Chunxin Wang,Feng Dai,Lei Ge

DOI: https://doi.org/10.1109/IITA.2009.446

2009-01-01

Abstract:Informationization must enhance risk awareness, and decision of modern management need the data that is the reference and support. A lot of factors which influence the informationization risk are fuzzy and variable, therefore, it is difficult to make the quantitative analysis. So, it has a certain research value and Practical significance that study and applcate the way to evaluation risk of informationization using digital result. using the grey fuzzy theory, based on the background of a project, built up a set of multilayer index system for informationization risk and the evoluation model of risk degree. it can judge informationization risk e logically and can point out the advantages and disadvantages of the project that can give a direction to Improvements for the next stepexample show that the result applicating this method is credible, so, It can be used in the risk evolution of informatinization and others field.

Gao-Feng Yu

DOI: https://doi.org/10.1016/j.inffus.2023.102066

IF: 18.6

2023-10-08

Information Fusion

Abstract:Grade assessment of network security situation is summarized as a typical multi-index grade assessment problem. However, the existed methods for grade assessment of network security situation do not consider multi-source information such as the trust information among experts, the preference information among companies and heterogeneous information of companies. The above problems are unable to be solved through traditional assessment methods. The aim of this paper is to establish a novel multi-objective decision model for the grade assessment of network security situation under multi-source information. On the basis of describing the grade assessment problem of network security situation, the membership functions of four-type thresholds for the grades on attribute eigenvalue are put forward. Two trust information uncertainty degrees in social network are defined, and the trust transfer operator based on trust information uncertainty degree and multi-path trust integration method based on the variable weight function is proposed. Afterwards, a new method to generate the incomplete social network is used to identify the weights of experts. Then, a multi-objective decision grade assessment optimization model is further established to obtain the network security situation grades and grade discrimination based on the two-tuple linguistic operator. The proposed method provides a theoretical basis for constructing and testing the grade assessment of network security situation. Meanwhile, it develops the grade assessment system of advanced network security situation and improves the ability to protect network security.

computer science, artificial intelligence, theory & methods

Zhaobin Li,Jian Liu,Zhuo Zhang,Shuai Zhang

DOI: https://doi.org/10.1109/gsis.2017.8077660

2017-01-01

Abstract:In this paper, a new method for ranking interval grey numbers to address the challenge in multi-criteria decision making problems with interval grey numbers has been proposed. This new method involves the risk preferences of decision makers. First, we propose a new method to rank the interval grey numbers by comparing the possibility degree or whitened-value. Second, we classify the decision makers into three different types according to their risk preferences then we establish the corresponding risk preference assumptions to solve the problem that different interval grey numbers with the same possibility degree or whitened-value. Finally, we use a realistic voting example to demonstrate the practicability and effectiveness of the proposed method.

Dongping Chen,Xuening Chu,Xiwu Sun,Yupeng Li,Yuliang Su

DOI: https://doi.org/10.1016/j.ins.2015.03.054

IF: 8.1

2015-01-01

Information Sciences

Abstract:This paper aims to develop a decision making approach based on the Information Axiom under hybrid uncertain environments. In these environments fuzziness and randomness co-exist. To model the hybrid uncertainties, the design range and system range of an evaluation criterion are expressed as a fuzzy variable and a random variable respectively. Calculating the Information Contents for these criteria would involve integrals whose bounds are fuzzy variables. To calculate these integrals, an expected Information Content Model (eICM) is proposed based upon the credibility theory. To reflect the designer's risk appetite accurately, the confidence levels are introduced and a credibility Information Content Model (cICM) based on the chance constrains programming model is constructed. Two algorithms based on fuzzy simulation methods and Genetic Algorithm are developed for these two models. Finally, a case study is illustrated to highlight the effectiveness and accuracy of the proposed approach.

