基于风险熵和Neyman-Pearson准则的安防网络风险评估研究

胡瑞敏; 吕海涛; 陈军

doi:10.3724/SP.J.1004.2014.02737

基于风险熵和Neyman-Pearson准则的安防网络风险评估研究

doi: 10.3724/SP.J.1004.2014.02737

胡瑞敏^1,2,
吕海涛^1, ,,
陈军¹

1.
武汉大学国家多媒体软件工程技术研究中心武汉 430072;
2.
武汉大学计算机学院武汉 430072

基金项目:

国家自然科学基金面上项目(61170023),国家自然科学基金重点项目(61231015),国家重大科技专项基金(2010ZX03004-003-03)资助

详细信息

作者简介:
胡瑞敏武汉大学计算机学院教授. 分别于1984 年、1990 年和1994 年获得南京邮电学院学士、硕士和华中科技大学工学博士学位. 主要研究方向为安防应急通信信息系统, 音视频编解码和视频监控与多媒体数据处理.E-mail: hurm1964@gmail.com

通讯作者:
吕海涛武汉大学国家多媒体软件工程技术研究中心博士研究生. 分别于2002年和2006 年获得解放军信息工程大学计算机系学士学位和华中科技大学计算机系硕士学位. 主要研究方向为安防应急通信信息系统. 本文通信作者.E-mail: lvhaitao0301@gmail.com

计量
- 文章访问数: 1792
- HTML全文浏览量: 95
- PDF下载量: 1120
- 被引次数: 0
出版历程
- 收稿日期: 2013-07-01
- 修回日期: 2014-02-20
- 刊出日期: 2014-12-20

Risk Evaluation Model of Security and Protection Network Based on Risk Entropy and Neyman-Pearson Criterion

HU Rui-Min^1,2,
LV Hai-Tao^{1
, ,},
CHEN Jun¹

1.
National Engineering Research Center for Multimedia Software, Wuhan University, Wuhan 430072;
2.
School of Computer, Wuhan University, Wuhan 430072

Funds:

Supported by General Program of National Natural Science Foundation of China (61170023), Key Program of National Natural Science Foundation of China (61231015), and the Major National Science and Technology Special Projects (2010ZX03004-003-03)

摘要

摘要: 为应对严峻复杂的安全形势, 我国通过构建安全防范系统实现对公共安全的防护. 安全防范系统是由人和安防设备组成的复杂系统, 安全防范系统风险评估是判断其防护效能好坏的重要度量标准. 本文将部署在一个区域的安全防范系统抽象看成由多个安防节点组成的网络, 根据熵理论和Neyman-Pearson准则, 提出一种利用防护最薄弱路径定量度量安全防范系统风险的模型, 并给出安全防范网络防护最弱路径的表达式, 以及基于Dijkstra最短路径算法求解防护最薄弱路径的方法. 最后本文研究模型参数和安全防范系统部署的数量与安全防范网络的风险之间的关系, 给出相应的仿真结果, 并进行实际应用场景的风险评估实验. 实验结果表明, 本文提出的模型可以定量评估多节点的安全防范系统的风险, 提高评估结果的科学性.
- 安全防范系统 /
- 风险熵 /
- Neyman-Pearson准则 /
- 风险评估 /
- 防护最薄弱路径
Abstract: There is a growing interest in the construction of security systems to protect social public safety. For a security system, risk assessment is an important metric to judge its protection effectiveness. In this paper, a security system deployed in an area is regarded abstractly as a diagram of security network. Firstly, a method for risk assessment based on entropy theory and Neyman-Pearson criterion is proposed. Secondly, the most vulnerable path formulation of the security network is described and a solution by utilizing the Dijkstra's shortest path algorithm is provided. The protection probability on the most vulnerable path is considered as the risk measure of the security network. Furthermore, the effects of some parameters on the risk and the breach protection probability are simulated, and a risk evaluation experiment is carried out with a real scenario. The results show that the model proposed in this paper can not only quantitatively evaluate the risk of the security network but also get a more scientific and reasonable evaluation result.
- Security system /
- risk entropy /
- Neyman-Pearson criterion /
- risk assessment /
- most vulnerable path

HTML全文

参考文献(19)

