Table 5.
Relative importance analysis results for scenario items.
| Second Layer | Third Layer | Final Relative Importance | Final Priorities |
|||
|---|---|---|---|---|---|---|
| Items | Relative Importance of Second Layer | Scenario Items | Relative Importance of Third Layer | Priorities of Third Layer | ||
| Personal information processing system threat scenario | 0.479 | Bulk download detection | 0.5200 | 1 | 0.2491 | 1 |
| Repeated attempts to connect after business hours | 0.0770 | 3 | 0.0369 | 7 | ||
| Attempts to view personal information after connecting from an external IP | 0.0350 | 5 | 0.0168 | 12 | ||
| Attempts to elevate user privileges | 0.0540 | 4 | 0.0259 | 9 | ||
| Repeated attempts to view specific groups | 0.3140 | 2 | 0.1504 | 3 | ||
| Security System Bypass Scenario | 0.458 | Bulk decryption | 0.4240 | 1 | 0.1942 | 2 |
| Excessive writing to removable storage devices | 0.2990 | 2 | 0.1369 | 4 | ||
| Excessive attachments via messenger or webmail | 0.1080 | 3 | 0.0495 | 6 | ||
| Repeated attempts to handle exceptions after antivirus detection | 0.0380 | 6 | 0.0174 | 11 | ||
| Attempts to remotely access multiple terminals with administrator accounts | 0.0790 | 4 | 0.0362 | 8 | ||
| Attempts to falsify and repeatedly execute executable files | 0.0530 | 5 | 0.0243 | 10 | ||
| Physical level check | 0.063 | Excessive connection attempts from specific IPs | 0.7980 | 1 | 0.0503 | 5 |
| Attempts to seize administrator privileges | 0.1380 | 2 | 0.0087 | 13 | ||
| Attempts to log in at times when there is no connection history | 0.0640 | 3 | 0.0040 | 14 | ||