Evaluation method for information security capability of mobile phone user based on behavior ontology under unconscious condition |
| |
Authors: | Cheng-cheng MAI Bo CHEN Jia-kun ZHOU Ling YU |
| |
Affiliation: | 1. School of Computer Science and Technology,Nanjing Normal University,Nanjing 210023,China;2. Jiangsu Provincial Key Laboratory for Numerical of Large Scale Complex System,Nanjing 210023,China |
| |
Abstract: | A security capacity assessment method based on security behavior ontology,was proposed to collect users' be-havior data from their smartphones under unconscious condition to solve the problem of detecting mobile phone users' real existing insecure behaviors.A security behavior ontology was set up for formalizing the phone,message,network and App behavior data of mobile phone users and relevant rules were also set down for determining and associating inse-cure actions.Referring to the notion of attack graph,an insecure behavior detection algorithm was proposed based on behavior association graph for analyzing the paths of insecure behaviors dynamically.Furthermore,a competency model of information security capability assessment was presented for realizing the quantitative evaluation of information secu-rity capability of users.The experiment results prove the effectiveness of present competency model for insecure behavior path detection and security ability assessment. |
| |
Keywords: | security behavior ontology behavior analysis capability assessment mobile security |
|
| 点击此处可从《通信学报》浏览原始摘要信息 |
|
点击此处可从《通信学报》下载全文 |
|