基于改进贝叶斯模型的信息安全风险评估  被引量:12

Information Security Risk Assessment Based on Improved Bayesian Network Model

在线阅读下载全文

作  者:黄玉洁 唐作其[1] 

机构地区:[1]贵州大学计算机科学与技术学院,贵州贵阳550025

出  处:《计算机与现代化》2018年第4期95-99,126,共6页Computer and Modernization

基  金:贵州省科技支撑计划项目(黔科合SY字[2011]3111);贵州大学青年教师科研基金资助项目(贵大自青合字(2013)01号);贵州大学研究生创新基金资助项目(研理工2017081)

摘  要:随着信息化时代的到来,信息安全问题变得日益复杂与多样,因此急需一种高性能的解决方法。本文在前人的研究基础上进一步改进贝叶斯网络模型在信息安全风险评估中的应用。首先分析信息系统风险元素种类,提出一种新的确定风险因素的方法,即建立因素之间常见关联关系;然后依据因素关联关系确定信息系统指标体系,并结合经验积累的条件概率,利用Matlab贝叶斯网络工具箱(BNT)构建完整的贝叶斯网络风险评估模型,其中包括对评估流程、方法使用及风险等级确定的分析;最后通过实例分析改进的贝叶斯评估模型,对实验数据推理出风险各等级概率。仿真结果与实际结论相一致,表明改进的贝叶斯评估模型能够准确反映信息系统安全风险等级,是一种有效且合理的评估方法。With the advent of the information age,information security issues become increasingly complex and diverse,so a cost-effective solution should be badly in need. Based on the previous research,this paper further improves the application of Bayesian network model in information security risk assessment. Firstly,it analyzes the types of risk elements of information system,and puts forward a new method to determine the risk factors,that is,the common relationship between factors. Then,the information system index system is determined according to the factor relation. Combined with the conditional probability of experience accumulation,the Matlab Bayesian network toolbox(BNT) is used to construct a complete Bayesian network risk assessment model,which includes the analysis of the assessment process,the use of methods and the determination of risk levels. Finally,by analyzing the improved Bayesian assessment model,the probability of each level of risk is deduced according to experimental data. The simulation results are consistent with the actual results,which show that the improved evaluation method is effective and reasonable.

关 键 词:信息安全 风险评估 贝叶斯网络 风险因素 风险等级 

分 类 号:TP309[自动化与计算机技术—计算机系统结构]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象