References
- Top 10 software development risks; [Cited 710, 2019]. Available from: https://www.itproportal.com/2010/06/14/top-ten-software-development-risks/Last.
- McGraw G, editor. Software Security: Building Security In. Boston: Addison-Wesley Professional; 2006.
- Adaptive neuro-fuzzy interference system. In: Suparta W, Alhasa KM, editors. Modeling of Tropospheric Delays Using ANFIS. Berlin: Springer International Publishing; 2016. doi: 10.1007/978-3-319-28437
- Ostrom LT, Wilhelmsen CA. Risk Assessment: Tools, Techniques, and Their Applications. John Wiley & Sons; 2019.
- FMEA. Weaknesses of a risk management tool that calculates a risk priority number. [cited 1227, 2019]. Available from: https://www.brighthubpm.com/risk-management/72064-weaknesses-of-fmea/Last.
- Critical incident technique. [Cited 1227, 2019]. Available from: https://en.wikipedia.org/wiki/Critical_Incident_Technique.
- A review of decision tree disadvantages. [Cited 1227, 2019]. Available from: https://www.brighthubpm.com/project-planning/106005-disadvantages-to-using-decision-trees/Last.
- Nata’ala A, Muazu HD, Goni I, Jingi AM. Adaptive neuro-fuzzy system to determine the blood glucose level of diabetic. Math Comput Sci. 2019;4(3):63. doi:10.11648/j.mcs.20190403.11
- Maharlou H, NiakanKalhori SR, Shahbazi S, Ravangard R. Predicting length of stay in intensive care units after cardiac surgery: comparison of artificial neural networks and adaptive neuro-fuzzy system. Healthc Inform Res. 2018;24(2):109–117. doi:10.4258/hir.2018.24.2.10929770244
- Mahmud M, Kaiser MS, Rahman MM, et al. A brain-inspired trust management model to assure security in a cloud based IoT framework for neuroscience applications. Cognit Comput. 2018;10(5):864–873. doi:10.1007/s12559-018-9543-3
- Yadollahpour A, Nourozi J, Mirbagheri SA, Simancas-Acevedo E, Trejo-Macotela FR. Designing and implementing an ANFIS based medical decision support system to predict chronic kidney disease progression. Front Physiol. 2018;9. doi:10.3389/fphys.2018.01753
- Suresh K, Dillibabu RA. Novel Fuzzy Mechanism for Risk Assessment in Software Projects. Soft Computing 2020;3:1–23.
- IT Security vulnerability v/s threat v/s risk: what’s the difference? [cited 710, 2019]. Available from: http://www.bmc.com/blogs/security-vulnerability-vs-threat-vs-risk-whats-difference/.
- Importance of data security in healthcare. [Cited 1227, 2019]. Available from: https://insightscare.com/importance-data-security-healthcare/Last.
- Risk Assessment Framework (RAF). [cited 711, 2019]. Available from: https://www.techopedia.com/definition/14010/risk-assessment-framework-raf.
- Kaur J, Alka R, Khan A. Major software security risks at design phase. ICIC Express Lett Int J Res Surv. 2018 ( ISSN 1881-803X).
- Wei G, Xhang X, Zhang X, Huang Z, Research on e-government information security risk assessment-based on fuzzy AHP and artificial neural network model. In: First International Conference on Networking and Distributed Computing (ICNDC) IEEE; 2010:218–221. Availlable from: https://ieeexplore.ieee.org/document/5645431. doi:10.1109/ICNDC.2010.52
- National Institute of Standards and Technology NIST. Framework for Improving Critical Infrastructure Cyber Security, Version 1.0. 2 2012.
- National Institute of Standards and Technology NIST Special Publication 800-39. Joint Task Force Transformation Initiative, Managing Information Security Risk: Organization, Mission, and Information System View. 3 2011.
- Wang H, Wang B, You L, Zhang W. Software risk assessment method based on fuzzy neural network. In: 2015 International Conference on Computer Science and Intelligent Communication Atlantis Pres; 2015. Available from: https://www.atlantis-press.com/proceedings/csic-15.
- Praynlin E, Latha P. Estimating development effort of software projects using ANFIS. In international conference on recent trends in computational methods, communication and controls (ICON3C 2012), 2012. Int J Comput Appl. 2012.
- Sangaiah AK, Samuel OW, Li X, Abdel-Basset M, Wang H. Towards an efficient risk assessment in software projects–Fuzzy reinforcement paradigm. Comput Electr Eng. 2018;71:833–846. doi:10.1016/j.compeleceng.2017.07.022
- Sonia A, Singhal H, Banati H. Fuzzy logic approach for threat prioritization in agile security framework using DREAD model. IJCSI Int J Comput Sci Issues. 2011;8(4).
