论文信息 - Information Security Risk Assessment Based on Artificial Immune Danger Theory

Information Security Risk Assessment Based on Artificial Immune Danger Theory

This paper puts forward an information security risk assessment model, which based on danger theory, and provides a risk calculation method based on this model. It aims at the problem of the strong subjectivity and improving the accuracy and real time performance of current information security risk assessment system, by reference to dynamic response characteristic of danger theory in immunology. The model can comprehensively take various assessment factors and their correlation into consideration and conduct dynamic assessment under changing risk. Finally, the effectiveness of the model in information system security risk assessment is verified through the experiments.

Bo Zhou | Xiaorong Li | Bin Xu | Yi Zhuang

[1] P. Matzinger. The Danger Model: A Renewed Sense of Self , 2002, Science.

[2] Guan Xiaohong,et al. Quantitative Hierarchical Threat Evaluation Model for Network Security , 2006 .

[3] Didier Dubois,et al. Joint Propagation and Exploitation of Probabilistic and Possibilistic Information in Risk Assessment , 2006, IEEE Transactions on Fuzzy Systems.

[4] Robin Braun,et al. Self-adaptability and Vulnerability Assessment of Secure Autonomic Communication Networks , 2007, APNOMS.

[5] Tai-Myung Chung,et al. The Vulnerability Assessment for Active Networks; Model, Policy, Procedures, and Performance Evaluations , 2004, ICCSA.

[6] Tai-Myung Chung,et al. Risk Assessment Method Based on Business Process-Oriented Asset Evaluation for Information System Security , 2007, International Conference on Computational Science.

[7] Rajendra P. Srivastava,et al. An Information Systems Security Risk Assessment Model Under the Dempster-Shafer Theory of Belief Functions , 2006, J. Manag. Inf. Syst..