A method for network security risk assessment and decision-making based on the cloud model

被引：1

作者：

Zhang, Jie ^{[1
]}

Tang, Jun ^{[2
]}

Pei, Fang ^{[1
]}

机构：

[1] Hunan mechanical and electrical polytechnic, China

[2] Hunan Urban Construction College, China

来源：

Journal of Convergence Information Technology | 2012年 / 7卷 / 06期

关键词：

Cloud model; Network security; Randomness; Risk assessment;

D O I：

10.4156/jcit.vol7.issue6.18

中图分类号：

学科分类号：

摘要：

In order to assess the risk of network security more reasonably, a cloud-model based method for network risk assessment was proposed. It took advantages of cloud model featuring perfect combination with randomness and fuzziness. By analyzing the characteristic of the network risk assessment, the main ideas, key technical and implementation steps of the method were given. The standard clouds were generated using improved backward cloud algorithm with unknown certainty. The improved algorithm with smaller deviation was also proved. A cloud similarity algorithm, which was based on the distance measure of cloud droplets, was used to measure the similarity between the current cloud and the standard cloud. Finally, Kddcup99 data set was used to do simulated attack and performance sampling tests. The experimental results show that the proposed method retains the maximum uncertainty of network intrusion assessment and improves the results more credibly.

引用

页码：146 / 153

页数：7

共 12 条

[1] Visintine V., An Introduction to Information Risk Assessment [J], SANS Institute Journal, 8, 5, pp. 101-118, (2003)
[2] Chu C.K., Chu M., An integrated framework for the assessment of network operations, reliability, and security[J], Bell Labs Technical Journal, 8, 4, pp. 133-152, (2004)
[3] Zhang Y.-Z., Fang B.-X., Chi Y., Yun X.-C., Research on Network Node Correlation in Network Risk Assessment[J], ChineseJournal of Computers, 30, 2, pp. 234-240, (2007)
[4] Li W.M., Lei J., Dong J., Et al., An Optimized Method for Real Time Network Security Quantification[J], Chinese Journal of Computers, 32, 4, pp. 793-800, (2009)
[5] Chen X.-Z., Zheng Q.-H., Guan X.-H., Quantitative Hierarchical Threat Evaluation Model for Network Security[J], Journal of Software, 17, 4, pp. 885-895, (2006)
[6] Zhao D., Jianfeng M.A., Wang Y., Model of fuzzy risk assessment of the information system[J], Journal on Communications, 28, 4, pp. 51-56, (2007)
[7] Li D., Liu C., Gan W., A New Cognitive Model: Cloud Model[J], International Journal of Intelligent Systems, 24, 4, pp. 357-375, (2009)
[8] Mendel J.M., John R., Type-2 fuzzy sets made simple [J], IEEE Transactions On Fuzzy Systems, 10, 2, pp. 117-127, (2002)
[9] Mendel J.M., On a 50% savings in the computation of of a symmetrical interval type-2 fuzzy set[J], Information Sciences, 172, 3, pp. 417-430, (2005)
[10] Wu D., Mendel J.M., A Comparative Study of Ranking Methods, Similarity Measures and Uncertainty Measures for Interval Type-2 Fuzzy Sets, [J], Information Sciences, 179, 8, pp. 1169-1192, (2009)

← 1 2 →