Data-driven Security Assessments for Predicting Information Security Maturity Levels
This study investigates the use of machine learning to improve Information Security Risk Assessment (ISRA), with a particular emphasis on the KAMI framework, which is adapted from ISO 27001. It compares the performance of conventional machine learning algorithms, such as Logistic Regression, Random...
Uložené v:
| Vydané v: | Journal of internet services and information security Ročník 15; číslo 2; s. 906 - 925 |
|---|---|
| Hlavní autori: | , , , , |
| Médium: | Journal Article |
| Jazyk: | English |
| Vydavateľské údaje: |
30.05.2025
|
| ISSN: | 2182-2069, 2182-2077 |
| On-line prístup: | Získať plný text |
| Tagy: |
Pridať tag
Žiadne tagy, Buďte prvý, kto otaguje tento záznam!
|
| Abstract | This study investigates the use of machine learning to improve Information Security Risk Assessment (ISRA), with a particular emphasis on the KAMI framework, which is adapted from ISO 27001. It compares the performance of conventional machine learning algorithms, such as Logistic Regression, Random Forest, Decision Tree, and Support Vector Machine, with advanced boosting methods, including CatBoost, Gradient Boosting, LightGBM, and XGBoost. Findings reveal that boosting models outperform traditional classifiers, with CatBoost achieving the highest accuracy (98.45%) and balanced evaluation metrics, demonstrating strong capabilities in managing complex and imbalanced datasets. The integration of machine learning into the KAMI framework effectively addresses key cybersecurity challenges, including the analysis of unstructured data and the expansion of assessment coverage. This research highlights the practical benefits for organizations and technology providers by showing how ML-powered tools can streamline risk assessments, enhance strategic decision-making, and strengthen cybersecurity resilience. By aligning with global standards and utilizing AI, the study contributes to the advancement of efficient and scalable ISRA methodologies, paving the way for future innovation at the intersection of machine learning and cybersecurity |
|---|---|
| AbstractList | This study investigates the use of machine learning to improve Information Security Risk Assessment (ISRA), with a particular emphasis on the KAMI framework, which is adapted from ISO 27001. It compares the performance of conventional machine learning algorithms, such as Logistic Regression, Random Forest, Decision Tree, and Support Vector Machine, with advanced boosting methods, including CatBoost, Gradient Boosting, LightGBM, and XGBoost. Findings reveal that boosting models outperform traditional classifiers, with CatBoost achieving the highest accuracy (98.45%) and balanced evaluation metrics, demonstrating strong capabilities in managing complex and imbalanced datasets. The integration of machine learning into the KAMI framework effectively addresses key cybersecurity challenges, including the analysis of unstructured data and the expansion of assessment coverage. This research highlights the practical benefits for organizations and technology providers by showing how ML-powered tools can streamline risk assessments, enhance strategic decision-making, and strengthen cybersecurity resilience. By aligning with global standards and utilizing AI, the study contributes to the advancement of efficient and scalable ISRA methodologies, paving the way for future innovation at the intersection of machine learning and cybersecurity |
| Author | Hanafi, Hanafi Ari Yuana, Kumara Muhammad, Alva Hendi Ghozali, Bahrun Haris, Ruby |
| Author_xml | – sequence: 1 givenname: Alva Hendi surname: Muhammad fullname: Muhammad, Alva Hendi – sequence: 2 givenname: Hanafi surname: Hanafi fullname: Hanafi, Hanafi – sequence: 3 givenname: Kumara surname: Ari Yuana fullname: Ari Yuana, Kumara – sequence: 4 givenname: Bahrun surname: Ghozali fullname: Ghozali, Bahrun – sequence: 5 givenname: Ruby surname: Haris fullname: Haris, Ruby |
