Universiti Teknologi Malaysia Institutional Repository

Fuzzy based threat analysis in total hospital information system

Mohamad Zain, Nurzaini (2009) Fuzzy based threat analysis in total hospital information system. Masters thesis, Universiti Teknologi Malaysia, Faculty of Computer Science and Information Systems.



Several studies have proposed the concept of "fuzzy logic technique" to assess risk in information security field. These studies revealed that in risk analysis process, evaluators face difficulties in collecting accurate data and adequate knowledge to estimate the probability of threats and its consequences. The estimated value contributes to data fuzziness. As a result, with the estimated value, they must make threat assessment judgment under conditions of uncertainty. Moreover, based on the literature review, there is lacks of fuzzy based threat analysis model in Healthcare Information Systems (HIS). Hence, this project attempts to develop fuzzy based threat analysis model in which; linguistic variable, fuzzy number and fuzzy weighted average are applied to deal with the uncertainty problem in doing evaluation of potential threats in Total Hospital Information Systems (THIS) environment. In fuzzification process, Triangular Average Number technique using two sets of membership functions was applied to evaluate "likelihood" and "consequence" of THIS threat variables upon a particular THIS asset. Then, each security threat level was aggregated using Efficient Fuzzy Weighted Average (EFWA) algorithm. Finally, Best Fit Technique is used in defuzzification process to translate a single fuzzy value to linguistic terms that indicates the overall security threat level impact on THIS asset. To confirm the effectiveness of this adopted model, prototype is developed and verified using scenario method. Finding shown that this model, is capable to perform threat analysis with incomplete information and uncertain in THIS environment.

Item Type:Thesis (Masters)
Additional Information:Thesis (Sarjana Sains (Sains Komputer - Keselamatan Maklumat)) - Universiti Teknologi Malaysia, 2009; Supervisor : Dr. Rabiah Ahmad
Uncontrolled Keywords:fuzzy logic technique, information security, hospital information system
Subjects:Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Divisions:Computer Science and Information System (Formerly known)
ID Code:11389
Deposited By: Zalinda Shuratman
Deposited On:15 Dec 2010 04:46
Last Modified:20 Sep 2017 11:28

Repository Staff Only: item control page