| Information security risk assessment is the main task of information security management. Through effective method, the information security risk which the organization face with is identified and analyzed ,and suitable safeguards is selected for reducing the security risk to accepted level before security incident appear. This is an effective means to safeguard information system security.The network worm is one of the most common threats of information system, and is also an important factor must be considered for risk assessment. The main character of network worm is the ability of fast self-reproduction. For this, worm can spread quickly and have huge influence, the law of worm spread is also attracted more attentions of researchers.In this paper, we conduct thorough research on the information security risk assessment model, and propos integrate risk assessment model, new security risk measure and security protection method selection model based on utility theory. Further more we conduct thorough research on network worm propagation law. The main work includes:1 ) we have analyzed the related standard,technology and implementation method about information security risk management.synthesized ISO/IEC 13335, ISO/IEC 17799, Germany's IT baseline protection manual, AS/NZS 4360, NIST SP800-30 and "Information security Risk assessment Guide" of china ,we proposed an integrate risk assessment model, it contains two options about risk assessment such as baseline apporach and detailed risk assessment approach.2) Utility theory is introduced into information security risk management area , new security risk measure and security protection method selection model are presented based on utility theory.In the aspect of risk measure, using the inverse function of utility function, we define absolute loss effect and relative loss effect used as measure of risk. Absolute loss effect can tell the difference of risk between two event:event with high loss,low likelihoods and event with low loss,high likelihoods which expected loss cannot do. Relative loss effect can be used to build a criteria of risk .In the aspect of security protection method selection, using wealth utility,we build evaluation model for security protection method and find a method to compute the highest safeguard cost for the certain risk that corporation faces;further more, we use optimal theory,build optimal model to find optimal security protection method,at the same time,we find a way about how to define risk acceptable.3) For network worms, we have conduct thorough analysis and research for the propagation law of scan-based worm,E-Mail worm, instant messaging worm respectively, for scan-based worm, we have analyzed the insufficiency of current mainstream model,discovered and revised the mistake of worm anti worm model,and proposed a new SIRS worm propagation model.for E-Mail worm and instant messaging worm, we have conducted a review for their propagation network and propagation model.
|
PDF Full Text Request