| BookMark | eNpNkN9KwzAYxYNMcM69gFd9gdbkS5O2l2P-WaSi0Hkd0vSLBLZWkjrY21s3EW_OORwO5-J3TWb90CMht4xmouS5vHtWjWoyoCAyBRmV9ILMgZWQAi2K2V-W1RVZxuhbKmjBeZFXc7K9N6NJu-AP2CcN2q_gx2OyihFj3GM_xsQNIXkL2Hk7-v4jUf1U7M3oh3_7FzOeQ40H3MUbcunMLuLy1xfk_fFhu96k9euTWq_q1DJR0Uk57RyXBou2BWCOVY7nHErbiVJyiZ2k3LG8gtyZ1hibC0G5raAtkbFpsSBw_rVhiDGg05_B7004akb1CY0-odE_aLQCPaHh34H4WkY |
| ContentType | Journal Article |
| DBID | AAYXX CITATION |
| DOI | 10.58346/JISIS.2025.I2.060 |
| DatabaseName | CrossRef |
| DatabaseTitle | CrossRef |
| DatabaseTitleList | CrossRef |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Engineering |
| EISSN | 2182-2077 |
| EndPage | 925 |
| ExternalDocumentID | 10_58346_JISIS_2025_I2_060 |
| GroupedDBID | 5VS AAYXX ADBBV ALMA_UNASSIGNED_HOLDINGS BCNDV CITATION GROUPED_DOAJ KQ8 OK1 |
| ID | FETCH-LOGICAL-c1590-c130df36ae7bb221f19f34328cd58636ed603f14924fabaac45503c92b8e11863 |
| ISSN | 2182-2069 |
| IngestDate | Sat Nov 29 07:41:20 EST 2025 |
| IsDoiOpenAccess | false |
| IsOpenAccess | true |
| IsPeerReviewed | false |
| IsScholarly | true |
| Issue | 2 |
| Language | English |
| LinkModel | OpenURL |
| MergedId | FETCHMERGED-LOGICAL-c1590-c130df36ae7bb221f19f34328cd58636ed603f14924fabaac45503c92b8e11863 |
| OpenAccessLink | https://doi.org/10.58346/jisis.2025.i2.060 |
| PageCount | 20 |
| ParticipantIDs | crossref_primary_10_58346_JISIS_2025_I2_060 |
| PublicationCentury | 2000 |
| PublicationDate | 2025-05-30 |
| PublicationDateYYYYMMDD | 2025-05-30 |
| PublicationDate_xml | – month: 05 year: 2025 text: 2025-05-30 day: 30 |
| PublicationDecade | 2020 |
| PublicationTitle | Journal of internet services and information security |
| PublicationYear | 2025 |
| SSID | ssib050733749 ssj0001072582 |
| Score | 2.2932274 |
| Snippet | This study investigates the use of machine learning to improve Information Security Risk Assessment (ISRA), with a particular emphasis on the KAMI framework,... |
| SourceID | crossref |
| SourceType | Index Database |
| StartPage | 906 |
| Title | Data-driven Security Assessments for Predicting Information Security Maturity Levels |
| Volume | 15 |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| journalDatabaseRights | – providerCode: PRVHPJ databaseName: ROAD: Directory of Open Access Scholarly Resources customDbUrl: eissn: 2182-2077 dateEnd: 99991231 omitProxy: false ssIdentifier: ssib050733749 issn: 2182-2069 databaseCode: M~E dateStart: 20110101 isFulltext: true titleUrlDefault: https://road.issn.org providerName: ISSN International Centre |
| link | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwtV1Lb9QwELaWwoEeEE9BeSgHbqssjr2O7eMCBRbRCqmLVE6Rk9jaldq02pcqDvy7_q-OH0lMUSV64GJZljVK9vsyHnv9zSD0VnCqs0yJlNYlhg2KxqlgXKcVLFXjzGoXlXDFJvjhoTg-lt8Hg8tWC7M94U0jLi7k-X-FGsYAbCudvQXcnVEYgD6ADi3ADu0_Af9RrVVaL60XC6fpEGdPugScLv-CvXlRWzGIuy7QCRj7-Qc236ftfLOXilY3hLALd5yo18NV8Dghl1NvcBUM9rjO1empp9XkZGtlUE296N1go4wvo-16PRsXw58bFeRr9lJ4t5h8np_9Ul7i_V7Nl5smPsYgzP0Dj3tvZzPJA46-bstIx2OhzkvrrllESxL5XonzaBmXXk99fYVggrrcyF-nR9OjkX2Q0ZSMsK9p8Gc67mvLZHd5EbZNzkrhbBTWRjElBdi4g-4SzqR1rge_91u3xmxdTB52ue7oD3PCXBmz7qW9nMuZfffXo0UhUxT7zB6iBwHxZOLJ9ggNdPMY7UapLJ-gWUS7pKVREtEuAVIkPe2SiHb9_JZ2iafdU_Tj0_7sw5c0VOyAb5tJDC3FtaG50rwsCclMJo1VLouqZiKnua5zTA1sysnYqFKpymrqaSVJKcBjwIxnaKc5a_RzlGhsIPrHRkmb1I9zaXIFsb3iGTWG0vELNGx_lOLcJ2YpbkZm71azX6L7PUVfoZ31cqNfo3vVdr1YLd84cK8A05-Fxw |
| linkProvider | ISSN International Centre |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=Data-driven+Security+Assessments+for+Predicting+Information+Security+Maturity+Levels&rft.jtitle=Journal+of+internet+services+and+information+security&rft.au=Muhammad%2C+Alva+Hendi&rft.au=Hanafi%2C+Hanafi&rft.au=Ari+Yuana%2C+Kumara&rft.au=Ghozali%2C+Bahrun&rft.date=2025-05-30&rft.issn=2182-2069&rft.eissn=2182-2077&rft.volume=15&rft.issue=2&rft.spage=906&rft.epage=925&rft_id=info:doi/10.58346%2FJISIS.2025.I2.060&rft.externalDBID=n%2Fa&rft.externalDocID=10_58346_JISIS_2025_I2_060 |
| thumbnail_l | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=2182-2069&client=summon |
| thumbnail_m | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=2182-2069&client=summon |
| thumbnail_s | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=2182-2069&client=summon |