میزان تأثیرات تهدیدهای سایبری بر یکدیگر در پروژه‌های فناوری اطلاعات با رویکرد نقشه شناختی فازی

نوع مقاله : مقاله پژوهشی

نویسندگان

1 استادیار، گروه مهندسی صنایع، دانشکده فنی و مهندسی شرق، دانشگاه گیلان

2 دانشجوی کارشناسی ارشد، گروه مهندسی صنایع، دانشکده فنی فومن، دانشگاه تهران، فومن، ایران

چکیده

عدم تطابق زمان و هزینه ازجمله مهم‌ترین دلایل شکست پروژه­های فناوری اطلاعات، محسوب می‌شوند؛ اما باید در نظر داشت که غفلت از مباحث امنیتی مخصوصاً در پروژه‌هایی با ماهیت کار با داده و اطلاعات کامپیوتری می‌تواند خساراتی جبران‌ناپذیر به سازمان پروژه وارد نماید. در این میان، شناخت عواملی که می‌توانند یک پروژه فناوری اطلاعات را در فضای سایبری مورد تهدید قرار دهند و شناخت میزان اثرگذاری و اثرپذیری هر یک از این عوامل بر یکدیگر از اهمیت بالایی برخوردار است. درواقع مدیر پروژه با آگاهی از میزان تأثیرگذاری معیارها، می‌تواند در تصمیم‌گیری جهت پیشگیری از وقوع این تهدیدات به‌صورت کارآمدتر عمل نماید. در این پژوهش، با استفاده از مرور ادبیات، تجزیه‌وتحلیل نظرات و استفاده از نظر متخصصین، عوامل اصلی که می‌توانند یک پروژه فناوری اطلاعات را در فضای سایبری مورد تهدید قرار دهند، شناسایی می­شود. در گام بعد تعدادی از این تهدیدات با استفاده از آزمون فریدمن حذف شده و 6 تهدید مهم‌تر از دید خبرگان باقی می‌ماند. سپس با استفاده از روش تحلیل سلسله مراتبی (AHP) وزن آن‌ها به‌دست‌آمده و درنهایت تأثیرات هر یک از این عوامل بر یکدیگر با استفاده از روش نقشه شناختی فازی (FCM) مشخص می­گردد. بر اساس نتایج به‌دست‌آمده، عدم استفاده از سامانه‌های رمزگذاری و احراز هویت مناسب، تأثیرگذارترین و جاسوسی سایبری تأثیرپذیرترین این عوامل می­باشند.