Hengwei Zhang,Jihong Han,Jian Zhang,Jindong Wang

DOI: https://doi.org/10.1109/ihmsc.2013.18

2013-01-01

Abstract:To ensure the security of information systems, security risk have to be accurately evaluate first. Because security risk is influenced by attackers and defenders, it is necessary to consider the costs and benefits of both sides. However, the current evaluation methods mostly focus on one side. To solve the problem, in this paper we propose a security risk evaluation model Based on complete information static game (SRE-CSG). The SRE-CSG model represents the interaction and mutual influence of both sides' strategies in the confrontation. On the basis of the SRE-CSG model, we present an improved payoff calculation method. The method takes into account the cost parameters and benefit parameters, and therefore be able to more accurately calculate the payoff. By analyzing Nash equilibrium strategy of information security game, an algorithm is designed to evaluate security risk value. The risk value derived from the algorithm is Based on equilibrium strategy of attackers and defenders, so it is more comprehensive and accurate. The SRE-CSG model and the algorithm can provide theoretical support for the efficient information systems security protection. The example analysis proves the effectiveness of the model and algorithm.

Jing-chun Feng,Hua-ai Huang,Yao Yin,Ke Zhang

DOI: https://doi.org/10.1016/j.wse.2019.12.009

2019-01-01

Water Science and Engineering

Abstract:Identification of security risk factors for small reservoirs is the basis for implementation of early warning systems. The manner of identification of the factors for small reservoirs is of practical significance when data are incomplete. The existing grey relational models have some disadvantages in measuring the correlation between categorical data sequences. To this end, this paper introduces a new grey relational model to analyze heterogeneous data. In this study, a set of security risk factors for small reservoirs was first constructed based on theoretical analysis, and heterogeneous data of these factors were recorded as sequences. The sequences were regarded as random variables, and the information entropy and conditional entropy between sequences were measured to analyze the relational degree between risk factors. Then, a new grey relational analysis model for heterogeneous data was constructed, and a comprehensive security risk factor identification method was developed. A case study of small reservoirs in Guangxi Zhuang Autonomous Region in China shows that the model constructed in this study is applicable to security risk factor identification for small reservoirs with heterogeneous and sparse data.

刘新东,江全元,曹一家,陈为化

DOI: https://doi.org/10.3969/j.issn.1006-6047.2009.02.004

2009-01-01

Abstract:Based on probability theory,risk theory and fuzzy reasoning are applied to the transient security risk assessment of power system.Quantified risk indices are achieved by using specified severity function to quantify the maximal offsets of frequency and voltage and the margins of angle rotor stability and fault clearing time.The quantified frequency and voltage risk index are used to calculate the steady index by the steady fuzzy controller while the quantified margins of angle rotor stability and fault clearing time are used to calculate the transient index by the transient fuzzy controller.The system transient stability index is calculated by the weighted integration of steady index and transient index.Based on it,the software of transient security risk assessment is developed.Case study of risk indices calculation for a permanent three-phase grounding fault of New England 39-bus test system shows its effectiveness and rationality.

Xiaotong Li,Hua Li,Bingzhen Sun,Fang Wang

DOI: https://doi.org/10.3233/jifs-172097

2018-01-01

Journal of Intelligent & Fuzzy Systems

Abstract:Through advancing in information and communications technology, Smart Cities provide many potential advantages like improved energy efficiency, new economic opportunities and management methods, however the information security in the top-level design of building a quite efficient smart city is easy to be ignored and caused a huge economic losses for citizens. We focus on mining information risks of smart city from the perspective of system, identifying the key risks and determining the importance of each factor, in order to measure the risk accurately. This paper presents a failure mode and effects analysis (FMEA) method to analyze five dimensions of the information security of smart city, and assess the risks on the basis of the fuzzy set theory and the grey relational theory. Due to the problem is the risk assessment of multi-dimension for an organization information security, we present a decision model that provides an efficient framework for calculating the value of risk assessment. The results indicate that aspects of the highest importance of the information security risk of smart city are the threats in natural, contrived and physical aspects, followed by the lack of public security education and training. Through the analysis we can find out the relationship between the failure modes and the overall situation of the system, then it can distinguish the main factors which play a driving role, and the secondary factors which have less impact on the system. According to the assessment results, some suggestions are put forward to guarantee the information security of smart city. The practical application of fuzzy and grey FMEA proposed in this paper helps enhance the reliability of the prediction, and the ranking of risk factors can be used for better decision-making concerning taking measures, which in turn will make smart city safer.

