基于多目标规划和证据推理理论的信息安全风险评估

doi:10.11772/j.issn.1001-9081.2025091123

《计算机应用》唯一官方网站

• • 下一篇

基于多目标规划和证据推理理论的信息安全风险评估

王晶萍¹,刘艳婷¹,龙海明¹,张英俊²

1.北京师范大学信息网络中心 2.北京交通大学计算机科学与技术学院

收稿日期:2025-09-23 修回日期:2025-11-28 发布日期:2025-12-18 出版日期:2025-12-18
通讯作者: 王晶萍
作者简介:王晶萍(1982—)，女，山西运城人，工程师，博士，主要研究方向：信息安全、数据挖掘；刘艳婷(1981—)，女，河北邯郸人，工程师，硕士，主要研究方向：信息安全；龙海明(1987—)，男，山东滕州人，助理研究员，硕士，主要研究方向：信息安全；张英俊(1980—)，男，内蒙古呼和浩特人，副教授，博士，CCF会员，主要研究方向：数据挖掘、决策理论。
基金资助:
国家重点研发计划（2022YFB2603302）；北京市自然科学基金资助项目（L251029）；国家重点实验室项目（2025YJ153）

Information security risk assessment based on multi-objective programming and evidence reasoning theory

WANG Jingping¹, LIU Yanting¹, LONG Haiming¹, ZHANG Yingjun²

1. Center of Information & Network Technology, Beijing Normal University 2. School of Computer Science and Technology, Beijing Jiaotong University

Received:2025-09-23 Revised:2025-11-28 Online:2025-12-18 Published:2025-12-18
About author:WANG Jingping, born in 1982, Ph. D., engineer. Her research interests include information security, data mining. LIU Yanting, born in 1981, M. S., engineer. Her research interests include information security. LONG Haiming, born in 1987, M. S., assistant research fellow. His research interests include information security. ZHANG Yingjun, born in 1980, Ph. D., associate professor. His research interests include data mining, decision theory.
Supported by:
National Key Research and Development Program of China (2022YFB2603302), Beijing Natural Science Foundation (L251029); Project of State Key Laboratory (2025YJ153)

摘要/Abstract

摘要： 随着移动互联网快速发展和海量大数据的涌现，信息安全风险日益凸显，构建和完善科学、客观的安全风险评估体系具有重要的理论和现实意义。然而现有评估方法还面临不确定信息的表示、专家和属性权重的客观量化以及不确定信息融合等挑战。针对上述挑战，提出一种基于多目标规划和证据推理理论的信息安全风险评估模型。首先，利用区间直觉模糊数表示不确定信息，并定义了三类基本运算法则；其次，基于多目标规划客观量化专家和属性权重；再次，引入区间直觉模糊环境下的证据推理融合规则，以解决不确定信息的融合问题；最后借鉴逼近理想解方法TOPSIS（Technique for Order Preference by Similarity to Ideal Solution），对信息安全进行综合评估。实验结果验证了所提模型在信息表示、权重量化和评估方面的有效性和可行性。

关键词: 信息安全, 风险评估, 区间直觉模糊集, 多目标规划, 证据推理

Abstract: With the rapid development of mobile Internet and the emergence of massive big data, information security risks were increasingly highlighted. The construction and improvement of a scientific and objective security risk assessment system were regarded as having great theoretical and practical significance. However, existing assessment methods were faced with challenges such as the representation of uncertain information, the objective quantification of expert and attribute weights, and the fusion of uncertain information. To address these challenges, an information security risk assessment model based on multi-objective programming and evidence reasoning theory was proposed. First, interval-valued intuitionistic fuzzy numbers were used to represent uncertain information, and three types of basic operational rules were defined. Second, expert and attribute weights were objectively quantified based on multi-objective programming. Third, evidence reasoning fusion rules in the interval-valued intuitionistic fuzzy environment were introduced to solve the fusion problem of uncertain information. Finally, the Technique for Order Preference by Similarity to Ideal Solution (TOPSIS) was referenced for comprehensive information security assessment. Experimental results verified the effectiveness and feasibility of the proposed algorithm model in information representation, weight quantification, and assessment.