کلیدواژه‌ها


[1]     US. DOD “Net-Centric Environment Joint Functional Concept,” US Department of Defense, Washington, DC, 2005##.
[2]     J. Moffat “Complexity Theory and Network Centric Warfare,” Washington, DC, 2003##.
[3]     D. Cammons and J. B. Tisserand, “Network Centric Warfare Case Study, U.S. V Corps and Third Infantry Division during Operation Iraqi,” United States Army War College, 2006##.
[4]     PA Consulting Group, “A Network Centric Operations Case Study: US/UK Coalition Combat Operations during Operation Iraqi Freedom,” Jun. 2004##.
[5]     H. Tunnell, “Task Force Stryker Network-Centric Operations in Afghanistan,” National Defense University Center for Technology and National Security Policy, Washington, DC., 2011##.
[6]     U.S. Military, U.S. Government, “Task Force Stryker Network-Centric Operations in Afghanistan - Case Study of Real-World Application in War,” Network Components, Echeloning Command Posts, Tactical Decisionmaking, 2017.##
[7]     G. C. A. Byford, “Air Power Review: Network Enabled Capability, Air Power and Irregular Warfare: The Israeli Air ForceExperience in the Lebanonand Gaza, 2006-2009,” Director Defence Studies (RAF), 2010##.
[8]     McDermott, “Russia Tests Network-Centric Air Operations in Syria,” Eurasia Daily Monitor Volume: 12 Issue: 184, 2015##.
[9]     R. McDermott, “Russia’s Network-Centric Warfare Experiment in Syria,” Eurasia Daily Monitor, vol. 13, Issue 76, 2016##.
[10]  D. Alberts, S. John, J. Garstka, and P. S. Frederick, “Network Centric Warfare: Developing and leveraging information superiority,” Washington DC: CCRP, 1999.##
[11]  G. J. Flynn, “Marine Corps Planning Process,” US Marine Corps, 2016##.
[12]  Department of the Army, “Electronic Warfare Techniques,” Army Techniques Publication, 2014##.
[13]  M. Mollazade Golmahalleh, H. R. Lashkarian, M. Sheikh Mohammadi, and K. Mirzai, “Evaluation of Network Centric Operation Criteria Based on DEAMATEL Method,” Journal of Electronic Defense and Cyber Defense, 2018. (in Persian)##
[14]  D. E. Wilkins, “Planning and reacting in uncertain and dynamic environments,” Journal of Experimental and Theoretical AI, 1995.##
[15]  H. Munoz Avila, D. Aha, L. Breslow, and D. Nau, “HICAP: an interactive case-based planning architecture andits application to noncombatant evacuation operations,” In IAAI-99, 1999.##
[16]  U. Kuter, D. Nau, D. Gossink, and J. F. Lemmer, “Interactive course-of-action planning using causal models,” Third International Conference on Knowledge Systems for Coalition Operations, 2004.##
[17]  J. Caroli, D. Fayette, et al, “Tools for Effects Based Course of Action Development and Assessment,” Air Force Research Lab, 2004##.
[18]  J. B. G. B. Ken Barker1, “A Knowledge Acquisition Tool for Course of Action Analysis,” American Association for Artificial Intelligence, 2004.##
[19]  J. Hanna, J. Reaper, T. Cox, and M. Walter, “Course of Action Simulation Analysis,” International Command and Control Research and Technology, 2006##.
[20]  D. A. Gilmour, J. P. Hanna, W. E. McKeever Jr., and M. J. Walter, “Real-Time Course of Action Analysis,” Air Force Research Laboratory, Information Directorate, 2006.##
[21]  E. Hsu, “A group-oriented framework for coalitions Operations,” The Second International Conference on Knowledge Systems, France, 2002##.
[22]  J. M. Fletcher, “A system for building holonic coalitions for Coalition Operations,” The Second International Conference on Knowledge Systems, France, 2002.##
[23]  G. Edwards, B. Kettler, K. Olin, and B. Tsurutani, “Agents on the semantic object web: Information management for coalition operations,” The Second International Conference on Knowledge Systems, France, 2002.##
[24]  L. A. Maier, “Technical Supplement for Course of Action Simulator,” Technical Paper: Laboratory for Unconventional Conflict Analysis and Simulation, 2014##.
[25]  Saaty, “Decision making with dependence and feedback: Analytic network process,” RWS Publications, 1996##.
[26]  E. Fontela and A. Gabus, “DEMATEL Observer,” Batelle Research Institute, Geneva, Switzerland, 1976##.
[27]  Balani, E. Asghizadeh, A. Mohammadi, “Multi-criteria decision making techniques,” Tehran: Tehran University Press, 2017. (in Persian)##
[28]  S.-L. Si, H.-C. Liu, et al, “DEMATEL Technique: A Systematic Review of the State-of-the-Art Literature on Methodologies and Applications,” Mathematical Problems in Engineering, 2018.##
[29]  Y. J. Chiu, H. C. Chen, G. H. Tzeng, and J. Z. Shyu, “Marketing strategy based on customer behavior for the LCD-TV,” International Journal of Management and Decision Making, 2006##.
[30]  J. J. H. Liou, G. H. Tzeng, and Chang, “Airline safety measurement using a hybrid model,” Air Transport Management, 2007##.
[31]  C. J. W. Lin, “A causal analytical method for group decision-making under fuzzy environment,” Expert Systems with Applications, 2008##.
[32]  A. Taghizadeh, “Using DEMATEL – Analytic network process (ANP) hybrid algorithm approach for selecting improvement projects of Iranian excellence model in healthcare sector,” African Journal of Business Management, 2012##.
[33]  C.-H. Hsu, Fu-Kwun Wang, and Gwo-Hshiung Tzeng, “The best vendor selection for conducting the recycled material based on a hybrid MCDM model combining DANP with VIKOR,” Resources, Conservation and Recycling, 2011##.
[34]  Q.-G. Shao, J. Liou, and S.-S. Weng, “Improving the Green Building Evaluation System in China Based on the DANP Method,” Sustainability, p. 14, 2018##.
[35]  US. OFT, “Network Centric Operations Conceptual Framework Version 1.0,” Evidence Based Research Inc, 2003##.
[36]  US. DoD, “Network Centric Warfare,” Department of Defense Report to Congress, Washington, DC, 2001##.
[37]  H. E. Gonzales, “Network-centric operations case study: air-to-air combat with and without Link 16,” the RAND Corporation, 2005##.
 [38]  A. L. M. (DOD) ,“Report on Network Centric Warfare Sense of the Report,” DOD, 2001##.
[39]  DOD, “Network Centric Operations (NCO) Case Study. U.S. Navy’s Fifth Fleet Task Force 50 in Operation Enduring Freedom,” Department of Defense Office, 2006##.
[40]  D. Gonzales, “Network-centric operations case study: the Stryker Brigade Combat Team,” the RAND Corporation, 2005##.
[41]  US. GOV, “PUBLIC LAW 106–398,” United state printing office, 2001##.
[42]  L. A. A. N. Zulkifi, “Integration of fuzzy AHP and interval type-2 fuzzy DEMATEL: an application to human resource management,” Expert Systems with Applications, pp.          4397–4409, 2015.##
 [43]  A. M. Saeedpoor, “An intuitionistic fuzzy DEMATEL methodology for prioritising the components of SWOTmatrix in the Iranian insurance industry,” International Journal, pp. 439–452, 2014##.
[44]  V. K. Govindan, “Intuitionistic fuzzy based DEMATEL method for developing greenpractices and performances in a green supply chain,” Expert Systems with Applications, pp. 7207–7220, 2015.##
[45]  B. F. P. Fan, “Identifying risk factors of IT outsourcing using interdependent information: an extended DEMATEL method,” Xpert Systems with Applications, pp. 3832–3840, 2012##.
[46]  M. Y. Li, “An evidential DEMATEL method to identify critical success factors in emergency management,” Applied SOF Computing, pp. 504-510, 2014##.
[47]  B. D. N. Allsopp, “Coalition agents experiment: Multiagent cooperation in international coalitions,” IEEE Intelligent Systems, 2002##.