JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE) ›› 2018, Vol. 53 ›› Issue (1): 53-62.doi: 10.6040/j.issn.1671-9352.2.2017.136

Previous Articles     Next Articles

Evaluation method for network security level based on cloud model and Bayesian feedback

ZHU Dan1, XIE Xiao-yao1*, XU Yang1, XIA Meng-ting2   

  1. 1. Guizhou Normal University, Key Laboratory of Information and Computing Science of Guizhou Province, Guiyang 550001, Guizhou, China;
    2. Computer Science and Engineering School of JUST, Zhenjiang 212003, Jiangsu, China
  • Received:2017-08-28 Online:2018-01-20 Published:2018-01-19

Abstract: In view of the limitations of the evaluation staff on the content of the evaluation index and the fuzziness of judgment and the limitation of the judgment interval in quantitative evaluation of network security evaluation in information system level protection. The researchers combine the cloud model with the Bayesian feedback algorithm and adopt the cloud model theory to deal with the fuzziness and randomness of the evaluation results. Because the traditional one-dimensional reverse cloud algorithm appears hyper entropy is imaginary, therefore, researchers use the uncertainty of the reverse cloud algorithm to avoid the occurrence of negative entropy. Through the construction of Bayesian feedback cloud model, which is constructed to test and correct the evaluation results given by experts or reviewers which makes the final evaluation results more objective and accurate. According to the expectation and entropy of the overall correction cloud of network security and the reasonable security grade judgment interval is given as the basis of the grade evaluation in the actual evaluation. Verified by an example, the evaluation method proposed that can effectively correct the difference between the evaluation results of the evaluation personnel, realize the reasonable judgment division and give the objective and accurate grade evaluation result.

Key words: Bayesian feedback, network security grade evaluation, cloud model, the fuzziness of judgment, reverse cloud algorithm

CLC Number: 

  • TP301
[1] 王夏菁,胡昌振,马锐,等. 二进制程序漏洞挖掘关键技术研究综述[J].信息网络安全,2015(8):1-13. WANG Xiajing, HU Changzhen, MA Rui, et al. A survey of the key technology of binary program vulnerability discovery[J]. Netinfo Security, 2015(8):1-13.
[2] 张焕国,韩文报,来学嘉,等.网络空间安全综述[J].中国科学(信息科学),2016,46(2):125-164. ZHANG Huanguo, HAN Wenbao, LAI Xuejia, et al. Survey on Cyberspace security[J]. Scientia Sincia Informations, 2016, 46(2):125-164.
[3] XU Yang, XIE Xiaoyao, ZHANG Huanguo. Information security testing model based on variable weights fuzzy comprehensive evaluation[J]. China Communications, 2011, 7:76-82.
[4] 张鹏,谢晓尧.基于云模型的信息系统测评安全结论判定[J].武汉大学学报(理学版),2014,5(60):429-433. ZHANG Peng, XIE Xiaoyao. Determination of safety conclusion in evaluating information system based on cloud model[J]. J Wuhan Univ(Nat Sci Ed), 2014, 5(60):429-433.
[5] 徐洋,谢晓尧.信息安全等级保护测评量化模型[M].武汉:武汉大学出版社,2017:29-48. XU Yang, XIE Xiaoyao. Quantification model of testing and evaluation for classified protection of information sysytem security[M]. Wuhan: Wuhan University Press, 2017:29-48.
[6] 李德毅,刘常昱,杜鹢,等. 不确定性人工智能[J].软件学报,2004,15(11):1583-1594. LI Deyi, LIU Changyu, DU Yi, et al. Artificial intelligence with uncertainty[J]. Journal of Software, 2004, 15(11):1583-1594.
[7] 王利花. 基于云模型的信息安全风险分析方法研究[D].焦作:河南理工大学,2014. WANG Lihua. Study information security risk analysis method based on cloud model[D]. Jiaozuo: Henan Polytechnic University, 2014.
[8] 宋远骏,李德毅,杨孝宗,等.电子产品可靠性的云模型评价方法[J].电子学报,2000,28(12):74-76. SONG Yuanjun, LI Deyi, YANG Xiaozong, et al. Reliability evaluation of electronic products based on cloud models[J]. Acta Electronica Sinica, 2000, 28(12):74-76.
[9] 叶琼,李绍隐,张友华,等.云模型及应用综述[J].计算机工程与设计,2011,32(12):4198-4201. YE Qiong, LI Shaoyin, ZHANG Youhua, et al. Cloud model and application overview[J]. Computer Engineering and Design, 2011, 32(12):4198-4201.
[10] 黄海生,王汝传.基于隶属云理论的主观信任评估模型研究[J].通信学报,2008,29(4):13-19. HUANG Haisheng, WANG Ruchuan. Subjective trust evaluation model based on membership cloud theory[J]. Journal on Communications, 2008, 29(4):13-19.
[11] 李德毅,杜鹢.不确定性人工智能[M].北京:国防工业出版社,2014:50-59. LI Deyi, DU Yi. Artifical intelligence with uncertainty[M]. Beijing: National Defense Industry Press, 2014: 50-59.
[12] 陈昊,李兵,刘常昱.一种无确定的逆向云算法[J].小型微型计算机系统,2015,36(3):544-549. CHEN Hao, LI Bin, LIU Changyu. An algorithm of backward cloud without certainty degree[J]. Journal of Chinese Computer Systems, 2015, 36(3):544-549.
[13] 王健,肖文杰,王树文,等.一种改进的基于云模型的效能评估方法[J].火力与指挥控制,2010,35(7):139-142. WANG Jian, XIAO Wenjie, WANG Shuwen, et al. An improved effectiveness evaluation method based on cloud model[J]. Fire Control and Command Control, 2010, 35(7):139-142.
[14] 公安部信息安全等级保护评估中心.信息安全等级测评师培训教程[M].北京:电子工业出版社,2010. Information security classification protection evaluation center of Ministry of public security. Information security rating trainer training course[M]. Beijing: Publishing House of Electronics Industry, 2010.
[15] 李雪,赵宁,郑暄.基于云模型的道路交通安全等级评价[J].北京工业大学学报,2015,41(8):1219-1224. LI Xue, ZHAO Ning, ZHENG Xuan. Road traffic safety evaluation based on cloud model[J]. Journal of Beijing University of Technology, 2015, 41(8):1219-1224.
[16] 麻士东,韩亮,龚光红,等.基于云模型的目标威胁等级评估[J].北京航空航天大学学报,2010,36(2):150-153. MA Shidong, HAN Liang, GONG Guanghong, et al. Target threat assessment techology based on cloud model[J]. Journal of Beijing University of Aeronautics and Astronautics, 2010, 36(2):150-153.
[17] 杨莎. 基于云理论的信任评估模型及应用研究[D]. 保定:华北电力大学,2011. YANG Sha. Research on trust evaluation model and application based on cloud theory[D]. Baoding: North China Electric Power University, 2011.
[1] YU Shao-wei1, LI Xiu-hai1, LIU Qing-ling2. On real option pricing based on interval analysis and the cloud model [J]. J4, 2010, 45(5): 64-68.
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!