Abstract
Nowadays, computer networks are playing a more and more important role in people’s daily lives. Meanwhile, the security of computer networks has also attracted widespread concern. However, up to now, there is no universal and effective assessment approach for computer network security. Therefore, a novel network security risk assessment approach by combining subjective and objective weights under uncertainty is proposed. In the proposed evaluation approach, the uncertainty of evaluation data is taken into account, which is translated into objective weights through an uncertainty measure. By combining the subjective weights of evaluation criteria and the objective weights of evaluation data, the final weights can be obtained. Then, Dempster–Shafer (D-S) evidence theory and pignistic probability transformation (PPT) are employed to derive a consensus decision for the degree of the network security risk. Two illustrative examples are given to show the efficiency of the proposed approach. This approach of risk assessment, which combines subjective and objective weights, can not only effectively evaluate computer network security, but also be widely used in decision-making.
Highlights
The cyber physical system is a multi-dimensional complex system that integrates computing, the network and the physical environment, and it has a wide range of applications [1,2]
The contribution of this paper is to propose an effective approach of network security risk assessment
One of the crucial problems in the network security risk assessment is how to deal with uncertainty
Summary
The cyber physical system is a multi-dimensional complex system that integrates computing, the network and the physical environment, and it has a wide range of applications [1,2]. Based on the weights of indexes and the evaluation data of the bottom criteria (expressed by basic probability assignment (BPA)), D-S evidence theory is used to combine evidence from bottom to top to obtain the risk level of network security. To date, there is no universal and effective method of computer network security risk assessment Of those studies that apply a comprehensive evaluation method to evaluate networks, only the weights of criteria are taken into account, and the weights of evaluation data are ignored. A novel approach is proposed in this paper by combining subjective weights of criteria and objective weights of evaluation data under uncertainty.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
