| With rapid development and generally application of information technology, the nationaleconomy, military affairs and social development become more and more increasingly relianton the information systems. However, all kinds of security risks will produce. Once theinformation systems are attacked by the risks from the external or internal network, it willhave serious consequence, and bring immeasurable losses to the state, businesses orindividuals. In order to avoid losses due to security issues, effective risk assessment andactive defense security threat is the key to solving security problems of information system.This paper has a research on current situation, development and problems of informationsecurity risk assessment, based on full study of information security assessment theory. Thisarticle will focus on the feature selection algorithm in the application of the informationsystem risk assessment. Using the obvious advantage of mutual information in dataprocessing, get the Characteristic data related to the risk assessment, and rule out theredundancy and noise for reducing the size or dimension of data. At end, experiments showthat the method can gain better effect.The main contains of this paper are shown as follows:(1) Fully understand related knowledge and meaning of information system security riskassessment. Intensively study the domestic and foreign relative standard about informationsystem security risk assessment. Analyze the factors of the risk assessment and the relationsof factors in detail. Intensively study the procedure, model and algorithm. The important stepof the risk assessment is identifying and recognizing asset, threat, vulnerability and securitymeasurement.(2) The nominal data is a common class of data in information system risk assessment.By optimizing the nominal data, the accuracy rate and efficiency of risk assessment isimproved. By researching the specialty of nominal data and reconstructing the computationmethod of the dependence between the features, a new feature selection criterion which issuitable for the nominal data is given.(3) When deal with the data in the process of risk assessment system, there will be someuseless or redundant data which influence accuracy and efficiency. The paper propose a novelalgorithm improve the performance in some degree by changing the information metricsmethod.(4) This paper takes information system of a large-scale iron and steel enterprise forexample of security risk assessment, analyses the process and original data of risk assessmentto this business. Meanwhile, the novel feature selection algorithms have been adopted andapplied successfully for dealing with the original data. And the results show the feasibility and effectiveness of the novel algorithm.... |
PDF Full Text Request