Computer Science

Computer Science ›› 2018, Vol. 45 ›› Issue (12): 98-103.doi: 10.11896/j.issn.1002-137X.2018.12.015

• Information Security • Previous Articles     Next Articles

Self-adaption Adjustment Method for Experts in Risk Assessment

LENG Qiang, YANG Ying-jie, HU Hao   

  1. (Information Engineering University,Zhengzhou 450001,China)
  • Received:2017-11-24 Online:2018-12-15 Published:2019-02-25

PDF (PC)

799

Abstract: Information asset assessment is a part of the important research content of information security risk assessment technology.At present,it mainly uses quantitative evaluation methods based on expert assessment and expert weighting.However,in the implementation of this method,how to scientifically determine the expert weight to reduce the impact of the assessment opinion with larger deviation on the overall evaluation results is a question.Considering this problem,this paper proposed a weight self-adaption adjustment evaluation method based on the deviation degree of experts,which can effectively reduce the impact of abnormal value on evaluation by expert.At the end of this paper,the algorithm was implemented and the algorithm validity experiment was carried out.The results show that this method can effectively reduce the impact of the abnormal evaluation value on the assessment.

Key words: Asset assessment, Deviation degree, Expert assessment, Information security, Weight self-adaption adjustment evaluation method

CLC Number: 

