一种基于灰色层次分析法的网络攻击危害性评估指标量化方法

针对目前计算机网络攻击危害性评估指标多处于定性分析,无法满足网络风险定量评估要求的现状,在传统层次分析法(AHP)的基础上,结合灰色理论提出了一种基于灰色AHP的网络攻击危害性评估指标量化方法,对网络攻击危害性影响因素按照目标层、准则层、因素层等层次结构进行分类,建立起一套具有多级、分布式的网络攻击效果评估指标体系,并将灰色理论应用于指标权重分配计算过程中,降低了传统AHP评估时的主观性影响,从而为网络攻击危害性评估提供了全面合理、可量化的评估依据.

Quantification Method of Evaluation Index for Network-attacking Hazard Based on Gray AHP

In light of the fact that evaluation index of network-attacking hazards were often used to qualita- tive analysis, which can not meet the requirement of quantitative analysis for network-attacking hazards, based on the traditional AHP assessment methods, combining the gray theory, a quantification method of evaluation index of network-attacking hazards was proposed based on the gray AHP model, in which factors impacting network attacking hazards were classified from target layer, rule layer, layer factors and so on and a multi-level, distributed evaluation index system for the network attacking effects was established. The Grey theory was applied to process of index weight distribution calculation, which reduces the subjective impacts which appear when used traditional AHP to evaluate, and provides a comprehensive, reasonable and quanti- fiable basis for the harm evaluation of network attacking hazards.