Modern society is trending really fast towards a digital future, in which data are produced, collected and exchanged digitally. Organizations are the primary players who gather and process data, carrying with them all the issues related with data protection. To solve these issues, cyber risk assessment methodologies are essential for determining the current level of data protection as well as the eventual requirement for a cyber security update. In the healthcare field, hospital and healthcare infrastructures in general have become a target of cyber attacks, due to the sensitivity of the data that are stored and processed, making it necessary to implement cyber security procedures. The goal of this work is to create a machine learning model that can perform cyber risk assessment in the most objective and simple way possible, considering as inputs maturity, complexity, and attractiveness of an organization and 2 classes of risks as output. The development of such a model has been carried out through MATLAB environment, exploiting the “classification learner” functionality. A database containing 420 companies has been used to train and test the machine learning model. As a result, exploiting different algorithms, several machine learning models have been obtained, the best of which is characterized by an accuracy of the 78.6%. These results show the possibility to perform cyber risk assessment with a machine learning approach, pointing out possible improvements exploiting a database containing more entries.
Modern society is trending really fast towards a digital future, in which data are produced, collected and exchanged digitally. Organizations are the primary players who gather and process data, carrying with them all the issues related with data protection. To solve these issues, cyber risk assessment methodologies are essential for determining the current level of data protection as well as the eventual requirement for a cyber security update. In the healthcare field, hospital and healthcare infrastructures in general have become a target of cyber attacks, due to the sensitivity of the data that are stored and processed, making it necessary to implement cyber security procedures. The goal of this work is to create a machine learning model that can perform cyber risk assessment in the most objective and simple way possible, considering as inputs maturity, complexity, and attractiveness of an organization and 2 classes of risks as output. The development of such a model has been carried out through MATLAB environment, exploiting the “classification learner” functionality. A database containing 420 companies has been used to train and test the machine learning model. As a result, exploiting different algorithms, several machine learning models have been obtained, the best of which is characterized by an accuracy of the 78.6%. These results show the possibility to perform cyber risk assessment with a machine learning approach, pointing out possible improvements exploiting a database containing more entries.
Cyber risk assessment of complex infrastructures through machine learning-based techniques
COMPAGNONI, SIMONE
2021/2022
Abstract
Modern society is trending really fast towards a digital future, in which data are produced, collected and exchanged digitally. Organizations are the primary players who gather and process data, carrying with them all the issues related with data protection. To solve these issues, cyber risk assessment methodologies are essential for determining the current level of data protection as well as the eventual requirement for a cyber security update. In the healthcare field, hospital and healthcare infrastructures in general have become a target of cyber attacks, due to the sensitivity of the data that are stored and processed, making it necessary to implement cyber security procedures. The goal of this work is to create a machine learning model that can perform cyber risk assessment in the most objective and simple way possible, considering as inputs maturity, complexity, and attractiveness of an organization and 2 classes of risks as output. The development of such a model has been carried out through MATLAB environment, exploiting the “classification learner” functionality. A database containing 420 companies has been used to train and test the machine learning model. As a result, exploiting different algorithms, several machine learning models have been obtained, the best of which is characterized by an accuracy of the 78.6%. These results show the possibility to perform cyber risk assessment with a machine learning approach, pointing out possible improvements exploiting a database containing more entries.| File | Dimensione | Formato | |
|---|---|---|---|
|
Tesi.pdf
accesso aperto
Dimensione
1.43 MB
Formato
Adobe PDF
|
1.43 MB | Adobe PDF | Visualizza/Apri |
I documenti in UNITESI sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
https://hdl.handle.net/20.500.12075/12165