An Integrated XGBoost-PSO Framework for Automated Cyber Risk Identification Based on ISO/IEC 27005:2022

Authors

  • Diaz Samba Prayogi Universitas Nasional
  • Agung Triayudi Universitas Nasional

DOI:

https://doi.org/10.59261/jequi.v8i3.347

Keywords:

Cybersecurity, Machine Learning, Ontology, ISO/IEC 27005, XGBoost

Abstract

Background: The main problem in cybersecurity risk management is that the risk identification process remains manual, time-consuming, and difficult to connect with technical detection results, business contexts, and information security standards.

Objective: This study aims to develop a cybersecurity risk identification and management system based on the integration of machine learning and ontology using the ISO/IEC 27005:2022 approach.

Methods: This study employed the Design Science Research (DSR) approach to design the Cyber Risk Intelligent System (CRIS). The system integrated machine learning algorithms, feature optimization, model interpretability, and cyber risk ontology. The classification model was developed using XGBoost with Particle Swarm Optimization (PSO)-based feature selection and was evaluated using accuracy, precision, recall, and F1-score metrics. Furthermore, an ISO/IEC 27005:2022-based ontology was used to map threats, vulnerabilities, impacts, and security control recommendations based on ISO/IEC 27002.

Results: The results showed that the combination of XGBoost and PSO provided the best classification performance compared with other methods, achieving an F1-score of 0.9672, precision of 0.9661, recall of 0.9684, accuracy of 96.48%, and an ROC-AUC of 0.9891. The implementation of SHAP successfully improved model interpretability by identifying the dominant features that influenced cyber threat prediction. Ontology integration also enabled the risk identification and recommendation process to be carried out automatically, consistently, and in alignment with international standards.

Conclusion: This study contributes to the development of an adaptive and structured cyber risk decision-support system that supports the automation of information security risk management in digital organizational environments.

Downloads

Download data is not yet available.

References

Akampurira, P., Edozie, E., Sadiq, B. O., & Buhari, M. D. (2026). A Deep Learning-Based User Behavior Analytics Model For Proactive Cyber Threat Detection And Risk Management: A Review. F1000research, 15(674), 674.

Al Abdulwahid, A. (2025). AI-Driven Identification Of Attack Precursors: A Machine Learning Approach To Predictive Cybersecurity. Computers, Materials & Continua, 85(1), 1751–1777. https://doi.org/10.32604/Cmc.2025.066892

Bani, B. Q. (2024). Feature Selection For Iot Botnet Detection Using Equilibrium And Battle Royale Optimization. Computers & Security, 147, 104060. https://doi.org/10.1016/J.Cose.2024.104060

Barlybayev, A., Sharipbay, A., & Shakhmetova, G. (2024). Development Of A Flexible Information Security Risk Model Using Machine Learning Methods And Ontologies. Applied Sciences, 14(21), 9858. https://doi.org/10.3390/App14219858

Baskerville, R., Pries-Heje, J., & Venable, J. R. (2026). Meds: Methodology For Evaluation In Design Science. European Journal Of Information Systems, 1–18.

Bisaria, C., Madhubala Kumari, D. S. S., & Patel, B. K. (2026). Research Methodology: Tools And Techniques. BR Publications.

Boumahdi, A., Azmi, M., Zegrari, M., Eddermoug, N., & Tazili, S. (2025). Feature Selection In Cybersecurity: A Comparative Study Of Machine Learning Models. Procedia Computer Science, 265, 140–148. https://doi.org/10.1016/J.Procs.2025.07.166

Bouzaachane, K., Guarmah, E. M., & Alnajim, A. M. (2025). Addressing Modern Cybersecurity Challenges: A Hybrid Machine Learning And Deep Learning Approach For Network Intrusion Detection. Computers, Materials & Continua, 84(2), 2391–2410. https://doi.org/10.32604/Cmc.2025.065031

Calviño, B. O., Rodriguez, E., & Costa, J. J. (2025). Enhancing Cybersecurity In Railways: Machine Learning Approaches For Attack Detection. International Journal Of Critical Infrastructure Protection, 50, 100788. https://doi.org/10.1016/J.Ijcip.2025.100788

Chalyi, O., Driaunys, K., & Grigaliūnas, Š. (2026). Standard-Oriented Architecture For AI-Powered Information Security Risk Management. Electronics, 15(6), 1282. https://doi.org/10.3390/Electronics15061282

Figueira, P. T., Bravo, C. L., & & López, J. L. (2020). Improving Information Security Risk Analysis By Including Threat-Occurrence Predictive Models. Computers & Security, 88, 101609. https://doi.org/10.1016/J.Cose.2019.101609

Galliers, R. D., & & Land, F. (1987). Viewpoint: Choosing Appropriate Information Systems Research Methodologies. Communications Of The ACM, 30(11), 901–902. https://doi.org/10.1145/32206.315753