LI Jun,XUE Zhi

DOI: https://doi.org/10.3969/j.issn.1009-8054.2007.10.041

2007-01-01

Abstract:Information Security risk evaluation is the process of evaluating complex information systems according to multi-guideline. In order to raise the objectivity and accuracy of the evaluation,an evaluation method based on Rough Set is proposed,the principle and basic procedure of evaluation by this method is described in detail. Finally,it is of realistic and practical significance to apply the evaluation conclusion mentioned above to security-level classification.

Jin Weiliang,Liu Xin,Lu Z,Chen Tianmin

DOI: https://doi.org/10.3321/j.issn:1001-0505.2006.04.027

2006-01-01

Abstract:To study comprehensive evaluation problems in which criteria values and marks are fuzzy numbers,fuzzy numbers are introduced into grey relational comprehensive evaluation field,then a new multi-level and multi-attribute grey relational comprehensive evaluation method based on plane distance between fuzzy numbers is proposed.To evaluate the safety of fastener-style tubular steel formwork-support(FTSF) in project management,a safety assessment of multi-level and multi-attribute system was established on the basis of consultation with a number of FTSF experts.After investigation in 10 construction sites in terms of questionnaire,the weight and mark of each index in the system was brought out.Utilizing the new method,a system of construction safety appraisal for FTSF is presented.Finally an application shows the correctness and effectiveness of the proposed method and the assessment system for FTSF.

Xu Jian Qiang

DOI: https://doi.org/10.1007/s00500-022-06813-6

IF: 3.732

2022-02-08

Soft Computing

Abstract:With the popularization and application of the Internet, information related application technology is constantly infiltrating in the work and life of human beings, playing an unprecedented and increasingly important role. In this paper, in order to completed the application of computer network information security technology management, the author established a security risk quantification model, according to some literature case, determined the operating parameters of genetic algorithm in the specific operation, the data were obtained in the actual system evaluation case, the calculation results using genetic algorithm phase multiplication, matrix method, and proposed the calculation method of risk quantitative model. The final research shows that it is effective and feasible to apply genetic algorithm to network information security technology.

computer science, artificial intelligence, interdisciplinary applications

Li Hetian,Liu Yun,He Dequan

DOI: https://doi.org/10.1007/bf02831895

2006-01-01

Wuhan University Journal of Natural Sciences

Abstract:A fuzzy set-based evaluation approach is demonstrated to assess the security risks for Internet-banking System. The Internet-banking system is semi-formally described using Unified Modeling Language (UML) to specify the behavior and state of the system on the base of analyzing the existing qualitative risk assessment methods. And a quantitative method based on fuzzy set is used to measure security risks of the system. A case study was performed on the WEB server of the Internet-banking System using fuzzy-set based assessment algorithm to quantitatively compute the security risk severity. The numeric result also provides a method to decide the most critical component which should arouse the system administrator enough attention to take the appropriate security measure or controls to alleviate the risk severity. The experiments show this method can be used to quantify the security properties for the Internet-banking System in practice.

