Research And Implementation Of Security Risk Assessment Program Based On FAHP And SVM

With the rapid development of network,the global information security situation is increasingly severe and complex,the endless security attacks have brought many challenges to the enterprise information security management system.Security risk will bring huge economic loss to enterprise assets and negative impact to enterprise management.Therefore,the research on enterprise information security risk assessment is particularly important.Evaluation criteria and evaluation model are the core of the risk assessment process.However,the commonly used fuzzy analytic hierarchy process has some disadvantages,such as high dependence on experts' ability and complicated calculation process,which leads to such problems as complexity,high cost and low efficiency in the application of enterprise information security risk assessment.In order to solve the above problems,this thesis combines the traditional fuzzy analytic hierarchy process with refined evaluation index and intuitionistic fuzzy set,and optimizes the construction process of fuzzy consistency judgment matrix.In this thesis,a general hierarchical structure of information security is built.The refined standard questionnaire results are introduced into the model in the form of intuitionistic fuzzy Numbers,and the final risk value is obtained through comprehensive calculation.Secondly,combining support vector machine with information security risk assessment results,a BCK-SVM model based on Bagging integration strategy and combined kernel function was proposed,and the effectiveness of the model was verified by experiments.Finally,the information security risk assessment system was implemented using Flask framework.The case shows that the information security risk assessment scheme proposed in this thesis is consistent with the actual risk level of the case enterprise,the assessment process is more objective and efficient The experimental results verify the effectiveness of the evaluation model based on support vector machine,which provides reference value for enterprises to conduct efficient and accurate information security self-test in the future.