|
|
|
|
|
An Information Security Threat Assessment Model based on Bayesian Network and OWA Operator |
|
PP: 833-838 |
|
Author(s) |
|
Kehe Wu,
Shichao Ye,
|
|
Abstract |
|
Information security threat assessment involves two aspects, namely, technology and management. A great amount of
uncertainties exist in the assessment, which cannot be strictly quantized. Thus, the completely objective information security risk
assessment is hard to realize. To this end, this research proposed an information security threat assessment model based on Bayesian
Network (BN) and OWA operator. Firstly, with the integration of expert knowledge, the conditional probability matrix of reasoning
rules in BN was clarified, as a basis of the establishment of information security threat assessment model. Then, with the group-decision
method of OWA operator, the subjective judging information of experts on the threat level of target information system was integrated,
which was taken as the prior information of the threat level of target information system. Meanwhile, with the observation nodes
of objective assessment information, subjective and objective security threat level was integrated, which realized the continuity and
accumulation of the security assessment. Finally, the rationality and effectiveness of this model were verified through the simulation
example. |
|
|
|
|
|