Ruipu Tan,Lehua Yang,Shengqun Chen,Wende Zhang

DOI: https://doi.org/10.1108/gs-08-2021-0131

2021-12-29

Abstract:Purpose The Chinese believe that “man will conquer the sky” and “fighting with the sky brings endless joy”. Considering that disaster assessment can be regarded as a two-person, zero-sum game problem between nature and human beings, this paper proposes a multi-attribute decision-making method based on game theory and grey theory in a single-value neutrosophic set environment. Due to the complexity and uncertainty of the decision-making environment, the method builds a decision matrix based on single-valued neutrosophic numbers. Design/methodology/approach First, the authors use the single-value neutrosophic information entropy to calculate the attribute weights and the weighted decision matrix. Second, the optimal mixed strategy method based on linear programming solves the optimal mixed strategy for both sides of the game so that the expected payoff matrix can be obtained. Finally, grey correlation analysis is used to obtain the closeness coefficient of each alternative based on the expectation payoff matrix to identify the ranking result of the alternative. Findings An example is used to verify the effectiveness of the proposed method, and its rationality is verified through a comprehensive comparison and analysis of the various aspects. Practical implications The proposed decision-making method can be applied to typhoon disaster assessment. Such assessment results can provide intelligent decision support to the relevant disaster management departments, thereby reducing the negative impact of typhoon disasters on society, stabilizing society and improving people's happiness. Further, the method can be used for decision-making, recommendation and evaluation in other fields. Originality/value The proposed method uses single-value neutrosophic numbers to solve the information representation problem of decision-making in a complex environment. Under a new perspective, game theory is used to handle the decision matrix, while grey relational analysis converts inexact numbers to exact numbers for comparison and sorting. Thus, the proposed method can be used to make reasonable decisions while preserving information to the extent possible.

Xuemin Gong,Jiayong Zhang,Liwen Guo

DOI: https://doi.org/10.1109/ICEICE.2011.5777193

2011-01-01

Abstract:Fire, one severe disaster of the coal mine, threatens miners lives seriously and hampers the sustainable development of the mine. Current fire disaster evaluation with a strong subjectivity hasn't a perfect evaluation index system. This paper uses grey relational evaluation mode of the grey theory to analyze many non-linear, dynamic factors influenced fire disasters quantitatively and determine the risk value of every factor to develop targeted preventive measures to ensure mine safety. © 2011 IEEE.

Yue Li,Qiang Cai,Guiwu Wei

DOI: https://doi.org/10.3233/jifs-231630

2023-11-16

Journal of Intelligent & Fuzzy Systems

Abstract:In this paper, the author propose a unique multi-attribute group decision making(MAGDM) method SVN-CPT-GRA. The method takes the single-value neutrosophic environment as the decision-making environment and uses the entropy weighted-grey relational analysis method under cumulative prospect theory. First, based on the evaluation of decision-makers, the single-value neutrosophic decision matrix was obtained. The entropy weight method was used to calculate the attribute weights. Next, according to the distance between each SVNN and the negative ideal value, combining the gray relation analysis and the cumulative prospect theory, the correlation between each solution and the attribute is compared to determine the advantages and disadvantages of each solution. Finally, the extended gray relational analysis method is demonstrated to be effectively applied to the decision-making process through a case study of investment choices in new energy vehicles and a comparison with other methods. The main innovations in this paper can be summarized as follows. Firstly, combining the cumulative prospect theory with the gray relational analysis for decision making can better reflect and represent the psychological changes and risk sensitivity of decision makers. Secondly, the entropy weight method is used to determine the attribute weights according to the distance between SVNN and the negative ideal value, which makes the attribute weights more objective and ensures the scientificity and reasonableness of the attribute weights. Thirdly, applying GRA method to the single-value neutrosophic environment, the original simple and practical GRA method to be more widely applied to the fuzzy environment, expanding the scope of application. Overall, the extended GRA method proposed in this paper can be more efficiently and scientifically adapted to MAGDM in fuzzy environments, providing more choices for decision-makers.

Qilei Wang

DOI: https://doi.org/10.1038/s41598-022-08079-2

IF: 4.6

2022-03-08

Scientific Reports

Abstract:Abstract In order to effectively assess all types of security risks in the important event, the important decision-making basis for security risk warning and emergency management of important event is provided by analyzing the coupling relationship and evolution mechanism between various risks. The criminal causes, management defects, security and emergency system construction are analyzed from the possibility of accidents and risks. The multi-source data risk assessment system based on five subsystems and its index set of human factors, management factors, site factors, event factors and audit factors are proposed. The weight of each index in the assessment system is determined by the method of information entropy, and then the risk grade of important event is determined according to the weight calculation function and the improved fuzzy matter element model. The verification with an example shows that: the risk assessment model is optimized by combining entropy weight with fuzzy matter-element model, the influence of weight data extreme value was weakened, the qualitative description and quantitative analysis of multi-source data could be combined, and the subjective error was reduced. The risk grade of important event is reasonably evaluated, and the assessment effect is basically consistent with the expert inspection analysis, which shows that the method had certain application value.