[1]	Li Ben-Xian, Li Meng-Jun. The simulation of fear diffusion based on parallel system under the paroxysmal terrorism incident circumstance. Computer Engineering and Application, 2012, 38(8): 1321-1328 (李本先, 李孟军. 基于平行系统的恐怖突发事件下恐惧传播的仿真研究. 自动化学报, 2012, 38(8): 1321-1328)
[2]	Zheng Zhou-Yi, Du Zhi-Guo, Wang Xin. Visual implementation for vulnerability assessment algorithm of security and protection systems. Computer Engineering and Application, 2014, 50(5): 70-73 (郑舟毅, 杜志国, 王欣. 安防系统弱点评估算法的可视化实现. 计算机工程与应用, 2014, 50(5): 70-73)
[3]	Guo Xi, Hu Rui-Min. The effectiveness evaluation for security system based on risk entropy model and Bayesian network theory. In: Proceedings of the 2010 IEEE International Carnahan Conference Security Technology ICCST. San Jose, CAL: IEEE, 2010. 57-65
[4]	Sendi A S, Jabbarifar M, Shajari M, Dagenais M. FEMRA: fuzzy expert model for risk assessment. In: Proceedings of the 5th Inter National Conference on Internet Monitoring and Protection. Barcelona: IEEE, 2010. 48-52
[5]	Zhu Zong-Lin, Guo Shi-Min. Research for automatic control equipment system Synthetical evaluation. Acta Automatica Sinica, 1999, 25(2): 59-63(朱宗林, 郭世民. 自动控制装置系统综合评估研究. 自动化学报, 1999, 25(2): 59-63)
[6]	Wu Qiong, Yan Li-Li. The risk evaluation research of enterprise security and protection systems. Security Science and Technology, 2010, 9(10): 10-14 (吴穹, 闫黎黎. 企业安全防范系统风险评价模式研究. 安防科技, 2010, 9(10): 10-14)
[7]	Huang Min, Yang Hong-Mei, Wang Xing-Wei. Genetic algorithm and fuzzy synthetic evaluation based risk programming for virtual enterprise. Acta Automatica Sinica, 2004, 30(3): 449-454(黄敏, 杨红梅, 王兴伟. 基于遗传算法和模糊综合评价的虚拟企业风险规划. 自动化学报, 2004, 30(3): 449-454)
[8]	Xu Tian-Kun, Liang Qing-Huai, Ren Xing-Chen. Risk assessment of metro DC750V power supply system operation based on fault tree model. Journal of Beijing Jiaotong University, 2012, (6): 57-62
[9]	Doyon L R. Stochastic modeling of facility security-systems for analytical solutions. Computers and Industrial Engineering, 1981, 5(2): 127-138
[10]	Hug G, Giampapa J A. Vulnerability assessment of AC state estimation with respect to false data injection cyber-attacks. IEEE Transactions on Smart Grid, 2012, 3(3): 1362-1370
[11]	Hicks M J, Snell M S, Sandoval J S, Potter C S. Physical protection systems cost and performance analysis: a case study. Aerospace and Electronic Systems Magazine, 1999, 14(4): 9-13
[12]	Garcia M L. The Design and Evaluation of Physical Protection Systems. Boston: Butterworth-Heinemann, 2001. 135-149
[13]	Garcia M L. Vulnerability Assessment of Physical Protection Systems. Boston: Butterworth-Heinemann, 2005. 123-144
[14]	Fischer R J, Halibozek E P, Walters D C. Introduction to Security. Boston: Butterworth-Heinemann, 2012.
[15]	Xu P, Su X, Wu J, Sun X, Zhang Y, Deng Y. Risk analysis of physical protection system based on evidence theory. Journal of Information and Computational Science, 2010, 7: 2871-2878
[16]	Xie Lei, Feng Hao, Zhang Jian-Ming. A new approach to performance assessment based on initial closed-system. Acta Automatica Sinica, 2013, 39(5): 649-653 (谢磊, 冯皓, 张建明. 一种基于初始闭环系统的性能评估方法. 自动化学报, 2013, 39(5): 649-653)
[17]	Dai J J, Hu R M, Chen J, Cai Q. Benefit-cost analysis of security systems for multiple protected assets based on information entropy. Entropy, 2012, 14(3): 571-580
[18]	Clausius R. The Mechanical Theory of Heat: with Its Applications to the Steam-Engine and to the Physical Properties of Bodies. London: John van Voorst, 1867
[19]	Shannon C E. A mathematical theory of communication. ACM SIGMOBILE Mobile Computing and Communications Review, 2001, 5(1): 3-55