The Research Of The Information Security Risk Assessment Technology Based On Immunity

Information security risk assessment is one important part of the complete security engineering architecture for information system. It has been the focus of the research in information security field worldwide. Up to now, a series of information security risk assessment standards have been made at home and abroad. Although there are some research results in the relative academic world.,the research in this field is still immature. And problems like recognition of unknown threat still exist.Foreign risk assessment tools available can't be directly used in China, for they are used for different objects and based on different standards. Based on information security risk assessment specification approved recently, this paper presents a new model for information security risk assessment. Firstly, this paper studies several typical risk assessment standards and methods, analyzes and compares the characteristics of a series of classical models. Secondly, this paper gives the representation method of self body, non-self body, antigen and antibody in four different shape-spaces, including network intrusion detection, virus detection, Trojan detection and identification. After that, a mechanism of threat recognition based on immunity is presented. Thirdly, this paper designs an information security risk assessment model based on immunity, which is called IBISRA (Immunity based Information Security Risk Assessment).After that, paper gives an example to describe the procedure of risk assessment for information system with IBISRA. Finally, paper illustrates the implementation of crucial technologies used in this model. And the results of simulative experiment on network intrusion diction and virus detection show the efficiency and performance of two important components.Based on the information security risk assessment specification, dynamic risk assessment mechanism is introduced in IBISRA to evaluate the current security risk of information system. And for the complexity of information system, IBISRA uses hierarchical analytical model, and combines the quantitative analysis and qualitative analysis. IBISRA can evaluate the risk of object system from different layers. The results of experiment indicate that risk assessment system's recognition ability of new threats can be improved by using immunological mechanisms.