García-Beyaert, S., Bancroft, M. A., Allen, K., & Carriero-Contreras, G. (2015). Ethics And Standards For The Community Interpreter® - An International Training Tool. Culture And Language Press.https://Scholar.Google.Com/Scholar?Q=Ethics+And+Standards+For+The+Community+Interpreter®+-+An+International+Training+Tool

Gupta, B. B., Pan, S. H., Gaurav, A., Arya, V., Alhalabi, W., & & Chui, K. (2025). Optimized Hybrid CNN-LSTM-GRU Model For Cyber Attack Detection Using Adaptive Equilibrium Optimization. Ict Express. https://doi.org/10.1016/J.Icte.2025.09.006

Hevner, A. R., March, S. T., & Park, J. (2004). Design Science In Information Systems Research. Mis Quarterly, 28(1), 75–105.

Hidayat, D. (2025). Analisis Sistem E-Learning Berbasis Iso 27005:2018 Menggunakan Algoritma Klasifikasi Random Forest Analysis Of An ISO 27005:2018-Based E-Learning System Using The Random Forest Classification Algorithm. Jurnal Teknologi Dan Informasi (Jati), 15(September), 110–120. https://doi.org/10.34010/Jati.V15i2.16173

ISO/IEC. (2022). ISO/IEC 27005:2022 Information Security, Cybersecurity And Privacy Protection — Guidance On Managing Information Security Risks (Vol. International Organization For Standardization. https://www.Iso.Org/Standard/80585.Html

Khoza, D., Ludonga, A., & & Singo, M. (2024). Cyber Risk Management: Frameworks, Strategies, And Case Studies In Cybersecurity. Zenodo. https://doi.org/10.5281/Zenodo.17372361

Lubis, M., Luthfi, M. I., Saedudin, R. R., Muttaqin, A. N., & Lubis, A. R. (2026). The Integration Of ISO 27005 And NIST SP 800-30 For Security Operation Center (SOC) Framework Effectiveness In The Non-Bank Financial Industry. Computers, 15(1), 60.

Muheidat, F., Mallouh, M. A., Al-Saleh, O., Al-Khasawneh, O., & & Tawalbeh, L. (2024). Applying AI And Machine Learning To Enhance Automated Cybersecurity And Network Threat Identification. Procedia Computer Science, 251, 287–294. https://doi.org/10.1016/J.Procs.2024.11.112

Negara, B. S. Dan S. (2025). Lanskap Keamanan Siber Indonesia 2024.

Oragwu, U., & Aziz, B. (2025). A Machine Learning Approach For Detecting Cybersecurity Vulnerabilities In The Internet Of Medical Things. Knowledge-Based Systems, 327, 114150. https://doi.org/10.1016/J.Knosys.2025.114150

Peffers, K. (2007). A Design Science Research Methodology For Information Systems Research. Journal Of Management Information Systems, 24(3), 45–77.

Pinsonneault, A., & & Kraemer, K. (1993). Survey Research Methodology In Management Information Systems: An Assessment. Journal Of Management Information Systems, 10(2), 75–105. https://doi.org/10.1080/07421222.1993.11518001

Putra, A. P. (2023). Integrated Methodology For Information Security Risk Management Using ISO 27005:2018 And NIST SP 800-30 For Insurance Sector. International Journal Of Advanced Computer Science And Applications, 14(4), 678–687. https://doi.org/10.14569/Ijacsa.2023.0140468

Rose, E. S. (2025). Code Of Ethics For Interpreters: A Comparative Analysis Of Different Professional Standards. Emily Rose Sophie.

Sánchez-García, I. D., & Mejía, J. (2022). Cybersecurity Risk Assessment: A Systematic Mapping Review, Proposal, And Validation. Applied Sciences, 13(1), 395. https://doi.org/10.3390/App13010395

Security, I. B. M. (2023). Cost Of A Data Breach Report 2023. IBM.

Sezgin, A., & Ulaş, M. (2025). Multi-Objective Feature Selection For Intrusion Detection Systems: A Comparative Analysis Of Bio-Inspired Optimization Algorithms. Sensors, 25(19), 6099. https://doi.org/10.3390/S25196099

Sheikhi, S. (2024). Safeguarding Cyberspace: Enhancing Malicious Website Detection With Pso Optimized Xgboost And Firefly-Based Feature Selection. Computers & Security, 142, 103885. https://doi.org/10.1016/J.Cose.2024.103885

Trivedi, R., & Patra, S. (2025). Data-Centric Explainable Artificial Intelligence Techniques For Cyber-Attack Detection In Microgrid Networks. Energy Reports, 13, 217–229. https://doi.org/10.1016/J.Egyr.2024.11.075

Downloads

Published

2026-07-15