ISSN 1000-1239 CN 11-1777/TP

Journal of Computer Research and Development ›› 2015, Vol. 52 ›› Issue (7): 1642-1659.doi: 10.7544/issn1000-1239.2015.20140184

Previous Articles     Next Articles

Risk Evaluation of Complex Information System Based on Threat Propagation Sampling

Ma Gang1,2, Du Yuge3, An Bo1, Zhang Bo1,2, Wang Wei4, Shi Zhongzhi1   

  1. 1(Key Laboratory of Intelligent Information Processing, Institute of Computing Technology, Chinese Academy of Sciences, Beijing 100190);2(University of Chinese Academy of Sciences, Beijing 100049);3(China Information Technology Security Evaluation Center, Beijing 100085);4(Beijing Lexo Technologies Co., Ltd., Beijing 100080)
  • Online:2015-07-01

Abstract: Information security has been one of the focuses of social concern in the age of Internet. There is no doubt that accurately assessing the security of information medium is becoming the focus of the present information security work. For evaluating the risk of the large-scale distributed complex information system, we propose a risk evaluation method of the complex information system based on threat propagation sampling. Firstly, when the threats propagate in the complex information system, the number of threat propagation trees (TPT) is reduced by sampling the transition states of the asset nodes and the threat propagation edges emitted by the asset nodes, then computing the expected value loss of each node in the threat propagation tree and the probability of each threat propagation tree to evaluate the risk of the complex information system. The experimental analysis not only shows the risk evaluation proposed in this paper has higher time-efficient compared with the traditional combined strategy when producing the threat propagation tree, but also can make an objective and accurate risk evaluation. Furthermore, it can give more comprehensive and rational security-guide advices for security-risk managers when developing some security protection strategies on the asset nodes of the complex information system.

Key words: complex information system, threat propagation sampling, risk evaluation, asset node, threat propagation edge, threat propagation trees (TPT)

CLC Number: