【打印本页】      【下载PDF全文】   查看/发表评论  下载PDF阅读器  关闭
←前一篇|后一篇→ 过刊浏览    高级检索
本文已被:浏览 8540次   下载 7576 本文二维码信息
码上扫一扫!
一种确定网络安全度量指标体系参考框架的方法
马锐,葛慧,顾升高,王克克,靳骁,吴丹
分享到: 微信 更多
(中国航天系统科学与工程研究院 北京 中国 100048)
摘要:
评价主体、评价对象和评价尺度组合的多样性决定了评价指标体系的不唯一性,本文设计了一种网络安全度量指标体系性能评估的理论方法。结合“熵”、“博弈论”的相关思想,设计了“熵-博弈指标体系优化模型”,通过对指标区分度的计算以及结合指标重要程度因素的修正,对指标体系整体区分度进行测算,比较同一评价对象下不同网络安全度量指标体系的性能差异。通过实例验证了典型网络环境下该理论方法的合理性和可行性。为不同行业、不同业务、不同组成对象甚至同一系统不同时期的网络确定与其相适应的网络安全度量指标体系参考。
关键词:    博弈论  区分度  指标体系性能
DOI:10.19363/J.cnki.cn10-1380/tn.2019.01.06
投稿时间:2018-09-30修订日期:2018-11-23
基金项目:本课题得到国家重点研发计划项目(No.2016YFB0800700)资助
A Method for Determining the Reference Framework of Network Security Metric Index System
MA Rui,GE Hui,GU Shenggao,WANG Keke,JIN Xiao,WU Dan
China Aerospace Academy of System Science and Engineering, Beijing 100048, China
Abstract:
The diversity of evaluation subjects, evaluation objects and evaluation scales determines the non-uniqueness of the evaluation index system. In this paper, a theoretical method for evaluating the performance of network security metric index system is designed.Combination of "entropy", "game theory" related ideas, designs "the index system optimization model of entropy-game theory", through the calculation of index degree of differentiation and the correction of combining with index importance factor, to measure index system of the overall degree of differentiation, comparing the same evaluation objects under different network security measure index system of performance differences.The rationality and feasibility of the theory and method in typical network environment are verified by an example. For different industries, different services, different components and even the same system in different periods of the network to determine the corresponding network security metrics system reference.
Key words:  entropy  game theory  degree of differentiation  the performance of network security metric index system