Abstract:Existing information system risk assessment methods based on fuzzy language variables generally requires that the language variable itemsets generated by the standard parameter trapezoidal fuzzy numbers which are generated by experts in the field. The effectiveness of this approach then often depends on its ability to deal with different types of fuzzy numbers and changing linguistic variable itemsets when the expert cannot participate. This study presents a method for an n-fold reduction of the linguistic variables based on the triangular fuzzy numbers that is validated using four types of fuzzy numbers for language variables. The results show that the method automates the equivalent transformation of n-fold language variable items without expert intervention to improve information security risk assessment systems.
陈宇, 王娜, 王晋东. 利用三角模糊数的语言变量项集减项算法[J]. 清华大学学报(自然科学版), 2017, 57(8): 892-896.
CHEN Yu, WANG Na, WANG Jindong. An n-fold reduction of linguistic variables based on the triangular fuzzy numbers. Journal of Tsinghua University(Science and Technology), 2017, 57(8): 892-896.
徐征捷. 基于模糊FMECA方法的列控中心安全风险评估研究[D]. 兰州:兰州交通大学, 2014:37-39.XU Zhengjie. Research on Safety Risk Assessment of Train Control Center Based on Fuzzy-FMECA Method[D]. Lanzhou:Lanzhou Jiaotong University, 2014:37-39. (in Chinese)
[2]
黄慧萍, 肖世德, 孟祥印, 等. 基于攻击树的工业控制系统信息安全风险评估[J]. 计算机应用研究, 2015, 32(10):3022-3025.HUANG Huiping, XIAO Shide, MENG Xiangyin, et al. Industrial control systems information security risk assessment based on attack tree[J]. Application Research of Computers, 2015, 32(10):3022-3025. (in Chinese)
[3]
Korchenko O, Kazmirchuk S, Akhmetov B, et al. Increment order of linguistic variables method in information security risk assessment[C]//IEEE International Scientific-Practical Conference Problems of Infocommunications Science and Technology (PIC S&T). Kharkiv, 2015:259-262.
[4]
沈利香, 曹国. 基于灰色加性语言变量和灰色关联分析的网络安全风险评估方法[J]. 计算机应用与软件, 2013(9):110-113.SHEN Lixiang, CAO Guo. A network security risk evaluation method based on grey additive linguistic variable and grey relation analysis[J]. Computer Applications and Software, 2013(9):110-113. (in Chinese)
[5]
Pandita R, Xiao X, Yang W, et al. WHYPER:Towards automating risk assessment of mobile applications[C]//The 22nd USENIX Security Symposium (USENIX Security 13). Washington DC, 2013:527-542.
[6]
Emrouznejad A, Marra M. Ordered weighted averaging operators 1988-2014:A citation-based literature survey[J]. International Journal of Intelligent Systems, 2014, 29(11):994-1014.
[7]
Doukas H, Tsiousi A, Marinakis V, et al. Linguistic multi-criteria decision making for energy and environmental corporate policy[J]. Information Sciences, 2014, 258(3):328-338.
[8]
Taylan O, Bafail A O, Abdulaal R M S, et al. Construction projects selection and risk assessment by fuzzy AHP and fuzzy TOPSIS methodologies[J]. Applied Soft Computing, 2014, 17:105-116.
[9]
Karsak E E, Dursun M. An integrated supplier selection methodology incorporating QFD and DEA with imprecise data[J]. Expert Systems with Applications, 2014, 41(16):6995-7004.
[10]
Geng X, Gong X, Chu X. Component oriented remanufacturing decision-making for complex product using DEA and interval 2-tuple linguistic TOPSIS[J]. International Journal of Computational Intelligence Systems, 2016, 9(5):984-1000.
[11]
Mohammad K S, Ahmad M. A new view to uncertainty in ELECTRE Ⅲ method by introducing interval numbers[J]. Decision Science Letters, 2012, 1(1):33-38.
[12]
Jamshidi A, Yazdani-Chamzini A, Yakhchali S H, et al. Developing a new fuzzy inference system for pipeline risk assessment[J]. Journal of Loss Prevention in the Process Industries, 2013, 26(1):197-208.
[13]
韩二东, 郭鹏, 赵静, 等. 二元语义处理不同偏好评价信息的群决策方法[J]. 计算机工程与应用, 2015, 51(4):35-40.HAN Erdong, GUO Peng, ZHAO Jing. Group decision making method based on two-tuple linguistic with different forms of preference evaluation information[J]. Computer Engineering and Applications, 2015, 51(4):35-40. (in Chinese)
[14]
谭磊. 基于模糊逻辑的信息安全风险评估系统设计与实现[D]. 成都:电子科技大学, 2014:13-16.TAN Lei. The Design and Implementation of Information Security Risk Assessment System Based on Fuzzy Logic[D]. Chengdu:University of Electronic Science and Technology of China, 2014:13-16. (in Chinese)
[15]
韩二东, 郭鹏, 赵静. 区间灰色不确定语言多属性群决策方法[J]. 计算机科学与探索, 2016, 10(1):93-102.HAN Erdong, GUO Peng, ZHAO Jing. Method for multi-attribute group decision making based on interval grey uncertain linguistic information[J]. Journal of Frontiers of Computer Science and Technology, 2016, 10(1):93-102. (in Chinese)
[16]
TANG Yongli, WANG Lihua, YANG Lishen, et al. Information security risk assessment method based on cloud model[C]//IET Irish Signals & Systems Conference 2014 and 2014 China-Ireland International Conference on Information and Communities Technologies. Limerick, 2014:258-262.
[17]
Korchenko A G, Kazmirchuk S V, Gololobov A Y, et al. Method n-fold increase in the number of terms of linguistic variables for the analysis and evaluation of the risk[J]. Information Security, 2014, 16(4):284-291. (in Russian)
[18]
Korchenko A G, Kazmirchuk S V, Gololobov A Y. A method of converting parameters of standards for systems analysis and assessment of information security risks[J]. Information Security, 2013, 15(4):359-366. (in Russian)
[19]
范英, 李辰, 晋民杰, 等. 三角模糊数和层次分析法在风险评价中的应用研究[J]. 中国安全科学学报, 2014, 24(7):70-74.FAN Ying, LI Chen, JIN Minjie, et al. Research on application of triangular fuzzy number and AHP in risk evalution[J]. China Safety Science Journal, 2014, 24(7):70-74. (in Chinese)
[20]
吴军, 董星, 方强, 等. 基于三角模糊数层次分析法的武器系统效能评估研究[J]. 中国机械工程, 2013, 24(11):1442-1446.WU Jun, DONG Xing, FANG Qiang, et al. A novel effectiveness assessment method of weapon system based on triangular fuzzy number analytic hierarchy process[J]. Chinese Journal of Mechanical Engineering, 2013, 24(11):1442-1446. (in Chinese)