Research On System Risk Assessment Method Based On Risk Propagation

With the rapid development of information technology,information system has occupied an important position in various industries,and its security incidents are increasing.In order to obtain the degree of damage that security incidents may cause to the system in time and reduce economic losses and negative effects,it is of great significance to study the information system risk assessment to reduce the security risk of information system.Firstly,the research results in the field of information system risk assessment at home and abroad are summarized.The basic theories and methods are explained to lay a foundation for the construction of the system security risk assessment method in this paper.Then,aiming at the problems that the current information system risk assessment methods don’t consider the status change of nodes and risk propagation direction,and the accuracy of assessment results is affected by the subjectivity of experts,an information system risk assessment method based on risk propagation is proposed.Firstly,the system risk propagation network topology is constructed with the hosts in the subsystem as nodes and the data interaction relationship between hosts as edges.Secondly,the threat events of nodes are determined,and the evaluation matrix of threat events and the relative weight of experts are obtained based on the three-parameter interval number method,and the quantitative value of threat events is calculated.Then,the node importance value is calculated based on the node’s Page Rank value,asset value and access value,and the node importance is used to calculate the risk propagation direction selection probability.Finally,the risk value of each node is calculated and the risk level of each node is determined according to the quantitative value of threat events,the probability of node propagation direction selection and risk assessment method.Finally,the simulation realizes the risk assessment method of the information system,and verifies the effectiveness of the method in the risk assessment of information system.The comparison of node importance shows that the method of calculating node importance based on the attribute value of node topology and its own attribute value can distinguish the importance of each node in the topology of risk propagation network accurately.The comparison of the quantitative values of threat events shows that the method of calculating the threat quantification value based on the three-parameter interval number can not only reduce the influence of the subjectivity of experts on the evaluation results,but also avoid the influence of time fluctuation on the quantitative value.The comparison experiment of node risk value shows that the risk value obtained by this method is more consistent with the real situation than other methods,and the feasibility and accuracy of this method are proved.The comparison of risk values of nodes at different times shows that when the topology of risk propagation network changes,this method can more accurately reflect the risk status of each node in the system.