Research of information security risk prediction based on grey theory and ANP

2016 IEEE Advanced Information Management, Communicates, Electronic and Automation Control Conference (IMCEC) Pub Date : 2016-10-01 DOI:10.1109/IMCEC.2016.7867182

Qian-hong Yu, Yongjun Shen

{"title":"Research of information security risk prediction based on grey theory and ANP","authors":"Qian-hong Yu, Yongjun Shen","doi":"10.1109/IMCEC.2016.7867182","DOIUrl":null,"url":null,"abstract":"Risk prediction is an important part of the information security system. At present, information security system needs an effective prediction method urgently. In accordance with the information security risk assessment process and combination of assets, threat, vulnerability and safety control measures, to strengthen the correlation among these factors and make the prediction results more objective for the target, the authors put forward a model based on the combination of the grey theory and analytic network process(ANP) with information security risk prediction. First, the model predicted value of each element is obtained by grey theory GM(1,1), and then establish the weight of each risk assessment element through the analytic network process (ANP) by analyzing interdependency and feedback, finally, set up systematic risk fuzzy comprehensive calculation to process data and build accurate mathematical model by combining with the risk assessment level. That is [0,1],to achieve a more accurate risk situation prediction through the quantitative results so of realistic significance for information system security.","PeriodicalId":218222,"journal":{"name":"2016 IEEE Advanced Information Management, Communicates, Electronic and Automation Control Conference (IMCEC)","volume":"6 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"9","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 IEEE Advanced Information Management, Communicates, Electronic and Automation Control Conference (IMCEC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/IMCEC.2016.7867182","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 9

Abstract

Risk prediction is an important part of the information security system. At present, information security system needs an effective prediction method urgently. In accordance with the information security risk assessment process and combination of assets, threat, vulnerability and safety control measures, to strengthen the correlation among these factors and make the prediction results more objective for the target, the authors put forward a model based on the combination of the grey theory and analytic network process(ANP) with information security risk prediction. First, the model predicted value of each element is obtained by grey theory GM(1,1), and then establish the weight of each risk assessment element through the analytic network process (ANP) by analyzing interdependency and feedback, finally, set up systematic risk fuzzy comprehensive calculation to process data and build accurate mathematical model by combining with the risk assessment level. That is [0,1],to achieve a more accurate risk situation prediction through the quantitative results so of realistic significance for information system security.

查看原文本刊更多论文

基于灰色理论和ANP的信息安全风险预测研究

风险预测是信息安全体系的重要组成部分。目前，信息安全系统迫切需要一种有效的预测方法。根据信息安全风险评估过程和资产、威胁、漏洞和安全控制措施的组合，为了加强这些因素之间的相关性，使预测结果对目标更加客观，作者提出了基于灰色理论和分析网络过程(ANP)相结合的信息安全风险预测模型。首先，通过灰色理论GM(1,1)得到各要素的模型预测值，然后通过相互依赖和反馈分析，通过分析网络过程(ANP)建立各风险评价要素的权重，最后，建立系统的风险模糊综合计算，结合风险评价等级对数据进行处理，建立准确的数学模型。即[0,1]，通过定量结果实现更准确的风险态势预测，对信息系统安全具有现实意义。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2016 IEEE Advanced Information Management, Communicates, Electronic and Automation Control Conference (IMCEC)

自引率

0.00%

发文量