AI-enhanced Cybersecurity Risk Assessment with MultiFuzzy Inference

Dublin Core

Title

Subject

cybersecurity risk assessment; fuzzy logic; multi-fuzzy inference system; expert validation; adaptive decision support.

Description

The pace and complexity of modern cyber-attacks expose the limits of traditional ‘impact × likelihood’ risk matrices, which compress uncertainty into coarse categories and miss inter-dependent threat dynamics. We propose a three-layer multifuzzy inference system (MFIS) that models general infrastructure vulnerabilities and
access-control weaknesses separately, then fuses them into a single, continuous 0-25 risk score. The framework was validated on three representative scenarios—catastrophic/continuous, serious/frequent, and minor/few attacks—encompassing sixteen threat criteria. Compared with a crisp 5 × 5 matrix, MFIS cut mean-absolute
error and root-mean-square error by 90 to 99% and reproduced expert-panel judgments to within 0.55 points across all scenarios. Nine independent practitioners rated the prototype highly on usability (100% agreement), credibility (100%) and
actionability (100%), with 78% willing to recommend adoption. These results
demonstrate that MFIS delivers fine-grained, expert-aligned assessments without
adding operational complexity, making it a viable drop-in replacement for time- or
resource-constrained organizations. By capturing partial memberships and crossdomain interactions, MFIS offers a more faithful, adaptive and explainable basis for prioritizing cyber-defense investments and can be extended to emerging threat domains with modest rule-base updates.

Creator

Essam Natsheh & Fatima Bakhit Tabook

Source

DOI : https://doi.org/10.5614/itbj.ict.res.appl.2025.19.1.1

Publisher

IRCS-ITB

Date

18 July 2025

Contributor

Sri Wahyuni

Rights

ISSN : 2337-5787

Format

PDF

Language

English

Type

Text

Files

24455-Article Text-94668-1-10-20250915.pdf

Collection

VOL. 19 NO. 1 2025

Tags

adaptive decision support,Repository, Repository Horizon University Indonesia, Repository Universitas Horizon Indonesia, Horizon.ac.id, Horizon University Indonesia, Universitas Horizon Indonesia, HorizonU, Repo Horizon , cybersecurity risk assessment,Repository, Repository Horizon University Indonesia, Repository Universitas Horizon Indonesia, Horizon.ac.id, Horizon University Indonesia, Universitas Horizon Indonesia, HorizonU, Repo Horizon , expert validation,Repository, Repository Horizon University Indonesia, Repository Universitas Horizon Indonesia, Horizon.ac.id, Horizon University Indonesia, Universitas Horizon Indonesia, HorizonU, Repo Horizon , Fuzzy Logic,Repository, Repository Horizon University Indonesia, Repository Universitas Horizon Indonesia, Horizon.ac.id, Horizon University Indonesia, Universitas Horizon Indonesia, HorizonU, Repo Horizon , multi-fuzzy inference system

Citation

Essam Natsheh & Fatima Bakhit Tabook, “AI-enhanced Cybersecurity Risk Assessment with MultiFuzzy Inference,” Repository Horizon University Indonesia, accessed January 12, 2026, https://repository.horizon.ac.id/items/show/9850.