Knowledge base of the expert system for cyber security threat modeling

Authors: Milko D. S., Daneev A. V., Gorbylev A. L.

Annotation: The appraisal of cyber security threats is necessary to create of the cyber security threat model. The results of appraisal shall apply for choosing information security measures. In February 2021, the new methodical document issued by the Russian Federal Service for export control of engineering technologies has gone into effect, and is obligatory to follow by all organizations. The paper presents the approach to ensure the automation of irrelevant cyber security threats ejection. The automation is done by developing the expert system. The knowledge base of expert system is created, and the methodology for its creating is described in the paper. The key terms for the expert system are worded. The flow chart of expert system is shown. The experimental results of knowledge base launching in manual mode are given. A part of the paper is devoted to a justification for choosing the expert system as an automatization method. The expert systems are compared to a «smarter» artificial intelligence method (artificial neural networks). As a result, the conclusions about efficiency of produced knowledge base are provided and the necessity of creating a more user-friendly interface and rule engine is made evident.

Keywords: cyber security threats, cyber security threats model, expert system, knowledge base, threat database