Information security risk management in computer networks based on fuzzy logic and cost/benefit ratio estimation

We suggested a method for quantitative information security risk management in computer networks. We used fuzzy estimations of the risk factors and quantitative risk assessment method under the safeguards. We used analytic hierarchy process for quantitative assessment of qualitative risk and cost/benefit subfactors. We used optimization tasks for selection the best set of safeguards.