- Lee M-C. Information security risk analysis methods and research trends: AHP and fuzzy comprehensive method. Intl J Comput Sci Inf Technol IJCSIT. 2014;6(1):29–45. doi:10.5121/ijcsit.2014.6103
- Dark MJ, Assessing student performance outcomes in an information security risk assessment, service learning course. In: Proceedings of the 5th Conference on Information Technology Education. ACM; 2004:73–78. Available from: https://dl.acm.org/doi/proceedings/10.1145/1029533?tocHeading=heading5. doi:10.1145/1029533.1029552
- Shedden P, Smith W, Ahmad A, Information security risk assessment: towards a business practice perspective, Proceedings of the 8th Australian Information Security Management Conference; 2010; Perth Western, Australia Edith Cowan University .
- Guan JZ, Lei MT, Zhu XL, Liu JY. Knowledge-based information security risk assessment method. J China Univ Posts Telecommun. 2013;20:60–63. doi:10.1016/S1005-8885(13)60220-4
- Feng N, Li M. An information systems security risk assessment model under uncertain environment. Appl Soft Comput. 2011;11(7):4332–4340. doi:10.1016/j.asoc.2010.06.005
- Lee ZJ, Chang LY. Apply fuzzy decision tree to information security risk assessment. Int J Fuzzy Syst. 2014;16(2):265–269.
- Eren-Dogu ZF, Celikoglu CC. Information security risk assessment: Bayesian prioritization for AHP group decision making. Int J Innov Comp Inform Control. 2012;8:8001–8018.
- Jang JSR. ANFIS: adaptive-network-based fuzzy inference system. IEEE Trans Syst Man Cybern. 1993;23(3):665–685. doi:10.1109/21.256541
- van Staalduinen MA, Khan F, Gadag V, Reniers G. Functional quantitative security risk analysis (QSRA) to assist in protecting critical process infrastructure. Reliab Eng Syst Safe. 2017;157:23–34. doi:10.1016/j.ress.2016.08.014
- Gao GH, Li XY, Zhang BJ, Xiao WX. Information security risk assessment based on information measure and fuzzy clustering. J Software. 2011;6(11):2159–2166. doi:10.4304/jsw.6.11.2159-2166
- CWE-767: access to critical private variable via public method. [cited 715, 2019]. Available from: https://cwe.mitre.org/data/definitions/767.html.
- CWE-260: password in configuration file. [cited 721, 2019]. Available from: https://cwe.mitre.org/data/definitions/260.html.
- CWE-766: critical variable declared public. [cited 716, 2019]. Available from: https://cwe.mitre.org/data/definitions/766.html.
- CWE-620: unverified password change. [cited 710, 2019]. Available from: https://cwe.mitre.org/data/definitions/620.html.
- CWE-366: race condition within a thread. [cited 717, 2019]. Available from: https://cwe.mitre.org/data/definitions/366.html.
- CWE-426: untrusted search path; [cited 710, 2019] Available from: https://cwe.mitre.org/data/definitions/426.html.
- CWE-494: download of code without integrity check; [cited 712, 2019]. Available from: https://cwe.mitre.org/data/definitions/494.html.
- CWE-454: external initialization of trusted variables or data stores; [cited 712, 2019] Available from: https://cwe.mitre.org/data/definitions/454.html.
- Ebrat M, Ghodsi R. Construction project risk assessment by using adaptive-network based fuzzy inference system: an empirical study. KSCE J Civ Eng. 2014;18(5):1213–1227. doi:10.1007/s12205-014-0139-5
- Baker WH, Rees LP, Tippett PS. Necessary measures: metric-driven information security risk assessment and decision making. Commun ACM. 2007;50(10):101–106. doi:10.1145/1290958.1290969
- Chang LY, Lee ZJ, Applying fuzzy expert system to information security risk assessment -a case study on an attendance system. In: International Conference on Fuzzy Theory and Its Applications (iFUZZY). IEEE; 2013:346–351. Available from: http://www.proceedings.com/22305.html.
- Hospital management system in java using NetBeans with source code; 2018 [cited 802, 2019]. Available from: https://code-projects.org/hospital-management-system-in-java-using-netbeans-with-source-code/Last.
- Ting JSL, Tsang AHC, Kwok SK. Hybrid risk management methodology: a case study. Int J Eng Bus Manag. 2009;1(1):25–32. doi:10.5772/6783
- Takagi T, Sugeno M. Fuzzy identification of systems and its applications to modeling and control. IEEE Trans Syst Man Cybern. 1985;15(1):116–132. doi:10.1109/TSMC.1985.6313399
- Pant M, Ray K, Sharma TK, Rawat S, Bandyopadhyay A. Soft computing: theories and applications. Proc SoCTA. 2016;2.
- The 10 biggest healthcare data breaches of 2019, so far; [Cited 1229, 2019]. Available from: https://healthitsecurity.com/news/the-10-biggest-healthcare-data-breaches-of-2019-so-far.