A Study On Measuring And Handling Internal Threat Risks In Information Systems

There are internal threat risks of information systems in organizations or enterprises,which means that data security threats can be caused by users with legal access to information system.Hence,the particularity of identity of users may lead to huge losses.Moreover,there are still many problems and challenges in the research on internal threats and risks of information systems: firstly,the internal threat risk of the information system has the features of abstraction and concealment.Meanwhile,there are many factors that can cause it.Therefore,it is difficult to describe the internal threat risk systematically and reasonably.Secondly,the occurrence of internal threat risks is uncertain,and it may cause losses at difference.At the same time,there are too many factors of human subjective bias in the process of risk factor quantification,which will affect the accuracy of measurement results.So,it is a key problem to measure the internal threat risk reasonably,effectively and accurately.Thirdly,the internal threat risk of information system is caused by legal users,even without malicious features and purposes,which is difficult to be found and identified.And if the risk treating method is too strict,it may affect the normal function of the information system,and even cause the system to fail to operate normally.Therefore,how to treat the internal threat risk is also a key problem to be solved.Taking the above problems and challenges into consideration,this dissertation has carried out the following research works:In the first place,this dissertation constructs a multi-level measurement index system for internal threat risks in information systems.The index system mainly involves factors related to internal threat risk from three dimensions: individual-related factors,organizational management factors,and security technology factors.Then,the rationality and scientificity of the index system are verified by case analysis.They are compared with other methods,which has reflected the advantages of the index system.The measurement index system has realized the systematical and reasonable description for internal threat risk,and laid the foundation for further internal threat risk measurement.Then,this dissertation proposes an internal threat risk index weight calculating method based on important degree of adjacent objectives.The method can effectively eliminate the subjective and deviation components in the weight value,and obtain the objective weight of the internal threat risk index.The effectiveness and feasibility of the proposed method are verified by experiments,which is compared with the classical AHP method,subjective weighting method and objective weighting method reflects the advantages of the calculation method.The objective calculation of internal threat risk index weight is realized.Next,this dissertation proposes an internal threat risk measurement method based on information entropy.The method quantifies and measures the internal threat risk from the perspective of risk uncertainty.The rationality and effectiveness of the proposed model are verified by case analysis.Compared with other methods,the advantages of the model are reflected.It realizes the effective and reasonable measurement of the internal users’ potential threat risk from the perspective of risk uncertainty.Meanwhile,this dissertation proposes an internal threat risk measurement method based on user behavior.Firstly,this method can measure the confusion degree of user behavior,so as to identify the system users with high potential internal threat risk.Then,from the perspective of risk loss degree,it uses information entropy method to measure and calculate the internal threat risk.The rationality and effectiveness of the model are verified by a case,and the rationality of the method is also verified theoretically.It can effectively and reasonably measure the internal threat risk faced by the organization from different angles.Finally,this dissertation proposes a method of handling internal threat risks in information system based on user behavior,which combines Newton’s law of cooling and penalty factor to classify and punish internal threat risk behavior,so as to quickly detect and identify user’s malicious behavior.Finally,the rationality,effectiveness and feasibility of the method are verified by experiments.It realizes the effective and dynamic processing of threat risk in information system.