods in order to find factors that influence their effectiveness and ease of use. In this paper we evaluate the recent TREsPASS semi-automated risk assessment method with respect to the factors identified as critical in several controlled experiments. We also argue that automation of risk assessment raises new research questions that need to be thoroughly investigated in future empirical studies.

Original language	English
Title of host publication	11th International Conference on Risks and Security of Internet and Systems, CRiSIS 2016
Place of Publication	Berlin
Publisher	Springer
Pages	-
Number of pages	1
Publication status	Published - 2016
Event	11th International Conference on Risks and Security of Internet and Systems, CRiSIS 2016 - Roscoff, France Duration: 5 Sep 2016 → 7 Sep 2016 Conference number: 11 https://conferences.telecom-bretagne.eu/crisis/2016/

Publication series

Name
Publisher	Springer

Conference

Conference	11th International Conference on Risks and Security of Internet and Systems, CRiSIS 2016
Abbreviated title	CRISIS 2016
Country/Territory	France
City	Roscoff
Period	5/09/16 → 7/09/16
Other	5-7 September 2016
Internet address	https://conferences.telecom-bretagne.eu/crisis/2016/

Keywords

EC Grant Agreement nr.: FP7/318003
EC Grant Agreement nr.: FP7/2007-2013

Access to Document

http://eprints.eemcs.utwente.nl/secure2/27278/01/20160804-GadyatskayaLabunetsPaci-TowardsEmpiricalEvaluationofAutomatedRiskAssessmentMethods.pdf

Cite this

Gadyatskaya, O., Labunets, K., & Paci, F. (2016). Towards Empirical Evaluation of Automated Risk Assessment Methods. In 11th International Conference on Risks and Security of Internet and Systems, CRiSIS 2016 (pp. -). Springer. http://eprints.eemcs.utwente.nl/secure2/27278/01/20160804-GadyatskayaLabunetsPaci-TowardsEmpiricalEvaluationofAutomatedRiskAssessmentMethods.pdf

@inproceedings{4ef1ace44bfe430685922d48ecc9ce14,

title = "Towards Empirical Evaluation of Automated Risk Assessment Methods",

abstract = "Security risk assessment methods are numerous, and it might be confusing for organizations to select one. Researchers have conducted empirical studies with established methods in order to find factors that influence their effectiveness and ease of use. In this paper we evaluate the recent TREsPASS semi-automated risk assessment method with respect to the factors identified as critical in several controlled experiments. We also argue that automation of risk assessment raises new research questions that need to be thoroughly investigated in future empirical studies.",

keywords = "EC Grant Agreement nr.: FP7/318003, EC Grant Agreement nr.: FP7/2007-2013",

author = "Olga Gadyatskaya and Katsiaryna Labunets and Frederica Paci",

year = "2016",

language = "English",

publisher = "Springer",

pages = "--",

booktitle = "11th International Conference on Risks and Security of Internet and Systems, CRiSIS 2016",

note = "11th International Conference on Risks and Security of Internet and Systems, CRiSIS 2016, CRISIS 2016 ; Conference date: 05-09-2016 Through 07-09-2016",

url = "https://conferences.telecom-bretagne.eu/crisis/2016/",

}

Gadyatskaya, O, Labunets, K & Paci, F 2016, Towards Empirical Evaluation of Automated Risk Assessment Methods. in 11th International Conference on Risks and Security of Internet and Systems, CRiSIS 2016. Springer, Berlin, pp. -, 11th International Conference on Risks and Security of Internet and Systems, CRiSIS 2016, Roscoff, France, 5/09/16. <http://eprints.eemcs.utwente.nl/secure2/27278/01/20160804-GadyatskayaLabunetsPaci-TowardsEmpiricalEvaluationofAutomatedRiskAssessmentMethods.pdf>

TY - GEN

T1 - Towards Empirical Evaluation of Automated Risk Assessment Methods

AU - Gadyatskaya, Olga

AU - Labunets, Katsiaryna

AU - Paci, Frederica

N1 - Conference code: 11

PY - 2016

Y1 - 2016

N2 - Security risk assessment methods are numerous, and it might be confusing for organizations to select one. Researchers have conducted empirical studies with established methods in order to find factors that influence their effectiveness and ease of use. In this paper we evaluate the recent TREsPASS semi-automated risk assessment method with respect to the factors identified as critical in several controlled experiments. We also argue that automation of risk assessment raises new research questions that need to be thoroughly investigated in future empirical studies.

AB - Security risk assessment methods are numerous, and it might be confusing for organizations to select one. Researchers have conducted empirical studies with established methods in order to find factors that influence their effectiveness and ease of use. In this paper we evaluate the recent TREsPASS semi-automated risk assessment method with respect to the factors identified as critical in several controlled experiments. We also argue that automation of risk assessment raises new research questions that need to be thoroughly investigated in future empirical studies.

KW - EC Grant Agreement nr.: FP7/318003

KW - EC Grant Agreement nr.: FP7/2007-2013

M3 - Conference contribution

SP - -

BT - 11th International Conference on Risks and Security of Internet and Systems, CRiSIS 2016

PB - Springer

CY - Berlin

T2 - 11th International Conference on Risks and Security of Internet and Systems, CRiSIS 2016

Y2 - 5 September 2016 through 7 September 2016

ER -

Towards Empirical Evaluation of Automated Risk Assessment Methods

Abstract

Publication series

Conference

Keywords

Access to Document

Fingerprint

Cite this