| With the development of information technology, information systems are playing an ever-growing role in all walks of life, and security problem of information systems have become a problem which it is urgent for politics, economy and military affairs to solve. Effective risk assessment is the key to solving security problem of information system. For the present, information security risk assessment has become a hot spot in the information security filed at home and abroad, and a series of information security risk assessment standards have been established. Although there are some research results in the relative academic world, the research in this field is still immature. Problems like recognition of unknown threat still exist, and the methods are not all things considered and not adaptable enough.First of all, this paper studies several typical risk assessment standards and methods, analyzes and compares the characteristics of a series of classical models. Then this paper gives a deep research on risk analysis process and risk assessment process; Based on a thorough investigation on traditional immune system, an improved clonal selection algorithm is designed, and an imformation security risk assessment model consists of AHP and improved clonal selection algorithm is given; On the basis of several known network nodes, risk state of nodes can be obtain through combination of responsibility of nodes and vulnerability information. Subsequently, risk was analyzed by vulnerability and depth first search. Based on imformation security risk assessment specification--GB/T 20984-2007, an information security risk assessment system ISRAS is designed for static assessment and dynamic assessment.Experiments show the ISCCSA algorithm is superior compared to the old algorithm in convergence speed and forecast accuracy; risk analysis mehod based on finite state machine improves the recognition ability for important risk; ISRAS system is already in use and strengths the operation during risk assessment. |
PDF Full Text Request