RiskTree: Decision trees for asset and process risk assessment quantification in big data platforms  

作　　者：Haomou Zhan Jiawei Yang Zhenyang Guo Jin Cao Dong Zhang Xingwen Zhao Wei You Hui Li 

机构地区：[1]School of Cyber Engineering,Xidian University,Xi'an 710126,China [2]The State Key Laboratory of Integrated Service Network,Xi'an 710126,China [3]National Computer Network Emergency Response Technical Team/Coordination Center of China(CNCERT/CC),Beijing 100024,China

出　　处：《Security and Safety》2024年第3期8-28,共21页一体化安全(英文)

基　　金：supported by the National Key R&D Program of China(No.2022YFB3103401);the National Natural Science Foundation of China(No.62172317,U23B2024)

摘　　要：Currently, big data platforms are widely applied across various industries. These platforms are characterized by large scale, diverse forms, high update frequency, and rapid data flow, making it challenging to directly apply existing risk quantification methods to them. Additionally, the composition of big data platforms varies among enterprises due to factors such as industry, economic capability, and technical proficiency. To address this, we first developed a risk quantification assessment process tailored to different types of big data platforms, taking into account relevant laws, regulations, and standards. Subsequently,we developed RiskTree, a risk quantification system for big data platforms, which supports automated detection of configuration files, traffic, and vulnerabilities. For situations where automated detection is not feasible or permitted, we provide a customized questionnaire system to collect assets and data processing procedures. We utilize a knowledge graph(KG)to integrate and analyze the collected data. Finally, we apply a random forest algorithm to compute risk index weights, risk values, and risk levels, enabling the quantification of risks on big data platforms. To validate the proposed process, we conducted experiments on an educational big data platform. The results demonstrate that the risk index system presented in this paper objectively and comprehensively reflects the risks faced by big data platforms. Furthermore, the proposed risk assessment process not only effectively identifies and quantifies risks but also provides highly interpretable evaluation results.

关 键 词：Big data platform Quantitative risk assessment Machine learning Big data platform Quantitative risk assessment Machine learning 

分 类 号：TP311.13[自动化与计算机技术—计算机软件与理论]