Hierarchical Risk Assessment Based on Shapley Entropies and Choquet Integrals

doi:10.13190/jbupt.200906.83.lüzhb

JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM ›› 2009, Vol. 32 ›› Issue (6): 83-87.doi: 10.13190/jbupt.200906.83.lüzhb

• Papers • Previous Articles Next Articles

Hierarchical Risk Assessment Based on Shapley Entropies and Choquet Integrals

LuZhenbang,ZHOU Bo

(1 Aeronautics Computing Technique Research Institute, Xi'an 710068, China;
2 School of Computer Science and Technology, Xidian University, Xi'an 710071,

Received:2008-12-15 Revised:2009-07-31 Online:2009-12-28 Published:2009-12-28
Contact: Zhen-Bang LV

Abstract

Abstract:

The existing information security risk assessment approaches commonly ignore the relations among the assessment factors. To overcome the ambiguity and complexity of relations among the factors, and the difficulty of acquiring the correlative fusion weights of attributes in practice, a hierarchical risk assessment model based on Shapley entropies and Choquet integrals is proposed. By introducing the Shapley value concept of nperson cooperative game theory into the assessment model, this approach solves the information security risk assessment problem under poor information conditions by using the analytic hierarchy process with Choquet integrals from bottom to top, which is based on the maximum Shapley entropy principle. The effectiveness of the proposed approach is illustrated via an actual information security risk assessment for four subnets of the intranet in a community.

Key words: information security, risk assessment, Shapley entropy, Choquet integral, analytic hierarchy process

LuZhenbang,ZHOU Bo. Hierarchical Risk Assessment Based on Shapley Entropies and Choquet Integrals[J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2009, 32(6): 83-87.

[1]	YANG Hongyu, YUAN Haihang, ZHANG Liang. A Risk Assessment Method of Network Host Node with Host Importance [J]. Journal of Beijing University of Posts and Telecommunications, 2022, 45(2): 16-21.
[2]	YANG Hong-yu, ZHANG Le, ZHANG Liang. An Information System Risk Assessment Method Based on Risk Propagation [J]. Journal of Beijing University of Posts and Telecommunications, 2021, 44(4): 41-48.
[3]	LU Yi-qin, HUANG Jun-xian, CHENG Zhe, QIN Jian-cheng. A Multi-Index Mimic Voting Algorithm Based on Improved AHP-FCE Model [J]. Journal of Beijing University of Posts and Telecommunications, 2021, 44(2): 8-13.
[4]	TIAN Xing-peng, ZHU Xiao-rong, ZHU Hong-bo. Distributed Wireless Node Task Allocation Method Based on KM Algorithm [J]. Journal of Beijing University of Posts and Telecommunications, 2020, 43(6): 96-102.
[5]	ZHAO Jian, WANG Rui, LI Zheng-min, LEI Min, MA Min-yao. Security Threats and Risk Assessment of IoT System [J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2017, 40(s1): 135-139.
[6]	LEI Min, LIU Xiao-ming, ZHANG Hong, WANG Mian, YANG Yu. Research on Security Threats and Risk Assessment of Web Information System [J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2016, 39(s1): 87-93.
[7]	LEI Wei-jia, SHENG Jie, XIE Xian-zhong. Encoding and Decoding Scheme of Security-Enhanced LT Codes [J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2016, 39(4): 108-113.
[8]	YANG Hong-yu, CHENG Xiang. Information System Risk Control Method Based on Work-Flow [J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2016, 39(3): 105-109.
[9]	AN Jian, GUI Xiao-lin, HE Chang-qi, WU Ruo-biao. Crowdsourcing Assignment Mechanism Based on AHP in Mobile Crowd Sensing [J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2015, 38(5): 37-41.
[10]	JIANG Hai-ou, SONG Mei-na, E Hai-hong, DENG Jiang-dong. A Generic Method of Migrating Operation Support System Partially to the Cloud [J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2014, 37(5): 1-5.
[11]	GE Hai-hui, ZHENG Shi-hui, CHEN Tian-ping, YANG Yi-xian. Fuzzy Risk Assessment of Information Security Threat Scenario [J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2013, 36(6): 89-92,107.
[12]	. Network Security Analysis Based on Host-Security-Group [J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2012, 35(1): 19-23.
[13]	WU Huan, PAN Lin, WANG Xiao-zhen, XU Rong-sheng. A Risk Assessment Model Using Incomplete Attack Graphs Analysis [J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2010, 33(3): 57-61.
[14]	QIN Hua-wang;DAI Yue-wei;WANG Zhi-quan. Threshold Signature Scheme Based on the General Access Structure [J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2009, 32(6): 102-104.
[15]	LEI Xin-Feng. Implement of Chinese-Wall Model Based on an Open Synthetical Security Model [J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2009, 32(3): 73-76.

Hierarchical Risk Assessment Based on Shapley Entropies and Choquet Integrals

PDF

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics

Comments