Key words: information security, risk assessment, interval-valued intuitionistic fuzzy set, multi-objective programming, evidence reasoning

中图分类号:

TP309.2

王晶萍刘艳婷龙海明张英俊. 基于多目标规划和证据推理理论的信息安全风险评估[J]. 计算机应用, DOI: 10.11772/j.issn.1001-9081.2025091123.

WANG Jingping, LIU Yanting, LONG Haiming, ZHANG Yingjun. Information security risk assessment based on multi-objective programming and evidence reasoning theory[J]. Journal of Computer Applications, DOI: 10.11772/j.issn.1001-9081.2025091123.

[1]	肖海林, 黄天义, 代秋香, 张跃军, 张中山. 基于轨迹预测的安全强化学习自动变道决策方法[J]. 《计算机应用》唯一官方网站, 2024, 44(9): 2958-2963.
[2]	姚洪磊, 刘吉强, 童恩栋, 牛温佳. 基于 α-截集三角模糊数和攻击树的CTCS网络安全风险评估方法[J]. 《计算机应用》唯一官方网站, 2024, 44(4): 1018-1026.
[3]	花晓雨, 李冬芬, 付优, 毕可骏, 应时, 王瑞锦. 结合层次图神经网络与长短期记忆的产业链风险评估预警模型[J]. 《计算机应用》唯一官方网站, 2024, 44(10): 3223-3231.
[4]	郝劭辰, 卫孜钻, 马垚, 于丹, 陈永乐. 基于高效联邦学习算法的网络入侵检测模型[J]. 《计算机应用》唯一官方网站, 2023, 43(4): 1169-1175.
[5]	田洪亮, 葛平, 宪明杰. 基于区块链的配电网运行异常管理机制[J]. 《计算机应用》唯一官方网站, 2023, 43(11): 3504-3509.
[6]	王泽曦, 张敏情, 柯彦, 孔咏骏. 基于图像秘密共享的密文域可逆信息隐藏算法[J]. 《计算机应用》唯一官方网站, 2022, 42(5): 1480-1489.
[7]	马华, 陈跃鹏, 唐文胜, 娄小平, 黄卓轩. 面向工作者能力评估的众包任务分配方法的研究进展综述[J]. 《计算机应用》唯一官方网站, 2021, 41(8): 2232-2241.
[8]	肖凯, 王蒙, 唐新余, 蒋同海. 基于区块链技术的公益时间银行系统[J]. 计算机应用, 2019, 39(7): 2156-2161.
[9]	罗霄峰, 杨兴春, 胡勇. 改进的基于属性的访问控制策略评估管理决策图[J]. 计算机应用, 2019, 39(12): 3569-3574.
[10]	卜同同, 曹天杰. 基于权限的Android应用风险评估方法[J]. 计算机应用, 2019, 39(1): 131-135.
[11]	李兆斌, 李伟隆, 魏占祯, 刘梦甜. SDN数据安全处理机制关键模块的研究与实现[J]. 计算机应用, 2018, 38(7): 1929-1935.
[12]	熊宁欣, 王应明. 基于改进模糊熵和证据推理的多属性决策方法[J]. 计算机应用, 2018, 38(10): 2801-2806.
[13]	柯彦, 张敏情, 刘佳, 杨晓元. 密文域可逆信息隐藏综述[J]. 计算机应用, 2016, 36(11): 3067-3076.
[14]	柯彦, 张敏情, 刘佳. 可分离的加密域十六进制可逆信息隐藏[J]. 计算机应用, 2016, 36(11): 3082-3087.
[15]	武文博, 康锐, 李梓. 基于攻击图的信息物理系统信息安全风险评估方法[J]. 计算机应用, 2016, 36(1): 203-206.

基于多目标规划和证据推理理论的信息安全风险评估

Information security risk assessment based on multi-objective programming and evidence reasoning theory

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 15

编辑推荐

Metrics