multidisciplinary sciences

Jinkun Geng,Daren Ye,Ping Luo

DOI: https://doi.org/10.1007/978-3-319-27161-3_13

2015-01-01

Abstract:Vulnerabilities usually represents the risk level of software, therefore, it is of high value to predict vulnerabilities so as to evaluate the security level of software. Current researches mainly focus on predicting the number of vulnerabilities or the occurrence time of vulnerabilities, however, to our best knowledge, there are no other researches focusing on the prediction of vulnerabilities' severity, which we think is an important aspect reflecting vulnerabilities and software security. To compensate for this deficiency, we propose a novel method based on grey system theory to predict the severity of vulnerabilities. The experiment is carried on the real data collected from CVE and proves the feasibility of our predicting method.

Sha Fu

DOI: https://doi.org/10.3390/mca21020017

2016-05-11

Mathematical and Computational Applications

Abstract:Aimed at the situation that the plan attribute value is a three-parameter interval grey number and that attribute weight is uncertain, a three-parameter interval grey number multi-attribute decision making method based on information entropy is proposed. In this study, we combine the three-parameter interval grey number decision-making problem with information entropy, build the distance entropy model of the three-parameter interval grey number, and provide a solution to the empowerment problem of the three-parameter interval grey number in grey decision-making problems. On this basis, we build the uncertainty decision making framework based on Technique for Order Preference by Similarity to Ideal Solution (TOPSIS) thinking and obtain the comprehensive distances of plans from positive and negative ideal solutions through calculation. We thus determine the closeness, and, based on this value, organize these plans. Finally, we verify the feasibility and effectiveness of the proposed methods through case analysis.

Dejian Yu,Jose M. Merigo,Yejun Xu

DOI: https://doi.org/10.1002/int.21804

IF: 8.993

2016-01-01

International Journal of Intelligent Systems

Abstract:Network information system security has become a global issue since it is related to the economic development and national security. Information system security assessment plays an important role in the development of security solutions. Aiming at this issue, a dual hesitant fuzzy (DHF) group decision-making (GDM) method was proposed in this paper to assist the assessment of network information system security. A systemic index containing four aspects was established including organization security, management security, technical security, and personnel management security. The DHF group evaluation matrix was constructed based on the individual evaluation information from each expert. Some power average operator-based DHF information aggregation operators are proposed and used to fusion the performance of each criterion for information systems. The advantage of these operators is that they can describe the relationship between the indexes quantitatively. Finally, a case study about information systems security assessment was presented to verify the effectiveness of proposed GDM methods. (C) 2016 Wiley Periodicals, Inc.

Jianxun Zhang,Changhua Hu,Xiao He,Xiaosheng Si,Donghua Zhou

DOI: https://doi.org/10.1109/phm.2016.7819939

2016-01-01

Abstract:Risk analysis, which is a useful methodology to evaluate the performance of systems, can provide important information for maintenance decision and ensure stable running of the system. As a score function of the occurrence, severity and detection of a failure, risk priority number is the most common risk analysis approach. For degrading systems, the probability of failure occurrence could be obtained by modeling the degradation path, and the severity of failure could be quantified through engineering experience. Generally, the accuracy of the model is affected by the number of training data reflecting the detection. In this paper, we focus on statistical data driven approaches, which rely on the degradation data and statistical process model to describe the degradation path. First of all, we discuss the relationships between the accuracy of parameter estimation with likelihood function as well as the corresponding information entropy, based on probability theory and information theory. Then relative entropy indicating the distance between two distributions is utilized to evaluate the accuracy of parameter estimation, i.e. the degree of detection. Moreover, the risk value can be derived, because the probability of failure can be evaluated via modeling the degradation path. Finally, a numerical study is provided to illustrate the rationality and advantage of the proposed method over the traditional one.