Affiliations Reseaech Scholar, Department of Computer Science and Engineering, Siddhartha Institute of Engineering and Technology, Hyderabad, Telangana, India.
In this paper a risk management framework, called NetRAM (Network Risk Analysis Method) has been developed. A key characteristic of NetRAM is that it is heterogeneous, meaning that it integrates different components like software tools, architectural design methodologies and theoretical models.
Naveen Kumar R ,G. Ravindra Babu."Network Risk Analysis Model for Risk Management". International Journal of Computer Engineering In Research Trends (IJCERT) ,ISSN:2349-7084 ,Vol.2, Issue 04,pp.289-295, April - 2015,
. S. Snedaker, “IT Security Project Management Handbook”. Syngress, 2006.
. J. Davis, “Information Security Management Handbook”, ch. Measuring ROI on Security, pp. 1056–1060. CRC Press LLC, 5th ed., 2004.
. R. Richardson, “2007 csi computer crime and security survey,” tech. rep., Computer Security Institute, 2007.
. N. Damianou, N. Dulay, E. Lupu, and M. Sloman, “The ponder policy specification language,” in Proceedings of Policy 2001: Workshop on Policies for Distributed Systems and Networks, pp. 18–39, 2001.
. N. Dulay, E. Lupu, M. Sloman, and N. Damianou, “A policy deployment model for the ponder language,” in Proceedings of IEEE/IFIP International Symposium on Integrated Network Management, (Seattle, USA), 2001.
. J. Dai and J. Alves-Foss, “Logic based authorization policy engineering,” in Proc. 6th World Multi conference on Systemics, Cybernetics, and Informatics, pp. 230– 238, July 2002.
. S. Jajodia, P. Samarati, and V. S. Subrahmanian, “A logical language for express-ing authorizations,” in Proceedings of IEEE Symposium on Security and Privacy, (Oakland, CA, USA), 1997.
. M. Hamdi, “Mathematical Aspects of Network Security Risk Analysis”. PhD thesis, SUP’COM, July 2005.
. N. Satoh and N. Komoda, “A labor time estimation model for the information security audit by quantitative analysis i and regression analysis,” in Proceedings of the 4th WSEAS International Conference on E-ACTIVITIES, (Miami, Florida, USA), pp. 136–141, November 17-19 2005.
. T. Akin, “Information Security Management Handbook”, ch. Managing the Re-sponse to a Computer Security Incident, pp. 2977–2986. CRC Press LLC, 5th ed., 2004.
. C. C. Center, “Csirt faq.” http://www.cert.org/csirts/csirt faq.html, April 2008. Last visited: April 2008.
. M. J. West-Brown, D. Stikvoort, K.-P. Kossakowski, G. Killcrece, R. Ruefle, and M. Zajicek, “Handbook for computer security incident response teams (csirts),” Handbook CMU/SEI-2003-HB-002, CMU/SEI, April 2003. 2nd Edition.
. C. Hare, Information Security Management Handbook, ch. CIRT: Responding to Attack. CRC Press LLC, 2004.
. K. M. Shaurette and T. J. Schleppenbach, Information Security Management Handbook, ch. Incident Response Exercises. CRC Press LLC, 2004.
. R. Campbell, “A modular approach to computer security risk management,” in
. Proceedings of the AFIPS Conference, 1979.
. R. Summers, Secure Computing. McGraw Hill, 1997.
. “Risk management,” in AS/NZS 4360:1999, Standards Australia and Standards New Zealand, 1999.
. “Iso/iec 1799:2000 (part 1), information technology-code of practice for information security management,” 2000.
. “Bs 7799-2:2002 (part 2), information security management systems,” 2002.
. G. Stonebumer, A. Grogen, and A. Fering, Risk Management Guide for Information Technology Systems. National Institute fro Standards and Technology. special publication 800-30.
. Government of Canada, Communications Security Establishment, A Guide to Risk Management and Safeguard Selection for IT Systems, January 1996.
Authors are not required to pay any article-processing charges (APC) for their article to be published open access in Journal IJCERT. No charge is involved in any stage of the publication process, from administrating peer review to copy editing and hosting the final article on dedicated servers. This is free for all authors.
News & Events
Latest issue :Volume 10 Issue 1 Articles In press
☞ INVITING SUBMISSIONS FOR THE NEXT ISSUE :
☞ LAST DATE OF SUBMISSION : 31st March 2023
☞ SUBMISSION TO FIRST DECISION : In 7 Days
☞ FINAL DECISION : IN 3 WEEKS FROM THE DAY OF SUBMISSION
All the authors, conference coordinators, conveners, and guest editors kindly check their articles' originality before submitting them to IJCERT. If any material is found to be duplicate submission or sent to other journals when the content is in the process with IJCERT, fabricated data, cut and paste (plagiarized), at any stage of processing of material, IJCERT is bound to take the following actions.
1. Rejection of the article.
2. The author will be blocked for future communication with IJCERT if duplicate articles are submitted.
3. A letter regarding this will be posted to the Principal/Director of the Institution where the study was conducted.
4. A List of blacklisted authors will be shared among the Chief Editors of other prestigious Journals
We have been screening articles for plagiarism with a world-renowned tool: Turnitin However, it is only rejected if found plagiarized. This more stern action is being taken because of the illegal behavior of a handful of authors who have been involved in ethical misconduct. The Screening and making a decision on such articles costs colossal time and resources for the journal. It directly delays the process of genuine materials.