摘要
评估属性的选择是安全评估中的一个重要问题,目前常用的标准通常会造成评估节点过多,从而影响评估模型的可用性和准确性.目前的属性约简算法通常会产生多个结果,而在安全评估中这些算法并未给出结果选择的准则.针对信息安全评估的具体问题,根据粗糙集的理论和方法提出一种安全属性的近似约简算法.该算法以互信息和冗余协同系数作为冗余属性的度量,根据实际情况设定具体的阀值参数,从而可以得到不同规模的约简属性集以及更加简洁有效的安全评估模型.
Choosing appropriate assessment elements is vital in security assessment, current criteria often result too many points, which influences the feasibility and correctness of assessment model. The general attributes reduction algorithms usually generate more than one results, in security assessment how to choose the result according these algorithms is not given. Based on the theory and methods of rough set, an attribute approximate reduction algorithm for information security assessment is proposed. The redundancy is measured with mutual information and redundancy synergy coefficient. Through calibrating the threshold parameter, different scales of reduced attribute set can be obtained according to specific application, which can make security assessment model more concise and effective.
出处
《控制与决策》
EI
CSCD
北大核心
2010年第9期1426-1430,共5页
Control and Decision
基金
国家863计划项目(2009AA01Z403
2009AA01Z435)
关键词
安全评估
属性约简
互信息
软件缺陷
Security assessment
Attribute reduction
Mutual information
Software vulnerability