Research on information system assets risk assessment and defense decision-making

The open interconnection of information networks, the inherent vulnerabilities and design deficiencies of information system assets have brought great difficulties to security and management of information systems, posing potential security risks to the transmission, storage and processing of data. In this study, in order to work out a decision-making plan about risk assessment of information system assets, Euclidean distance is firstly used to calculate the deviation degree of expert evaluation data, referring to the deviation between index evaluation data and evaluation average value of different experts, in combination with the fact that the evaluation data is interval-valued intuitionistic fuzzy number (IVIFN) and the index weight is unknown, and then the index weight vector is determined by the index importance calculation method based on information entropy. Next, in the decision matrix processing, interval intuitionistic fuzzy ideal points (IIFIP) and related theories are used to aggregate interval-valued intuitionistic fuzzy information, calculate the score vector of each scheme, and a projection model is constructed to measure the similarity between each scheme and IIFIP. The proposed projection model not only can describe the uncertainties of the problems and the hesitancy of the decision makers, but also can decrease subjective and increase objectives of the decision making results. Finally, it is verified through the case analysis that the proposed method has good practicability and effectiveness in the security risk assessment.