计算机工程与应用 ›› 2009, Vol. 45 ›› Issue (17): 116-118.DOI: 10.3778/j.issn.1002-8331.2009.17.035

• 网络、通信、安全 • 上一篇    下一篇

基于模糊神经网络的信息安全风险评估模型

赵冬梅1,刘海峰2,张军鹏1   

  1. 1.河北师范大学 信息技术学院,石家庄 050016
    2.河北师范大学 科技处,石家庄 050016
  • 收稿日期:2008-06-03 修回日期:2008-08-29 出版日期:2009-06-11 发布日期:2009-06-11
  • 通讯作者: 赵冬梅

Model of risk assessment of information security based on fuzzy neural network

ZHAO Dong-mei1,LIU Hai-feng2,ZHANG Jun-peng1   

  1. 1.School of Information Technology of Hebei Normal University,Shijiazhuang 050016,China
    2.Department of Science and Technology of Hebei Normal University,Shijiazhuang 050016,China
  • Received:2008-06-03 Revised:2008-08-29 Online:2009-06-11 Published:2009-06-11
  • Contact: ZHAO Dong-mei

摘要: 对信息系统进行有效的风险评估,选择有效的防范措施,主动防御信息威胁是解决信息系统安全问题的关键所在。将神经网络和模糊理论应用于信息安全的风险评估。首先针对信息安全风险评估的不确定性和复杂性,将神经网络理论应用到风险评估。其次,针对神经网络适合定量数据,对于定性指标的分析缺乏相应的处理能力,而风险因素的指标值具有很大的不易确定性等问题,采用模糊评价法对信息安全的风险因素的指标进行量化,对神经网络的输入进行模糊预处理,提出了基于模糊神经网络的风险评估方法。仿真结果表明:模糊神经网络经过训练,可以实时地估算风险因素的级别。

关键词: 信息安全, 风险评估, 神经网络, 模糊神经网络

Abstract: Evaluating risk effectively,selecting effective defence measures and defending information threats actively are the key points of resolving security problems of information system.Based on the actual requirements and status of risk assessment of information security,we integrate the neural network and fuzzy logic to apply them in studying risk assessment of information security.Firstly,focused on the uncertainty and complexity of risk assessment of information security,we integrate the neural network to apply them in studying risk assessment.On the other hand,since the neural network is suited for the quantity data processing,and poor to the qualitative analyze,and risk is uncertain ,the risk factors are quantized by fuzzy evaluation method proposed in this dissertation so that the input of neural network are pre-treated,a risk assessment method based on fuzzy neural network is proposed.The simulation results show that the trained neural network can estimate the degree of risk factor real time.

Key words: information security, risk assessment, neural network, fuzzy neural network