摘要
在信息安全领域,对信息系统进行风险评估十分重要,其最终目的是要指导决策者在"投资成本"和"安全级别"这两者之间找到平衡,从而为等级化资产风险制定保护策略和缓和计划。随着信息安全风险评估方法的不断发展,由于传统的风险评估方法对数据处理比较单一,对于系统总体风险评估较为薄弱.文中提出一种基于数据融合和隐马尔可夫模型的概率风险评估方法。使用数据融合技术,将多种安全工具提供的信息加以智能化分析、综合,产生比单一信息源更精确、完全和可靠的数据。基于数据融合模型的输出,使用隐马尔可夫模型进行风险评估,可以预测信息系统未来的安全状态,并通过用户的视角探索可能的安全状态,动态地量化企业信息系统资产,通过整合不同来源的信息,利用专家给出的概率信息确定动态变化资产未来的风险级别。
In the field of information security, information systems risk assessment is very important to guide decision-makers "investment costs" and "security level" to find a balance between the developments of protection strategies for the grading of asset risk and mitigation plans. With the rapid development of information security risk assessment methodology, the data processing using by traditional risk assessment methods are relatively simple, the overall risk assessment of system is relatively weak. The paper proposes a probabilistic risk assessment method based on data fusion and hidden Markov models. Using data fusion technology, the information provided by a variety of security tools to be intelligent analysis, synthesis, and the generated data is more accurate, complete and reliable than single source of information, and we introduce an effective risk assessment using hidden Markov models(HMMs) in order to predict future security states and to quantify dynamically changing enterprise information system assets by exploring possible security states from an insider user's perspective. Using data from different sources and the probability information given by the expert, enterprise critical assets could be assessed for their risk levels to determine the future risk level of each dynamically changing asset due to internally or externally induced threats.
出处
《信息安全与通信保密》
2013年第1期70-74,共5页
Information Security and Communications Privacy