| With the rapid development of telecom networks, the security problem of the network has been more and more drawn people's attention. The openness of the network also brings lots of threats to itself, which can be seen from the huge amount of serious safety accidents encountered by the network in recent years. In such situation, enhancing and improving the network security becomes a very urgent task. Risk evaluation is demonstrated to be an important measure for network security. Hence, selecting the effective evaluation measure, defending network threats actively and enhancing the network safety are the key points of solving the network security problems.Based on the security status and requirements of the telecom network, we integrate of AHP (Analytic hierarchy process) and D-S evidence theory (DSET) to develop a new risk assessment model. In this paper, we describe the design and the demonstration result, from which it can be seen that this risk assessment model can reduce the confliction between different assessment sources and improve the certainty and veracity of evaluation result, leading a competitive edge to the traditional measure——FCE (Fuzzy comprehensive evaluation).The main contribution of this paper is shown as follows:1, In this paper, we make a comprehensive research, analyze and compare the risk evaluation methods of network and information system, analyze the current security status and requirements of the telecom network and point out that due to the increasing threats and uncertainty of the risk factors, an evaluation method which combine the qualitative and quantitative methods is needed.2, Due to the uncertainty of the risk factors, confliction between different evidences, and the subjectivity, fuzzy problems exist in the current evaluation methods, a new risk assessment method based on AHP and DSET is proposed in this paper. AHP is utilized to determine the weight of each risk, which is more reasonable than the current risk assessment methods. On the other hand, the risk weight has been introduced to modify the evidence combination rule in D-S evidence theory. Then, this new proposed risk assessment model has been put into practice to demonstrate its ability to improve the assessment objectivity and accuracy, which makes an evaluation more in accordance with the network's real security status.3, We also describe the risk assessment model's application by an practical example in this paper, from which we can see an entire network risk evaluation procedure. Firstly, a comprehensive risk index system has been built base on lots of analysis on the network structure and security status. Then, a comprehensive risk assessment and combination procedure has been described. At last, we analyze the risk assessment result from a monomial and a whole perspective, respectively, giving detailed risk process suggestions subsequently. |
PDF Full Text Request