基于隐马尔可夫模型的信息系统风险评估方法  被引量:1

Risk Assessment Approach for Information System Security Based on HMM

在线阅读下载全文

作  者:潘恒[1] 盛剑会[1] 郑秋生[1] 

机构地区:[1]中原工学院,郑州450007

出  处:《中原工学院学报》2016年第4期85-90,共6页Journal of Zhongyuan University of Technology

基  金:河南省科技攻关项目(132102310284);郑州市科技创新团队项目(131PCXTD600);郑州市普通科技攻关项目(132102210186)

摘  要:为保障信息系统安全,必须定期进行风险评估,但通常是对照测评标准逐项测评后给出测评结论,因缺乏精确的数学模型指导而受主观因素影响较大。为此,对信息系统风险评估过程建立了隐马尔可夫模型。在建模过程中,对输出值矩阵进行简化处理,并以随机产生的观察值序列作为隐马尔可夫模型训练数据。学习训练后的模型可利用前向算法自动评估系统当前的安全状态。应用实例说明:该方法贴近实际测评工作流程,是一种有效的风险评估方法,可在一定程度上提高评估的科学性,降低测评人员工作量,同时适用于信息系统安全风险自评估。In order to guarantee security, the risk of information system is needed to be regularly estimated. However, the real estimation method is usually to evaluate the system term by term under the secure assessment standard. Bacause of lack of precise mathematical model, such process is limited both estimation procedure and result subjective to some extent. Focusing on these problems, this paper takes use of Hidden Markov Model (HMM) to build a mathematical model on procedure of information system risk assessment, which could automatically estimate the security state of the information system based on secure assessment standard. First, the HMM output value matrix is simplified. An observation value generating algorithm is proposed, which could be regarded as HMM model training data. After training, HMM model can be used to evaluate secure state of the target information system. The application project shows that this method can work effectively and is close to the real secure assessment procedure, which can reduce the workload and improve the assessment scientific extent that can be used in risk self-assessment.

关 键 词:信息系统 安全风险评估 隐马尔可夫模型 安全测评标准 前向算法 

分 类 号:TP309[自动化与计算机技术—计算机系统结构]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象