  • TP309
[1]Information Technology-Guidelines for the Management of ItSecurity -Part 2:Managing and Planning IT Security:ISO/IEC TR 13335-2(1997)[S].New York:Information Technology Task Force,1998.
[2]China National Standarization Administration Commission.Information Security Technology Information Security Risk Assessment Standard:GB/T20984-2007[S].BeiJing:China Stan-dards Press,2007.(in Chinese)
中国国家标准化管理委员会.信息安全技术信息安全风险评估规范:GB/T20984-2007[S].北京:中国标准出版社,2007.
[3]STEVEN N,SUSHIL J,LINGYU W,et al.Measuring Security Risk of Networks Using Attack Graphs[J].International Journal of Next-Generation Computing,2010,1(1):135-147.
[4]MOHAMMED A,MARTIN R.Attack Graph-Based Risk Assessment and Optimisation Approach[J].International Journal of Network Security & Its Applications,2014,6(3):31-43.
[5]LI X,WANG C Y,WANG S J,et al.Construct Principles and Assessment Method of Index System[J].Mathematics in Practice and Theory,2012,42(20):69-74.
[6]FU Y,WU X P,YE Q.Approach for information sysytems security situation evaluation using improved FAHP and Baysian network[J].Journal on Communications,2009,30(9):135-140.(in Chinese)
付钰,吴晓平,叶清.基于改进FAHP-BN的信息系统安全态势评估方法[J].通信学报,2009,30(9):135-140.
[7]WU Z B,XU J P.Possibility distribution-based approach forMAGDM with hesitant fuzzy linguistic information[J].IEEE Transactions on Cybernetics,2016,46(3):694-705.
[8]DUBOIS D,PRADE H.Bridging gaps between several forms of granular computing[J].Granular Computing,2016,1(2),115-126.
[9]MENDEL J M.A comparison of three approaches for estimating (synthesizing) an interval type-2 fuzzy set model of a linguistic term for computing with words[J].Granular Computing,2016,1(1):59-69.
[10]WANG D C,XU Y,LI B,et al.Mixed-index information system security evaluation[J].Journal of TsinghuaUniversity(Science &Technology),2016,56(5):517-521,529.(in Chinese)
王丹琛,徐扬,李彬,等.基于业务效能的信息系统安全态势指标[J].清华大学学报(自然科学版),2016,56(5):517-521,529.
[11]WANG J D,ZHANG H W,WANG N,et al.Information System Security Risk Assessment and Defense Decision-making[M].Beijing:National Defense Industry Press,2017:139-161.(in Chinese)
王晋东,张恒巍,王娜,等.信息系统安全风险评估与防御决策[M].北京:国防工业出版社,2017:139-161.
[12]LEE K C,HSIEH C H,WEI L J,et al.Sec-Buzzer:cyber security emerging topic mining with open threat intelligence retrieval and timeline event annotation(Soft Comput)[EB/OL].https://doi.org/10.1007/s00500-016-2265-0.
[13]LIU A Y,WEI F J.The Study on the Method of Weight Determination of the Experts on the Evaluation of Language[J].Chinese Journal of Management Science,2011,19(6):149-155.(in Chinese)
刘安英,魏法杰.基于改进语言评估标度的专家后验权重确定方法研究[J].中国管理科学,2011,19(6):149-155.
[14]TIAN X H.Research on Extended Model for Multiple Attribute Decision Making Based on Fuzzy Information[D].Dalian:Dalian Maritime University,2015.(in Chinese)
田晓娟.基于模糊信息的多属性决策扩展模型研究[D].大连:大连海事大学,2015.
[15]WANG Y M,XU N R.The Optimal Transitive Matrix Method of Group Comparison Matrices and Weight Vectors[J].System Engineering Theory and Practice,1991,11(4):70-74.(in Chinese)
王应明,徐南荣.群体判断矩阵及权向量的最优传递矩阵求法[J].系统工程理论与实践,1991,11(4):70-74.
[16]XU Z S,WEI C P.A consistency improving method in the Analytic Hierarchy Poress[J].Ewopean Journal of Operational Research,1999,116(2):443-449.
[17]GAO Y,LUO X X,HU Y.Research on methods for deriving experts’ weights based on judgment matrix and cluster analysis[J].System Engineering and Electronics,2009,31(3):593-596.(in Chinese)
高阳,罗贤新,胡颖.基于判断矩阵的专家聚类赋权研究[J].系统工程与电子技术,2009,31(3):593-596.
[18]LI L,LIU Y Q,LI S G.New Method for Determining the Obiective Weight of Decision Makers in Group Decision Based on Judgment Matrix and Cluster Analysis[J].Operations Research and Management Science,2011,20(4):77-81.(in Chinese)
李琳,刘雅奇,李双刚.一种群决策专家客观权重确定的改进方法[J].运筹与管理,2011,20(4):77-81.
[1] GU Shuang-jia, LIU Wan-ping, HUANG Dong. Application of Express Information Encryption Based on AES and QR [J]. Computer Science, 2021, 48(11A): 588-591.
[2] LI Bin, ZHOU Qing-lei, SI Xue-ming, CHEN Xiao-jie. Optimized Implementation of Office Password Recovery Based on FPGA Cluster [J]. Computer Science, 2020, 47(11): 32-41.
[3] SUN Lian-shan, OUYANG Xiao-tong, XU Yan-yan, WANG Yi-xing. Novel Sanitization Approach for Indirect Dependencies in Provenance Graph [J]. Computer Science, 2019, 46(3): 164-169.
[4] WANG Hui, ZHOU Ming-ming. Medical Information Security Storage Model Based on Blockchain Technology [J]. Computer Science, 2019, 46(12): 174-179.
[5] ZHAN Xiong, GUO Hao, HE Xiao-yun, LIU Zhou-bin, SUN Xue-jie, CHEN Hong-song. Research on Security Risk Assessment Method of State Grid Edge Computing Information System [J]. Computer Science, 2019, 46(11A): 428-432.
[6] ZHOU Yi-hua, ZHANG Bing, YANG Yu-guang, SHI Wei-min. Cluster-based Social Network Privacy Protection Method [J]. Computer Science, 2019, 46(10): 154-160.
[7] DING Qing-yang, WANG Xiu-li, ZHU Jian-ming and SONG Biao. Information Security Framework Based on Blockchain for Cyber-physics System [J]. Computer Science, 2018, 45(2): 32-39.
[8] DU Xing-zhou, ZHANG Kai, JIANG Kun, MA Hao-bo. Research on Blockchain-based Information Transmission and Tracing Pattern in Digitized Command-and-Control System [J]. Computer Science, 2018, 45(11A): 576-579.
[9] DONG Gui-shan, CHEN Yu-xiang, ZHANG Zhao-lei, BAI Jian, HAO Yao. Research on Identity Management Authentication Based on Blockchain [J]. Computer Science, 2018, 45(11): 52-59.
[10] DING Li-tong, FAN Jiu-lun and LIU Yi-xian. Method of Safety Evaluation for System Group Based on Grey Clustering [J]. Computer Science, 2017, 44(Z11): 372-376.
[11] ZHANG Liang-liang, ZHANG Yi-wei, LIANG Jie, SUN Rui-yi and WANG Xin-an. Information Security in New Quantum Technology Age [J]. Computer Science, 2017, 44(7): 1-7.
[12] ZHANG Li, LI Qing-sheng and LIU Quan. Chinese Character Generation Model for Cloud Information Security [J]. Computer Science, 2016, 43(Z11): 417-421.
[13] QI Fa-zhi and SUN Zhi-hui. Rapid Analysis Method of Malicious Code Based on Feature Threshold [J]. Computer Science, 2016, 43(Z11): 342-345.
[14] SHU Jian and LIANG Chang-yong. Dynamic Trust Model Based on DS Evidence Theory under Cloud Computing Environment [J]. Computer Science, 2016, 43(8): 105-109.
[15] WANG Ya-hui and YAN Song-yuan. New Quantum Algorithm for Breaking RSA [J]. Computer Science, 2016, 43(4): 24-27.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
Add:18# Honghu West Rd., Yubei ,Chongqing,China    Post Code: 401121
Tel: 023-63500828/023-67039612/023-67039623
E-mail: jsjkx12@163.com
Powered by Beijing Magtech Co., Ltd.